dev-qt/qtcore: Fix stack smashing crash

Test it in ~arch while upstream are making up their minds. See also: https://invent.kde.org/qt/qt/qtbase/-/merge_requests/81 KDE-bug: https://bugs.kde.org/show_bug.cgi?id=445719 Bug: https://bugs.gentoo.org/824286 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Andreas Sturmlechner <[email protected]>
hanetzer · Dec 16, 2021 · 11cc810 · 11cc810
1 parent 72ca375
commit 11cc810
Show file tree

Hide file tree

Showing 2 changed files with 211 additions and 0 deletions.
diff --git a/dev-qt/qtcore/files/qtcore-5.15.2-fix-stack-smashing.patch b/dev-qt/qtcore/files/qtcore-5.15.2-fix-stack-smashing.patch
@@ -0,0 +1,105 @@
+From 463c338b09710609e0dc82f67e03c829a7b83788 Mon Sep 17 00:00:00 2001
+From: Allan Sandfeld Jensen <[email protected]>
+Date: Fri, 14 May 2021 10:43:11 +0200
+Subject: [PATCH] Avoid mixing atomic futex changes and QAtomic
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Either the mix of futex and atomic, or the mix of 32-bit futex and
+64-bit atomic doesn't work. In any case, the existing code leads to
+bad behavior.
+
+* asturm 2021-11-19: Also threw the typo fix from 587e3bb0 into the mix.
+
+Pick-to: 6.1 5.15
+Fixes: QTBUG-92188
+Change-Id: Icc6ba28d6e2465c373d00e84f4da2b92c037e797
+Reviewed-by: Qt CI Bot <[email protected]>
+Reviewed-by: Mårten Nordheim <[email protected]>
+(cherry picked from commit 2d9cc639a4a7a5e97979a6034364bd67dfa10c23)
+---
+ src/corelib/thread/qsemaphore.cpp | 46 ++++++++++++-------------------
+ 1 file changed, 17 insertions(+), 29 deletions(-)
+
+diff --git a/src/corelib/thread/qsemaphore.cpp b/src/corelib/thread/qsemaphore.cpp
+index d4fb756b94..1d01fc1b28 100644
+--- a/src/corelib/thread/qsemaphore.cpp
++++ b/src/corelib/thread/qsemaphore.cpp
+@@ -357,47 +357,31 @@ void QSemaphore::release(int n)
+         quintptr prevValue = u.fetchAndAddRelease(nn);
+         if (futexNeedsWake(prevValue)) {
+ #ifdef FUTEX_OP
+-            if (!futexHasWaiterCount) {
+-                /*
+-                   On 32-bit systems, all waiters are waiting on the same address,
+-                   so we'll wake them all and ask the kernel to clear the high bit.
+-
+-                   atomic {
+-                      int oldval = u;
+-                      u = oldval & ~(1 << 31);
+-                      futexWake(u, INT_MAX);
+-                      if (oldval == 0)       // impossible condition
+-                          futexWake(u, INT_MAX);
+-                   }
+-                */
+-                quint32 op = FUTEX_OP_ANDN | FUTEX_OP_OPARG_SHIFT;
+-                quint32 oparg = 31;
+-                quint32 cmp = FUTEX_OP_CMP_EQ;
+-                quint32 cmparg = 0;
+-                futexWakeOp(u, INT_MAX, INT_MAX, u, FUTEX_OP(op, oparg, cmp, cmparg));
+-            } else {
++            if (futexHasWaiterCount) {
+                 /*
+                    On 64-bit systems, the single-token waiters wait on the low half
+                    and the multi-token waiters wait on the upper half. So we ask
+                    the kernel to wake up n single-token waiters and all multi-token
+-                   waiters (if any), then clear the multi-token wait bit.
++                   waiters (if any), and clear the multi-token wait bit.
+
+                    atomic {
+                       int oldval = *upper;
+-                      *upper = oldval & ~(1 << 31);
++                      *upper = oldval | 0;
+                       futexWake(lower, n);
+-                      if (oldval < 0)   // sign bit set
++                      if (oldval != 0)   // always true
+                           futexWake(upper, INT_MAX);
+                    }
+                 */
+-                quint32 op = FUTEX_OP_ANDN | FUTEX_OP_OPARG_SHIFT;
+-                quint32 oparg = 31;
+-                quint32 cmp = FUTEX_OP_CMP_LT;
++                quint32 op = FUTEX_OP_OR;
++                quint32 oparg = 0;
++                quint32 cmp = FUTEX_OP_CMP_NE;
+                 quint32 cmparg = 0;
++                u.fetchAndAndRelease(futexNeedsWakeAllBit - 1);
+                 futexWakeOp(*futexLow32(&u), n, INT_MAX, *futexHigh32(&u), FUTEX_OP(op, oparg, cmp, cmparg));
++                return;
+             }
+-#else
+-            // Unset the bit and wake everyone. There are two possibibilies
++#endif
++            // Unset the bit and wake everyone. There are two possibilities
+             // under which a thread can set the bit between the AND and the
+             // futexWake:
+             // 1) it did see the new counter value, but it wasn't enough for
+@@ -405,8 +389,12 @@ void QSemaphore::release(int n)
+             // 2) it did not see the new counter value, in which case its
+             //    futexWait will fail.
+             u.fetchAndAndRelease(futexNeedsWakeAllBit - 1);
+-            futexWakeAll(u);
+-#endif
++            if (futexHasWaiterCount) {
++                futexWakeAll(*futexLow32(&u));
++                futexWakeAll(*futexHigh32(&u));
++            } else {
++                futexWakeAll(u);
++            }
+         }
+         return;
+     }
+-- 
+2.34.0
+
diff --git a/dev-qt/qtcore/qtcore-5.15.2-r12.ebuild b/dev-qt/qtcore/qtcore-5.15.2-r12.ebuild
@@ -0,0 +1,106 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+KDE_ORG_COMMIT=7c6c0030cf80ef7b9ace42996b0e0c3a72f76860
+QT5_MODULE="qtbase"
+inherit linux-info qt5-build
+
+DESCRIPTION="Cross-platform application development framework"
+SLOT=5/${QT5_PV}
+
+if [[ ${QT5_BUILD_TYPE} == release ]]; then
+	KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~riscv ~sparc ~x86"
+fi
+
+IUSE="icu old-kernel systemd"
+
+DEPEND="
+	dev-libs/double-conversion:=
+	dev-libs/glib:2
+	dev-libs/libpcre2[pcre16,unicode]
+	sys-libs/zlib:=
+	icu? ( dev-libs/icu:= )
+	!icu? ( virtual/libiconv )
+	systemd? ( sys-apps/systemd:= )
+"
+RDEPEND="${DEPEND}
+	>=dev-qt/qtchooser-66-r1
+"
+
+QT5_TARGET_SUBDIRS=(
+	src/tools/bootstrap
+	src/tools/moc
+	src/tools/rcc
+	src/corelib
+	src/tools/qlalr
+	doc
+)
+
+QT5_GENTOO_PRIVATE_CONFIG=(
+	!:network
+	!:sql
+	!:testlib
+	!:xml
+)
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-5.14.1-cmake-macro-backward-compat.patch # bug 703306
+	"${FILESDIR}"/${PN}-5.15.1-timezone-{1,2}.patch # bug 737914
+	# See also: https://invent.kde.org/qt/qt/qtbase/-/merge_requests/81
+	"${FILESDIR}"/${P}-fix-stack-smashing.patch # bug 824286, KDE-bug 445719
+)
+
+pkg_pretend() {
+	use kernel_linux || return
+	get_running_version
+	if kernel_is -lt 4 11 && ! use old-kernel; then
+		ewarn "The running kernel is older than 4.11. USE=old-kernel is needed for"
+		ewarn "dev-qt/qtcore to function on this kernel properly. Bugs #669994, #672856"
+	fi
+}
+
+src_prepare() {
+	# don't add -O3 to CXXFLAGS, bug 549140
+	sed -i -e '/CONFIG\s*+=/s/optimize_full//' src/corelib/corelib.pro || die
+
+	# fix missing qt_version_tag symbol w/ LTO, bug 674382
+	sed -i -e 's/^gcc:ltcg/gcc/' src/corelib/global/global.pri || die
+
+	qt5-build_src_prepare
+}
+
+src_configure() {
+	local myconf=(
+		$(qt_use icu)
+		$(qt_use !icu iconv)
+		$(qt_use systemd journald)
+	)
+	use old-kernel && myconf+=(
+		-no-feature-renameat2 # needs Linux 3.16, bug 669994
+		-no-feature-getentropy # needs Linux 3.17, bug 669994
+		-no-feature-statx # needs Linux 4.11, bug 672856
+	)
+	qt5-build_src_configure
+}
+
+src_install() {
+	qt5-build_src_install
+
+	local flags=(
+		DBUS FREETYPE IMAGEFORMAT_JPEG IMAGEFORMAT_PNG
+		OPENGL OPENSSL SSL WIDGETS
+	)
+
+	for flag in ${flags[@]}; do
+		cat >> "${D}"/${QT5_HEADERDIR}/QtCore/qconfig.h <<- _EOF_ || die
+
+			#if defined(QT_NO_${flag}) && defined(QT_${flag})
+			# undef QT_NO_${flag}
+			#elif !defined(QT_NO_${flag}) && !defined(QT_${flag})
+			# define QT_NO_${flag}
+			#endif
+		_EOF_
+	done
+}