FS#54428 - [qt5-webkit] JavaScript regex replaces lead to segfault

Attached to Project: Arch Linux
Opened by Florian Bruhin (The-Compiler) - Monday, 12 June 2017, 21:17 GMT
Last edited by Antonio Rojas (arojas) - Friday, 16 June 2017, 11:13 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Antonio Rojas (arojas)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

With QtWebKit compiled with GCC 7, using javascript search/replace with a regex (depending on the string) segfaults.

This can be reproduced on various websites (e.g. when posting a comment on reddit), and causes me to get lot of crashreports for qutebrowser ;-)
It can also be reproduced by running this in the inspector of a QtWebKit based browser: s = 'xxxxxxxxxxxxxxAxxxxxxxxxxxxxxxxxxxxA–'; s.replace(/A/g, 'b')

I've tracked it down here: https://github.com/annulen/webkit/issues/562

I don't have a real solution (or an upstream bug) yet, but there's a workaround patch here: https://github.com/annulen/webkit/issues/562#issuecomment-307911343

Would be great to have this applied to both qt5-webkit and qt5-webkit-ng.
This task depends upon

Closed by  Antonio Rojas (arojas)
Friday, 16 June 2017, 11:13 GMT
Reason for closing:  Fixed
Additional comments about closing:  qt5-webkit 5.212.0alpha-2
Comment by Florian Bruhin (The-Compiler) - Thursday, 15 June 2017, 13:33 GMT
Upstream WebKit bug: https://bugs.webkit.org/show_bug.cgi?id=173407
Comment by Chris Severance (severach) - Friday, 16 June 2017, 02:36 GMT
https://github.com/notepadqq/notepadqq/issues/460

It's crashing notepadqq-git. Recompiling with gcc 6.3 makes it not crash.

Loading...