From cc96b9743567ff23da2e5daafff655951ab175d8 Mon Sep 17 00:00:00 2001 From: Takao Fujiwara Date: Fri, 26 May 2023 06:57:47 +0900 Subject: [PATCH] Resolves: #2195895 ibus_input_context_set_cursor_location(): ibus-x11 SIGSEGV --- ibus-1385349-segv-bus-proxy.patch | 153 ++++++++++++++++++++++++++++-- ibus.spec | 5 +- 2 files changed, 150 insertions(+), 8 deletions(-) diff --git a/ibus-1385349-segv-bus-proxy.patch b/ibus-1385349-segv-bus-proxy.patch index 098ae58..cf7c716 100644 --- a/ibus-1385349-segv-bus-proxy.patch +++ b/ibus-1385349-segv-bus-proxy.patch @@ -1,6 +1,6 @@ -From 5749b4861ffcaf8083d97c6bf9858257373596ce Mon Sep 17 00:00:00 2001 +From ffe82832ac5bc6aaa3d5a93004aae97a8b44a60c Mon Sep 17 00:00:00 2001 From: fujiwarat -Date: Wed, 25 Jan 2023 17:26:47 +0900 +Date: Fri, 26 May 2023 06:35:13 +0900 Subject: [PATCH] Fix SEGV in bus_panel_proxy_focus_in() rhbz#1350291 SEGV in BUS_IS_CONNECTION(skip_connection) in @@ -21,6 +21,9 @@ If the mutex is not unlocked, g_mutex_clear() causes assert. rhbz#1767691 SEGV in client/x11/main.c:_sighandler(). Do not call atexit functions in _sighandler(). +rhbz#2195895 SEGV in client/x11/main.c:_xim_set_cursor_location() +check if IBusInputContext was disconnected. + rhbz#1795499 rhbz#1936777 SEGV in ibus_bus_get_bus_address() because of no _bus->priv. _changed_cb() should not be called after ibus_bus_destroy() is called. @@ -44,15 +47,16 @@ BUG=rhbz#1771238 BUG=rhbz#1767976 BUG=rhbz#1797120 BUG=rhbz#2151344 +BUG=rhbz#2195895 --- bus/dbusimpl.c | 47 ++++++++++++++++++++++++--- bus/engineproxy.c | 44 +++++++++++++++++++------ - client/x11/main.c | 8 ++++- + client/x11/main.c | 56 ++++++++++++++++++++++++++++---- portal/portal.c | 11 +++++++ src/ibusbus.c | 6 ++++ ui/gtk3/extension.vala | 4 +++ ui/gtk3/switcher.vala | 73 +++++++++++++++++++++++++----------------- - 7 files changed, 148 insertions(+), 45 deletions(-) + 7 files changed, 191 insertions(+), 50 deletions(-) diff --git a/bus/dbusimpl.c b/bus/dbusimpl.c index 59787a80..af2fbde2 100644 @@ -243,7 +247,7 @@ index b3e16066..ba479b59 100644 /* FIXME: set destroy callback ? */ g_task_return_pointer (data->task, engine, NULL); diff --git a/client/x11/main.c b/client/x11/main.c -index 905fd251..1abea0af 100644 +index 83d95cb7..804e40ed 100644 --- a/client/x11/main.c +++ b/client/x11/main.c @@ -45,6 +45,7 @@ @@ -254,7 +258,142 @@ index 905fd251..1abea0af 100644 #include -@@ -1269,7 +1270,12 @@ _atexit_cb () +@@ -69,6 +70,7 @@ typedef struct _X11ICONN X11ICONN; + typedef struct _X11IC X11IC; + struct _X11IC { + IBusInputContext *context; ++ gboolean ibus_connected; + Window client_window; + Window focus_window; + gint32 input_style; +@@ -327,6 +329,18 @@ _xim_store_ic_values (X11IC *x11ic, IMChangeICStruct *call_data) + return 1; + } + ++static void ++ibus_ic_connection_closed_cb (GDBusConnection *connection, ++ gboolean remote_peer_vanished, ++ GError *error, ++ X11IC *x11ic) ++{ ++ /* rhbz#2195895 The moment of the IBusBus disconnection would be ++ * different from the moment of XIM_DISCONNECT. ++ */ ++ x11ic->ibus_connected = FALSE; ++} ++ + + static int + xim_create_ic (XIMS xims, IMChangeICStruct *call_data) +@@ -334,6 +348,7 @@ xim_create_ic (XIMS xims, IMChangeICStruct *call_data) + static int base_icid = 1; + X11IC *x11ic; + guint32 capabilities = IBUS_CAP_FOCUS; ++ GDBusConnection *connection; + + call_data->icid = base_icid ++; + +@@ -345,8 +360,9 @@ xim_create_ic (XIMS xims, IMChangeICStruct *call_data) + + x11ic->icid = call_data->icid; + x11ic->connect_id = call_data->connect_id; +- x11ic->conn = (X11ICONN *)g_hash_table_lookup (_connections, +- GINT_TO_POINTER ((gint) call_data->connect_id)); ++ x11ic->conn = (X11ICONN *)g_hash_table_lookup ( ++ _connections, ++ GINT_TO_POINTER ((gint) call_data->connect_id)); + if (x11ic->conn == NULL) { + g_slice_free (X11IC, x11ic); + g_return_val_if_reached (0); +@@ -376,6 +392,10 @@ xim_create_ic (XIMS xims, IMChangeICStruct *call_data) + G_CALLBACK (_context_enabled_cb), x11ic); + g_signal_connect (x11ic->context, "disabled", + G_CALLBACK (_context_disabled_cb), x11ic); ++ connection = g_dbus_proxy_get_connection (G_DBUS_PROXY (x11ic->context)); ++ x11ic->ibus_connected = !g_dbus_connection_is_closed (connection); ++ g_signal_connect (connection, "closed", ++ G_CALLBACK (ibus_ic_connection_closed_cb), x11ic); + + + if (x11ic->input_style & XIMPreeditCallbacks) +@@ -400,11 +420,19 @@ xim_destroy_ic (XIMS xims, IMChangeICStruct *call_data) + LOG (1, "XIM_DESTROY_IC ic=%d connect_id=%d", + call_data->icid, call_data->connect_id); + +- x11ic = (X11IC *)g_hash_table_lookup (_x11_ic_table, +- GINT_TO_POINTER ((gint) call_data->icid)); ++ x11ic = (X11IC *)g_hash_table_lookup ( ++ _x11_ic_table, ++ GINT_TO_POINTER ((gint) call_data->icid)); + g_return_val_if_fail (x11ic != NULL, 0); + + if (x11ic->context) { ++ GDBusConnection *connection = ++ g_dbus_proxy_get_connection (G_DBUS_PROXY (x11ic->context)); ++ x11ic->ibus_connected = FALSE; ++ g_signal_handlers_disconnect_by_func ( ++ connection, ++ (GCallback)ibus_ic_connection_closed_cb, ++ x11ic); + ibus_proxy_destroy ((IBusProxy *)x11ic->context); + g_object_unref (x11ic->context); + x11ic->context = NULL; +@@ -412,7 +440,8 @@ xim_destroy_ic (XIMS xims, IMChangeICStruct *call_data) + + g_hash_table_remove (_x11_ic_table, + GINT_TO_POINTER ((gint) call_data->icid)); +- x11ic->conn->clients = g_list_remove (x11ic->conn->clients, (gconstpointer)x11ic); ++ x11ic->conn->clients = g_list_remove (x11ic->conn->clients, ++ (gconstpointer)x11ic); + + g_free (x11ic->preedit_string); + x11ic->preedit_string = NULL; +@@ -438,6 +467,8 @@ xim_set_ic_focus (XIMS xims, IMChangeFocusStruct *call_data) + x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table, + GINT_TO_POINTER ((gint) call_data->icid)); + g_return_val_if_fail (x11ic != NULL, 0); ++ if (!x11ic->ibus_connected) ++ return 1; + + ibus_input_context_focus_in (x11ic->context); + _xim_set_cursor_location (x11ic); +@@ -456,6 +487,8 @@ xim_unset_ic_focus (XIMS xims, IMChangeFocusStruct *call_data) + x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table, + GINT_TO_POINTER ((gint) call_data->icid)); + g_return_val_if_fail (x11ic != NULL, 0); ++ if (!x11ic->ibus_connected) ++ return 1; + + ibus_input_context_focus_out (x11ic->context); + +@@ -594,6 +627,8 @@ xim_forward_event (XIMS xims, IMForwardEventStruct *call_data) + x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table, + GINT_TO_POINTER ((gint) call_data->icid)); + g_return_val_if_fail (x11ic != NULL, 0); ++ if (!x11ic->ibus_connected) ++ return 0; + + xevent = (XKeyEvent*) &(call_data->event); + +@@ -836,6 +871,8 @@ _xim_set_cursor_location (X11IC *x11ic) + } + } + ++ if (!x11ic->ibus_connected) ++ return; + ibus_input_context_set_cursor_location (x11ic->context, + preedit_area.x, + preedit_area.y, +@@ -916,6 +953,8 @@ xim_reset_ic (XIMS xims, IMResetICStruct *call_data) + x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table, + GINT_TO_POINTER ((gint) call_data->icid)); + g_return_val_if_fail (x11ic != NULL, 0); ++ if (!x11ic->ibus_connected) ++ return 1; + + ibus_input_context_reset (x11ic->context); + +@@ -1275,7 +1314,12 @@ _atexit_cb () static void _sighandler (int sig) { @@ -434,5 +573,5 @@ index 9400e9ba..2ecbdac1 100644 #if VALA_0_34 seat.ungrab(); -- -2.38.1 +2.40.0 diff --git a/ibus.spec b/ibus.spec index 44b9841..1aeb7f3 100644 --- a/ibus.spec +++ b/ibus.spec @@ -50,7 +50,7 @@ Name: ibus Version: 1.5.28 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Intelligent Input Bus for Linux OS License: LGPL-2.0-or-later URL: https://github.com/ibus/%name/wiki @@ -559,6 +559,9 @@ dconf update || : %{_datadir}/installed-tests/ibus %changelog +* Fri May 26 2023 Takao Fujiwara - 1.5.28-6 +- Resolves: #2195895 ibus_input_context_set_cursor_location(): ibus-x11 SIGSEGV + * Fri May 12 2023 Takao Fujiwara - 1.5.28-5 - Fix cross compiling with gen-internal-compose-table