Oxide

Crash on devices when inputing characters with the OSK

Bug #1327241 reported by Olivier Tilloy on 2014-06-06

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Oxide	Fix Released	Critical	Chris Coulson	Oxide branch-1.1
	1.0	Fix Released	Critical	Chris Coulson	Oxide 1.0.2

Bug Description

This happens with a recent version of oxide built from lp:oxide. When tested on a device to input text in a text field, the client process crashes with the following backtrace:

#0 0xb6dda5c6 in QEvent::QEvent(QEvent const&) ()
   from /usr/lib/arm-linux-gnueabihf/libQt5Core.so.5
#1 0xae4241ba in content::NativeWebKeyboardEvent::NativeWebKeyboardEvent(content::NativeWebKeyboardEvent const&) ()
   from /usr/lib/arm-linux-gnueabihf/libOxideQtCore.so.0
#2 0xafaca89e in content::InputRouterImpl::SendKeyboardEvent(content::NativeWebKeyboardEvent const&, ui::LatencyInfo const&, bool) ()
   from /usr/lib/arm-linux-gnueabihf/libOxideQtCore.so.0
#3 0xafb17c58 in content::RenderWidgetHostImpl::ForwardKeyboardEvent(content::NativeWebKeyboardEvent const&) ()
   from /usr/lib/arm-linux-gnueabihf/libOxideQtCore.so.0
#4 0xae425d4c in oxide::qt::sendFakeCompositionKeyEvent(content::RenderWidgetHostImpl*, blink::WebInputEvent::Type) ()
   from /usr/lib/arm-linux-gnueabihf/libOxideQtCore.so.0
#5 0xae427678 in oxide::qt::RenderWidgetHostView::HandleInputMethodEvent(QInputMethodEvent*) () from /usr/lib/arm-linux-gnueabihf/libOxideQtCore.so.0
#6 0xb661dfde in QQuickItem::event(QEvent*) ()
   from /usr/lib/arm-linux-gnueabihf/libQt5Quick.so.5
#7 0xb616d8a0 in QApplicationPrivate::notify_helper(QObject*, QEvent*) ()
   from /usr/lib/arm-linux-gnueabihf/libQt5Widgets.so.5
#8 0xb617136e in QApplication::notify(QObject*, QEvent*) ()
   from /usr/lib/arm-linux-gnueabihf/libQt5Widgets.so.5

The crash is happening in gfx::NativeEvent CopyEvent(gfx::NativeEvent event).
Because os_event is 0, we dereference a null pointer in the copy constructor for NativeWebKeyboardEvent.