Bug 2215312 - [abrt] quiterss: JSC::StructureIDBlob::indexingType(): quiterss killed by SIGSEGV [NEEDINFO]
Summary: [abrt] quiterss: JSC::StructureIDBlob::indexingType(): quiterss killed by SIG...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: qt5-qtwebkit
Version: 38
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Than Ngo
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:f02a7f04d0c82eeff61b862aee1...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-06-15 13:52 UTC by vikiwiki
Modified: 2023-08-04 22:51 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-08-04 22:51:36 UTC
Type: ---
Embargoed:
fedora: needinfo? (wrcadk)

Attachments (Terms of Use)
File: exploitable (168 bytes, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: maps (3.97 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: limits (1.29 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: proc_pid_status (1.38 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: os_info (682 bytes, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: core_backtrace (76.07 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: open_fds (3.96 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: cpuinfo (2.65 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: environ (1.98 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: backtrace (255.45 KB, text/plain)
2023-06-15 13:52 UTC, vikiwiki 		no flags Details
File: mountinfo (3.14 KB, text/plain)
2023-06-15 13:53 UTC, vikiwiki 		no flags Details
View All

Description vikiwiki 2023-06-15 13:52:40 UTC 
Version-Release number of selected component:
quiterss-0.19.4-8.fc38

Additional info:
reporter:       libreport-2.17.10
package:        quiterss-0.19.4-8.fc38
dso_list:       /usr/bin/quiterss quiterss-0.19.4-8.fc38.x86_64 (Fedora Project) 1682357122
uid:            1000
executable:     /usr/bin/quiterss
type:           CCpp
rootdir:        /
cgroup:         0::/user.slice/user-1000.slice/user/app.slice/app-quiterss-605f917440954b8c91e58f4fb9952948.scope
cmdline:        /usr/bin/quiterss
crash_function: JSC::StructureIDBlob::indexingType
runlevel:       N 5
kernel:         6.3.7-200.fc38.x86_64
reason:         quiterss killed by SIGSEGV
backtrace_rating: 4
journald_cursor: s=6e9986fedb0c466480c0ca29be6066be;i=272b67;b=3086db8da8b3469c95dbc683f86195e1;m=62a218fdb;t=5fe2b23edc860;x=92107790ea8562ca

Truncated backtrace:
Thread no. 0 (48 frames)
 #0 JSC::StructureIDBlob::indexingType at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/StructureIDBlob.h:56
 #1 JSC::Structure::indexingType at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/Structure.h:233
 #2 JSC::IndexingHeader::preCapacity at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/IndexingHeaderInlines.h:37
 #3 JSC::Butterfly::createOrGrowPropertyStorage at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/ButterflyInlines.h:85
 #4 JSC::JSObject::growOutOfLineStorage at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/JSObject.cpp:2552
 #5 JSC::JSObject::setStructureAndReallocateStorageIfNecessary at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/JSObject.h:1371
 #7 JSC::JSObject::putDirectInternal<(JSC::JSObject::PutMode)0> at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/JSObject.h:1352
 #8 JSC::JSObject::putInline at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/JSObjectInlines.h:55
 #9 JSC::JSObject::put at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/JSObject.cpp:384
 #10 JSC::JSValue::put at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/JSCJSValueInlines.h:762
 #11 JSC::LLInt::llint_slow_path_put_by_val at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:753
 #12 llint_entry
 #15 vmEntryToJavaScript
 #16 JSC::JITCode::execute at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/jit/JITCode.cpp:80
 #17 JSC::Interpreter::execute at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/interpreter/Interpreter.cpp:971
 #18 JSC::evaluate at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/Completion.cpp:106
 #19 JSC::profiledEvaluate at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/JavaScriptCore/runtime/Completion.cpp:121
 #20 WebCore::JSMainThreadExecState::profiledEvaluate at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/bindings/js/JSMainThreadExecState.h:80
 #21 WebCore::ScriptController::evaluateInWorld at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/bindings/js/ScriptController.cpp:164
 #22 WebCore::ScriptController::evaluate at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/bindings/js/ScriptController.cpp:180
 #23 WebCore::ScriptElement::executeScript at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/dom/ScriptElement.cpp:320
 #24 WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/html/parser/HTMLScriptRunner.cpp:144
 #25 WebCore::HTMLScriptRunner::executeParsingBlockingScript at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/html/parser/HTMLScriptRunner.cpp:120
 #26 WebCore::HTMLScriptRunner::executeParsingBlockingScripts at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/html/parser/HTMLScriptRunner.cpp:195
 #27 WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/html/parser/HTMLScriptRunner.cpp:204
 #28 WebCore::HTMLDocumentParser::notifyFinished at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/html/parser/HTMLDocumentParser.cpp:525
 #29 WebCore::CachedResource::checkNotify at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/loader/cache/CachedResource.cpp:298
 #30 WebCore::SubresourceLoader::didFinishLoading at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/loader/SubresourceLoader.cpp:428
 #31 WebCore::QNetworkReplyHandler::finish at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:550
 #32 WebCore::QNetworkReplyHandlerCallQueue::flush at /usr/src/debug/qt5-qtwebkit-5.212.0-0.75alpha4.fc38.x86_64/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:281
 #33 doActivate<false> at kernel/qobject.cpp:3935
 #34 QMetaObject::activate at kernel/qobject.cpp:3983
 #35 QNetworkReply::finished at .moc/moc_qnetworkreply.cpp:404
 #36 QNetworkReplyHttpImplPrivate::finished at access/qnetworkreplyhttpimpl.cpp:2280
 #37 QObject::event at kernel/qobject.cpp:1347
 #38 QApplicationPrivate::notify_helper at kernel/qapplication.cpp:3640
 #39 QCoreApplication::notifyInternal2 at kernel/qcoreapplication.cpp:1064
 #40 QCoreApplication::sendEvent at kernel/qcoreapplication.cpp:1462
 #41 QCoreApplicationPrivate::sendPostedEvents at kernel/qcoreapplication.cpp:1821
 #42 QCoreApplication::sendPostedEvents at kernel/qcoreapplication.cpp:1680
 #43 postEventSourceDispatch at kernel/qeventdispatcher_glib.cpp:277
 #46 g_main_context_iterate.isra.0 at ../glib/gmain.c:4276
 #47 g_main_context_iteration at ../glib/gmain.c:4343
 #48 QEventDispatcherGlib::processEvents at kernel/qeventdispatcher_glib.cpp:423
 #49 QEventLoop::exec at ../../include/QtCore/../../src/corelib/global/qflags.h:69
 #50 QCoreApplication::exec at ../../include/QtCore/../../src/corelib/global/qflags.h:121
 #51 QGuiApplication::exec at kernel/qguiapplication.cpp:1863
 #52 QApplication::exec at kernel/qapplication.cpp:2832
Comment 1 vikiwiki 2023-06-15 13:52:43 UTC 
Created attachment 1970995 [details]
File: exploitable
Comment 2 vikiwiki 2023-06-15 13:52:45 UTC 
Created attachment 1970996 [details]
File: maps
Comment 3 vikiwiki 2023-06-15 13:52:47 UTC 
Created attachment 1970997 [details]
File: limits
Comment 4 vikiwiki 2023-06-15 13:52:49 UTC 
Created attachment 1970998 [details]
File: proc_pid_status
Comment 5 vikiwiki 2023-06-15 13:52:50 UTC 
Created attachment 1970999 [details]
File: os_info
Comment 6 vikiwiki 2023-06-15 13:52:52 UTC 
Created attachment 1971000 [details]
File: core_backtrace
Comment 7 vikiwiki 2023-06-15 13:52:54 UTC 
Created attachment 1971001 [details]
File: open_fds
Comment 8 vikiwiki 2023-06-15 13:52:55 UTC 
Created attachment 1971002 [details]
File: cpuinfo
Comment 9 vikiwiki 2023-06-15 13:52:57 UTC 
Created attachment 1971003 [details]
File: environ
Comment 10 vikiwiki 2023-06-15 13:52:59 UTC 
Created attachment 1971004 [details]
File: backtrace
Comment 11 vikiwiki 2023-06-15 13:53:01 UTC 
Created attachment 1971005 [details]
File: mountinfo
Comment 12 Christian Stadelmann 2023-06-16 12:13:03 UTC 
This backtrace is very deep in Qt5's WebKit, so I'm assigning it to that package.

Anyway, qt5-qtwebkit seems to be barely maintained by upstream (see bug #1872819), lacking security updates for more than 2 years, so we should think about dropping this package completely for security reasons.
Comment 13 Eugene A. Pivnev 2023-08-04 22:51:36 UTC 
Maybe it's time to shut down this application.
Good idea, bad realization.
I'm sorry
Note You need to log in before you can comment on or make changes to this bug.