Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 704182 - >=net-libs/webkit-gtk-2.26.2 re-keywording
Summary: >=net-libs/webkit-gtk-2.26.2 re-keywording
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Keywording (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords: KEYWORDREQ, SECURITY
Depends on: 704194 704236
Blocks: CVE-2019-8625, CVE-2019-8674, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, WSA-2019-0005, WSA-2019-0006 CVE-2020-10018, CVE-2020-11793, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, WSA-2020-0003, WSA-2020-0004, WSA-2020-0005 CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, WSA-2020-0001
  Show dependency tree
 
Reported: 2019-12-29 14:55 UTC by Mart Raudsepp
Modified: 2020-06-01 23:56 UTC (History)
5 users (show)

See Also:
Package list:
gui-libs/libwpe-1.4.0.1 alpha arm arm64 ia64 ppc ppc64 x86 sparc gui-libs/wpebackend-fdo-1.4.0 alpha arm arm64 ia64 ppc ppc64 x86 sparc sys-apps/xdg-dbus-proxy-0.1.2 arm arm64 ppc ppc64 x86 net-libs/webkit-gtk-2.28.2 alpha arm arm64 ia64 ppc ppc64 x86 sparc mail-client/geary-3.34.2-r3 x86 www-client/epiphany-3.34.4 ppc
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mart Raudsepp gentoo-dev 2019-12-29 14:55:15 UTC
webkit-gtk[wayland,opengl] now requires libwpe and wpebackend-fdo.

webkit-gtk[seccomp] now requires xdg-dbus-proxy in addition to bubblewrap and libseccomp (hence only arches with seccomp for that one, leaving out alpha/ia64/sparc for that).

This is security-critical.
Comment 1 Thomas Deutschmann gentoo-dev Security 2020-01-10 19:35:37 UTC
x86 keyworded
Comment 2 Sergei Trofimovich gentoo-dev 2020-01-14 19:31:53 UTC
~ia64/~ppc64 keyworded
Comment 3 Rolf Eike Beer 2020-01-25 17:44:10 UTC
sparc keyworded.

There are known problems, like USE="doc" and USE="-opengl wayland", but leio agreed on IRC that this should not block this for the moment.
Comment 4 Stabilization helper bot gentoo-dev 2020-02-06 10:02:22 UTC
An automated check of this bug failed - the following atom is unknown:

net-libs/webkit-gtk-2.26.2

Please verify the atom list.
Comment 5 Stabilization helper bot gentoo-dev 2020-02-13 09:03:45 UTC
An automated check of this bug succeeded - the previous repoman errors are now resolved.
Comment 6 Stabilization helper bot gentoo-dev 2020-03-01 17:00:55 UTC
An automated check of this bug failed - the following atom is unknown:

mail-client/geary-3.34.2-r1

Please verify the atom list.
Comment 7 Mart Raudsepp gentoo-dev 2020-03-11 17:44:01 UTC
arm64 keyworded
Comment 8 Stabilization helper bot gentoo-dev 2020-03-11 18:01:37 UTC
An automated check of this bug succeeded - the previous repoman errors are now resolved.
Comment 9 ernsteiswuerfel 2020-04-08 09:07:36 UTC
webkit-gtk-2.26.4-r1 builds fine on ppc when not using the gold linker (bug #670372).
Comment 10 NATTkA bot gentoo-dev 2020-04-11 06:09:15 UTC
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Comment 11 Georgy Yakovlev gentoo-dev 2020-04-29 04:13:21 UTC
(In reply to ernsteiswuerfel from comment #9)
> webkit-gtk-2.26.4-r1 builds fine on ppc when not using the gold linker (bug
> #670372).

did you runtime-test it?
looks like it needs js patch on ppc, otherwise it crashes

https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/webkit2gtk/patches/ppc-llint.patch
Comment 12 ernsteiswuerfel 2020-04-29 17:31:33 UTC
(In reply to Georgy Yakovlev from comment #11)
> did you runtime-test it?
> looks like it needs js patch on ppc, otherwise it crashes
> 
> https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/
> webkit2gtk/patches/ppc-llint.patch
Tried that now by building and starting epiphany-3.32.6. Yes it does crash and it also crashes with this patch applied.

       Message: Process 31123 (WebKitWebProces) of user 1000 dumped core.
                
                Stack trace of thread 31123:
                #0  0x00000000f1e0f668 _ZN3JSC17weakClearSlowCaseERPNS_8WeakImplE (libjavascriptcoregtk-4.0.so.18 + 0x416668)
                #1  0x00000000f1c53d2c _ZN3JSC11JSWeakValue9setObjectEPNS_8JSObjectERNS_15WeakHandleOwnerEPv (libjavascriptcoregtk-4.0.so.18 + 0x25ad2c)
                #2  0x00000000f1c1fb30 n/a (libjavascriptcoregtk-4.0.so.18 + 0x226b30)
                #3  0x00000000f41a150c n/a (libgobject-2.0.so.0 + 0x1d50c)
                #4  0x00000000f41a3608 g_object_new_valist (libgobject-2.0.so.0 + 0x1f608)
                #5  0x00000000f41a3888 g_object_new (libgobject-2.0.so.0 + 0x1f888)
                #6  0x00000000f1c1fcc0 jsc_weak_value_new (libjavascriptcoregtk-4.0.so.18 + 0x226cc0)
                #7  0x00000000ed3a8350 n/a (libephywebextension.so + 0x9350)
                #8  0x00000000ef0c3694 n/a (libffi.so.7 + 0x6694)
                #9  0x00000000ef0c2654 n/a (libffi.so.7 + 0x5654)
                #10 0x00000000f419a198 g_cclosure_marshal_generic (libgobject-2.0.so.0 + 0x16198)
                #11 0x00000000f41994e4 g_closure_invoke (libgobject-2.0.so.0 + 0x154e4)
                #12 0x00000000f1beba90 _ZN3JSC19JSCCallbackFunction4callEPK15OpaqueJSContextP13OpaqueJSValuejPKPKS4_PS7_ (libjavascriptcoregtk-4.0.so.18 + 0x1f2a90)
                #13 0x00000000f1bebcd0 n/a (libjavascriptcoregtk-4.0.so.18 + 0x1f2cd0)
                #14 0x00000000f1becdf8 _ZN3JSC19APICallbackFunction4callINS_19JSCCallbackFunctionEEExPNS_9ExecStateE (libjavascriptcoregtk-4.0.so.18 + 0x1f3df8)
                #15 0x00000000f1f0d21c _ZN3JSC5LLInt5CLoop7executeENS_8OpcodeIDEPvPNS_2VMEPNS_14ProtoCallFrameEb (libjavascriptcoregtk-4.0.so.18 + 0x51421c)
                #16 0x00000000f1f322d0 vmEntryToNative (libjavascriptcoregtk-4.0.so.18 + 0x5392d0)
                #17 0x00000000f1eed7f8 _ZN3JSC11Interpreter11executeCallEPNS_9ExecStateEPNS_8JSObjectENS_8CallTypeERKNS_8CallDataENS_7JSValueERKNS_7ArgListE (libjavascriptcoregtk-4.0.so.18 + 0x4f47f8)
                #18 0x00000000f20b2ea8 _ZN3JSC4callEPNS_9ExecStateENS_7JSValueENS_8CallTypeERKNS_8CallDataES2_RKNS_7ArgListE (libjavascriptcoregtk-4.0.so.18 + 0x6b9ea8)
                #19 0x00000000f2131310 _ZN3JSC10callSetterEPNS_9ExecStateENS_7JSValueES2_S2_NS_8ECMAModeE (libjavascriptcoregtk-4.0.so.18 + 0x738310)
                #20 0x00000000f2232254 _ZN3JSC8JSObject13putInlineSlowEPNS_9ExecStateENS_12PropertyNameENS_7JSValueERNS_15PutPropertySlotE (libjavascriptcoregtk-4.0.so.18 + 0x839254)
                #21 0x00000000f22324f8 _ZN3JSC8JSObject3putEPNS_6JSCellEPNS_9ExecStateENS_12PropertyNameENS_7JSValueERNS_15PutPropertySlotE (libjavascriptcoregtk-4.0.so.18 + 0x8394f8)
                #22 0x00000000f1bea59c _ZN3JSC16JSCallbackObjectINS_18JSAPIWrapperObjectEE3putEPNS_6JSCellEPNS_9ExecStateENS_12PropertyNameENS_7JSValueERNS_15PutPropertySlotE (libjavascriptcoregtk-4.0.so.18 + 0x1f159c)
                #23 0x00000000f1f36088 n/a (libjavascriptcoregtk-4.0.so.18 + 0x53d088)
                #24 0x00000000f1f03404 _ZN3JSC5LLInt5CLoop7executeENS_8OpcodeIDEPvPNS_2VMEPNS_14ProtoCallFrameEb (libjavascriptcoregtk-4.0.so.18 + 0x50a404)
                #25 0x00000000f1f32254 vmEntryToJavaScript (libjavascriptcoregtk-4.0.so.18 + 0x539254)
                #26 0x00000000f1eedc4c _ZN3JSC11Interpreter16executeConstructEPNS_9ExecStateEPNS_8JSObjectENS_13ConstructTypeERKNS_13ConstructDataERKNS_7ArgListENS_7JSValueE (libjavascriptcoregtk-4.0.so.18 + 0x4f4c4c)
                #27 0x00000000f21079f4 _ZN3JSC9constructEPNS_9ExecStateENS_7JSValueENS_13ConstructTypeERKNS_13ConstructDataERKNS_7ArgListES2_ (libjavascriptcoregtk-4.0.so.18 + 0x70e9f4)
                #28 0x00000000f2107c50 _ZN3JSC17profiledConstructEPNS_9ExecStateENS_15ProfilingReasonENS_7JSValueENS_13ConstructTypeERKNS_13ConstructDataERKNS_7ArgListES3_ (libjavascriptcoregtk-4.0.so.18 + 0x70ec50)
                #29 0x00000000f1c4e3ac JSObjectCallAsConstructor (libjavascriptcoregtk-4.0.so.18 + 0x2553ac)
                #30 0x00000000f1c1d178 n/a (libjavascriptcoregtk-4.0.so.18 + 0x224178)
                #31 0x00000000f1c1d7dc jsc_value_constructor_call (libjavascriptcoregtk-4.0.so.18 + 0x2247dc)
                #32 0x00000000ed3a6d08 n/a (libephywebextension.so + 0x7d08)
                #33 0x00000000ef0c3694 n/a (libffi.so.7 + 0x6694)
                #34 0x00000000ef0c2654 n/a (libffi.so.7 + 0x5654)
                #35 0x00000000f419a198 g_cclosure_marshal_generic (libgobject-2.0.so.0 + 0x16198)
                #36 0x00000000f41994e4 g_closure_invoke (libgobject-2.0.so.0 + 0x154e4)
                #37 0x00000000f41b3518 n/a (libgobject-2.0.so.0 + 0x2f518)
                #38 0x00000000f41bcaf4 g_signal_emit_valist (libgobject-2.0.so.0 + 0x38af4)
                #39 0x00000000f41bcf10 g_signal_emit (libgobject-2.0.so.0 + 0x38f10)
                #40 0x00000000f503ac98 n/a (libwebkit2gtk-4.0.so.37 + 0x9cfc98)
                #41 0x00000000f5042bdc n/a (libwebkit2gtk-4.0.so.37 + 0x9d7bdc)
                #42 0x00000000f51b4a60 n/a (libwebkit2gtk-4.0.so.37 + 0xb49a60)
                #43 0x00000000f63d0c24 n/a (libwebkit2gtk-4.0.so.37 + 0x1d65c24)
                #44 0x00000000f63d0d4c n/a (libwebkit2gtk-4.0.so.37 + 0x1d65d4c)
                #45 0x00000000f63e3b14 n/a (libwebkit2gtk-4.0.so.37 + 0x1d78b14)
                #46 0x00000000f63a4984 n/a (libwebkit2gtk-4.0.so.37 + 0x1d39984)
                #47 0x00000000f51b9880 n/a (libwebkit2gtk-4.0.so.37 + 0xb4e880)
                #48 0x00000000f63a09f4 n/a (libwebkit2gtk-4.0.so.37 + 0x1d359f4)
                #49 0x00000000f63a0c3c n/a (libwebkit2gtk-4.0.so.37 + 0x1d35c3c)
                #50 0x00000000f63ab080 n/a (libwebkit2gtk-4.0.so.37 + 0x1d40080)
                #51 0x00000000f63ae678 n/a (libwebkit2gtk-4.0.so.37 + 0x1d43678)
                #52 0x00000000f63af1d8 n/a (libwebkit2gtk-4.0.so.37 + 0x1d441d8)
                #53 0x00000000f63b3848 n/a (libwebkit2gtk-4.0.so.37 + 0x1d48848)
                #54 0x00000000f4baf444 n/a (libwebkit2gtk-4.0.so.37 + 0x544444)
                #55 0x00000000f6625fc0 n/a (libwebkit2gtk-4.0.so.37 + 0x1fbafc0)
                #56 0x00000000f6626108 n/a (libwebkit2gtk-4.0.so.37 + 0x1fbb108)
                #57 0x00000000f65fe1bc n/a (libwebkit2gtk-4.0.so.37 + 0x1f931bc)
                #58 0x00000000f65ff994 n/a (libwebkit2gtk-4.0.so.37 + 0x1f94994)
                #59 0x00000000004a918c n/a (WebKitWebProcess + 0x9618c)
                #60 0x00000000004a87ac n/a (WebKitWebProcess + 0x957ac)
                #61 0x00000000f4076190 g_main_context_dispatch (libglib-2.0.so.0 + 0x63190)
                #62 0x00000000f4076618 n/a (libglib-2.0.so.0 + 0x63618)
                #63 0x00000000f4076afc g_main_loop_run (libglib-2.0.so.0 + 0x63afc)
                
                Stack trace of thread 31128:
                #0  0x00000000f3991be0 __GI___poll (libc.so.6 + 0xfabe0)
                #1  0x00000000f408aa88 g_poll (libglib-2.0.so.0 + 0x77a88)
                #2  0x00000000f4076588 n/a (libglib-2.0.so.0 + 0x63588)
                #3  0x00000000f4076afc g_main_loop_run (libglib-2.0.so.0 + 0x63afc)
                #4  0x00000000004a97d0 _ZN3WTF7RunLoop3runEv (WebKitWebProcess + 0x967d0)
                #5  0x00000000004a48dc n/a (WebKitWebProcess + 0x918dc)
                #6  0x000000000044aae8 _ZN3WTF6Thread10entryPointEPNS0_16NewThreadContextE (WebKitWebProcess + 0x37ae8)
                #7  0x00000000004a9ed0 n/a (WebKitWebProcess + 0x96ed0)
                #8  0x00000000001546cc start_thread (libpthread.so.0 + 0x76cc)
                #9  0x00000000f399e13c __clone (libc.so.6 + 0x10713c)

[...]

Core was generated by `/usr/libexec/webkit2gtk-4.0/WebKitWebProcess 23 23'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0xf1e0f668 in JSC::weakClearSlowCase(JSC::WeakImpl*&) () from /usr/lib/libjavascriptcoregtk-4.0.so.18
[Current thread is 1 (Thread 0xee141070 (LWP 31123))]
Comment 13 Mart Raudsepp gentoo-dev 2020-05-09 20:54:29 UTC
I added am upstream patch to fix things for JSVALUE64 platforms, other than amd64/arm64, into 2.28.2 bump.
I don't know if ppc32 is a JSVALUE64 or not, but please give 2.28.2 a spin. If that doesn't work, maybe the patch referenced here, in combination with the patch I included, has more luck than it alone on top of 2.26.

As 2.28.2 contains security fixes as well, you can and should head towards keywording that instead of, or in addition to, 2.26.2 anyways.
Comment 14 ernsteiswuerfel 2020-05-11 21:35:20 UTC
Nope, unfortunately no luck with 2.28.2 on ppc either. With and without the current ppc-llint.patch on top of 2.28.2 sill the same jsc_weak_value_new (libjavascriptcoregtk-4.0.so.18 + 0x252a50) crash.
Comment 15 Sam James (sec padawan) 2020-06-01 20:38:08 UTC
~arm added

----
so ppc is not doable it seems, from ernsteiswuerfel's investigation. I guess we need to mask it.

Matt mentioned we had a problem on alpha but not sure what it was. 

So it's very possible the two remaining arches can't get keywords for the foreseeable future.
Comment 16 ernsteiswuerfel 2020-06-01 23:56:27 UTC
(In reply to Sam James (sec padawan) from comment #15)
> so ppc is not doable it seems, from ernsteiswuerfel's investigation. I guess
> we need to mask it.
At least it does not work without further patching. And I don't know what magic makes it run on ppc on Void Linux...