Details

Id:  AVR:Unallocated 02f.e2d
Description:  Access violation while reading unallocated memory at 0xFF80A90F
Location:  microsoftedgecp.exe!chakra.dll!ThreadContext::PreSweepCallback
Security impact:  Potentially exploitable security issue

Stack

Disassembly

646fc91f cc int 3
chakra!ThreadContext::PreSweepCallback:
646fc920 55 push ebp
646fc921 8bec mov ebp,esp
646fc923 83e4f8 and esp,0FFFFFFF8h
646fc926 51 push ecx
646fc927 53 push ebx
646fc928 56 push esi
646fc929 57 push edi
646fc92a 8bf9 mov edi,ecx
646fc92c 8d9f44070000 lea ebx,[edi+744h]
646fc932 8bf3 mov esi,ebx
646fc934 8b36 mov esi,dword ptr [esi]
646fc936 3bf3 cmp esi,ebx
646fc938 7416 je chakra!ThreadContext::PreSweepCallback+0x30 (646fc950)
chakra!ThreadContext::PreSweepCallback+0x1a:
646fc93a 8b4e08 mov ecx,dword ptr [esi+8] ⇐ instruction pointer
646fc93d ffb1fc020000 push dword ptr [ecx+2FCh]
646fc943 81c14c020000 add ecx,24Ch
646fc949 e8a2680a00 call chakra!Memory::InlineCacheAllocator::ClearCachesWithDeadWeakRefs (647a31f0)
646fc94e ebe4 jmp chakra!ThreadContext::PreSweepCallback+0x14 (646fc934)
646fc950 8bcf mov ecx,edi
646fc952 e8b3130000 call chakra!ThreadContext::ClearIsInstInlineCaches (646fdd0a)
646fc957 8bcf mov ecx,edi
646fc959 e8ecfcffff call chakra!ThreadContext::ClearEquivalentTypeCaches (646fc64a)
646fc95e 8d8f50090000 lea ecx,[edi+950h]
646fc964 e8eae2fdff call chakra!JsUtil::BaseDictionary<int,ProjectionModel::Expr *,Memory::ArenaAllocator,DictionarySizePolicy<PrimePolicy,2,2,1,4>,DefaultComparer,JsUtil::SimpleDictionaryEntry,JsUtil::NoResizeLock>::Clear (646dac53)
646fc969 5f pop edi
646fc96a 5e pop esi
646fc96b 5b pop ebx
646fc96c 8be5 mov esp,ebp
646fc96e 5d pop ebp
646fc96f c3 ret
646fc970 cc int 3

Registers

eax=0c8df924 ebx=646fd064 ecx=646fc920 edx=00000010 esi=ff80a907 edi=646fc920
eip=646fc93a esp=107cca78 ebp=107cca8c iopl=0 nv up ei ng nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010286
fpcw=027F: rn 53 puozdi fpsw=4000: top=0 cc=1000 -------- fptw=FFFF
fopcode=0000 fpip=0000:652333d5 fpdp=0000:107cd71c
st0= 0.000000000000000000000e+0000 st1=-7.490000000000000000000e+0002
st2= 9.999999776482582092290e-0003 st3= 9.999999776482582092290e-0003
st4= 0.000000000000000000000e+0000 st5= 1.000000000000000000000e+0002
st6= 1.000000000000000000000e+0000 st7= 1.000000000000000000000e+0004
mm0=0000000000000000 mm1=bb40000000000000
mm2=a3d70a0000000000 mm3=a3d70a0000000000
mm4=0000000000000000 mm5=c800000000000000
mm6=8000000000000000 mm7=9c40000000000000
xmm0=0 0 0 0
xmm1=0 0 0 0
xmm2=0 0 0 0
xmm3=0 0 0 0
xmm4=0 0 0 0
xmm5=0 0 0 0
xmm6=0 0 0 0
xmm7=0 0 0 0
dr0=00000000 dr1=00000000 dr2=00000000
dr3=00000000 dr6=00000000 dr7=00000000
chakra!ThreadContext::PreSweepCallback+0x1a:
646fc93a 8b4e08 mov ecx,dword ptr [esi+8] ds:0023:ff80a90f=????????

Referenced memory

Memory around address 0xFF80A90F:

ff80a8cf ????????
ff80a8d3 ????????
ff80a8d7 ????????
ff80a8db ????????
ff80a8df ????????
ff80a8e3 ????????
ff80a8e7 ????????
ff80a8eb ????????
ff80a8ef ????????
ff80a8f3 ????????
ff80a8f7 ????????
ff80a8fb ????????
ff80a8ff ????????
ff80a903 ????????
ff80a907 ????????
ff80a90b ????????
ff80a90f ???????? ⇐ referenced
ff80a913 ????????
ff80a917 ????????
ff80a91b ????????
ff80a91f ????????
ff80a923 ????????
ff80a927 ????????
ff80a92b ????????
ff80a92f ????????
ff80a933 ????????
ff80a937 ????????
ff80a93b ????????
ff80a93f ????????
ff80a943 ????????
ff80a947 ????????
ff80a94b ????????

Binary information

chakra.dll

Loaded symbol image file: C:\WINDOWS\SYSTEM32\chakra.dll
Image path: C:\WINDOWS\SYSTEM32\chakra.dll
Image name: chakra.dll
Timestamp: Sat Apr 23 06:03:38 2016 (571AF41A)
CheckSum: 00571A25
ImageSize: 00670000
File version: 11.0.10586.306
Product version: 11.0.10586.306
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
InternalName: chakra.dll
OriginalFilename: chakra.dll
ProductVersion: 11.00.10586.306
FileVersion: 11.00.10586.306 (th2_release_sec.160422-1850)
FileDescription: Microsoft � JScript
LegalCopyright: � Microsoft Corporation. All rights reserved.

microsoftedgecp.exe

Image path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Image name: microsoftedgecp.exe
Timestamp: Tue Nov 24 07:49:28 2015 (56540878)
CheckSum: 00053B24
ImageSize: 0004E000
File version: 11.0.10586.20
Product version: 11.0.10586.20
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft Edge
InternalName: MicrosoftEdgeCP
OriginalFilename: MicrosoftEdgeCP.exe
ProductVersion: 11.00.10586.20
FileVersion: 11.00.10586.20 (th2_release_sec.151123-1940)
FileDescription: Microsoft Edge Content Process
LegalCopyright: � Microsoft Corporation. All rights reserved.

Debugger IO


Microsoft (R) Windows Debugger Version 6.3.9600.16384 X86
Copyright (c) Microsoft Corporation. All rights reserved.

*** wait with pending attach

************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred cache*\\J3\Symbols
Deferred cache*\\server\Symbols
Deferred srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Deferred srv*http://symbols.mozilla.org/firefox
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;cache*\\J3\Symbols;cache*\\server\Symbols;srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com;srv*http://symbols.mozilla.org/firefox
Executable search path is:
ModLoad: 01090000 010a4000 C:\Windows\System32\RuntimeBroker.exe
ModLoad: 775d0000 7774b000 C:\WINDOWS\SYSTEM32\ntdll.dll
ModLoad: 6cc80000 6cce1000 C:\WINDOWS\system32\verifier.dll
ModLoad: 75160000 751f6000 C:\WINDOWS\system32\KERNEL32.DLL
ModLoad: 74460000 745df000 C:\WINDOWS\system32\KERNELBASE.dll
ModLoad: 75a40000 75afe000 C:\WINDOWS\system32\msvcrt.dll
ModLoad: 770e0000 771a2000 C:\WINDOWS\system32\RPCRT4.dll
ModLoad: 772b0000 7746d000 C:\WINDOWS\system32\combase.dll
ModLoad: 747d0000 74828000 C:\WINDOWS\system32\bcryptPrimitives.dll
ModLoad: 74350000 74394000 C:\WINDOWS\system32\powrprof.dll
ModLoad: 74340000 7434c000 C:\WINDOWS\system32\kernel.appcore.dll
ModLoad: 76f10000 76ffb000 C:\WINDOWS\system32\ole32.dll
ModLoad: 75210000 75254000 C:\WINDOWS\system32\sechost.dll
ModLoad: 77470000 775c5000 C:\WINDOWS\system32\GDI32.dll
ModLoad: 75720000 75858000 C:\WINDOWS\system32\USER32.dll
ModLoad: 74e60000 74e8f000 C:\WINDOWS\system32\IMM32.DLL
ModLoad: 74dd0000 74e54000 C:\WINDOWS\system32\clbcatq.dll
ModLoad: 6eb60000 6ece7000 C:\Windows\System32\Windows.UI.Immersive.dll
ModLoad: 759b0000 75a3d000 C:\WINDOWS\system32\shcore.dll
ModLoad: 72100000 7231c000 C:\Windows\System32\ActXPrxy.dll
ModLoad: 6efc0000 6f088000 C:\Windows\System32\WinTypes.dll
ModLoad: 73280000 7334d000 C:\Windows\System32\twinapi.appcore.dll
ModLoad: 742a0000 742bd000 C:\Windows\System32\bcrypt.dll
ModLoad: 6a0f0000 6a191000 C:\Windows\System32\TokenBroker.dll
ModLoad: 750c0000 75152000 C:\WINDOWS\system32\OLEAUT32.dll
ModLoad: 72740000 7274f000 C:\WINDOWS\SYSTEM32\wtsapi32.dll
ModLoad: 6e1c0000 6e1e0000 C:\WINDOWS\System32\IDStore.dll
ModLoad: 77060000 770db000 C:\WINDOWS\system32\advapi32.dll
ModLoad: 726f0000 72703000 C:\WINDOWS\System32\SAMLIB.dll
ModLoad: 6b810000 6b83d000 C:\Windows\System32\usermgrproxy.dll
ModLoad: 6cae0000 6cb01000 C:\Windows\System32\Windows.ApplicationModel.Core.dll
ModLoad: 743b0000 743bf000 C:\WINDOWS\system32\profapi.dll
ModLoad: 73a00000 73a28000 C:\WINDOWS\SYSTEM32\ntmarta.dll
ModLoad: 73c10000 73c29000 C:\Windows\System32\USERENV.dll
ModLoad: 69b00000 69b12000 C:\WINDOWS\SYSTEM32\profext.dll
ModLoad: 74050000 74074000 C:\WINDOWS\system32\SspiCli.dll
ModLoad: 678a0000 678b5000 C:\WINDOWS\SYSTEM32\capauthz.dll
ModLoad: 6ecf0000 6efbb000 C:\Windows\System32\iertutil.dll
ModLoad: 748d0000 74dca000 C:\WINDOWS\system32\windows.storage.dll
ModLoad: 74420000 74457000 C:\WINDOWS\system32\cfgmgr32.dll
ModLoad: 75670000 756b5000 C:\WINDOWS\system32\shlwapi.dll
ModLoad: 69b20000 69b5a000 C:\Windows\System32\vaultcli.dll
ModLoad: 74650000 747c9000 C:\WINDOWS\system32\CRYPT32.dll
ModLoad: 743a0000 743ae000 C:\WINDOWS\system32\MSASN1.dll
ModLoad: 72fc0000 73052000 C:\WINDOWS\system32\apphelp.dll
(17e4.a48): Break instruction exception - code 80000003 (first chance)
eax=002ad000 ebx=00000000 ecx=77691d90 edx=40040110 esi=77691d90 edi=77691d90
eip=77661250 esp=07d5fc5c ebp=07d5fc88 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
ntdll!DbgBreakPoint:
77661250 cc int 3

Create process 6116 breakpoint.
0:007> g
*** wait with pending attach

************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred cache*\\J3\Symbols
Deferred cache*\\server\Symbols
Deferred srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Deferred srv*http://symbols.mozilla.org/firefox
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;cache*\\J3\Symbols;cache*\\server\Symbols;srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com;srv*http://symbols.mozilla.org/firefox
Executable search path is:
ModLoad: 00d30000 00d38000 C:\WINDOWS\system32\browser_broker.exe
ModLoad: 775d0000 7774b000 C:\WINDOWS\SYSTEM32\ntdll.dll
ModLoad: 6cc80000 6cce1000 C:\WINDOWS\system32\verifier.dll
ModLoad: 75160000 751f6000 C:\WINDOWS\system32\KERNEL32.DLL
ModLoad: 74460000 745df000 C:\WINDOWS\system32\KERNELBASE.dll
ModLoad: 75a40000 75afe000 C:\WINDOWS\system32\msvcrt.dll
ModLoad: 772b0000 7746d000 C:\WINDOWS\system32\combase.dll
ModLoad: 770e0000 771a2000 C:\WINDOWS\system32\RPCRT4.dll
ModLoad: 747d0000 74828000 C:\WINDOWS\system32\bcryptPrimitives.dll
ModLoad: 75210000 75254000 C:\WINDOWS\system32\sechost.dll
ModLoad: 75720000 75858000 C:\WINDOWS\system32\user32.dll
ModLoad: 77470000 775c5000 C:\WINDOWS\system32\GDI32.dll
ModLoad: 74e60000 74e8f000 C:\WINDOWS\system32\IMM32.DLL
ModLoad: 74340000 7434c000 C:\WINDOWS\system32\kernel.appcore.dll
ModLoad: 73070000 730e9000 C:\WINDOWS\system32\uxtheme.dll
ModLoad: 6cb40000 6cb57000 C:\WINDOWS\SYSTEM32\browserbroker.dll
ModLoad: 759b0000 75a3d000 C:\WINDOWS\system32\shcore.dll
ModLoad: 750c0000 75152000 C:\WINDOWS\system32\OLEAUT32.dll
ModLoad: 74650000 747c9000 C:\WINDOWS\system32\CRYPT32.dll
ModLoad: 743a0000 743ae000 C:\WINDOWS\system32\MSASN1.dll
ModLoad: 6ecf0000 6efbb000 C:\WINDOWS\SYSTEM32\iertutil.dll
ModLoad: 748d0000 74dca000 C:\WINDOWS\system32\windows.storage.dll
ModLoad: 74420000 74457000 C:\WINDOWS\system32\cfgmgr32.dll
ModLoad: 77060000 770db000 C:\WINDOWS\system32\advapi32.dll
ModLoad: 75670000 756b5000 C:\WINDOWS\system32\shlwapi.dll
ModLoad: 74350000 74394000 C:\WINDOWS\system32\powrprof.dll
ModLoad: 743b0000 743bf000 C:\WINDOWS\system32\profapi.dll
ModLoad: 6bf70000 6c0ec000 C:\WINDOWS\SYSTEM32\urlmon.dll
ModLoad: 715f0000 71606000 C:\WINDOWS\SYSTEM32\MPR.dll
ModLoad: 6a650000 6a878000 C:\WINDOWS\SYSTEM32\WININET.dll
ModLoad: 716f0000 7171d000 C:\WINDOWS\SYSTEM32\XmlLite.dll
ModLoad: 73ac0000 73ac8000 C:\WINDOWS\SYSTEM32\DPAPI.DLL
ModLoad: 74dd0000 74e54000 C:\WINDOWS\system32\clbcatq.dll
ModLoad: 61d00000 61d4f000 C:\Windows\System32\ieproxy.dll
ModLoad: 76f10000 76ffb000 C:\WINDOWS\system32\ole32.dll
ModLoad: 73280000 7334d000 C:\Windows\System32\twinapi.appcore.dll
ModLoad: 742a0000 742bd000 C:\Windows\System32\bcrypt.dll
ModLoad: 74050000 74074000 C:\WINDOWS\SYSTEM32\SspiCli.dll
ModLoad: 75b00000 76efe000 C:\WINDOWS\system32\SHELL32.dll
(10d4.1300): Break instruction exception - code 80000003 (first chance)

Create process 4308 breakpoint.
1:007> g
*** wait with pending attach

************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred cache*\\J3\Symbols
Deferred cache*\\server\Symbols
Deferred srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Deferred srv*http://symbols.mozilla.org/firefox
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;cache*\\J3\Symbols;cache*\\server\Symbols;srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com;srv*http://symbols.mozilla.org/firefox
Executable search path is:
ModLoad: 01040000 0151d000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
ModLoad: 775d0000 7774b000 C:\WINDOWS\SYSTEM32\ntdll.dll
ModLoad: 6cc80000 6cce1000 C:\WINDOWS\system32\verifier.dll
ModLoad: 75160000 751f6000 C:\WINDOWS\system32\KERNEL32.DLL
ModLoad: 74460000 745df000 C:\WINDOWS\system32\KERNELBASE.dll
ModLoad: 72fc0000 73052000 C:\WINDOWS\system32\apphelp.dll
ModLoad: 77060000 770db000 C:\WINDOWS\system32\ADVAPI32.dll
ModLoad: 75a40000 75afe000 C:\WINDOWS\system32\msvcrt.dll
ModLoad: 75210000 75254000 C:\WINDOWS\system32\sechost.dll
ModLoad: 770e0000 771a2000 C:\WINDOWS\system32\RPCRT4.dll
ModLoad: 76f10000 76ffb000 C:\WINDOWS\system32\ole32.dll
ModLoad: 772b0000 7746d000 C:\WINDOWS\system32\combase.dll
ModLoad: 747d0000 74828000 C:\WINDOWS\system32\bcryptPrimitives.dll
ModLoad: 77470000 775c5000 C:\WINDOWS\system32\GDI32.dll
ModLoad: 75720000 75858000 C:\WINDOWS\system32\USER32.dll
ModLoad: 6fe50000 6fe99000 C:\WINDOWS\SYSTEM32\wincorlib.DLL
ModLoad: 750c0000 75152000 C:\WINDOWS\system32\OLEAUT32.dll
ModLoad: 74e60000 74e8f000 C:\WINDOWS\system32\IMM32.DLL
ModLoad: 74340000 7434c000 C:\WINDOWS\system32\kernel.appcore.dll
ModLoad: 6f090000 6fd00000 C:\Windows\System32\Windows.UI.Xaml.dll
ModLoad: 6efc0000 6f088000 C:\WINDOWS\SYSTEM32\wintypes.dll
ModLoad: 72bf0000 72c77000 C:\WINDOWS\SYSTEM32\CoreMessaging.dll
ModLoad: 72320000 72372000 C:\WINDOWS\SYSTEM32\Bcp47Langs.dll
ModLoad: 6ecf0000 6efbb000 C:\WINDOWS\SYSTEM32\iertutil.dll
ModLoad: 759b0000 75a3d000 C:\WINDOWS\system32\shcore.dll
ModLoad: 748d0000 74dca000 C:\WINDOWS\system32\windows.storage.dll
ModLoad: 74420000 74457000 C:\WINDOWS\system32\cfgmgr32.dll
ModLoad: 75670000 756b5000 C:\WINDOWS\system32\shlwapi.dll
ModLoad: 74350000 74394000 C:\WINDOWS\system32\powrprof.dll
ModLoad: 743b0000 743bf000 C:\WINDOWS\system32\profapi.dll
ModLoad: 73280000 7334d000 C:\Windows\System32\twinapi.appcore.dll
ModLoad: 742a0000 742bd000 C:\WINDOWS\SYSTEM32\bcrypt.dll
ModLoad: 6e510000 6e525000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EShims.dll
ModLoad: 73c10000 73c29000 C:\WINDOWS\SYSTEM32\USERENV.dll
ModLoad: 715f0000 71606000 C:\WINDOWS\SYSTEM32\MPR.dll
ModLoad: 615f0000 61a2c000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eModel.dll
ModLoad: 75b00000 76efe000 C:\WINDOWS\system32\SHELL32.dll
ModLoad: 743c0000 7441e000 C:\WINDOWS\system32\firewallapi.dll
ModLoad: 734a0000 734cd000 C:\WINDOWS\SYSTEM32\fwbase.dll
ModLoad: 72100000 7231c000 C:\Windows\System32\ActXPrxy.dll
ModLoad: 73070000 730e9000 C:\WINDOWS\system32\uxtheme.dll
ModLoad: 6a930000 6aaf6000 C:\WINDOWS\system32\CoreUIComponents.dll
ModLoad: 72b10000 72b2d000 C:\WINDOWS\SYSTEM32\dwmapi.dll
ModLoad: 72860000 728e2000 C:\WINDOWS\SYSTEM32\dxgi.dll
ModLoad: 728f0000 72b0a000 C:\WINDOWS\SYSTEM32\d3d11.dll
ModLoad: 71bb0000 71dc8000 C:\WINDOWS\SYSTEM32\d3d10warp.dll
ModLoad: 71720000 71bae000 C:\WINDOWS\SYSTEM32\d2d1.dll
ModLoad: 72c80000 72d34000 C:\Windows\System32\dcomp.dll
ModLoad: 6b5a0000 6b5c9000 C:\Windows\System32\Windows.ApplicationModel.dll
ModLoad: 6c710000 6ca93000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eView.dll
ModLoad: 6bf70000 6c0ec000 C:\WINDOWS\SYSTEM32\urlmon.dll
ModLoad: 6fd80000 6fe50000 C:\Windows\System32\MrmCoreR.dll
ModLoad: 6fd00000 6fd7b000 C:\Windows\System32\Windows.UI.dll
ModLoad: 75890000 759af000 C:\WINDOWS\system32\MSCTF.dll
ModLoad: 69b00000 69b12000 C:\WINDOWS\SYSTEM32\profext.dll
ModLoad: 73a00000 73a28000 C:\WINDOWS\SYSTEM32\ntmarta.dll
ModLoad: 6a650000 6a878000 C:\WINDOWS\SYSTEM32\WININET.dll
ModLoad: 74050000 74074000 C:\WINDOWS\SYSTEM32\SspiCli.dll
ModLoad: 66850000 6685b000 C:\WINDOWS\SYSTEM32\tokenbinding.dll
ModLoad: 75000000 7505f000 C:\WINDOWS\system32\WS2_32.dll
ModLoad: 6bba0000 6bbb2000 C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll
ModLoad: 71620000 7164f000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
ModLoad: 70e40000 70edb000 C:\WINDOWS\SYSTEM32\winhttp.dll
ModLoad: 73d50000 73da0000 C:\WINDOWS\system32\mswsock.dll
ModLoad: 70210000 70218000 C:\WINDOWS\SYSTEM32\WINNSI.DLL
ModLoad: 75200000 75207000 C:\WINDOWS\system32\NSI.dll
ModLoad: 6b100000 6b10f000 C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
ModLoad: 69b60000 69b6c000 C:\WINDOWS\system32\execmodelproxy.dll
ModLoad: 64350000 644cb000 C:\WINDOWS\SYSTEM32\ieapfltr.dll
ModLoad: 73de0000 73df3000 C:\WINDOWS\SYSTEM32\CRYPTSP.dll
ModLoad: 6ddc0000 6de0a000 C:\WINDOWS\SYSTEM32\policymanager.dll
ModLoad: 6dd50000 6ddb5000 C:\WINDOWS\SYSTEM32\msvcp110_win.dll
ModLoad: 716f0000 7171d000 C:\WINDOWS\SYSTEM32\XmlLite.dll
ModLoad: 6e7c0000 6e8f2000 C:\Windows\System32\Windows.Globalization.dll
ModLoad: 6b7d0000 6b804000 C:\WINDOWS\System32\netprofm.dll
ModLoad: 6b6a0000 6b6a9000 C:\WINDOWS\System32\npmproxy.dll
ModLoad: 696a0000 696e1000 C:\WINDOWS\system32\DataExchange.dll
ModLoad: 73ed0000 73eda000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll
ModLoad: 725a0000 726eb000 C:\WINDOWS\SYSTEM32\PROPSYS.dll
ModLoad: 71610000 71620000 C:\WINDOWS\SYSTEM32\wkscli.dll
ModLoad: 70ba0000 70bc8000 C:\WINDOWS\SYSTEM32\netjoin.dll
ModLoad: 73f00000 73f1e000 C:\WINDOWS\SYSTEM32\JoinUtil.dll
ModLoad: 756c0000 7571a000 C:\WINDOWS\system32\coml2.dll
ModLoad: 73940000 7394a000 C:\WINDOWS\SYSTEM32\netutils.dll
ModLoad: 6cb10000 6cb39000 C:\WINDOWS\SYSTEM32\MDMRegistration.DLL
ModLoad: 74650000 747c9000 C:\WINDOWS\system32\CRYPT32.dll
ModLoad: 743a0000 743ae000 C:\WINDOWS\system32\MSASN1.dll
ModLoad: 6da50000 6da63000 C:\WINDOWS\SYSTEM32\DMCmnUtils.dll
ModLoad: 730f0000 73112000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll
ModLoad: 73f70000 73f90000 C:\WINDOWS\SYSTEM32\ncrypt.dll
ModLoad: 73f40000 73f6c000 C:\WINDOWS\SYSTEM32\NTASN1.dll
ModLoad: 731f0000 73274000 C:\WINDOWS\SYSTEM32\DNSAPI.dll
ModLoad: 72770000 72790000 C:\WINDOWS\SYSTEM32\SLC.dll
ModLoad: 72750000 7276d000 C:\WINDOWS\SYSTEM32\sppc.dll
ModLoad: 69fb0000 69fe4000 C:\Windows\System32\execmodelclient.dll
ModLoad: 701c0000 701c8000 C:\Windows\System32\rasadhlp.dll
ModLoad: 70060000 700a7000 C:\WINDOWS\System32\fwpuclnt.dll
ModLoad: 6cae0000 6cb01000 C:\Windows\System32\Windows.ApplicationModel.Core.dll
ModLoad: 6e900000 6eaf1000 C:\WINDOWS\SYSTEM32\dwrite.dll
ModLoad: 666a0000 666ec000 C:\Windows\System32\Windows.Graphics.dll
ModLoad: 660a0000 66333000 C:\WINDOWS\SYSTEM32\msftedit.dll
ModLoad: 72060000 72083000 C:\WINDOWS\SYSTEM32\globinputhost.dll
ModLoad: 67920000 6796d000 C:\WINDOWS\SYSTEM32\NInput.dll
ModLoad: 66350000 66362000 C:\Windows\System32\Windows.Globalization.Fontgroups.dll
ModLoad: 66340000 66349000 C:\WINDOWS\SYSTEM32\fontgroupsoverride.dll
ModLoad: 6cac0000 6cae0000 C:\Windows\System32\Windows.System.Profile.RetailInfo.dll
ModLoad: 69a50000 69ae3000 C:\WINDOWS\system32\twinapi.dll
ModLoad: 733d0000 733ef000 C:\Windows\System32\rmclient.dll
ModLoad: 6e750000 6e7c0000 C:\WINDOWS\system32\directmanipulation.dll
ModLoad: 6de80000 6de91000 C:\Windows\System32\threadpoolwinrt.dll
(109c.1294): Break instruction exception - code 80000003 (first chance)

Create process 4252 breakpoint.
2:051> g
*** wait with pending attach

************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred cache*\\J3\Symbols
Deferred cache*\\server\Symbols
Deferred srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Deferred srv*http://symbols.mozilla.org/firefox
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;cache*\\J3\Symbols;cache*\\server\Symbols;srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com;srv*http://symbols.mozilla.org/firefox
Executable search path is:
ModLoad: 009c0000 00a0e000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
ModLoad: 775d0000 7774b000 C:\WINDOWS\SYSTEM32\ntdll.dll
ModLoad: 6cc80000 6cce1000 C:\WINDOWS\system32\verifier.dll
ModLoad: 75160000 751f6000 C:\WINDOWS\system32\KERNEL32.DLL
ModLoad: 74460000 745df000 C:\WINDOWS\system32\KERNELBASE.dll
ModLoad: 72fc0000 73052000 C:\WINDOWS\system32\apphelp.dll
ModLoad: 77060000 770db000 C:\WINDOWS\system32\ADVAPI32.dll
ModLoad: 75a40000 75afe000 C:\WINDOWS\system32\msvcrt.dll
ModLoad: 75210000 75254000 C:\WINDOWS\system32\sechost.dll
ModLoad: 770e0000 771a2000 C:\WINDOWS\system32\RPCRT4.dll
ModLoad: 759b0000 75a3d000 C:\WINDOWS\system32\shcore.dll
ModLoad: 772b0000 7746d000 C:\WINDOWS\system32\combase.dll
ModLoad: 747d0000 74828000 C:\WINDOWS\system32\bcryptPrimitives.dll
ModLoad: 74600000 74642000 C:\WINDOWS\system32\WINTRUST.dll
ModLoad: 743a0000 743ae000 C:\WINDOWS\system32\MSASN1.dll
ModLoad: 74650000 747c9000 C:\WINDOWS\system32\CRYPT32.dll
ModLoad: 6ecf0000 6efbb000 C:\WINDOWS\SYSTEM32\iertutil.dll
ModLoad: 748d0000 74dca000 C:\WINDOWS\system32\windows.storage.dll
ModLoad: 74420000 74457000 C:\WINDOWS\system32\cfgmgr32.dll
ModLoad: 75670000 756b5000 C:\WINDOWS\system32\shlwapi.dll
ModLoad: 77470000 775c5000 C:\WINDOWS\system32\GDI32.dll
ModLoad: 75720000 75858000 C:\WINDOWS\system32\USER32.dll
ModLoad: 74340000 7434c000 C:\WINDOWS\system32\kernel.appcore.dll
ModLoad: 74350000 74394000 C:\WINDOWS\system32\powrprof.dll
ModLoad: 743b0000 743bf000 C:\WINDOWS\system32\profapi.dll
ModLoad: 74e60000 74e8f000 C:\WINDOWS\system32\IMM32.DLL
ModLoad: 615f0000 61a2c000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EMODEL.dll
ModLoad: 75b00000 76efe000 C:\WINDOWS\system32\SHELL32.dll
ModLoad: 750c0000 75152000 C:\WINDOWS\system32\OLEAUT32.dll
ModLoad: 743c0000 7441e000 C:\WINDOWS\system32\firewallapi.dll
ModLoad: 73c10000 73c29000 C:\WINDOWS\SYSTEM32\USERENV.dll
ModLoad: 734a0000 734cd000 C:\WINDOWS\SYSTEM32\fwbase.dll
ModLoad: 6e510000 6e525000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EShims.dll
ModLoad: 715f0000 71606000 C:\WINDOWS\SYSTEM32\MPR.dll
ModLoad: 76f10000 76ffb000 C:\WINDOWS\system32\ole32.dll
ModLoad: 73070000 730e9000 C:\WINDOWS\system32\uxtheme.dll
ModLoad: 69b00000 69b12000 C:\WINDOWS\SYSTEM32\profext.dll
ModLoad: 73a00000 73a28000 C:\WINDOWS\SYSTEM32\ntmarta.dll
ModLoad: 73280000 7334d000 C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
ModLoad: 742a0000 742bd000 C:\WINDOWS\SYSTEM32\bcrypt.dll
ModLoad: 64bb0000 65d9b000 C:\WINDOWS\SYSTEM32\edgehtml.dll
ModLoad: 73de0000 73df3000 C:\WINDOWS\SYSTEM32\cryptsp.dll
ModLoad: 64540000 64bb0000 C:\WINDOWS\SYSTEM32\chakra.dll
ModLoad: 64500000 64533000 C:\WINDOWS\SYSTEM32\MLANG.dll
ModLoad: 73ed0000 73eda000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL
ModLoad: 6efc0000 6f088000 C:\Windows\System32\WinTypes.dll
ModLoad: 6a650000 6a878000 C:\WINDOWS\SYSTEM32\WININET.dll
ModLoad: 74050000 74074000 C:\WINDOWS\SYSTEM32\SspiCli.dll
ModLoad: 66850000 6685b000 C:\WINDOWS\SYSTEM32\tokenbinding.dll
ModLoad: 75000000 7505f000 C:\WINDOWS\system32\WS2_32.dll
ModLoad: 6bba0000 6bbb2000 C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll
ModLoad: 71620000 7164f000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
ModLoad: 70e40000 70edb000 C:\WINDOWS\SYSTEM32\winhttp.dll
ModLoad: 73d50000 73da0000 C:\WINDOWS\system32\mswsock.dll
ModLoad: 70210000 70218000 C:\WINDOWS\SYSTEM32\WINNSI.DLL
ModLoad: 75200000 75207000 C:\WINDOWS\system32\NSI.dll
ModLoad: 6bf70000 6c0ec000 C:\WINDOWS\SYSTEM32\urlmon.dll
ModLoad: 72b10000 72b2d000 C:\WINDOWS\SYSTEM32\dwmapi.dll
ModLoad: 75890000 759af000 C:\WINDOWS\system32\MSCTF.dll
ModLoad: 64350000 644cb000 C:\WINDOWS\SYSTEM32\ieapfltr.dll
ModLoad: 6ddc0000 6de0a000 C:\WINDOWS\SYSTEM32\policymanager.dll
ModLoad: 6dd50000 6ddb5000 C:\WINDOWS\SYSTEM32\msvcp110_win.dll
(738.458): Break instruction exception - code 80000003 (first chance)

Create process 1848 breakpoint.
3:060> g
*** wait with pending attach

************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*http://msdl.microsoft.com/download/symbols
Deferred cache*\\J3\Symbols
Deferred cache*\\server\Symbols
Deferred srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com
Deferred srv*http://symbols.mozilla.org/firefox
Symbol search path is: srv*http://msdl.microsoft.com/download/symbols;cache*\\J3\Symbols;cache*\\server\Symbols;srv*http://chromium-browser-symsrv.commondatastorage.googleapis.com;srv*http://symbols.mozilla.org/firefox
Executable search path is:
ModLoad: 01390000 0139b000 C:\WINDOWS\system32\ApplicationFrameHost.exe
ModLoad: 775d0000 7774b000 C:\WINDOWS\SYSTEM32\ntdll.dll
ModLoad: 6cc80000 6cce1000 C:\WINDOWS\system32\verifier.dll
ModLoad: 75160000 751f6000 C:\WINDOWS\system32\KERNEL32.DLL
ModLoad: 74460000 745df000 C:\WINDOWS\system32\KERNELBASE.dll
ModLoad: 75a40000 75afe000 C:\WINDOWS\system32\msvcrt.dll
ModLoad: 772b0000 7746d000 C:\WINDOWS\system32\combase.dll
ModLoad: 770e0000 771a2000 C:\WINDOWS\system32\RPCRT4.dll
ModLoad: 747d0000 74828000 C:\WINDOWS\system32\bcryptPrimitives.dll
ModLoad: 74340000 7434c000 C:\WINDOWS\system32\kernel.appcore.dll
ModLoad: 74dd0000 74e54000 C:\WINDOWS\system32\clbcatq.dll
ModLoad: 67c30000 67d31000 C:\WINDOWS\System32\ApplicationFrame.dll
ModLoad: 759b0000 75a3d000 C:\WINDOWS\system32\SHCORE.dll
ModLoad: 75670000 756b5000 C:\WINDOWS\system32\SHLWAPI.dll
ModLoad: 77470000 775c5000 C:\WINDOWS\system32\GDI32.dll
ModLoad: 75720000 75858000 C:\WINDOWS\system32\USER32.dll
ModLoad: 750c0000 75152000 C:\WINDOWS\system32\OLEAUT32.dll
ModLoad: 725a0000 726eb000 C:\WINDOWS\System32\PROPSYS.dll
ModLoad: 75210000 75254000 C:\WINDOWS\system32\sechost.dll
ModLoad: 73280000 7334d000 C:\WINDOWS\System32\twinapi.appcore.dll
ModLoad: 73070000 730e9000 C:\WINDOWS\System32\UxTheme.dll
ModLoad: 730f0000 73112000 C:\WINDOWS\System32\DEVOBJ.dll
ModLoad: 74420000 74457000 C:\WINDOWS\system32\cfgmgr32.dll
ModLoad: 69a50000 69ae3000 C:\WINDOWS\System32\TWINAPI.dll
ModLoad: 71720000 71bae000 C:\WINDOWS\System32\d2d1.dll
ModLoad: 728f0000 72b0a000 C:\WINDOWS\System32\d3d11.dll
ModLoad: 72c80000 72d34000 C:\WINDOWS\System32\dcomp.dll
ModLoad: 72b10000 72b2d000 C:\WINDOWS\System32\dwmapi.dll
ModLoad: 742a0000 742bd000 C:\WINDOWS\System32\bcrypt.dll
ModLoad: 72860000 728e2000 C:\WINDOWS\System32\dxgi.dll
ModLoad: 74e60000 74e8f000 C:\WINDOWS\system32\IMM32.DLL
ModLoad: 72100000 7231c000 C:\Windows\System32\ActXPrxy.dll
ModLoad: 75890000 759af000 C:\WINDOWS\system32\MSCTF.dll
ModLoad: 71bb0000 71dc8000 C:\WINDOWS\system32\D3D10Warp.dll
ModLoad: 6cb60000 6cc7c000 C:\WINDOWS\system32\UIAutomationCore.DLL
ModLoad: 73c10000 73c29000 C:\WINDOWS\system32\USERENV.dll
ModLoad: 743b0000 743bf000 C:\WINDOWS\system32\profapi.dll
ModLoad: 75b00000 76efe000 C:\WINDOWS\system32\SHELL32.dll
ModLoad: 748d0000 74dca000 C:\WINDOWS\system32\windows.storage.dll
ModLoad: 77060000 770db000 C:\WINDOWS\system32\advapi32.dll
ModLoad: 74350000 74394000 C:\WINDOWS\system32\powrprof.dll
ModLoad: 72320000 72372000 C:\WINDOWS\system32\Bcp47Langs.dll
ModLoad: 72410000 72583000 C:\WINDOWS\system32\windowscodecs.dll
ModLoad: 6fd80000 6fe50000 C:\WINDOWS\SYSTEM32\mrmcorer.dll
ModLoad: 6ecf0000 6efbb000 C:\WINDOWS\SYSTEM32\iertutil.dll
ModLoad: 6fd00000 6fd7b000 C:\Windows\System32\Windows.UI.dll
ModLoad: 723d0000 7240f000 C:\WINDOWS\System32\UIAnimation.dll
(c8c.b20): Break instruction exception - code 80000003 (first chance)

Create process 3212 breakpoint.
4:074> g
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(738.1170): Unknown exception - code 00000005 (first chance)
inetcore\apfilter\src\util\unmanaged\core\src\useraccountstore.cpp(48)\ieapfltr.dll!64399176: (caller: 64398D8F) Exception(1) tid(1170) 80040154 Class not registered
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(109c.7f8): Windows Runtime Originate Error - code 40080201 (first chance)
(738.1170): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.

3:086> .lastevent
Last event: 738.1170: Access violation - code c0000005 (first chance)
debugger time: Mon May 16 16:14:17.510 2016 (UTC + 2:00)

3:086> |.
. 3 id: 738 attach name: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe

3:086> .exr -1
ExceptionAddress: 646fc93a (chakra!ThreadContext::PreSweepCallback+0x0000001a)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: ff80a90f
Attempt to read from address ff80a90f

3:086> lm on
start end module name
009c0000 00a0e000 microsoftedgecp microsoftedgecp.exe
615f0000 61a2c000 EMODEL EMODEL.dll
61d00000 61d4f000 ieproxy ieproxy.dll
64350000 644cb000 ieapfltr ieapfltr.dll
644d0000 644de000 msimtf msimtf.dll
644e0000 644fc000 srpapi srpapi.dll
64500000 64533000 MLANG MLANG.dll
64540000 64bb0000 chakra chakra.dll
64bb0000 65d9b000 edgehtml edgehtml.dll
66850000 6685b000 tokenbinding tokenbinding.dll
67920000 6796d000 ninput ninput.dll
696a0000 696e1000 dataexchange dataexchange.dll
69a50000 69ae3000 twinapi twinapi.dll
69b00000 69b12000 profext profext.dll
6a650000 6a878000 WININET WININET.dll
6bba0000 6bbb2000 ondemandconnroutehelper ondemandconnroutehelper.dll
6bf70000 6c0ec000 urlmon urlmon.dll
6cc80000 6cce1000 verifier verifier.dll
6dd50000 6ddb5000 msvcp110_win msvcp110_win.dll
6ddc0000 6de0a000 policymanager policymanager.dll
6e1c0000 6e1e0000 IDStore IDStore.dll
6e510000 6e525000 EShims EShims.dll
6e670000 6e678000 dispex dispex.dll
6e750000 6e7c0000 directmanipulation directmanipulation.dll
6e7c0000 6e8f2000 windows_globalization windows.globalization.dll
6e900000 6eaf1000 DWrite DWrite.dll
6ecf0000 6efbb000 iertutil iertutil.dll
6efc0000 6f088000 WinTypes WinTypes.dll
6fd00000 6fd7b000 Windows_UI Windows.UI.dll
6fd80000 6fe50000 MrmCoreR MrmCoreR.dll
70060000 700a7000 fwpuclnt fwpuclnt.dll
701c0000 701c8000 rasadhlp rasadhlp.dll
70210000 70218000 WINNSI WINNSI.DLL
70e40000 70edb000 winhttp winhttp.dll
715f0000 71606000 MPR MPR.dll
71620000 7164f000 IPHLPAPI IPHLPAPI.DLL
71720000 71bae000 d2d1 d2d1.dll
71bb0000 71dc8000 d3d10warp d3d10warp.dll
72100000 7231c000 ActXPrxy ActXPrxy.dll
72320000 72372000 Bcp47Langs Bcp47Langs.dll
725a0000 726eb000 PROPSYS PROPSYS.dll
726f0000 72703000 SAMLIB SAMLIB.dll
72860000 728e2000 dxgi dxgi.dll
728f0000 72b0a000 d3d11 d3d11.dll
72b10000 72b2d000 dwmapi dwmapi.dll
72c80000 72d34000 dcomp dcomp.dll
72fc0000 73052000 apphelp apphelp.dll
73070000 730e9000 uxtheme uxtheme.dll
731f0000 73274000 DNSAPI DNSAPI.dll
73280000 7334d000 twinapi_appcore twinapi.appcore.dll
733d0000 733ef000 rmclient rmclient.dll
734a0000 734cd000 fwbase fwbase.dll
73970000 7397a000 tbs tbs.dll
73a00000 73a28000 ntmarta ntmarta.dll
73a90000 73abf000 rsaenh rsaenh.dll
73c10000 73c29000 USERENV USERENV.dll
73d50000 73da0000 mswsock mswsock.dll
73de0000 73df3000 cryptsp cryptsp.dll
73ed0000 73eda000 CRYPTBASE CRYPTBASE.DLL
74050000 74074000 SspiCli SspiCli.dll
74210000 74291000 sxs sxs.dll
742a0000 742bd000 bcrypt bcrypt.dll
74340000 7434c000 kernel_appcore kernel.appcore.dll
74350000 74394000 powrprof powrprof.dll
743a0000 743ae000 MSASN1 MSASN1.dll
743b0000 743bf000 profapi profapi.dll
743c0000 7441e000 firewallapi firewallapi.dll
74420000 74457000 cfgmgr32 cfgmgr32.dll
74460000 745df000 KERNELBASE KERNELBASE.dll
74600000 74642000 WINTRUST WINTRUST.dll
74650000 747c9000 CRYPT32 CRYPT32.dll
747d0000 74828000 bcryptPrimitives bcryptPrimitives.dll
748d0000 74dca000 windows_storage windows.storage.dll
74e60000 74e8f000 IMM32 IMM32.DLL
75000000 7505f000 WS2_32 WS2_32.dll
750c0000 75152000 OLEAUT32 OLEAUT32.dll
75160000 751f6000 KERNEL32 KERNEL32.DLL
75200000 75207000 NSI NSI.dll
75210000 75254000 sechost sechost.dll
75670000 756b5000 shlwapi shlwapi.dll
75720000 75858000 USER32 USER32.dll
75890000 759af000 MSCTF MSCTF.dll
759b0000 75a3d000 shcore shcore.dll
75a40000 75afe000 msvcrt msvcrt.dll
75b00000 76efe000 SHELL32 SHELL32.dll
76f10000 76ffb000 ole32 ole32.dll
77060000 770db000 ADVAPI32 ADVAPI32.dll
770e0000 771a2000 RPCRT4 RPCRT4.dll
772b0000 7746d000 combase combase.dll
77470000 775c5000 GDI32 GDI32.dll
775d0000 7774b000 ntdll ntdll.dll

3:086> kn 0x64
# ChildEBP RetAddr
00 107cca8c 6556b069 chakra!ThreadContext::PreSweepCallback+0x1a
01 107ccaa0 65253d90 edgehtml!CBaseScriptable::PrivateQueryInterface+0xc9
02 107ccac4 646afa19 edgehtml!CBaseTypeOperations::QueryObjectInterface+0xc0
03 107ccaec 6472d3cb chakra!Js::CustomExternalObject::QueryObjectInterface+0x39
04 107ccb14 7733c72f chakra!JavascriptDispatch::QueryInterface+0x1cb
05 (Inline) -------- combase!ObtainStdIDFromUnk+0x19 [d:\th\com\combase\dcomrem\stdid.cxx @ 2133]
06 (Inline) -------- combase!StdMarshalObject+0xb2 [d:\th\com\combase\dcomrem\marshal.cxx @ 9570]
07 107ccc1c 7733c053 combase!CDestObjectWrapper::MarshalInterface+0x5ef [d:\th\com\combase\dcomrem\coapi.cxx @ 718]
08 107ccc8c 772bb878 combase!CoMarshalInterface+0x613 [d:\th\com\combase\dcomrem\coapi.cxx @ 1001]
09 107ccd0c 750e4285 combase!WdtpInterfacePointer_UserMarshal+0x68 [d:\th\com\combase\proxy\proxy\transmit.cxx @ 882]
0a 107ccd40 770f0301 OLEAUT32!VARIANT_UserMarshal+0x125
0b 107ccd8c 770f01db RPCRT4!NdrpUserMarshalMarshall+0xae
0c 107ccdb8 770e479a RPCRT4!NdrUserMarshalMarshall+0x8b
0d 107cd200 772bc39e RPCRT4!NdrStubCall2+0x8ea
0e 107cd24c 77316906 combase!CStdStubBuffer_Invoke+0xde [d:\th\com\combase\ndr\ndrole\stub.cxx @ 1446]
0f (Inline) -------- combase!InvokeStubWithExceptionPolicyAndTracing::__l7::<lambda_adf5d6ba83bff890864fd80ca2bbf1eb>::operator()+0x1c [d:\th\com\combase\dcomrem\channelb.cxx @ 1805]
10 107cd2a0 77318ae7 combase!ObjectMethodExceptionHandlingAction<<lambda_adf5d6ba83bff890864fd80ca2bbf1eb> >+0x76 [d:\th\com\combase\dcomrem\excepn.hxx @ 91]
11 (Inline) -------- combase!InvokeStubWithExceptionPolicyAndTracing+0x8e [d:\th\com\combase\dcomrem\channelb.cxx @ 1808]
12 107cd3c4 7731dd91 combase!DefaultStubInvoke+0x207 [d:\th\com\combase\dcomrem\channelb.cxx @ 1880]
13 (Inline) -------- combase!SyncStubCall::Invoke+0x22 [d:\th\com\combase\dcomrem\channelb.cxx @ 1934]
14 (Inline) -------- combase!SyncServerCall::StubInvoke+0x22 [d:\th\com\combase\dcomrem\servercall.hpp @ 736]
15 (Inline) -------- combase!StubInvoke+0x1d7 [d:\th\com\combase\dcomrem\channelb.cxx @ 2154]
16 107cd504 773218b0 combase!ServerCall::ContextInvoke+0x381 [d:\th\com\combase\dcomrem\ctxchnl.cxx @ 1568]
17 (Inline) -------- combase!CServerChannel::ContextInvoke+0x8b [d:\th\com\combase\dcomrem\ctxchnl.cxx @ 1458]
18 (Inline) -------- combase!DefaultInvokeInApartment+0xc5 [d:\th\com\combase\dcomrem\callctrl.cxx @ 3438]
19 (Inline) -------- combase!ClassicSTAInvokeInApartment+0x186 [d:\th\com\combase\dcomrem\callctrl.cxx @ 3202]
1a 107cd5fc 7731ae45 combase!AppInvoke+0x410 [d:\th\com\combase\dcomrem\channelb.cxx @ 1606]
1b 107cd9b4 773227c6 combase!ComInvokeWithLockAndIPID+0x625 [d:\th\com\combase\dcomrem\channelb.cxx @ 2686]
1c (Inline) -------- combase!ComInvoke+0x1f1 [d:\th\com\combase\dcomrem\channelb.cxx @ 2223]
1d (Inline) -------- combase!ThreadDispatch+0x25a [d:\th\com\combase\dcomrem\chancont.cxx @ 414]
1e 107cda88 75755d93 combase!ThreadWndProc+0x426 [d:\th\com\combase\dcomrem\chancont.cxx @ 722]
1f 107cdab4 75739f3a USER32!_InternalCallWinProc+0x2b
20 107cdb4c 75739a80 USER32!UserCallWinProcCheckWow+0x1aa
21 107cdbac 757398d0 USER32!DispatchMessageWorker+0x1a0
22 107cdbb8 6168a62d USER32!DispatchMessageW+0x10
23 107cfd58 61689e13 EMODEL!CTabWindow::_TabWindowThreadProc+0x54d
24 107cfe28 6eef1e7c EMODEL!LCIETab_ThreadProc+0x2f3
25 107cfe40 751795f4 iertutil!_IsoThreadProc_WrapperToReleaseScope+0x1c
26 107cfe54 775f241a KERNEL32!BaseThreadInitThunk+0x24
27 107cfe9c 775f23e9 ntdll!__RtlUserThreadStart+0x2b
28 107cfeac 00000000 ntdll!_RtlUserThreadStart+0x1b

3:086> .exr -1
ExceptionAddress: 646fc93a (chakra!ThreadContext::PreSweepCallback+0x0000001a)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: ff80a90f
Attempt to read from address ff80a90f

3:086> !heap -p -a 0xFF80A90F
ReadMemory error for address 28a8be42
Use `!address 28a8be42' to check validity of the address.
ReadMemory error for address 28b6be42
Use `!address 28b6be42' to check validity of the address.
ReadMemory error for address 2c44be42
Use `!address 2c44be42' to check validity of the address.
ReadMemory error for address 2c43be42
Use `!address 2c43be42' to check validity of the address.
ReadMemory error for address 22a4be42
Use `!address 22a4be42' to check validity of the address.


3:086> !vprot 0xFF80A90F
ERROR: !vprot: extension exception 0x80004002.
"QueryVirtual failed"

3:086> .if ($vvalid(@$scopeip - 138, 138)) { u @$scopeip - 138 @$scopeip - 1; };
chakra!ThreadContext::CollectionCallBack+0x1c:
646fc802 e55d in eax,5Dh
646fc804 c20400 ret 4
646fc807 8b7308 mov esi,dword ptr [ebx+8]
646fc80a 8bfc mov edi,esp
646fc80c ff7508 push dword ptr [ebp+8]
646fc80f 8bce mov ecx,esi
646fc811 ff730c push dword ptr [ebx+0Ch]
646fc814 ff15d0f4b564 call dword ptr [chakra!__guard_check_icall_fptr (64b5f4d0)]
646fc81a ffd6 call esi
646fc81c 59 pop ecx
646fc81d 59 pop ecx
646fc81e 3bfc cmp edi,esp
646fc820 7407 je chakra!ThreadContext::CollectionCallBack+0x43 (646fc829)
646fc822 b904000000 mov ecx,4
646fc827 cd29 int 29h
646fc829 8b45fc mov eax,dword ptr [ebp-4]
646fc82c ebca jmp chakra!ThreadContext::CollectionCallBack+0x12 (646fc7f8)
646fc82e cc int 3
646fc82f cc int 3
646fc830 cc int 3
646fc831 cc int 3
646fc832 cc int 3
646fc833 cc int 3
646fc834 cc int 3
646fc835 cc int 3
646fc836 cc int 3
646fc837 cc int 3
646fc838 cc int 3
646fc839 cc int 3
646fc83a cc int 3
646fc83b cc int 3
646fc83c cc int 3
646fc83d cc int 3
646fc83e cc int 3
646fc83f cc int 3
chakra!ThreadContext::WaitCollectionCallBack:
646fc840 6a04 push 4
646fc842 b868738064 mov eax,offset chakra!UnifiedRegex::AltNode::IsCharTrieArm+0x148 (64807368)
646fc847 e8e29d0e00 call chakra!_EH_prolog3 (647e662e)
646fc84c 8bf9 mov edi,ecx
646fc84e 80bf1c08000000 cmp byte ptr [edi+81Ch],0
646fc855 7428 je chakra!ThreadContext::WaitCollectionCallBack+0x3f (646fc87f)
646fc857 8db704080000 lea esi,[edi+804h]
646fc85d 56 push esi
646fc85e 8975f0 mov dword ptr [ebp-10h],esi
646fc861 ff1574f2b564 call dword ptr [chakra!_imp__EnterCriticalSection (64b5f274)]
646fc867 8365fc00 and dword ptr [ebp-4],0
646fc86b 8bcf mov ecx,edi
646fc86d 6a04 push 4
646fc86f e872ffffff call chakra!ThreadContext::CollectionCallBack (646fc7e6)
646fc874 834dfcff or dword ptr [ebp-4],0FFFFFFFFh
646fc878 56 push esi
646fc879 ff1594f2b564 call dword ptr [chakra!_imp__LeaveCriticalSection (64b5f294)]
646fc87f e8699d0e00 call chakra!_EH_epilog3 (647e65ed)
646fc884 c3 ret
646fc885 cc int 3
646fc886 cc int 3
646fc887 cc int 3
646fc888 cc int 3
646fc889 cc int 3
646fc88a cc int 3
646fc88b cc int 3
646fc88c cc int 3
646fc88d cc int 3
646fc88e cc int 3
646fc88f cc int 3
chakra!ThreadContext::PreCollectionCallBack:
646fc890 55 push ebp
646fc891 8bec mov ebp,esp
646fc893 83e4f8 and esp,0FFFFFFF8h
646fc896 51 push ecx
646fc897 53 push ebx
646fc898 8bd9 mov ebx,ecx
646fc89a 56 push esi
646fc89b 57 push edi
646fc89c 8dbb44070000 lea edi,[ebx+744h]
646fc8a2 8bf7 mov esi,edi
646fc8a4 8b36 mov esi,dword ptr [esi]
646fc8a6 3bf7 cmp esi,edi
646fc8a8 740a je chakra!ThreadContext::PreCollectionCallBack+0x24 (646fc8b4)
646fc8aa 8b4e08 mov ecx,dword ptr [esi+8]
646fc8ad e889daf9ff call chakra!Js::ScriptContext::ClearScriptContextCaches (6469a33b)
646fc8b2 ebf0 jmp chakra!ThreadContext::PreCollectionCallBack+0x14 (646fc8a4)
646fc8b4 8bcb mov ecx,ebx
646fc8b6 e8abfaffff call chakra!ThreadContext::ClearPrototypeChainEnsuredToHaveOnlyWritableDataPropertiesCaches (646fc366)
646fc8bb 8b8bf8030000 mov ecx,dword ptr [ebx+3F8h]
646fc8c1 85c9 test ecx,ecx
646fc8c3 0f8517e31400 jne chakra!ThreadContext::PreCollectionCallBack+0x14e350 (6484abe0)
646fc8c9 8bcb mov ecx,ebx
646fc8cb e83efeffff call chakra!ThreadContext::TryEnterExpirableCollectMode (646fc70e)
646fc8d0 8b7508 mov esi,dword ptr [ebp+8]
646fc8d3 8bfe mov edi,esi
646fc8d5 81e700000010 and edi,10000000h
646fc8db 81e600000008 and esi,8000000h
646fc8e1 750f jne chakra!ThreadContext::PreCollectionCallBack+0x62 (646fc8f2)
646fc8e3 8b8b60060000 mov ecx,dword ptr [ebx+660h]
646fc8e9 85c9 test ecx,ecx
646fc8eb 7405 je chakra!ThreadContext::PreCollectionCallBack+0x62 (646fc8f2)
646fc8ed e834b30d00 call chakra!CodeGenNumberThreadAllocator::Integrate (647d7c26)
646fc8f2 f7df neg edi
646fc8f4 8bcb mov ecx,ebx
646fc8f6 1bff sbb edi,edi
646fc8f8 83e710 and edi,10h
646fc8fb 47 inc edi
646fc8fc f7de neg esi
646fc8fe 1bf6 sbb esi,esi
646fc900 83e620 and esi,20h
646fc903 46 inc esi
646fc904 0bf7 or esi,edi
646fc906 56 push esi
646fc907 e8dafeffff call chakra!ThreadContext::CollectionCallBack (646fc7e6)
646fc90c 5f pop edi
646fc90d 5e pop esi
646fc90e 5b pop ebx
646fc90f 8be5 mov esp,ebp
646fc911 5d pop ebp
646fc912 c20400 ret 4
646fc915 cc int 3
646fc916 cc int 3
646fc917 cc int 3
646fc918 cc int 3
646fc919 cc int 3
646fc91a cc int 3
646fc91b cc int 3
646fc91c cc int 3
646fc91d cc int 3
646fc91e cc int 3
646fc91f cc int 3
chakra!ThreadContext::PreSweepCallback:
646fc920 55 push ebp
646fc921 8bec mov ebp,esp
646fc923 83e4f8 and esp,0FFFFFFF8h
646fc926 51 push ecx
646fc927 53 push ebx
646fc928 56 push esi
646fc929 57 push edi
646fc92a 8bf9 mov edi,ecx
646fc92c 8d9f44070000 lea ebx,[edi+744h]
646fc932 8bf3 mov esi,ebx
646fc934 8b36 mov esi,dword ptr [esi]
646fc936 3bf3 cmp esi,ebx
646fc938 7416 je chakra!ThreadContext::PreSweepCallback+0x30 (646fc950)

3:086> .if ($vvalid(@$scopeip, 138)) { u @$scopeip @$scopeip + 137; };
chakra!ThreadContext::PreSweepCallback+0x1a:
646fc93a 8b4e08 mov ecx,dword ptr [esi+8]
646fc93d ffb1fc020000 push dword ptr [ecx+2FCh]
646fc943 81c14c020000 add ecx,24Ch
646fc949 e8a2680a00 call chakra!Memory::InlineCacheAllocator::ClearCachesWithDeadWeakRefs (647a31f0)
646fc94e ebe4 jmp chakra!ThreadContext::PreSweepCallback+0x14 (646fc934)
646fc950 8bcf mov ecx,edi
646fc952 e8b3130000 call chakra!ThreadContext::ClearIsInstInlineCaches (646fdd0a)
646fc957 8bcf mov ecx,edi
646fc959 e8ecfcffff call chakra!ThreadContext::ClearEquivalentTypeCaches (646fc64a)
646fc95e 8d8f50090000 lea ecx,[edi+950h]
646fc964 e8eae2fdff call chakra!JsUtil::BaseDictionary<int,ProjectionModel::Expr *,Memory::ArenaAllocator,DictionarySizePolicy<PrimePolicy,2,2,1,4>,DefaultComparer,JsUtil::SimpleDictionaryEntry,JsUtil::NoResizeLock>::Clear (646dac53)
646fc969 5f pop edi
646fc96a 5e pop esi
646fc96b 5b pop ebx
646fc96c 8be5 mov esp,ebp
646fc96e 5d pop ebp
646fc96f c3 ret
646fc970 cc int 3
646fc971 cc int 3
646fc972 cc int 3
646fc973 cc int 3
646fc974 cc int 3
chakra!ThreadContext::ClosePendingScriptContexts:
646fc975 51 push ecx
646fc976 56 push esi
646fc977 57 push edi
646fc978 8bf9 mov edi,ecx
646fc97a 8b8ffc030000 mov ecx,dword ptr [edi+3FCh]
646fc980 85c9 test ecx,ecx
646fc982 7504 jne chakra!ThreadContext::ClosePendingScriptContexts+0x13 (646fc988)
646fc984 5f pop edi
646fc985 5e pop esi
646fc986 59 pop ecx
646fc987 c3 ret
646fc988 8bb1bc050000 mov esi,dword ptr [ecx+5BCh]
646fc98e 6a00 push 0
646fc990 e8313ef2ff call chakra!Js::ScriptContext::Close (646207c6)
646fc995 8bce mov ecx,esi
646fc997 85f6 test esi,esi
646fc999 75ed jne chakra!ThreadContext::ClosePendingScriptContexts+0x13 (646fc988)
646fc99b 21b7fc030000 and dword ptr [edi+3FCh],esi
646fc9a1 ebe1 jmp chakra!ThreadContext::ClosePendingScriptContexts+0xf (646fc984)
646fc9a3 cc int 3
646fc9a4 cc int 3
646fc9a5 cc int 3
646fc9a6 cc int 3
646fc9a7 cc int 3
chakra!ThreadContext::RegisterCodeGenRecyclableData:
646fc9a8 55 push ebp
646fc9a9 8bec mov ebp,esp
646fc9ab 8b9164060000 mov edx,dword ptr [ecx+664h]
646fc9b1 8b4d08 mov ecx,dword ptr [ebp+8]
646fc9b4 8b8200010000 mov eax,dword ptr [edx+100h]
646fc9ba 83610400 and dword ptr [ecx+4],0
646fc9be 8901 mov dword ptr [ecx],eax
646fc9c0 898a00010000 mov dword ptr [edx+100h],ecx
646fc9c6 8b01 mov eax,dword ptr [ecx]
646fc9c8 85c0 test eax,eax
646fc9ca 7407 je chakra!ThreadContext::RegisterCodeGenRecyclableData+0x2b (646fc9d3)
646fc9cc 894804 mov dword ptr [eax+4],ecx
646fc9cf 5d pop ebp
646fc9d0 c20400 ret 4
646fc9d3 898afc000000 mov dword ptr [edx+0FCh],ecx
646fc9d9 ebf4 jmp chakra!ThreadContext::RegisterCodeGenRecyclableData+0x27 (646fc9cf)
646fc9db cc int 3
646fc9dc cc int 3
646fc9dd cc int 3
646fc9de cc int 3
646fc9df cc int 3
chakra!ThreadContext::UnregisterCodeGenRecyclableData:
646fc9e0 55 push ebp
646fc9e1 8bec mov ebp,esp
646fc9e3 8b9164060000 mov edx,dword ptr [ecx+664h]
646fc9e9 85d2 test edx,edx
646fc9eb 741f je chakra!ThreadContext::UnregisterCodeGenRecyclableData+0x2c (646fca0c)
646fc9ed 8b4d08 mov ecx,dword ptr [ebp+8]
646fc9f0 56 push esi
646fc9f1 8b31 mov esi,dword ptr [ecx]
646fc9f3 8b4104 mov eax,dword ptr [ecx+4]
646fc9f6 85f6 test esi,esi
646fc9f8 751e jne chakra!ThreadContext::UnregisterCodeGenRecyclableData+0x38 (646fca18)
646fc9fa 8982fc000000 mov dword ptr [edx+0FCh],eax
646fca00 8b7104 mov esi,dword ptr [ecx+4]
646fca03 8b01 mov eax,dword ptr [ecx]
646fca05 85f6 test esi,esi
646fca07 7407 je chakra!ThreadContext::UnregisterCodeGenRecyclableData+0x30 (646fca10)
646fca09 8906 mov dword ptr [esi],eax
646fca0b 5e pop esi
646fca0c 5d pop ebp
646fca0d c20400 ret 4
646fca10 898200010000 mov dword ptr [edx+100h],eax
646fca16 ebf3 jmp chakra!ThreadContext::UnregisterCodeGenRecyclableData+0x2b (646fca0b)
646fca18 894604 mov dword ptr [esi+4],eax
646fca1b ebe3 jmp chakra!ThreadContext::UnregisterCodeGenRecyclableData+0x20 (646fca00)
646fca1d cc int 3
646fca1e cc int 3
646fca1f cc int 3
646fca20 cc int 3
646fca21 cc int 3
chakra!ThreadContext::BindPropertyRecord:
646fca22 55 push ebp
646fca23 8bec mov ebp,esp
646fca25 56 push esi
646fca26 8b7508 mov esi,dword ptr [ebp+8]
646fca29 807e0d00 cmp byte ptr [esi+0Dh],0
646fca2d 7405 je chakra!ThreadContext::BindPropertyRecord+0x12 (646fca34)
646fca2f 5e pop esi
646fca30 5d pop ebp
646fca31 c20400 ret 4
646fca34 8b8964060000 mov ecx,dword ptr [ecx+664h]
646fca3a 8d4508 lea eax,[ebp+8]
646fca3d 50 push eax
646fca3e 8b89f4000000 mov ecx,dword ptr [ecx+0F4h]
646fca44 e849b50d00 call chakra!JsUtil::List<Js::PropertyRecord const *,Memory::Recycler,0,Js::CopyRemovePolicy,DefaultComparer>::Add (647d7f92)
646fca49 c6460d01 mov byte ptr [esi+0Dh],1
646fca4d ebe0 jmp chakra!ThreadContext::BindPropertyRecord+0xd (646fca2f)
646fca4f cc int 3
646fca50 cc int 3
646fca51 cc int 3
646fca52 cc int 3
646fca53 cc int 3
646fca54 cc int 3
646fca55 cc int 3
646fca56 cc int 3
646fca57 cc int 3
646fca58 cc int 3
646fca59 cc int 3
646fca5a cc int 3
646fca5b cc int 3
646fca5c cc int 3
646fca5d cc int 3
646fca5e cc int 3
646fca5f cc int 3
chakra!ThreadContext::UncheckedAddPropertyId:
646fca60 55 push ebp
646fca61 8bec mov ebp,esp
646fca63 83e4f8 and esp,0FFFFFFF8h
646fca66 83ec24 sub esp,24h
646fca69 8bc1 mov eax,ecx
646fca6b 53 push ebx
646fca6c 56 push esi
646fca6d 57 push edi
646fca6e 8b88f4030000 mov ecx,dword ptr [eax+3F4h]

3:086> rM 0x7D
eax=0c8df924 ebx=646fd064 ecx=646fc920 edx=00000010 esi=ff80a907 edi=646fc920
eip=646fc93a esp=107cca78 ebp=107cca8c iopl=0 nv up ei ng nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010286
fpcw=027F: rn 53 puozdi fpsw=4000: top=0 cc=1000 -------- fptw=FFFF
fopcode=0000 fpip=0000:652333d5 fpdp=0000:107cd71c
st0= 0.000000000000000000000e+0000 st1=-7.490000000000000000000e+0002
st2= 9.999999776482582092290e-0003 st3= 9.999999776482582092290e-0003
st4= 0.000000000000000000000e+0000 st5= 1.000000000000000000000e+0002
st6= 1.000000000000000000000e+0000 st7= 1.000000000000000000000e+0004
mm0=0000000000000000 mm1=bb40000000000000
mm2=a3d70a0000000000 mm3=a3d70a0000000000
mm4=0000000000000000 mm5=c800000000000000
mm6=8000000000000000 mm7=9c40000000000000
xmm0=0 0 0 0
xmm1=0 0 0 0
xmm2=0 0 0 0
xmm3=0 0 0 0
xmm4=0 0 0 0
xmm5=0 0 0 0
xmm6=0 0 0 0
xmm7=0 0 0 0
dr0=00000000 dr1=00000000 dr2=00000000
dr3=00000000 dr6=00000000 dr7=00000000
chakra!ThreadContext::PreSweepCallback+0x1a:
646fc93a 8b4e08 mov ecx,dword ptr [esi+8] ds:0023:ff80a90f=????????

3:086> dpp @$ea - 10*$ptrsize L10;
ff80a8cf ????????
ff80a8d3 ????????
ff80a8d7 ????????
ff80a8db ????????
ff80a8df ????????
ff80a8e3 ????????
ff80a8e7 ????????
ff80a8eb ????????
ff80a8ef ????????
ff80a8f3 ????????
ff80a8f7 ????????
ff80a8fb ????????
ff80a8ff ????????
ff80a903 ????????
ff80a907 ????????
ff80a90b ????????

3:086> dpp @$ea L10;
ff80a90f ????????
ff80a913 ????????
ff80a917 ????????
ff80a91b ????????
ff80a91f ????????
ff80a923 ????????
ff80a927 ????????
ff80a92b ????????
ff80a92f ????????
ff80a933 ????????
ff80a937 ????????
ff80a93b ????????
ff80a93f ????????
ff80a943 ????????
ff80a947 ????????
ff80a94b ????????

3:086> dpp @$ea2 - 10*$ptrsize L10;
Bad register error at '@$ea2 - 10*$ptrsize '

3:086> lm M *microsoftedgecp.exe
start end module name
009c0000 00a0e000 microsoftedgecp (deferred)

3:086> lmv m *chakra
start end module name
64540000 64bb0000 chakra (pdb symbols) \\j3\symbols\chakra.pdb\75FB00ABF6A84E75929330E4E9266BCD1\chakra.pdb
Loaded symbol image file: C:\WINDOWS\SYSTEM32\chakra.dll
Image path: C:\WINDOWS\SYSTEM32\chakra.dll
Image name: chakra.dll
Timestamp: Sat Apr 23 06:03:38 2016 (571AF41A)
CheckSum: 00571A25
ImageSize: 00670000
File version: 11.0.10586.306
Product version: 11.0.10586.306
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
InternalName: chakra.dll
OriginalFilename: chakra.dll
ProductVersion: 11.00.10586.306
FileVersion: 11.00.10586.306 (th2_release_sec.160422-1850)
FileDescription: Microsoft � JScript
LegalCopyright: � Microsoft Corporation. All rights reserved.

3:086> lmv m *microsoftedgecp
start end module name
009c0000 00a0e000 microsoftedgecp (deferred)
Image path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Image name: microsoftedgecp.exe
Timestamp: Tue Nov 24 07:49:28 2015 (56540878)
CheckSum: 00053B24
ImageSize: 0004E000
File version: 11.0.10586.20
Product version: 11.0.10586.20
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft Edge
InternalName: MicrosoftEdgeCP
OriginalFilename: MicrosoftEdgeCP.exe
ProductVersion: 11.00.10586.20
FileVersion: 11.00.10586.20 (th2_release_sec.151123-1940)
FileDescription: Microsoft Edge Content Process
LegalCopyright: � Microsoft Corporation. All rights reserved.

3:086>