Freigeben über


Internet Explorer or .NET Application Hosting Web Browser May Crash with Exception 0xE06D7363

This month looks little unusual as I ran into another bug in Internet Explorer component. Jscript9.dll is a core dll for implementing JavaScript engine (aka Chakra engine). The process may crash with C++ Exception code E06D7363. Here are some of the details that may help you. If you have a dump file, then you may use WinDbg (ships with Debugging Tools for Windows) to analyze it.

Analysis

  • Call stack

    0:000> kcL

    #

    00 KERNELBASE!RaiseException

    01 msvcrt!_CxxThrowException

    02 jscript9!Js::JavascriptOperators::ThrowStackOverflow

    03 jscript9!Js::Throw::StackOverflow

    04 jscript9!Js::CustomExternalObject::QueryObjectInterface

    05 jscript9!JavascriptDispatch::QueryInterface

    06 mshtml!CEventMgr::_DispatchBubblePhase

    07 mshtml!CEventMgr::Dispatch

    08 mshtml!CEventMgr::DispatchMouseEvent

    09 mshtml!CElement::FireStdEvent_MouseHelper

    0a mshtml!CElement::FireStdEventOnMessage

    0b mshtml!CDoc::PumpMessage

    0c mshtml!CDoc::DetectMouseExit

    0d mshtml!FormsOnTimer

    0e mshtml!GlobalWndProc

    0f user32!InternalCallWinProc

    10 user32!UserCallWinProcCheckWow

    11 user32!DispatchMessageWorker

    12 user32!DispatchMessageW

    13 user32!DialogBox2

    14 user32!InternalDialogBox

    15 user32!SoftModalMessageBox

    16 user32!MessageBoxWorker

    17 user32!MessageBoxTimeoutW

    18 user32!MessageBoxTimeoutA

    19 user32!MessageBoxExA

    1a user32!MessageBoxA

     

    ...

     

    58 ntdll!__RtlUserThreadStart

    59 ntdll!_RtlUserThreadStart

     

  • JavaScript dll details

    0:000> lmvm jscript9

    Browse full module list

    start    end        module name

    62240000 623fd000   jscript9

        Loaded symbol image file: jscript9.dll

        Image path: C:\Windows\System32\jscript9.dll

        Image name: jscript9.dll

        Browse all global symbols  functions  data

        Timestamp:        Wed Jul 22 15:51:11 2015 (55B0023F)

        CheckSum:         001C9220

        ImageSize:        001BD000

        File version:     9.0.8112.16684

        Product version:  9.0.8112.16684

        File flags:       8 (Mask 3F) Private

        File OS:          40004 NT Win32

        File type:        2.0 Dll

        File date:        00000000.00000000

        Translations:     0409.04b0

        CompanyName:      Microsoft Corporation

        ProductName:      Windows® Internet Explorer

        InternalName:     jscript9.dll

        OriginalFilename: jscript9.dll

        ProductVersion:   9.00.8112.16684

        FileVersion:      9.00.8112.16684 (win7_ie9_GDR(builder).150722-1301)

        FileDescription:  Microsoft ® JScript

        LegalCopyright:   © Microsoft Corporation. All rights reserved.

     

  • Register values during crash

    0:000> .frame 2; r

    eax=00282f9c ebx=0cce0018 ecx=00000003 edx=00000000 esi=00283040 edi=12d82ff0

    eip=74dfc42d esp=00282f9c ebp=00282fec iopl=0         nv up ei pl nz na pe nc

    cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00200206

    KERNELBASE!RaiseException+0x58:

    74dfc42d c9              leave

     

    03 00283070 6231395e jscript9!Js::Throw::StackOverflow+0x2d

    eax=00282f9c ebx=1b0e9660 ecx=00000003 edx=00000000 esi=009122f8 edi=00000000

    eip=6237a0c3 esp=0028306c ebp=00283070 iopl=0         nv up ei pl nz na pe nc

    cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00200206

    jscript9!Js::Throw::StackOverflow+0x2d:

    6237a0c3 8a4d0b          mov     cl,byte ptr [ebp+0Bh]      ss:002b:0028307b=12

     

  • Additionally, the user may see following message:

    Caption: Microsoft Visual C++ Runtime Library
    Text:  This application has requested the Runtime to terminate it in an unusual way.
        Please contact the application's support team for more information.

 

Resolution

  1. The KB article has additional details about the bug

    Internet Explorer 9 may crash because of jscript9.dll stack overflow when you browse certain webpages

  2. You may want to install the latest IE security update released few days back. A lot of times, the testing time may not be affected by the patch, you may be better off installing latest patch. Since patches are cumulative, it will give you additional fixes on top of existing fix.

    https://technet.microsoft.com/library/security/MS15-106

  3. If you see issues even after installing latest patch, then it is possible that more than one condition is contributing to the issue.

  4. Make sure you also install KB3076895 and test it. We had seen issues in GWIM environment because of it.

    .NET Application Hosting Web Browser Control Freezes / Hangs During Start Up

Comments

  • Anonymous
    November 05, 2015
    The comment has been removed