Ubuntu
qtwebkit-opensource-src package

Merge ~fheimes/ubuntu/+source/qtwebkit-opensource-src:qtwebkit-lp1951470-hirsute into ubuntu/+source/qtwebkit-opensource-src:ubuntu/hirsute-devel

  1. Git
  2. lp:~fheimes/ubuntu/+source/qtwebkit-opensource-src
  3. qtwebkit-lp1951470-hirsute
  4. Merge into ubuntu/hirsute-devel
Proposed by Frank Heimes
Status: Needs review
Proposed branch: ~fheimes/ubuntu/+source/qtwebkit-opensource-src:qtwebkit-lp1951470-hirsute
Merge into: ubuntu/+source/qtwebkit-opensource-src:ubuntu/hirsute-devel
Diff against target: 82 lines (+49/-1)
4 files modified
debian/changelog (+8/-0)
debian/control (+2/-1)
debian/patches/series (+1/-0)
debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch (+38/-0)
Reviewer Review Type Date Requested Status
Dmitry Shachnev Pending
Review via email: mp+412383@code.launchpad.net

Description of the change

WebKit Javascript big endian/s390x segmentation-fault fix
 In CodeBlock.cpp the code preparing the operands of op_get_from_scope writes
 the property offset as pointer size (hence 64 bit) value:
 2141: instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
 while the same slot is accessed later by the jitted code as 32 bit integer:
 macro getProperty(slow)
    loadisFromInstruction(6, t1)
 This fails on big endian targets since the integer access takes the higher
 part of the 64 bit value.
 Changing:
 macro getProperty(slow)
    loadisFromInstruction(6, t1)
 to
 macro getProperty(slow)
    loadpFromInstruction(6, t1)
 in llint/LowLevelInterpreter64.asm fixes the problem
 on big endian environments.
 Hence the changed code is very minimal.

 Test (verification that patch worked):
ubuntu@hwe0007:~$ arch
s390x
ubuntu@hwe0007:~$ lsb_release -cs
hirsute
ubuntu@hwe0007:~$ ls *.js *.html *.pdf
ls: cannot access '*.pdf': No such file or directory
 index.html min.js
ubuntu@hwe0007:~$ wkhtmltopdf --enable-local-file-access index.html test.pdf
Loading page (1/2)
Printing pages (2/2)
Done
ubuntu@hwe0007:~$ ls -l *.js *.html *.pdf
-rw-rw-r-- 1 ubuntu ubuntu 116 Nov 19 09:01 index.html
-rw-rw-r-- 1 ubuntu ubuntu 17 Nov 19 09:00 min.js
-rw-rw-r-- 1 ubuntu ubuntu 1339 Nov 25 11:09 test.pdf
ubuntu@hwe0007:~$

To post a comment you must log in.

Unmerged commits

a79551e... by Frank Heimes

  * d/control for d/p/webkit-javascript-s390x-segmentation-fault-fix.patch
    after update-maintainer run

9716853... by Frank Heimes

  * d/changelog for d/p/webkit-javascript-s390x-segmentation-fault-fix.patch

ddbba80... by Frank Heimes

  * d/p/webkit-javascript-s390x-segmentation-fault-fix.patch:
    WebKit Javascript big endian/s390x segmentation-fault fix
    (LP: #1951470)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index b881e92..1e25df4 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,11 @@
6+qtwebkit-opensource-src (5.212.0~alpha4-12ubuntu0.21.04.1) hirsute; urgency=medium
7+
8+ * d/p/webkit-javascript-s390x-segmentation-fault-fix.patch:
9+ WebKit Javascript big endian/s390x segmentation-fault fix
10+ (LP: #1951470)
11+
12+ -- Frank Heimes <frank.heimes@canonical.com> Thu, 25 Nov 2021 08:32:14 +0100
13+
14 qtwebkit-opensource-src (5.212.0~alpha4-12) experimental; urgency=medium
15
16 * Add a patch from openSUSE to fix build with GLib ≥ 2.68.
17diff --git a/debian/control b/debian/control
18index d01d401..37b9ff1 100644
19--- a/debian/control
20+++ b/debian/control
21@@ -1,6 +1,7 @@
22 Source: qtwebkit-opensource-src
23 Priority: optional
24-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
25+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
26+XSBC-Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
27 Uploaders: Timo Jyrinki <timo@debian.org>,
28 Lisandro Damián Nicanor Pérez Meyer <lisandro@debian.org>,
29 Dmitry Shachnev <mitya57@debian.org>,
30diff --git a/debian/patches/series b/debian/patches/series
31index a369709..312acc9 100644
32--- a/debian/patches/series
33+++ b/debian/patches/series
34@@ -5,3 +5,4 @@ bison_3.7.diff
35 no_pdf_image_plugin.diff
36 python_3.9.diff
37 glib_2.68.diff
38+webkit-javascript-s390x-segmentation-fault-fix.patch
39diff --git a/debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch b/debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch
40new file mode 100644
41index 0000000..bd6dcef
42--- /dev/null
43+++ b/debian/patches/webkit-javascript-s390x-segmentation-fault-fix.patch
44@@ -0,0 +1,38 @@
45+Description: WebKit Javascript big endian/s390x segmentation-fault fix
46+ In CodeBlock.cpp the code preparing the operands of op_get_from_scope writes
47+ the property offset as pointer size (hence 64 bit) value:
48+ 2141: instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
49+ while the same slot is accessed later by the jitted code as 32 bit integer:
50+ macro getProperty(slow)
51+ loadisFromInstruction(6, t1)
52+ This fails on big endian targets since the integer access takes the higher
53+ part of the 64 bit value.
54+ Changing:
55+ macro getProperty(slow)
56+ loadisFromInstruction(6, t1)
57+ to
58+ macro getProperty(slow)
59+ loadpFromInstruction(6, t1)
60+ in llint/LowLevelInterpreter64.asm fixes the problem
61+ on big endian environments.
62+
63+Author: Andreas Krebbel <Andreas.Krebbel@de.ibm.com>
64+Origin: vendor, https://launchpadlibrarian.net/569624765/webkit-IBMZ-fix.patch
65+Bug-IBM: IBM Bugzilla 195436
66+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1951470
67+Forwarded: not-needed
68+Reviewed-by: Frank Heimes <frank.heimes@canonical.com>
69+Last-Update: 2021-11-25
70+---
71+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
72+--- a/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
73++++ b/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
74+@@ -2020,7 +2020,7 @@
75+ end
76+
77+ macro getProperty(slow)
78+- loadisFromInstruction(6, t1)
79++ loadpFromInstruction(6, t1)
80+ loadPropertyAtVariableOffset(t1, t0, t2, slow)
81+ valueProfile(t2, 7, t0)
82+ loadisFromInstruction(1, t0)

Subscribers

People subscribed via source and target branches