WebKit Crashes JVM when removing nodes from DOM on wrong thread.
Kevin Rushforth
kevin.rushforth at oracle.com
Mon Feb 13 13:41:47 UTC 2023
Yes, please file a bug. An intermittent exception would be one thing,
but it shouldn't actually crash when doing that.
-- Kevin
On 2/12/2023 3:49 PM, Scott Palmer wrote:
> I'm seeing a hard crash in native code that brings down the JVM when I
> accidentally called removeChild on an element from a WebView Document
> while not on the Platform thread. While I know it's my error,
> bringing down the JVM instead of throwing an exception seems wrong.
>
> Should this be considered a bug or not?
>
> Scott
>
> With JavaFX 17:
> Thread 50 Crashed:: Java: ForkJoinPool-1-worker-5
> 0 libjfxwebkit.dylib 0x14fa2ac33
> WTFCrashWithInfo(int, char const*, char const*, int) + 19
> 1 libjfxwebkit.dylib 0x14ea5b60d
> WebCore::TimerBase::setNextFireTime(WTF::MonotonicTime) + 541
> 2 libjfxwebkit.dylib 0x14ee0a513
> WebCore::RenderTreeBuilder::detachFromRenderElement(WebCore::RenderElement&,
> WebCore::RenderObject&, WebCore::RenderTreeBuilder::WillBeDestroyed) + 179
> 3 libjfxwebkit.dylib 0x14ee09fa2
> WebCore::RenderTreeBuilder::Block::detach(WebCore::RenderBlock&,
> WebCore::RenderObject&,
> WebCore::RenderTreeBuilder::CanCollapseAnonymousBlock) + 562
> 4 libjfxwebkit.dylib 0x14ee085ef
> WebCore::RenderTreeBuilder::detach(WebCore::RenderElement&,
> WebCore::RenderObject&,
> WebCore::RenderTreeBuilder::CanCollapseAnonymousBlock) + 543
> 5 libjfxwebkit.dylib 0x14ee082ba
> WebCore::RenderTreeBuilder::destroy(WebCore::RenderObject&) + 58
> 6 libjfxwebkit.dylib 0x14ee0bd57
> WebCore::RenderTreeBuilder::destroyAndCleanUpAnonymousWrappers(WebCore::RenderObject&)
> + 263
> 7 libjfxwebkit.dylib 0x14ee19aae
> WebCore::RenderTreeUpdater::tearDownRenderers(WebCore::Element&,
> WebCore::RenderTreeUpdater::TeardownType,
> WebCore::RenderTreeBuilder&)::$_7::operator()(unsigned int) const + 734
> 8 libjfxwebkit.dylib 0x14ee18c13
> WebCore::RenderTreeUpdater::tearDownRenderers(WebCore::Element&,
> WebCore::RenderTreeUpdater::TeardownType, WebCore::RenderTreeBuilder&)
> + 1171
> 9 libjfxwebkit.dylib 0x14ee196d1
> WebCore::RenderTreeUpdater::tearDownRenderers(WebCore::Element&) + 65
> 10 libjfxwebkit.dylib 0x14e46db9c
> WebCore::ContainerNode::removeBetween(WebCore::Node*, WebCore::Node*,
> WebCore::Node&) + 108
> 11 libjfxwebkit.dylib 0x14e46ad44
> WebCore::ContainerNode::removeChild(WebCore::Node&) + 324
> 12 libjfxwebkit.dylib 0x14e50e24b
> WebCore::Node::removeChild(WebCore::Node&) + 43
> 13 libjfxwebkit.dylib 0x14d98deeb
> Java_com_sun_webkit_dom_NodeImpl_removeChildImpl + 107
> 14 ??? 0x1203e753a ???
> 15 ??? 0x1203e335c ???
> 16 ??? 0x1203e36a2 ???
> 17 ??? 0x1203e342b ???
> 18 ??? 0x1203e342b ???
> 19 ??? 0x1203e388f ???
> 20 ??? 0x1203e342b ???
> 21 ??? 0x1203e3317 ???
> 22 ??? 0x1203e3317 ???
> 23 ??? 0x1203e342b ???
> 24 ??? 0x1203e3317 ???
> 25 ??? 0x1203e342b ???
> 26 ??? 0x1203dacc9 ???
> 27 libjvm.dylib 0x110790af6
> JavaCalls::call_helper(JavaValue*, methodHandle const&,
> JavaCallArguments*, JavaThread*) + 710
> 28 libjvm.dylib 0x11078fb47
> JavaCalls::call_virtual(JavaValue*, Klass*, Symbol*, Symbol*,
> JavaCallArguments*, JavaThread*) + 327
> 29 libjvm.dylib 0x11078fc13
> JavaCalls::call_virtual(JavaValue*, Handle, Klass*, Symbol*, Symbol*,
> JavaThread*) + 99
> 30 libjvm.dylib 0x11083ab94
> thread_entry(JavaThread*, JavaThread*) + 180
> 31 libjvm.dylib 0x110d164af
> JavaThread::thread_main_inner() + 335
> 32 libjvm.dylib 0x110d1481f
> Thread::call_run() + 207
> 33 libjvm.dylib 0x110b1f898
> thread_native_entry(Thread*) + 328
> 34 libsystem_pthread.dylib 0x7ff8062b4259 _pthread_start + 125
> 35 libsystem_pthread.dylib 0x7ff8062afc7b thread_start + 15
>
>
> With JavaFX 19.0.2.1
> Thread 48 Crashed:: Java: ForkJoinPool-1-worker-2
> 0 libjfxwebkit.dylib 0x14f2eb9f3 0x14d0d8000 +
> 35731955
> 1 libjfxwebkit.dylib 0x14e3744a6 0x14d0d8000 +
> 19514534
> 2 libjfxwebkit.dylib 0x14e747d49 0x14d0d8000 +
> 23526729
> 3 libjfxwebkit.dylib 0x14e747798 0x14d0d8000 +
> 23525272
> 4 libjfxwebkit.dylib 0x14e745b7f 0x14d0d8000 +
> 23518079
> 5 libjfxwebkit.dylib 0x14e745837 0x14d0d8000 +
> 23517239
> 6 libjfxwebkit.dylib 0x14e749766 0x14d0d8000 +
> 23533414
> 7 libjfxwebkit.dylib 0x14e757dc1 0x14d0d8000 +
> 23592385
> 8 libjfxwebkit.dylib 0x14e757033 0x14d0d8000 +
> 23588915
> 9 libjfxwebkit.dylib 0x14e757aa1 0x14d0d8000 +
> 23591585
> 10 libjfxwebkit.dylib 0x14dd3a2ec 0x14d0d8000 +
> 12985068
> 11 libjfxwebkit.dylib 0x14dd37344 0x14d0d8000 +
> 12972868
> 12 libjfxwebkit.dylib 0x14dddd01b 0x14d0d8000 +
> 13651995
> 13 libjfxwebkit.dylib 0x14d18841b
> Java_com_sun_webkit_dom_NodeImpl_removeChildImpl + 107
> 14 ??? 0x120a6453a ???
> 15 ??? 0x120a6035c ???
> 16 ??? 0x120a606a2 ???
> 17 ??? 0x120a6042b ???
> 18 ??? 0x120a6042b ???
> 19 ??? 0x120a6088f ???
> 20 ??? 0x120a6042b ???
> 21 ??? 0x120a60317 ???
> 22 ??? 0x120a60317 ???
> 23 ??? 0x120a6042b ???
> 24 ??? 0x120a60317 ???
> 25 ??? 0x120a6042b ???
> 26 ??? 0x120a57cc9 ???
> 27 libjvm.dylib 0x110e0daf6
> JavaCalls::call_helper(JavaValue*, methodHandle const&,
> JavaCallArguments*, JavaThread*) + 710
> 28 libjvm.dylib 0x110e0cb47
> JavaCalls::call_virtual(JavaValue*, Klass*, Symbol*, Symbol*,
> JavaCallArguments*, JavaThread*) + 327
> 29 libjvm.dylib 0x110e0cc13
> JavaCalls::call_virtual(JavaValue*, Handle, Klass*, Symbol*, Symbol*,
> JavaThread*) + 99
> 30 libjvm.dylib 0x110eb7b94
> thread_entry(JavaThread*, JavaThread*) + 180
> 31 libjvm.dylib 0x1113934af
> JavaThread::thread_main_inner() + 335
> 32 libjvm.dylib 0x11139181f
> Thread::call_run() + 207
> 33 libjvm.dylib 0x11119c898
> thread_native_entry(Thread*) + 328
> 34 libsystem_pthread.dylib 0x7ff8062b4259 _pthread_start + 125
> 35 libsystem_pthread.dylib 0x7ff8062afc7b thread_start + 15
More information about the openjfx-dev
mailing list