-
Bug
-
Resolution: Fixed
-
P3
-
jfx11, 8, jfx17, jfx21
-
b08
-
os_x
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8327576 | jfx22.0.1 | Johan Vos | P3 | Resolved | Fixed | b07 |
| JDK-8327565 | jfx21.0.3 | Johan Vos | P3 | Resolved | Fixed | master |
| JDK-8327666 | jfx17.0.11 | Johan Vos | P3 | Resolved | Fixed | b02 |
| JDK-8327575 | 8u421 | Kevin Rushforth | P3 | Resolved | Fixed | b01 |
The problem is in the native implementation in GlassMenu.m. The invoked `Java_com_sun_glass_ui_mac_MacMenuDelegate__1setCallback` will delete the JNI globalRef to the current `menu->jCallback`, but it does not remove the value of `menu->jCallback` when the new callback is `null`.
When later the `menu` object is released, the `dealloc` method will check if the `menu->jCallback` is null, and if not, it will invoke `env->DeleteGlobalRef` on it.
There is a possibility that in the meantime (between invoking setCallback with an empty callback and deleting the menu) the old value is reused as the result of a next call to env->newGlobalRef, in which case that new globalRef will suddenly become deleted.
This caused a crash in applications where the first globalRef was reused in a submitForLaterInvocation call.
Solution:
set the value of `menu->jCallback` to `null` immediately after invoking `(*env)->DeleteGlobalRef(env, menu->jCallback);` in `Java_com_sun_glass_ui_mac_MacMenuDelegate__1setCallback`
- backported by
-
JDK-8327565 macOS: wrong GlobalRef deleted in GlassMenu
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- links to
-
Commit
openjdk/jfx17u/da5918ff
-
Commit
openjdk/jfx21u/98293abf
-
Commit
openjdk/jfx22u/d70fa5f1
-
Commit
openjdk/jfx/8114559e
-
Review
openjdk/jfx17u/184
-
Review
openjdk/jfx21u/49
-
Review
openjdk/jfx22u/16
-
Review
openjdk/jfx/1388