Safari plugin crashing when System Integrity Protection is turned on. OS X 10.11.4



  • My Firebreath plugin for Safari, which uses Qt 5.5.1, crashes when System Integrity Protection is turned on. It works in other browsers, and in Safari with System Integrity Protection turned off. This is running OS X El Capitan, v10.11.4.
    I'm attaching the crash report. The top of the call stack is

    Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
    0 libsystem_kernel.dylib 0x00007fff91594f06 __pthread_kill + 10
    1 libsystem_pthread.dylib 0x00007fff9604a4ec pthread_kill + 90
    2 libsystem_c.dylib 0x00007fff9211e6e7 abort + 129
    3 org.qt-project.QtCore 0x000000010c6dbab9 qt_message_fatal(QtMsgType, QMessageLogContext const&, QString const&) + 9
    4 org.qt-project.QtCore 0x000000010c6dd487 QMessageLogger::fatal(char const*, ...) const + 231
    5 org.qt-project.QtGui 0x000000010c108527 QGuiApplicationPrivate::createPlatformIntegration() + 6359
    6 org.qt-project.QtGui 0x000000010c10854b QGuiApplicationPrivate::createEventDispatcher() + 27
    7 org.qt-project.QtCore 0x000000010c8984ec QCoreApplication::init() + 204
    8 org.qt-project.QtCore 0x000000010c898407 QCoreApplication::QCoreApplication(QCoreApplicationPrivate&) + 39
    9 org.qt-project.QtGui 0x000000010c1059ee QGuiApplication::QGuiApplication(QGuiApplicationPrivate&) + 14
    10 org.qt-project.QtWidgets 0x000000010b869b6e QApplication::QApplication(int&, char**, int) + 206

    I see this in Console:
    com.apple.WebKit.Plugin.64: Failed to connect (colorGridView) outlet from (NSApplication) to (NSColorPickerGridView): missing setter or instance variable
    com.apple.WebKit.Plugin.64: Failed to connect (view) outlet from (NSApplication) to (NSColorPickerGridView): missing setter or instance variable

    Maybe there's an issue with Qt 5.5.1 & SIP with OS X El Capitan? Or I need to do something to initialize it before instantiating QApplication? (The call to QApplication is practically the first thing my plugin does.)

    Any ideas, please let me know. Also, BTW, I'm not very familiar with the Mac so if someone could tell me how to get the debug version of the Qt libraries linked in there so I see line numbers in the Qt code that would help.

    Process:               com.apple.WebKit.Plugin.64 [823]
    Path:                  /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Plugin.64.xpc/Contents/MacOS/com.apple.WebKit.Plugin.64
    Identifier:            com.apple.WebKit.Plugin.64
    Version:               11601 (11601.5.17.1)
    Build Info:            WebKit2-7601005017001000~1
    Code Type:             X86-64 (Native)
    Parent Process:        ??? [1]
    Responsible:           Safari [282]
    User ID:               501
    
    PlugIn Path:             /Developer/SDKs/Qt/5.5/clang_64/lib/QtCore.framework/Versions/5/QtCore
    PlugIn Identifier:       org.qt-project.QtCore
    PlugIn Version:          5.5 (5.5.1)
    
    Date/Time:             2016-08-16 14:47:45.858 -0400
    OS Version:            Mac OS X 10.11.4 (15E65)
    Report Version:        11
    Anonymous UUID:        EB1C754A-EF31-1BE9-1CC7-16F10B48F84D
    
    
    Time Awake Since Boot: 1000 seconds
    
    System Integrity Protection: enabled
    
    Crashed Thread:        0  Dispatch queue: com.apple.main-thread
    
    Exception Type:        EXC_CRASH (SIGABRT)
    Exception Codes:       0x0000000000000000, 0x0000000000000000
    Exception Note:        EXC_CORPSE_NOTIFY
    
    Application Specific Information:
    abort() called
    
    Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
    0   libsystem_kernel.dylib        	0x00007fff91594f06 __pthread_kill + 10
    1   libsystem_pthread.dylib       	0x00007fff9604a4ec pthread_kill + 90
    2   libsystem_c.dylib             	0x00007fff9211e6e7 abort + 129
    3   org.qt-project.QtCore         	0x000000010c6dbab9 qt_message_fatal(QtMsgType, QMessageLogContext const&, QString const&) + 9
    4   org.qt-project.QtCore         	0x000000010c6dd487 QMessageLogger::fatal(char const*, ...) const + 231
    5   org.qt-project.QtGui          	0x000000010c108527 QGuiApplicationPrivate::createPlatformIntegration() + 6359
    6   org.qt-project.QtGui          	0x000000010c10854b QGuiApplicationPrivate::createEventDispatcher() + 27
    7   org.qt-project.QtCore         	0x000000010c8984ec QCoreApplication::init() + 204
    8   org.qt-project.QtCore         	0x000000010c898407 QCoreApplication::QCoreApplication(QCoreApplicationPrivate&) + 39
    9   org.qt-project.QtGui          	0x000000010c1059ee QGuiApplication::QGuiApplication(QGuiApplicationPrivate&) + 14
    10  org.qt-project.QtWidgets      	0x000000010b869b6e QApplication::QApplication(int&, char**, int) + 206
    11  com.CtxPresenterPluginLib.CONTEX-Presenter-Plugin-x86-64	0x0000000108c7aaa1 Presenter::QPresenterPlugin::globalInit() + 257 (qpresenterplugin.cpp:39)
    12  com.CtxPresenterPluginLib.CONTEX-Presenter-Plugin-x86-64	0x0000000108c064cf CtxPresenterPlugin::StaticInitialize() + 127 (CtxPresenterPlugin.cpp:35)
    13  com.CtxPresenterPluginLib.CONTEX-Presenter-Plugin-x86-64	0x0000000108c759a1 PluginFactory::globalPluginInitialize() + 17 (Factory.cpp:34)
    14  com.CtxPresenterPluginLib.CONTEX-Presenter-Plugin-x86-64	0x0000000108d1dc37 FB::Npapi::NpapiPluginModule::GetModule(void const*) + 103 (NpapiPluginModule.cpp:34)
    15  com.CtxPresenterPluginLib.CONTEX-Presenter-Plugin-x86-64	0x0000000108cc61c9 NP_Initialize + 57 (np_macmain.cpp:70)
    16  com.apple.WebKit              	0x00007fff975b3556 WebKit::NetscapePluginModule::tryLoad() + 206
    17  com.apple.WebKit              	0x00007fff975b3423 WebKit::NetscapePluginModule::load() + 31
    18  com.apple.WebKit              	0x00007fff975b33da WebKit::NetscapePluginModule::getOrCreate(WTF::String const&) + 192
    19  com.apple.WebKit              	0x00007fff975b32a1 WebKit::PluginProcess::netscapePluginModule() + 37
    20  com.apple.WebKit              	0x00007fff975b31f8 WebKit::PluginProcess::createWebProcessConnection() + 310
    21  com.apple.WebKit              	0x00007fff97604f56 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 102
    22  com.apple.WebKit              	0x00007fff97607482 IPC::Connection::dispatchOneMessage() + 114
    23  com.apple.JavaScriptCore      	0x00007fff861a1cb2 WTF::RunLoop::performWork() + 898
    24  com.apple.JavaScriptCore      	0x00007fff861a21c2 WTF::RunLoop::performWork(void*) + 34
    25  com.apple.CoreFoundation      	0x00007fff83b3e881 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
    26  com.apple.CoreFoundation      	0x00007fff83b1dfbc __CFRunLoopDoSources0 + 556
    27  com.apple.CoreFoundation      	0x00007fff83b1d4df __CFRunLoopRun + 927
    28  com.apple.CoreFoundation      	0x00007fff83b1ced8 CFRunLoopRunSpecific + 296
    29  com.apple.HIToolbox           	0x00007fff94588935 RunCurrentEventLoopInMode + 235
    30  com.apple.HIToolbox           	0x00007fff9458876f ReceiveNextEventCommon + 432
    31  com.apple.HIToolbox           	0x00007fff945885af _BlockUntilNextEventMatchingListInModeWithFilter + 71
    32  com.apple.AppKit              	0x00007fff90746efa _DPSNextEvent + 1067
    33  com.apple.AppKit              	0x00007fff9074632a -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 454
    34  com.apple.AppKit              	0x00007fff9073ae84 -[NSApplication run] + 682
    35  com.apple.AppKit              	0x00007fff9070446c NSApplicationMain + 1176
    36  libxpc.dylib                  	0x00007fff8236245e _xpc_objc_main + 793
    37  libxpc.dylib                  	0x00007fff82360e8a xpc_main + 494
    38  com.apple.WebKit.Plugin.64    	0x0000000104c08b4a 0x104c08000 + 2890
    39  libdyld.dylib                 	0x00007fff840bd5ad start + 1
    
    

  • Lifetime Qt Champion

    Hi,

    I haven't wrote plugins for Safari but from the error message it's likely related to the platform plugin not being loaded. If possible you should define the Q_DEBUG_PLUGINS environment variable and see if you can get any information about the plugins being loaded.



  • I tried turning Q_DEBUG_PLUGINS on but all it did was make my plugin not generate a crash report. Still didn't work, though.
    I also tried using a previous (Qt4) version of the plugin, which also doesn't work. I got more information from it. The following message appears in the Console log:
    8/17/16 1:11:24.555 PM com.apple.WebKit.Plugin.64[480]: Error loading /Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin: dlopen(/Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin, 262): Library not loaded: QtWebKit.framework/Versions/4/QtWebKit
    Referenced from: /Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin
    Reason: unsafe use of relative rpath QtWebKit.framework/Versions/4/QtWebKit in /Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin with restricted binary

    I wonder if this has something to do with it. It sounds like the sort of problem System Integrity Protection is designed to prevent.



  • A bit more info: I got the Qt5 version to give more info about what's not being loaded. It looks like it's unable to load the QtWebKitWidgets framework for some reason. I checked -- it and the platforms etc. are in the executable:

    8/17/16 2:57:48.687 PM com.apple.WebKit.Plugin.64[1563]: Error loading /Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin: dlopen(/Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin, 262): Library not loaded: @rpath/QtWebKitWidgets.framework/Versions/5/QtWebKitWidgets
    Referenced from: /Library/Internet Plug-Ins/npCtxPresenterPlugin.plugin/Contents/MacOS/npCtxPresenterPlugin
    Reason: image not found



  • I think I'm beginning to get a handle on what's going on. It looks like macdeployqt is inserting @rpath references to the Qt frameworks. These don't seem to be working with System Integrity Protection turned on.
    I don't know why the behavior seems to be different for my internet plug-in than what must be happening with other Mac executables. Maybe /Developer/Internet Plug-Ins is a protected location under System Integrity Protection? Not sure.
    Anyway, when I replace the @rpath references with @loader_path the load seems to get farther. I'll know more when I get them all set.


  • Lifetime Qt Champion

    Interesting !

    Once you cleared that part, that might something to make the macOS Qt dev aware. You should take a look at the bug report system to see if there's already something. If not please consider opening a new report providing your use case and findings.



  • I'm pretty sure that macdeployqt isn't working correctly for code that's protected. It appears that the @rpath items in the executable are not being allowed for this code. You can use @loader_path instead. But fixing that would require not only fixing the paths in the executable itself, but also in the Framework libraries.
    I'll file a bug report for this, though I'm really not familiar with OSX it appears this is the way things are supposed to work.
    BTW I'm STILL seeing the crash in the plugin--unfortunately I'm not getting any useful crash report. It looks like what happened earlier; the code is failing in createPlatformIntegration. I see these messages in the Console log:

    8/18/16 3:14:17.054 PM com.apple.xpc.launchd[1]: (com.apple.WebKit.Plugin.64.E77BAC61-F958-4FF7-9D28-01F88EAF0E5C[2660]) Service exited due to signal: Abort trap: 6
    8/18/16 3:14:18.154 PM com.apple.WebKit.Plugin.64[2661]: Failed to connect (colorGridView) outlet from (NSApplication) to (NSColorPickerGridView): missing setter or instance variable
    8/18/16 3:14:18.154 PM com.apple.WebKit.Plugin.64[2661]: Failed to connect (view) outlet from (NSApplication) to (NSColorPickerGridView): missing setter or instance variable
    8/18/16 3:14:18.000 PM kernel[0]: Process[2661] crashed: com.apple.WebKit. Too many corpses being created.
    
    

Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.