Bug#781194: libqt5webkit5: Reproducibly crashes with segfault due to missing checks for `HTMLUnknownElement`

2015-04-01 Thread Lisandro Damián Nicanor Pérez Meyer 
tag 781194 pending
thanks

Dmitry has already pushed the fix to our repos, but neither him nor I can 
build the package right now (it requires a lot of disk, ram and time to 
build).

I think I won't be able to do it until next week. If anyone feels [s]he could 
do it, please coordinate an NMU/team upload in #debian-qt-kde

-- 
Yo quiero conocer el pensamiento de Dios, el resto son detalles.
 Albert Einstein

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#781194: libqt5webkit5: Reproducibly crashes with segfault due to missing checks for `HTMLUnknownElement`

2015-03-25 Thread Paul Menzel 
Package: libqt5webkit5
Version: 5.3.2+dfsg-3
Severity: grave
Tags: upstream fixed-upstream
Justification: causes non-serious data loss
Control: affects -1 wkhtmltopdf arora
Control: forwarded -1 https://bugreports.qt.io/browse/QTBUG-41360

Dear Debian folks,


Wkhtmltopdf reproducibly terminates with a segmentation fault in
`libqt5webkit5` [1].

(gdb) bt
#0  0x in ?? ()
#1  0x76182ffc in 
WebCore::JSNodeOwner::isReachableFromOpaqueRoots(JSC::HandleJSC::Unknown, 
void*, JSC::SlotVisitor) ()
at ../WTF/wtf/Vector.h:912
#2  0x762e4234 in JSC::WeakBlock::visit (this=0x67cd40, 
heapRootVisitor=0x7fffe406ecf0) at heap/WeakBlock.cpp:108
#3  0x762f695b in JSC::MarkedSpace::visitWeakSets 
(this=0x7fffe40e5268, heapRootVisitor=0x7fff6250) at heap/WeakSet.h:104
#4  0x762e92bf in JSC::Heap::markRoots (this=0x7fffe40e5018) at 
heap/Heap.cpp:569
#5  0x762ed8bf in JSC::Heap::collect (this=0x7fffe40e5018, 
sweepToggle=3825659120) at heap/Heap.cpp:727
#6  0x7651542a in JSC::DefaultGCActivityCallback::doWork 
(this=0x67cd40) at runtime/GCActivityCallback.cpp:96
#7  0x762f0917 in JSC::HeapTimer::timerEvent 
(this=0x7fffe40a11c0) at heap/HeapTimer.cpp:159
#8  0x733a7773 in QObject::event(QEvent*) () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#9  0x743a4f3c in QApplicationPrivate::notify_helper(QObject*, 
QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#10 0x743aa380 in QApplication::notify(QObject*, QEvent*) () 
from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#11 0x73377f1b in QCoreApplication::notifyInternal(QObject*, 
QEvent*) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#12 0x733ce465 in QTimerInfoList::activateTimers() () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#13 0x733ce891 in ?? () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#14 0x7030bc5d in g_main_context_dispatch () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#15 0x7030bf48 in ?? () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#16 0x7030bffc in g_main_context_iteration () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#17 0x733cf54c in 
QEventDispatcherGlib::processEvents(QFlagsQEventLoop::ProcessEventsFlag) ()
   from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#18 0x0042560c in wkhtmltopdf::ConverterPrivate::convert 
(this=0x6bfd10) at ../lib/converter.cc:94
#19 0x0042584b in wkhtmltopdf::Converter::convert 
(this=0x7fff75e0) at ../lib/converter.cc:149
#20 0x0043b288 in main (argc=3, argv=0x7fffebe8) at 
wkhtmltopdf.cc:187

This is a bug in QtWebKit (QTBUG-41360 [2]) and has been fixed upstream
[3].

It’d be great if you applied that patch to the Debian package and get it
into Debian Jessie before its release, as this issue has been set to P2
– important upstream and as the crashes might cause non-serious data
loss, when Arora crashed while I typed in a message in a Web interface
or Wkhtmltopdf, often used by other applications, does not create the
PDF.

The work-around of installing the package `gstreamer0.10-plugins-base`
is not feasible, as the user wastes their time figuring out the cause
for the crash – a note in the release notes would be necessary – and
there is a patch available. Depending on `gstreamer0.10-plugins-base`
would be possible too, but applying the patch seems the better choice.


Thanks,

Paul


[1] https://github.com/wkhtmltopdf/wkhtmltopdf/issues/2259
[2] https://bugreports.qt.io/browse/QTBUG-41360
[3] https://codereview.qt-project.org/#/c/95151

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.19.0-trunk-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages libqt5webkit5 depends on:
ii  dpkg  1.17.24
ii  libc6 2.19-17
ii  libgcc1   1:4.9.2-10
ii  libgl1-mesa-glx [libgl1]  10.4.2-2
ii  libglib2.0-0  2.42.1-1
ii  libgstreamer-plugins-base0.10-0   0.10.36-2
ii  libgstreamer0.10-00.10.36-1.5
ii  libicu52  52.1-8
ii  libjpeg62-turbo   1:1.3.1-8
ii  libpng12-01.2.50-2+b2
ii  libqt5core5a [qtbase-abi-5-3-2]   5.3.2+dfsg-4+b1
ii  libqt5gui55.3.2+dfsg-4+b1
ii  libqt5network55.3.2+dfsg-4+b1
ii  libqt5opengl5 5.3.2+dfsg-4+b1
ii  libqt5printsupport5   5.3.2+dfsg-4+b1
ii  libqt5qml5