Uninstalled the extension, crash (with r76217) shortly afterwards

Created attachment 79575 [details] Crash dump from r76217 (Dr. Watson dump) This after uninstalling ClickToFlash extension

STACK_TEXT: 0013f200 027bffde c06d007e 00000000 00000001 kernel32!RaiseException+0x53 WARNING: Stack unwind information not available. Following frames may be wrong. 0013f268 027b9c7b 00000054 0013f224 00000002 WebKit+0x60ffde 0013f374 016bab42 295a3a00 7fe92c4c 03b500d8 WebKit+0x609c7b 0013f378 295a3a00 7fe92c4c 03b500d8 00000000 JavaScriptCore+0x9ab42 0013f37c 7fe92c4c 03b500d8 00000000 0172d648 0x295a3a00 0013f380 03b500d8 00000000 0172d648 7feb3000 0x7fe92c4c 0013f384 00000000 0172d648 7feb3000 03b50038 0x3b500d8

Comment on attachment 79573 [details] Crash dump from r76210 (Dr. Watson dump) This crash is the same as bug 52198.

Comment on attachment 79575 [details] Crash dump from r76217 (Dr. Watson dump) 0:000> !analyze -v ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* *** ERROR: Symbol file could not be found. Defaulted to export symbols for libdispatch.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for QuickTime.qts - *** WARNING: Unable to verify timestamp for AcroRd32.dll *** ERROR: Module load completed but symbols could not be loaded for AcroRd32.dll Unable to load image C:\Program Files\Adobe\Reader 9.0\Reader\ACE.dll, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ACE.dll *** ERROR: Module load completed but symbols could not be loaded for ACE.dll Unable to load image C:\Program Files\Adobe\Reader 9.0\Reader\AGM.dll, Win32 error 0n2 *** WARNING: Unable to verify timestamp for AGM.dll *** ERROR: Module load completed but symbols could not be loaded for AGM.dll Failed calling InternetOpenUrl, GLE=12029 FAULTING_IP: WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+87 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 2225] 025c1507 395110 cmp dword ptr [ecx+10h],edx EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff) ExceptionAddress: 025c1507 (WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+0x00000087) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000000 Parameter[1]: 00000010 Attempt to read from address 00000010 PROCESS_NAME: Safari.exe ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s". EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s". EXCEPTION_PARAMETER1: 00000000 EXCEPTION_PARAMETER2: 00000010 READ_ADDRESS: 00000010 FOLLOWUP_IP: WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+87 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 2225] 025c1507 395110 cmp dword ptr [ecx+10h],edx MOD_LIST: <ANALYSIS/> FAULTING_THREAD: 00001a44 BUGCHECK_STR: APPLICATION_FAULT_NULL_CLASS_PTR_DEREFERENCE_ONE_BIT_INVALID_POINTER_READ PRIMARY_PROBLEM_CLASS: NULL_CLASS_PTR_DEREFERENCE_ONE_BIT DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE_ONE_BIT LAST_CONTROL_TRANSFER: from 025c37b1 to 025c1507 STACK_TEXT: 0013e69c 025c37b1 7e96aa78 7e9db5c0 7ddaced4 WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+0x87 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 2225] 0013e6d0 025c426f 7e96aa78 7e9db5c0 7ddaced4 WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkSelector+0x51 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 2040] 0013e6fc 025c4f84 7e96aa78 0013e7a4 7e58a240 WebKit!WebCore::CSSStyleSelector::checkSelector+0x5f [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 2016] 0013e748 025c556e 7a8ad150 0013e7a4 0013e7a0 WebKit!WebCore::CSSStyleSelector::matchRulesForList+0xb4 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 737] 0013e774 025d1aeb 7fe97880 0013e7a4 0013e7a0 WebKit!WebCore::CSSStyleSelector::matchRules+0x21e [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 709] 0013e7b0 022b9665 0013e7e8 7e9db5c0 ffffffff WebKit!WebCore::CSSStyleSelector::styleForElement+0x63b [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 1358] 0013e7ec 022b1f47 00000004 7fe9c204 7fe9c200 WebKit!WebCore::Element::recalcStyle+0x125 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\dom\element.cpp @ 1004] 0013e80c 02782603 00000000 027693f3 00000000 WebKit!WebCore::Document::recalcStyle+0x167 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\dom\document.cpp @ 1598] 0013e814 027693f3 00000000 7a6e2000 11c9976c WebKit!WebFrame::invalidate+0x23 [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webframe.cpp @ 1105] 0013e894 0276a8cc 00000001 74ad5928 74ad5900 WebKit!WebView::notifyPreferencesChanged+0xd93 [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webview.cpp @ 4817] 0013e8ac 02775ff4 7e9ed25c 11c9976c 749d2000 WebKit!WebView::onNotify+0xdc [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webview.cpp @ 4491] 0013e8d4 027760e8 7a6e2000 75eaa108 7fe9c200 WebKit!WebNotificationCenter::postNotificationInternal+0x84 [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webnotificationcenter.cpp @ 131] 0013e8f0 02771c20 7fe96130 001770dc 7fe9c200 WebKit!WebNotificationCenter::postNotificationName+0x28 [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webnotificationcenter.cpp @ 189] 0013e90c 0276e464 0013e9a8 73a8fb70 00000000 WebKit!WebPreferences::postPreferencesChangesNotification+0x40 [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webpreferences.cpp @ 146] 0013e95c 00cb036c 0020d00c 00000000 00000000 WebKit!WebView::initWithFrame+0x4d4 [c:\cygwin\home\buildbot\slave\win-release\build\source\webkit\win\webview.cpp @ 2662] 0013e9a8 00cb0240 73899a20 73a8fb7c 00bddaf8 Safari_b30000!WebViewControlBase::initializeWebView+0x11c 0013e9b4 00bddaf8 00000000 00bddb97 00100a54 Safari_b30000!WebViewControlBase::onCreate+0x30 0013e9bc 00bddb97 00100a54 00000001 00000000 Safari_b30000!WebViewControlBase::ProcessWindowMessage+0x18 0013e9d8 00c7fb98 00100a54 00000001 00000000 Safari_b30000!WebViewControl::ProcessWindowMessage+0x27 0013ea20 7e418734 73a8fb7c 00000000 00000000 Safari_b30000!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<2147483648,524416> >::WindowProc+0x58 0013ea4c 7e418816 04e61700 00100a54 00000001 user32!InternalCallWinProc+0x28 0013eab4 7e428ea0 00000000 04e61700 00100a54 user32!UserCallWinProcCheckWow+0x150 0013eb08 7e42ce7c 009e2b40 00000001 00000000 user32!DispatchClientMessage+0xa3 0013eb38 7c90e473 0013eb48 00000068 00000068 user32!__fnINLPCREATESTRUCT+0x8b 0013ebac 7e42e389 7e42e34f 00000004 0013f0a0 ntdll!KiUserCallbackDispatcher+0x13 0013f050 7e4269c7 00000004 0013f0a0 0013f0b4 user32!NtUserCreateWindowEx+0xc 0013f128 7e42683e 00000000 009eb890 00000068 user32!InternalCreateDialog+0x929 0013f14c 7e41ea84 00b30000 01267eec 00a40942 user32!CreateDialogIndirectParamAorW+0x33 0013f178 00bf467c 00b30000 000009c6 00a40942 user32!CreateDialogParamW+0x49 0013f190 00bf45ee 00a40942 75c4b780 00bf5527 Safari_b30000!ATL::CDialogImpl<WebViewMetalDialog,ATL::CWindow>::Create+0x7c 0013f19c 00bf5527 00a40942 7e42929a 00000001 Safari_b30000!PreferencePane::createWindow+0xe 0013f1c4 00bf4f6a 7424c870 79f6bea0 00b30000 Safari_b30000!PreferencesDlg::addPage+0x97 0013f1ec 00bf696f 0062086e 00000000 0013f244 Safari_b30000!PreferencesDlg::customInitDialog+0xfa 0013f210 00bf66a0 79f6bea0 0062086e 00000000 Safari_b30000!SafariDialog<PreferencesDlg>::onInitDialog+0x11f 0013f228 00bf6640 00a40942 00000110 0062086e Safari_b30000!SafariDialog<PreferencesDlg>::ProcessWindowMessage+0x30 0013f258 00bf4ac0 00a40942 00000110 0062086e Safari_b30000!MetalDialog<PreferencesDlg>::ProcessWindowMessage+0x60 0013f288 00b8cd69 00a40942 00000110 0062086e Safari_b30000!PreferencesDlg::ProcessWindowMessage+0x330 0013f2d0 7e418734 00000000 00000000 0062086e Safari_b30000!ATL::CDialogImplBaseT<ATL::CWindow>::DialogProc+0x59 0013f2fc 7e423ce4 04e49950 00a40942 00000110 user32!InternalCallWinProc+0x28 0013f368 7e423b30 00000000 04e49950 00a40942 user32!UserCallDlgProcCheckWow+0x146 0013f3b0 7e421d9a 00000000 00000110 0062086e user32!DefDlgProcWorker+0xa8 0013f3e0 7e42651a 00934ab8 00944208 0062086e user32!SendMessageWorker+0x448 0013f498 7e42683e 00000000 00934ab8 0000005c user32!InternalCreateDialog+0x9df 0013f4bc 7e41ea84 00b30000 01267a60 00000000 user32!CreateDialogIndirectParamAorW+0x33 0013f4e8 00bc7e88 00b30000 00000082 00000000 user32!CreateDialogParamW+0x49 0013f504 00bbbce0 0001515e 00b34a03 7e8cd400 Safari_b30000!ATL::CDialogImpl<PreferencesDlg,ATL::CWindow>::Create+0x78 0013f50c 00b34a03 7e8cd400 0001515e 7e8cd400 Safari_b30000!SafariWindow::onShowPrefsDialog+0x40 0013f534 00c7fb98 00090b7e 00000111 0001515e Safari_b30000!SafariWindow::ProcessWindowMessage+0xa73 0013f57c 7e418734 00000000 00000000 0001515e Safari_b30000!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<2147483648,524416> >::WindowProc+0x58 0013f5a8 7e418816 04e550b0 00090b7e 00000111 user32!InternalCallWinProc+0x28 0013f610 7e42a013 00000000 04e550b0 00090b7e user32!UserCallWinProcCheckWow+0x150 0013f640 7e42a039 04e550b0 00090b7e 00000111 user32!CallWindowProcAorW+0x98 0013f660 00bf67d2 04e550b0 00090b7e 00000111 user32!CallWindowProcW+0x1b 0013f6a4 7e418734 00000000 00000111 0001515e Safari_b30000!ATL::CContainedWindowT<WTL::CTabCtrlT<ATL::CWindow>,ATL::CWinTraits<1442840576,0> >::WindowProc+0x82 0013f6d0 7e418816 04e57ba0 00090b7e 00000111 user32!InternalCallWinProc+0x28 0013f738 7e42a013 00000000 04e57ba0 00090b7e user32!UserCallWinProcCheckWow+0x150 0013f768 7e42a039 04e57ba0 00090b7e 00000111 user32!CallWindowProcAorW+0x98 0013f788 025364ec 04e57ba0 00090b7e 00000111 user32!CallWindowProcW+0x1b 0013f7c4 7e418734 00090b7e 00000111 0001515e WebKit!WebCore::WindowMessageBroadcaster::SubclassedWndProc+0xfc [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\platform\win\windowmessagebroadcaster.cpp @ 127] 0013f7f0 7e418816 025363f0 00090b7e 00000111 user32!InternalCallWinProc+0x28 0013f858 7e42a013 00000000 025363f0 00090b7e user32!UserCallWinProcCheckWow+0x150 0013f888 7e42a998 ffff10a5 00090b7e 00000111 user32!CallWindowProcAorW+0x98 0013f8a8 16d37433 ffff10a5 00090b7e 00000111 user32!CallWindowProcA+0x1b WARNING: Stack unwind information not available. Following frames may be wrong. 0013f8cc 7e418734 00090b7e 00000111 0001515e nppdf32+0x7433 0013f8f8 7e418816 16d373a7 00090b7e 00000111 user32!InternalCallWinProc+0x28 0013f960 7e428ea0 00000000 16d373a7 00090b7e user32!UserCallWinProcCheckWow+0x150 0013f9b4 7e428eec 0093db00 00000111 0001515e user32!DispatchClientMessage+0xa3 0013f9dc 7c90e473 0013f9ec 00000018 0093db00 user32!__fnDWORD+0x24 0013fa00 7e42fb07 7e4366c8 00090b7e 03a00a5b ntdll!KiUserCallbackDispatcher+0x13 0013fa18 00b47da3 00090b7e 03a00a5b 0013fc8c user32!NtUserTranslateAccelerator+0xc 0013fa28 00bac037 00000000 7fe90480 0013fcac Safari_b30000!WTL::CFrameWindowImplBase<ATL::CWindow,ATL::CWinTraits<101646336,0> >::PreTranslateMessage+0x13 0013fc58 00b4beb0 00000000 7fe9c2a0 7c80e400 Safari_b30000!RunMessagePump+0x227 0013fcac 00bacb56 0000000a 7c80ae40 00b30000 Safari_b30000!run+0x130 0013fcdc 00bad218 00b30000 000208f8 0000000a Safari_b30000!safariMain+0x5a6 0013fcf0 00401457 00400000 00000000 000208f8 Safari_b30000!safariDLLMain+0x38 0013ff20 0040301c 00000000 289655ee 0040161b Safari!wWinMain+0x217 0013ff44 7c91a2a3 ffffffff 7ffdf000 00000044 Safari!envp 0013ffc0 7c817077 7c91a2a3 ffffffff 7ffdf000 ntdll!RtlpFindAndCommitPages+0xb9 0013fff0 00000000 00401787 00000000 00000000 kernel32!BaseProcessStart+0x23 STACK_COMMAND: ~0s; .ecxr ; kb SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: webkit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+87 FOLLOWUP_NAME: MachineOwner MODULE_NAME: WebKit IMAGE_NAME: WebKit.dll DEBUG_FLR_IMAGE_TIMESTAMP: 4d380373 FAILURE_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE_ONE_BIT_c0000005_WebKit.dll!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector BUCKET_ID: APPLICATION_FAULT_NULL_CLASS_PTR_DEREFERENCE_ONE_BIT_INVALID_POINTER_READ_webkit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+87 WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOne/Safari_exe/5_33_19_4/4cd2131b/WebKit_dll/5_33_0_0/4d380373/c0000005/00411507.htm?Retriage=1 Followup: MachineOwner ---------

(In reply to comment #5) > FAULTING_IP: > WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+87 [c:\cygwin\home\buildbot\slave\win-release\build\source\webcore\css\cssstyleselector.cpp @ 2225] > 025c1507 395110 cmp dword ptr [ecx+10h],edx > > EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff) > ExceptionAddress: 025c1507 (WebKit!WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector+0x00000087) > ExceptionCode: c0000005 (Access violation) > ExceptionFlags: 00000000 > NumberParameters: 2 > Parameter[0]: 00000000 > Parameter[1]: 00000010 > Attempt to read from address 00000010 So this is a null-dereference inside checkOneSelector when opening Safari's preferences.

<rdar://problem/8314060>

Jyrki, are you able to reproduce the second crash?

Hmm, odd, but good if stays this way, could install ClickToFlash in r76334 (from archive), so obviously couldn't reproduce the second.

I've changed from WinXP to Win7 (broken disk, change not necessarily to better, but anyhow), so I am not able to provide any status checks anymore. Generally, however, I saw no repeatable crashes before the (disk & OS) change, so I'd say by me it's ok.

Comment 10 showed that user was not able to reproduce this crash and also AppleWin port is gone and crash logs are from Windows XP and might not be super relevant and only `win-cairo` port is maintained and we don't support plugins so it would be difficult to reproduce this in today's environment. Marking this as 'RESOLVED WONTFIX'.