When I try to call a Java function that takes an array, the method signature is not created corrected, resulting in a crash when invoking the JVM. Java function: public void arrayFunction(String [] array) Correct JNI signature: ([Ljava/lang/String;)V WebKit's generated signature: (L[Ljava/lang/String;;)V presently, jni_utility is handling an array like any other generic java object, and thus wrapping it in a L<generic_object>; GDB trace below: Invalid memory access of location 00000000 eip=9b6833a9 Program received signal: "EXC_BAD_ACCESS". (gdb) where #0 0x9b6833a9 in JVM_MonitorWait () #1 0x9b7072f9 in JVM_IsConstructorIx () #2 0x17434a46 in MethodSwizzle () #3 0x00521120 in KJS::Bindings::dispatchJNICall (targetAppletView=0x2116a80, obj=0x1751043c, isStatic=false, returnType=void_type, methodID=0x0, args=0x1712d7f0, result=@0xbfffedf8, exceptionDescription=@0xbfffedf4) at /Users/dacarson/WebKit/JavaScriptCore/bindings/jni/jni_objc.mm:54 #4 0x00516737 in KJS::Bindings::JavaInstance::invokeMethod (this=0x21497f0, exec=0xbffff130, methodList=@0x1712d7b0, args=@0xbfffef38) at /Users/dacarson/WebKit/JavaScriptCore/bindings/jni/jni_instance.cpp:154 #5 0x0051729b in KJS::RuntimeMethod::callAsFunction (this=0x1712d780, exec=0xbffff130, thisObj=0x170a8160, args=@0xbfffef38) at /Users/dacarson/WebKit/JavaScriptCore/bindings/runtime_method.cpp:89 #6 0x004f8160 in KJS::JSObject::call (this=0x1712d780, exec=0xbffff130, thisObj=0x170a8160, args=@0xbfffef38) at /Users/dacarson/WebKit/JavaScriptCore/kjs/object.cpp:97 #7 0x004edfe7 in KJS::FunctionCallDotNode::evaluate (this=0x1713ad00, exec=0xbffff130) at /Users/dacarson/WebKit/JavaScriptCore/kjs/nodes.cpp:780
Created attachment 12981 [details] Test case. Attachment is a zip file containing HTML and Java class file (with source) that shows the crash.
Repro crash => P1.
<rdar://problem/4981001>
The fix is not as easy as I initially thought. I thought that if I could just separate recognition of Array parameters from generic object parameters, all would be good. There is more to it. Currently the JNI bindings don't know how to generate a Java Array class from a JS Array. Though, the reverse is true, the bindings can generate a JS Array from a Java Array. This is used when the return type is a Java Array.
Created attachment 13016 [details] Patch This patch creates a new internal type, array_type. This patch also handles the creation of Java arrays for the given Java parameter array type and fills it with the Javascript Array content.
Created attachment 13017 [details] updated test case This test case also tests all other Java array types, eg byte[], char[], etc. The previous test case only tested String[].
Comment on attachment 13016 [details] Patch r-
Comment on attachment 13016 [details] Patch Er, I meant, r=me Is there a way to make a test case for this (even a manual test)?
(In reply to comment #8) > (From update of attachment 13016 [details] [edit]) > Er, I meant, r=me > > Is there a way to make a test case for this (even a manual test)? > There is a manual test case attached. I will move it to the WebCore\manual-tests and make it part of the patch.
Created attachment 13083 [details] Now includes manual test Nothing has changed with respect to the code. I have added the test case to the manual-tests and included that as part of the patch, as mjs suggested.
Comment on attachment 13083 [details] Now includes manual test r=me
I am having trouble applying the patch as provided. I am getting an error "svn: 'WebCore/manual-tests/resources/ArrayParameterTestApplet.class' does not exist".
(In reply to comment #12) > I am having trouble applying the patch as provided. I am getting an error > "svn: 'WebCore/manual-tests/resources/ArrayParameterTestApplet.class' does not > exist". Sam, did you use svn-apply to apply the patch? I just noticed a bug in svn-apply that won't apply the binary patch on Attachment 13083 [details] because it doesn't have a blank line after the end of the binary segment.
Dave, yeah, I used svn-apply. Is there easy way for me (or you or anyone) to work around this in the meantime. Like say, just adding the blank line?
Committed revision 19559.