JDK-6325317 : IE Access Violation running customer's application in plugin
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 5.0u4
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2005-09-16
  • Updated: 2010-08-06
  • Resolved: 2006-08-21
Related Reports
Duplicate :  
JDK-6304225 - IE crashes with b44 libjvm.dll
Description
Customer's application crashes with an unrecoverable IE error in ModName: ntdll.dll

Even though the crash occurs on IE thread it is possible that the crash happens because of memory corruption by plugin and/or JVM. This needs to be investigated.

Here's the exception information with context extracted by windbg :

ExceptionAddress: 77f69d63 (ntdll!RtlDeleteCriticalSection+0x00000051)
  ExceptionCode: c0000005 (Access violation)
 ExceptionFlags: 00000000
NumberParameters: 2
  Parameter[0]: 00000001
  Parameter[1]: 00000000
Attempt to write to address 00000000
0:033> .cxr 0d81d1e8
eax=00000000 ebx=00f0e208 ecx=00000000 edx=77fc4860 esi=10462140 edi=00f3cc40
eip=77f69d63 esp=0d81d4b4 ebp=0d81d4ec iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010202
ntdll!RtlDeleteCriticalSection+0x51:
77f69d63 8908             mov     [eax],ecx         ds:0023:00000000=????????
0:033> kv
 *** Stack trace for last set context - .thread/.cxr resets it
ChildEBP RetAddr  Args to Child             0d81d4ec 00eeaee3 00f0e208 00eea97f 00f0e208 ntdll!RtlDeleteCriticalSection+0x51 (FPO: [Non-Fpo])
WARNING: Stack unwind information not available. Following frames may be wrong.
0d81d50c 00eb0e0b 00000002 00000000 00001128 qaphlpr!DOM_RecordAction+0x285e3
0d81d5a4 70a91ae6 00f3cc40 00000069 70a805dc qaphlpr!DllUnregisterServer+0x2a34
0d81d5d4 70a7a105 00f3cc40 0d81d650 0d81d650 shlwapi!EnumInvokeCallback+0x3b (FPO: [2,0,2])
0d81d5f8 70a7a1c5 00f3cc40 0d81d620 70a805cc shlwapi!EnumConnectionPointSinks+0x6d (FPO: [Non-Fpo])
0d81d640 70a7a2c8 001d5ab0 0d81d650 00000002 shlwapi!IConnectionPoint_InvokeIndirect+0x74 (FPO: [Non-Fpo])
0d81d678 769d9316 001d5ab0 00000069 0d81d6b0 shlwapi!IConnectionPoint_SimpleInvoke+0x25 (FPO: [Non-Fpo])
0d81d6c8 769e3910 00000015 00000000 0023bccc shdocvw!CBaseBrowser2::_NotifyCommandStateChange+0x62 (FPO: [Non-Fpo])
0d81e834 75f8de77 0021a064 00000000 00000015 shdocvw!CBaseBrowser2::Exec+0x16f (FPO: [Non-Fpo])
0d81e860 75f8dd98 0023bccc 00000000 00000015 browseui!CCommonBrowser::Exec+0x89 (FPO: [Non-Fpo])
0d81e8ac 769e45be 0023bccc 00000000 00000015 browseui!CShellBrowser2::Exec+0x3fa (FPO: [Non-Fpo])
0d81e8dc 748c0616 001ed6c8 00000000 00000015 shdocvw!CDocObjectHost::Exec+0xdd (FPO: [Non-Fpo])
0d81e908 748c064b 70a766ad 0021ea68 00010386 mshtml!CDoc::OnUpdateUI+0x67 (FPO: [Non-Fpo])
0d81ea0c 748a883b 00000000 00000113 00001000 mshtml!CDoc::OnWindowMessage+0x6d3 (FPO: [5,60,3])
0d81eb3c 77d43a68 00010386 00000113 00001000 mshtml!CServer::WndProc+0x86 (FPO: [Non-Fpo])
0d81eb68 77d43b37 748a87e1 00010386 00000113 user32!InternalCallWinProc+0x1b
0d81ebd0 77d43d91 00000000 748a87e1 00010386 user32!UserCallWinProcCheckWow+0x150 (FPO: [Non-Fpo])
0d81ec30 77d43df7 0d81ee74 00000000 75f8cbc7 user32!DispatchMessageWorker+0x306 (FPO: [Non-Fpo])
0d81ec3c 75f8cbc7 0d81ee74 00000000 0023bcb0 user32!DispatchMessageW+0xb (FPO: [1,0,0])
0d81ec54 75f8cba5 0d81ee74 0d81ffac 002239c8 browseui!TimedDispatchMessage+0x35 (FPO: [EBP 0x0d81eeac] [1,0,4]) 

Java and Native stacks right after the crash are attached to this report.
Comments
EVALUATION JLE (java licensee engineering) said that once they got the fix for 6304225, they could not reproduce this any longer. Closing this as a duplicate of 6304225.
21-08-2006