1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
Description: forcibly enable Q_ASSERT{,_X} checks
Some security-relevant checks are hidden behind assertions by upstream;
to help alleviate CVE-2023-44428 and possibly other issues, arm asserts
which increases safety at the risk of more crashes (which can then be
investigated, hence the verbosity of the info). Much of this is specific
to glibc-based systems though.
.
For now, we arm the abort() end as opt-in, but in a subsequent upload,
it will be opt-out instead for security.
Author: mirabilos <tg@debian.org>
Forwarded: no
--- a/all.h
+++ b/all.h
@@ -167,15 +167,17 @@
#include <QJsonDocument>
+// QT_FORCE_ASSERTS exists, but it is officially undocumented,
+// use is disrecommended, so roll our own
-// change Q_ASSERT to NOP if not debugging
+void mudeb_assert_(const char *, const char *, const char *, const char *, int, int);
-#ifdef QT_NO_DEBUG
#undef Q_ASSERT_X
-#define Q_ASSERT_X(a,b,c)
+#define Q_ASSERT_X(test,where,what) (__builtin_expect(!(test), 0) ? mudeb_assert_(__FILE__, __PRETTY_FUNCTION__, where, what, __LINE__, 1) : qt_noop())
#undef Q_ASSERT
-#define Q_ASSERT(a)
-#endif
+#define Q_ASSERT(test) (__builtin_expect(!(test), 0) ? mudeb_assert_(__FILE__, __PRETTY_FUNCTION__, NULL, #test, __LINE__, 0) : qt_noop())
+#undef Q_CHECK_PTR
+#define Q_CHECK_PTR(p) Q_ASSERT_X((p), "Q_CHECK_PTR", #p)
#endif
--- /dev/null
+++ b/ass.cpp
@@ -0,0 +1,60 @@
+/*-
+ * Copyright © 2024
+ * mirabilos <m$(date +%Y)@mirbsd.de>
+ *
+ * Provided that these terms and disclaimer and all copyright notices
+ * are retained or reproduced in an accompanying document, permission
+ * is granted to deal in this work without restriction, including un‐
+ * limited rights to use, publicly perform, distribute, sell, modify,
+ * merge, give away, or sublicence.
+ *
+ * This work is provided “AS IS” and WITHOUT WARRANTY of any kind, to
+ * the utmost extent permitted by applicable law, neither express nor
+ * implied; without malicious intent or gross negligence. In no event
+ * may a licensor, author or contributor be held liable for indirect,
+ * direct, other damage, loss, or other issues arising in any way out
+ * of dealing in the work, even if advised of the possibility of such
+ * damage or existence of a defect, except proven that it results out
+ * of said person’s immediate fault when using the work as intended.
+ */
+
+#ifndef __ALLQT_H__
+# error The all.h file was not auto-included first.
+#endif
+
+#include <execinfo.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define NBT 128
+static void *btbuffer[NBT];
+
+void
+mudeb_assert_(const char *xfile, const char *xfunc, const char *where, const char *what, int xline, int xisx)
+{
+ char **bt;
+ int nbt;
+
+ fflush(NULL);
+ if (xisx)
+ fprintf(stderr, "\r\nE: %s{%s}:%d: assertion failed in %s: %s\n",
+ xfile, xfunc, xline, where ? where : "(nil)", what ? what : "(nil)");
+ else
+ fprintf(stderr, "\r\nE: %s{%s}:%d: assertion failed: %s\n",
+ xfile, xfunc, xline, what);
+ fflush(stderr);
+ if ((nbt = backtrace(btbuffer, NBT)) > 0 &&
+ (bt = backtrace_symbols(btbuffer, nbt))) {
+ int i;
+
+ for (i = 0; i < nbt; ++i) {
+ fprintf(stderr, "N: %s\n", bt[i]);
+ fflush(stderr);
+ }
+ fprintf(stderr, "N: end of backtrace\n");
+ fflush(stderr);
+ free(bt);
+ }
+ if (getenv("MSCORE_ASSERT_ABORT") != NULL)
+ abort();
+}
--- a/build/Linux+BSD/mscore.1.in
+++ b/build/Linux+BSD/mscore.1.in
@@ -3,7 +3,7 @@
.\" mirabilos <m@mirbsd.org>
.\" Published under the same terms as MuseScore itself.
.\"-
-.Dd March 20, 2019
+.Dd April 21, 2025
.Dt @MAN_MSCORE_UPPER@ 1
.Os MuseScore
.Sh NAME@Variables_substituted_by_CMAKE_on_installation@
@@ -334,6 +334,8 @@ uncompressed MusicXML file
See below for an example.
.Sh ENVIRONMENT
.Bl -tag -width Ds
+.It Ev MSCORE_ASSERT_ABORT
+Assertion failures are fatal if set (the value does not matter).
.It Ev SKIP_LIBJACK
Set this (the value does not matter) to skip initialisation
of the JACK Audio Connection Kit library, in case it causes trouble.
--- a/bww2mxml/CMakeLists.txt
+++ b/bww2mxml/CMakeLists.txt
@@ -44,6 +44,7 @@ if (NOT MINGW AND NOT APPLE)
parser.cpp
symbols.cpp
writer.cpp
+ ${PROJECT_SOURCE_DIR}/ass.cpp
)
set_target_properties (
--- a/libmscore/CMakeLists.txt
+++ b/libmscore/CMakeLists.txt
@@ -33,6 +33,7 @@ add_library (
libmscore STATIC
${PROJECT_BINARY_DIR}/all.h
${INCS}
+ ${PROJECT_SOURCE_DIR}/ass.cpp
${LIB_SCRIPT_FILES}
segmentlist.cpp fingering.cpp accidental.cpp arpeggio.cpp
articulation.cpp barline.cpp beam.cpp bend.cpp box.cpp
--- a/manual/CMakeLists.txt
+++ b/manual/CMakeLists.txt
@@ -26,6 +26,7 @@ add_executable(
genManual
${INCS}
genManual.cpp
+ ${PROJECT_SOURCE_DIR}/ass.cpp
)
target_link_libraries(
genManual
--- a/mtest/CMakeLists.txt
+++ b/mtest/CMakeLists.txt
@@ -110,6 +110,13 @@ add_library(
add_executable(
mtest
mtest.cpp
+ ${PROJECT_SOURCE_DIR}/ass.cpp
+ )
+
+set_target_properties(
+ mtest
+ PROPERTIES
+ COMPILE_FLAGS "-include all.h"
)
target_link_libraries(
|
