-
Bug
-
Resolution: Fixed
-
P3
-
1.4.2_14
-
b05
-
x86
-
windows_xp
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2160991 | 1.4.2_17-rev | Vaibhav Choudhary | P3 | Resolved | Fixed | b10 |
An applet terminates abnormally at our customer site.
When the applet invokes a pop up window and press "delete" key,
that occurs.
CONFIGURATION :
OS : WindowsXP SP2
JRE : 1.4.2_05
INVESTIGATION :
For all the 1.4.2_XX releases, there seems the following problem.
The implementation of AwtComponent::WmKeyDown is as follows.
---- ./j2se/src/windows/native/sun/windows/awt_Component.c --->
.....
MSG* msg = CreateMessage((system ? WM_SYSKEYDOWN : WM_KEYDOWN),
wkey, MAKELPARAM(repCnt, flags));
UINT modifiers = GetJavaModifiers();
jint keyLocation = GetKeyLocation(wkey, flags);
UINT jkey = WindowsKeyToJavaKey(wkey, modifiers);
UINT character = WindowsKeyToJavaChar(wkey, modifiers, SAVE);
SendKeyEventToFocusOwner(java_awt_event_KeyEvent_KEY_PRESSED,
nowMillisUTC(msg->time), jkey, character,
modifiers, keyLocation, msg);
// bugid 4724007: Windows does not create a WM_CHAR for the Del key
// for some reason, so we need to create the KEY_TYPED event on the
// WM_KEYDOWN. Use null msg so the character doesn't get sent back
// to the native window for processing (this event is synthesized
// for Java - we don't want Windows trying to process it).
if (jkey == java_awt_event_KeyEvent_VK_DELETE) {
SendKeyEventToFocusOwner(java_awt_event_KeyEvent_KEY_TYPED,
nowMillisUTC(msg->time),
java_awt_event_KeyEvent_VK_UNDEFINED,
character, modifiers,
java_awt_event_KeyEvent_KEY_LOCATION_UNKNOWN);
}
....
<-----
MSG structure is created ( "new" ed) in CreateMessage() and deleted in SendKeyEvent()
called from SendKeyEventToFocusOwner().
---->
void AwtComponent::SendKeyEvent(jint id, jlong when, jint raw, jint cooked,
jint modifiers, jint keyLocation, MSG *pMsg)
.........
if (pMsg != NULL) {
AwtAWTEvent::saveMSG(env, pMsg, keyEvent);
delete pMsg;
}
SendEvent(keyEvent);
........
<----
When "delete" key is pressed, the value of msg is invalid in the 2nd
SendKeyEventToFocusOwner() because ms has been "delete"ed.
(This has been confirmed with debugger.)
When the application is running under heavy loaded environment, msg can not be
accessed correctly and access violation occurs at "msg->time".
When the applet invokes a pop up window and press "delete" key,
that occurs.
CONFIGURATION :
OS : WindowsXP SP2
JRE : 1.4.2_05
INVESTIGATION :
For all the 1.4.2_XX releases, there seems the following problem.
The implementation of AwtComponent::WmKeyDown is as follows.
---- ./j2se/src/windows/native/sun/windows/awt_Component.c --->
.....
MSG* msg = CreateMessage((system ? WM_SYSKEYDOWN : WM_KEYDOWN),
wkey, MAKELPARAM(repCnt, flags));
UINT modifiers = GetJavaModifiers();
jint keyLocation = GetKeyLocation(wkey, flags);
UINT jkey = WindowsKeyToJavaKey(wkey, modifiers);
UINT character = WindowsKeyToJavaChar(wkey, modifiers, SAVE);
SendKeyEventToFocusOwner(java_awt_event_KeyEvent_KEY_PRESSED,
nowMillisUTC(msg->time), jkey, character,
modifiers, keyLocation, msg);
// bugid 4724007: Windows does not create a WM_CHAR for the Del key
// for some reason, so we need to create the KEY_TYPED event on the
// WM_KEYDOWN. Use null msg so the character doesn't get sent back
// to the native window for processing (this event is synthesized
// for Java - we don't want Windows trying to process it).
if (jkey == java_awt_event_KeyEvent_VK_DELETE) {
SendKeyEventToFocusOwner(java_awt_event_KeyEvent_KEY_TYPED,
nowMillisUTC(msg->time),
java_awt_event_KeyEvent_VK_UNDEFINED,
character, modifiers,
java_awt_event_KeyEvent_KEY_LOCATION_UNKNOWN);
}
....
<-----
MSG structure is created ( "new" ed) in CreateMessage() and deleted in SendKeyEvent()
called from SendKeyEventToFocusOwner().
---->
void AwtComponent::SendKeyEvent(jint id, jlong when, jint raw, jint cooked,
jint modifiers, jint keyLocation, MSG *pMsg)
.........
if (pMsg != NULL) {
AwtAWTEvent::saveMSG(env, pMsg, keyEvent);
delete pMsg;
}
SendEvent(keyEvent);
........
<----
When "delete" key is pressed, the value of msg is invalid in the 2nd
SendKeyEventToFocusOwner() because ms has been "delete"ed.
(This has been confirmed with debugger.)
When the application is running under heavy loaded environment, msg can not be
accessed correctly and access violation occurs at "msg->time".
- backported by
-
JDK-2160991 freed MSG structure seems to cause access violation in 1.4.2
-
- Resolved
-