Modified: trunk/Source/WebKit2/ChangeLog (206984 => 206985)
--- trunk/Source/WebKit2/ChangeLog 2016-10-10 06:54:21 UTC (rev 206984)
+++ trunk/Source/WebKit2/ChangeLog 2016-10-10 07:12:35 UTC (rev 206985)
@@ -1,3 +1,21 @@
+2016-10-10 Tomas Popela <tpop...@redhat.com>
+
+ [GTK] UIProcess crashes when using Japanese IM
+ https://bugs.webkit.org/show_bug.cgi?id=163011
+
+ We have to reference the current GdkEventKey before we try process it
+ as later when the lambda body is reached the event could be already
+ freed.
+
+ Reviewed by Carlos Garcia Campos.
+
+ * UIProcess/API/gtk/WebKitWebViewBase.cpp:
+ (webkitWebViewBaseKeyPressEvent):
+ (webkitWebViewBaseKeyReleaseEvent):
+ * UIProcess/gtk/InputMethodFilter.h:
+ Use non-copyable Function so we can use WTFMove to pass the event to
+ lambda.
+
2016-10-09 Wenson Hsieh <wenson_hs...@apple.com>
Support InputEvent.inputType for the new InputEvent spec
Modified: trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp (206984 => 206985)
--- trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp 2016-10-10 06:54:21 UTC (rev 206984)
+++ trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp 2016-10-10 07:12:35 UTC (rev 206985)
@@ -674,17 +674,17 @@
return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->focus_out_event(widget, event);
}
-static gboolean webkitWebViewBaseKeyPressEvent(GtkWidget* widget, GdkEventKey* event)
+static gboolean webkitWebViewBaseKeyPressEvent(GtkWidget* widget, GdkEventKey* keyEvent)
{
WebKitWebViewBase* webViewBase = WEBKIT_WEB_VIEW_BASE(widget);
WebKitWebViewBasePrivate* priv = webViewBase->priv;
if (priv->authenticationDialog)
- return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->key_press_event(widget, event);
+ return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->key_press_event(widget, keyEvent);
#if ENABLE(FULLSCREEN_API)
if (priv->fullScreenModeActive) {
- switch (event->keyval) {
+ switch (keyEvent->keyval) {
case GDK_KEY_Escape:
case GDK_KEY_f:
case GDK_KEY_F:
@@ -702,18 +702,20 @@
// using gtk_main_do_event().
if (priv->shouldForwardNextKeyEvent) {
priv->shouldForwardNextKeyEvent = FALSE;
- return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->key_press_event(widget, event);
+ return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->key_press_event(widget, keyEvent);
}
- priv->inputMethodFilter.filterKeyEvent(event, [priv, event](const WebCore::CompositionResults& compositionResults, InputMethodFilter::EventFakedForComposition faked) {
- priv->pageProxy->handleKeyboardEvent(NativeWebKeyboardEvent(reinterpret_cast<GdkEvent*>(event), compositionResults, faked,
- !compositionResults.compositionUpdated() ? priv->keyBindingTranslator.commandsForKeyEvent(event) : Vector<String>()));
+ // We need to copy the event as otherwise it could be destroyed before we reach the lambda body.
+ GUniquePtr<GdkEvent> event(gdk_event_copy(reinterpret_cast<GdkEvent*>(keyEvent)));
+ priv->inputMethodFilter.filterKeyEvent(keyEvent, [priv, event = WTFMove(event)](const WebCore::CompositionResults& compositionResults, InputMethodFilter::EventFakedForComposition faked) {
+ priv->pageProxy->handleKeyboardEvent(NativeWebKeyboardEvent(event.get(), compositionResults, faked,
+ !compositionResults.compositionUpdated() ? priv->keyBindingTranslator.commandsForKeyEvent(&event->key) : Vector<String>()));
});
return TRUE;
}
-static gboolean webkitWebViewBaseKeyReleaseEvent(GtkWidget* widget, GdkEventKey* event)
+static gboolean webkitWebViewBaseKeyReleaseEvent(GtkWidget* widget, GdkEventKey* keyEvent)
{
WebKitWebViewBase* webViewBase = WEBKIT_WEB_VIEW_BASE(widget);
WebKitWebViewBasePrivate* priv = webViewBase->priv;
@@ -720,11 +722,13 @@
if (priv->shouldForwardNextKeyEvent) {
priv->shouldForwardNextKeyEvent = FALSE;
- return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->key_release_event(widget, event);
+ return GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->key_release_event(widget, keyEvent);
}
- priv->inputMethodFilter.filterKeyEvent(event, [priv, event](const WebCore::CompositionResults& compositionResults, InputMethodFilter::EventFakedForComposition faked) {
- priv->pageProxy->handleKeyboardEvent(NativeWebKeyboardEvent(reinterpret_cast<GdkEvent*>(event), compositionResults, faked, { }));
+ // We need to copy the event as otherwise it could be destroyed before we reach the lambda body.
+ GUniquePtr<GdkEvent> event(gdk_event_copy(reinterpret_cast<GdkEvent*>(keyEvent)));
+ priv->inputMethodFilter.filterKeyEvent(keyEvent, [priv, event = WTFMove(event)](const WebCore::CompositionResults& compositionResults, InputMethodFilter::EventFakedForComposition faked) {
+ priv->pageProxy->handleKeyboardEvent(NativeWebKeyboardEvent(event.get(), compositionResults, faked, { }));
});
return TRUE;
Modified: trunk/Source/WebKit2/UIProcess/gtk/InputMethodFilter.h (206984 => 206985)
--- trunk/Source/WebKit2/UIProcess/gtk/InputMethodFilter.h 2016-10-10 06:54:21 UTC (rev 206984)
+++ trunk/Source/WebKit2/UIProcess/gtk/InputMethodFilter.h 2016-10-10 07:12:35 UTC (rev 206985)
@@ -21,7 +21,7 @@
#define InputMethodFilter_h
#include <WebCore/IntPoint.h>
-#include <functional>
+#include <wtf/Function.h>
#include <wtf/Noncopyable.h>
#include <wtf/glib/GRefPtr.h>
#include <wtf/text/WTFString.h>
@@ -56,7 +56,7 @@
void setEnabled(bool);
void setCursorRect(const WebCore::IntRect&);
- using FilterKeyEventCompletionHandler = std::function<void (const WebCore::CompositionResults&, InputMethodFilter::EventFakedForComposition)>;
+ using FilterKeyEventCompletionHandler = Function<void(const WebCore::CompositionResults&, InputMethodFilter::EventFakedForComposition)>;
void filterKeyEvent(GdkEventKey*, FilterKeyEventCompletionHandler&& = nullptr);
void notifyFocusedIn();
void notifyFocusedOut();
