> While processing a key down event the Glass GTK code sends out PRESSED and > TYPED KeyEvents back to back. If the stage is closed during the PRESSED event > the code will end up referencing freed memory while sending out the TYPED > event. This can lead to intermittent crashes. > > In GlassApplication.cpp the EventCounterHelper object ensures the > WindowContext isn't deleted while processing an event. Currently the helper > object is being created *after* IME handling instead of before. If the IME is > enabled it's possible for the WindowContext to be deleted in the middle of > executing a number of keyboard-related events. > > The fix is simple; instantiate the EventCounterHelper object earlier. There > isn't always a WindowContext so I tweaked the EventCounterHelper to do > nothing if the context is null. > > To make the crash more reproducible I altered the WindowContext such that > when it's deleted the freed memory is filled with 0xCC. This made the crash > more reproducible and allowed me to test the fix. I did the same with > GlassView since that's the only other Glass GTK class that's instantiated > with `new` and discarded with `delete`.
Martin Fox has updated the pull request incrementally with one additional commit since the last revision: Consistent use of FILL in mem debug code. ------------- Changes: - all: https://git.openjdk.org/jfx/pull/1307/files - new: https://git.openjdk.org/jfx/pull/1307/files/6a4a4e63..09f8ede5 Webrevs: - full: https://webrevs.openjdk.org/?repo=jfx&pr=1307&range=02 - incr: https://webrevs.openjdk.org/?repo=jfx&pr=1307&range=01-02 Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod Patch: https://git.openjdk.org/jfx/pull/1307.diff Fetch: git fetch https://git.openjdk.org/jfx.git pull/1307/head:pull/1307 PR: https://git.openjdk.org/jfx/pull/1307
