JDK-8170450 : Crash while loading wordpress.com in HiDPI / Retina display
  • Type: Bug
  • Component: javafx
  • Sub-Component: web
  • Affected Version: 8u112,9
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: x86
  • Submitted: 2016-11-29
  • Updated: 2017-09-07
  • Resolved: 2016-12-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8 JDK 9
8u151Fixed 9Fixed
Related Reports
Relates :  
Relates :  
Description
Steps to reproduce the bug:

Use HiDPI/Retina display system or use -Dglass.win.uiScale=1.5 property

1. Launch HelloWebView application with https://wordpress.com/start/design-type-with-store
2. Click any category like {Fashion/Beauty, Technology, ..}

You should see a corrupted display or crash.

Callstack:  

#0	0x00007fff89637f06 in __pthread_kill ()
#1	0x000000010009b42d in pthread_kill ()
#2	0x00007fff989c66df in abort ()
#3	0x0000000102ded820 in os::abort(bool, void*, void const*) ()
#4	0x0000000102f3ddc4 in VMError::report_and_die(int, char const*, char const*, __va_list_tag*, Thread*, unsigned char*, void*, void*, char const*, int, unsigned long) ()
#5	0x0000000102f3d467 in VMError::report_and_die(Thread*, unsigned int, unsigned char*, void*, void*, char const*, ...) ()
#6	0x0000000102f3de11 in VMError::report_and_die(Thread*, unsigned int, unsigned char*, void*, void*) ()
#7	0x0000000102df27a7 in JVM_handle_bsd_signal ()
#8	0x0000000102def387 in signalHandler(int, __siginfo*, void*) ()
#9	0x00007fff8fe5452a in _sigtramp ()
#10	0x00007fff8fe5706e in _platform_memmove$VARIANT$Haswell ()
#11	0x0000000133b8a7d9 in WebCore::FilterEffect::copyImageBytes(JSC::GenericTypedArrayView<JSC::Uint8ClampedAdaptor>*, JSC::GenericTypedArrayView<JSC::Uint8ClampedAdaptor>*, WebCore::IntRect const&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/graphics/filters/FilterEffect.cpp:298
#12	0x0000000133b89a8e in WebCore::FilterEffect::copyPremultipliedImage(JSC::GenericTypedArrayView<JSC::Uint8ClampedAdaptor>*, WebCore::IntRect const&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/graphics/filters/FilterEffect.cpp:368
#13	0x0000000133b7c6b4 in WebCore::FEGaussianBlur::platformApplySoftware() at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/graphics/filters/FEGaussianBlur.cpp:533
#14	0x0000000133b885a9 in WebCore::FilterEffect::apply() at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/graphics/filters/FilterEffect.cpp:144
#15	0x0000000133c31a9c in WebCore::FilterEffectRenderer::apply() at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/FilterEffectRenderer.cpp:341
#16	0x0000000133c3211e in WebCore::FilterEffectRendererHelper::applyFilterEffect(WebCore::GraphicsContext&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/FilterEffectRenderer.cpp:426
#17	0x0000000133dcd793 in WebCore::RenderLayer::applyFilters(WebCore::FilterEffectRendererHelper*, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo&, WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow, 16ul>&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4189
#18	0x0000000133dcac70 in WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4367
#19	0x0000000133dc9ee5 in WebCore::RenderLayer::paintLayerContentsAndReflection(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3998
#20	0x0000000133dc9d7d in WebCore::RenderLayer::paintLayerByApplyingTransform(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int, WebCore::LayoutSize const&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4429
#21	0x0000000133dc8aec in WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3971
#22	0x0000000133dcf0a4 in WebCore::RenderLayer::paintList(WTF::Vector<WebCore::RenderLayer*, 0ul, WTF::CrashOnOverflow, 16ul>*, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4448
#23	0x0000000133dcab21 in WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4353
#24	0x0000000133dc9ee5 in WebCore::RenderLayer::paintLayerContentsAndReflection(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3998
#25	0x0000000133dc8b53 in WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3980
#26	0x0000000133dcf0a4 in WebCore::RenderLayer::paintList(WTF::Vector<WebCore::RenderLayer*, 0ul, WTF::CrashOnOverflow, 16ul>*, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4448
#27	0x0000000133dcab21 in WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4353
#28	0x0000000133dc9ee5 in WebCore::RenderLayer::paintLayerContentsAndReflection(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3998
#29	0x0000000133dc8b53 in WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3980
#30	0x0000000133dcf0a4 in WebCore::RenderLayer::paintList(WTF::Vector<WebCore::RenderLayer*, 0ul, WTF::CrashOnOverflow, 16ul>*, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4448
#31	0x0000000133dcab21 in WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:4353
#32	0x0000000133dc9ee5 in WebCore::RenderLayer::paintLayerContentsAndReflection(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3998
#33	0x0000000133dc8b53 in WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3980
#34	0x0000000133dc8409 in WebCore::RenderLayer::paint(WebCore::GraphicsContext&, WebCore::LayoutRect const&, WebCore::LayoutSize const&, unsigned int, WebCore::RenderObject*, unsigned int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/rendering/RenderLayer.cpp:3786
#35	0x00000001339550cc in WebCore::FrameView::paintContents(WebCore::GraphicsContext&, WebCore::IntRect const&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/page/FrameView.cpp:4068
#36	0x0000000133a67fc1 in WebCore::ScrollView::paint(WebCore::GraphicsContext&, WebCore::IntRect const&) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/ScrollView.cpp:1232
#37	0x00000001342dca77 in WebCore::WebPage::paint(_jobject*, int, int, int, int) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/java/WebPage.cpp:262
#38	0x00000001342e25b1 in ::Java_com_sun_webkit_WebPage_twkUpdateContent(JNIEnv *, jobject, jlong, jobject, jint, jint, jint, jint) at /Volumes/Works/openjfx-dev/fx9-dev-sandbox/rt/modules/javafx.web/src/main/native/Source/WebCore/platform/java/WebPage.cpp:1559
#39	0x000000010d378db5 in 0x10d378db5 ()
#40	0x000000010d36b443 in 0x10d36b443 ()
#41	0x000000010d36b443 in 0x10d36b443 ()
#42	0x000000010d36b443 in 0x10d36b443 ()
#43	0x000000010e05d6a4 in 0x10e05d6a4 ()
#44	0x0000000102bab1d8 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, Thread*) ()
#45	0x0000000102c246d6 in JVM_DoPrivileged ()
#46	0x0000000114f031b5 in 0x114f031b5 ()
#47	0x000000010e0562ac in 0x10e0562ac ()
#48	0x0000000102bab1d8 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, Thread*) ()
#49	0x0000000102be7390 in jni_invoke_nonstatic(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, Thread*) ()
#50	0x0000000102bea8f4 in jni_CallVoidMethod ()
#51	0x0000000129e8bdfe in -[GlassRunnable run] ()
#52	0x00007fff88a92fde in __NSThreadPerformPerform ()
#53	0x00007fff897b1881 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ ()
#54	0x00007fff89790fbc in __CFRunLoopDoSources0 ()
#55	0x00007fff897904df in __CFRunLoopRun ()
#56	0x00007fff8978fed8 in CFRunLoopRunSpecific ()
#57	0x00007fff8f68f935 in RunCurrentEventLoopInMode ()
#58	0x00007fff8f68f76f in ReceiveNextEventCommon ()
#59	0x00007fff8f68f5af in _BlockUntilNextEventMatchingListInModeWithFilter ()
#60	0x00007fff93636df6 in _DPSNextEvent ()
#61	0x00007fff93636226 in -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] ()
#62	0x00007fff9362ad80 in -[NSApplication run] ()
#63	0x0000000129e8f78f in -[GlassApplication runLoop:] ()
#64	0x00007fff88a92fde in __NSThreadPerformPerform ()
#65	0x00007fff897b1881 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ ()
#66	0x00007fff89790fbc in __CFRunLoopDoSources0 ()
#67	0x00007fff897904df in __CFRunLoopRun ()
#68	0x00007fff8978fed8 in CFRunLoopRunSpecific ()
#69	0x0000000100005cf2 in CreateExecutionEnvironment ()
#70	0x0000000100001fa8 in JLI_Launch ()
#71	0x0000000100001237 in main ()
#72	0x0000000100001114 in start ()

Comments
changeset: 4572b133030f user: arajkumar date: Fri Dec 16 17:07:31 2016 +0530 files: modules/javafx.web/src/main/native/Source/WebCore/platform/graphics/java/ImageBufferJava.cpp description: 8170450: Crash while loading wordpress.com in HiDPI / Retina display Reviewed-by: kcr, ghb, mbilla URL: http://hg.openjdk.java.net/openjfx/9-dev/rt/rev/4572b133030f
16-12-2016

I tested on windows with non integer scale, no crash observed. But as I mentioned in my earlier comment, rendering issues are still observed. I will file a follow-up bug to fix the issue.
13-12-2016

+1
13-12-2016

+1, Do consider to use single 'ASSERT(scaledSourceRect.width() > 0 && scaledSourceRect.height() > 0);' instead of multi line assert.
13-12-2016

I did a quick audit on resolutionScale usage, rest of the places are seems to be fine. [~mbilla], [~ghb], Please take a look.
06-12-2016

Thanks @Kevin, still I'm auditing about the places where resolutionScale being used in WebKit. I will post the details soon.
03-12-2016

Anyway, this fix looks good. I tested it a bit as well on my retina Mac. I haven't yet tested it with a non-integer scale (e.g., my Windows machine is 1.25). I can do that if you like. +1, but please get a second reviewer
03-12-2016

Given that this is the second such bug (after JDK-8165853), what is the likelihood that there other places that still have a similar bug?
30-11-2016

Analysis: While applying a filter, WebCore get's ImageData from ImageDataJava using getPremultipliedImageData method. Our current implementation doesn't considers resolutionScale/pixelScale while returning the data, due to this, unscaled image data is returned to WebCore which leads to crash while accessing. Solution: Similar other WebKit implementations(Apple, GTK), we must scale the given rectangle according the resolutionScale. Fix: http://cr.openjdk.java.net/~arajkumar/8170450/webrev Tested the above patch in OSX with Retina display, I could see some rendering artifacts with the test page[1], but no crash observed. I'm planning to address the rendering artifacts in a different bug. [1] https://wordpress.com/start/design-type-with-store
30-11-2016

Reproducible on windows with -Dglass.win.uiScale=1.5
29-11-2016

resolutionScale need to be considered for ImageBuffer::getPremultipliedImageData and ImageBuffer::getPremultipliedImageData methods as well.
29-11-2016