Explorer Crashing Frequently on Windows Server 2016 Datacenter

S

Steve Thresher

I have a Windows Server 2016 Datacenter build that has remote desktop services installed and explorer.exe is crashing several times a day for multiple users. I've attempted to create user mode dumps by they only point to microsoft DLL's as being the cause of the problem (msvcrt.dll and NotificationController.dll)


The following shows the callstack for 3 recent crashes:


BUGCHECK_STR: HEAP_CORRUPTION_ACTIONABLE_BIASED_HEAP_BLOCK

DEFAULT_BUCKET_ID: HEAP_CORRUPTION_ACTIONABLE
PRIMARY_PROBLEM_CLASS: HEAP_CORRUPTION
STACK_TEXT:
00007ffc`dfa8e718 00007ffc`df9916c3 ntdll!RtlFreeHeap+0x143
00007ffc`dfa8e720 00007ffc`dda59dac msvcrt!free+0x1c
00007ffc`dfa8e728 00007ffc`a67878ed NotificationController!DllCanUnloadNow+0x2e13d
00007ffc`dfa8e730 00007ffc`a67a3512 NotificationController!DllGetActivationFactory+0xde62
00007ffc`dfa8e738 00007ffc`a678f7a5 NotificationController!DllCanUnloadNow+0x35ff5
00007ffc`dfa8e740 00007ffc`a678e1b8 NotificationController!DllCanUnloadNow+0x34a08
00007ffc`dfa8e748 00007ffc`a6773acf NotificationController!DllCanUnloadNow+0x1a31f
00007ffc`dfa8e750 00007ffc`a67734b6 NotificationController!DllCanUnloadNow+0x19d06
00007ffc`dfa8e758 00007ffc`a6774a72 NotificationController!DllCanUnloadNow+0x1b2c2
00007ffc`dfa8e760 00007ffc`ddb582d3 rpcrt4!Invoke+0x73
00007ffc`dfa8e768 00007ffc`ddbbbc0d rpcrt4!Ndr64StubWorker+0xbfd
00007ffc`dfa8e770 00007ffc`ddae68f9 rpcrt4!NdrStubCall3+0xc9
00007ffc`dfa8e778 00007ffc`df5012c9 combase+0x12c9
00007ffc`dfa8e780 00007ffc`ddaeb02b rpcrt4!CStdStubBuffer_Invoke+0x3b
00007ffc`dfa8e788 00007ffc`df54cebc combase+0x4cebc
00007ffc`dfa8e790 00007ffc`df54cb72 combase+0x4cb72
00007ffc`dfa8e798 00007ffc`df54b9f8 combase+0x4b9f8
00007ffc`dfa8e7a0 00007ffc`df549f8d combase+0x49f8d
00007ffc`dfa8e7a8 00007ffc`df54966b combase+0x4966b
00007ffc`dfa8e7b0 00007ffc`df563342 combase+0x63342
00007ffc`dfa8e7b8 00007ffc`ddb3a044 rpcrt4!DispatchToStubInCNoAvrf+0x24
00007ffc`dfa8e7c0 00007ffc`ddb38f5d rpcrt4!RPC_INTERFACE::DispatchToStubWorker+0x1bd
00007ffc`dfa8e7c8 00007ffc`ddb39aae rpcrt4!RPC_INTERFACE::DispatchToStubWithObject+0x15e
00007ffc`dfa8e7d0 00007ffc`ddb19707 rpcrt4!LRPC_SCALL::DispatchRequest+0x177
00007ffc`dfa8e7d8 00007ffc`ddb19d5c rpcrt4!LRPC_SCALL::HandleRequest+0x2bc
00007ffc`dfa8e7e0 00007ffc`ddb3411c rpcrt4!LRPC_ADDRESS::HandleRequest+0x36c
00007ffc`dfa8e7e8 00007ffc`ddb3597b rpcrt4!LRPC_ADDRESS::processIO+0x91b
00007ffc`dfa8e7f0 00007ffc`ddb2862a rpcrt4!LrpcIoComplete+0xaa
00007ffc`dfa8e7f8 00007ffc`df96864e ntdll!TppAlpcpExecuteCallback+0x25e
00007ffc`dfa8e800 00007ffc`df969fb9 ntdll!TppWorkerThread+0x8d9
00007ffc`dfa8e808 00007ffc`dd228364 kernel32!BaseThreadInitThunk+0x14
00007ffc`dfa8e810 00007ffc`df9ae851 ntdll!RtlUserThreadStart+0x21

BUGCHECK_STR: HEAP_CORRUPTION_ACTIONABLE_BIASED_HEAP_BLOCK

DEFAULT_BUCKET_ID: HEAP_CORRUPTION_ACTIONABLE
PRIMARY_PROBLEM_CLASS: HEAP_CORRUPTION
STACK_TEXT:
00007ffc`dfa8e718 00007ffc`df9916c3 ntdll!RtlFreeHeap+0x143
00007ffc`dfa8e720 00007ffc`dda59dac msvcrt!free+0x1c
00007ffc`dfa8e728 00007ffc`a67878ed NotificationController!DllCanUnloadNow+0x2e13d
00007ffc`dfa8e730 00007ffc`a67a3512 NotificationController!DllGetActivationFactory+0xde62
00007ffc`dfa8e738 00007ffc`a678f7a5 NotificationController!DllCanUnloadNow+0x35ff5
00007ffc`dfa8e740 00007ffc`a678e1b8 NotificationController!DllCanUnloadNow+0x34a08
00007ffc`dfa8e748 00007ffc`a6773acf NotificationController!DllCanUnloadNow+0x1a31f
00007ffc`dfa8e750 00007ffc`a67734b6 NotificationController!DllCanUnloadNow+0x19d06
00007ffc`dfa8e758 00007ffc`a6774a72 NotificationController!DllCanUnloadNow+0x1b2c2
00007ffc`dfa8e760 00007ffc`ddb582d3 rpcrt4!Invoke+0x73
00007ffc`dfa8e768 00007ffc`ddbbbc0d rpcrt4!Ndr64StubWorker+0xbfd
00007ffc`dfa8e770 00007ffc`ddae68f9 rpcrt4!NdrStubCall3+0xc9
00007ffc`dfa8e778 00007ffc`df5012c9 combase+0x12c9
00007ffc`dfa8e780 00007ffc`ddaeb02b rpcrt4!CStdStubBuffer_Invoke+0x3b
00007ffc`dfa8e788 00007ffc`df54cebc combase+0x4cebc
00007ffc`dfa8e790 00007ffc`df54cb72 combase+0x4cb72
00007ffc`dfa8e798 00007ffc`df54b9f8 combase+0x4b9f8
00007ffc`dfa8e7a0 00007ffc`df549f8d combase+0x49f8d
00007ffc`dfa8e7a8 00007ffc`df54966b combase+0x4966b
00007ffc`dfa8e7b0 00007ffc`df563342 combase+0x63342
00007ffc`dfa8e7b8 00007ffc`ddb3a044 rpcrt4!DispatchToStubInCNoAvrf+0x24
00007ffc`dfa8e7c0 00007ffc`ddb38f5d rpcrt4!RPC_INTERFACE::DispatchToStubWorker+0x1bd
00007ffc`dfa8e7c8 00007ffc`ddb39aae rpcrt4!RPC_INTERFACE::DispatchToStubWithObject+0x15e
00007ffc`dfa8e7d0 00007ffc`ddb19707 rpcrt4!LRPC_SCALL::DispatchRequest+0x177
00007ffc`dfa8e7d8 00007ffc`ddb19d5c rpcrt4!LRPC_SCALL::HandleRequest+0x2bc
00007ffc`dfa8e7e0 00007ffc`ddb3411c rpcrt4!LRPC_ADDRESS::HandleRequest+0x36c
00007ffc`dfa8e7e8 00007ffc`ddb3597b rpcrt4!LRPC_ADDRESS::processIO+0x91b
00007ffc`dfa8e7f0 00007ffc`ddb2862a rpcrt4!LrpcIoComplete+0xaa
00007ffc`dfa8e7f8 00007ffc`df96864e ntdll!TppAlpcpExecuteCallback+0x25e
00007ffc`dfa8e800 00007ffc`df969fb9 ntdll!TppWorkerThread+0x8d9
00007ffc`dfa8e808 00007ffc`dd228364 kernel32!BaseThreadInitThunk+0x14
00007ffc`dfa8e810 00007ffc`df9ae851 ntdll!RtlUserThreadStart+0x21

BUGCHECK_STR: APPLICATION_FAULT_INVALID_POINTER_READ

PRIMARY_PROBLEM_CLASS: APPLICATION_FAULT
LAST_CONTROL_TRANSFER: from 00007ffca67659a6 to 00007ffcddab3de5
STACK_TEXT:
00000000`30c9d488 00007ffc`a67659a6 : 00000000`02cb4260 00007ffc`dc0b5202 00000000`30c90000 00000000`00000000 : msvcrt!memcpy+0xa5
00000000`30c9d490 00007ffc`a67a3505 : 00000000`02cb4450 00000000`02cb44a8 00000000`30c9d488 00007ffc`a6776ea3 : NotificationController!DllCanUnloadNow+0xc1f6
00000000`30c9d4c0 00007ffc`a678f7a5 : 00000000`02cb44a8 00007ffc`a67e3d78 00000000`00000005 00000000`30c9d7b0 : NotificationController!DllGetActivationFactory+0xde55
00000000`30c9d4f0 00007ffc`a678e1b8 : 00000000`02c19c60 00000000`30c9d630 00000000`02cb4240 00000000`30c9d5c0 : NotificationController!DllCanUnloadNow+0x35ff5
00000000`30c9d530 00007ffc`a6773acf : ffffffff`ffffffff 00000000`02c0b4c0 00000000`30c9d9d0 00000000`30c9e190 : NotificationController!DllCanUnloadNow+0x34a08
00000000`30c9d8d0 00007ffc`a67734b6 : 00000000`10b44c38 00000000`00000002 00000000`087fd6c8 00000000`0787cc50 : NotificationController!DllCanUnloadNow+0x1a31f
00000000`30c9dad0 00007ffc`a6774a72 : 00000000`0000de00 00000000`00000000 00000000`0875f828 00007ffc`ddb5824a : NotificationController!DllCanUnloadNow+0x19d06
00000000`30c9dbf0 00007ffc`ddb582d3 : 00000000`02bf2d70 00000000`00000005 00000000`30c9dc70 00000000`30c9e158 : NotificationController!DllCanUnloadNow+0x1b2c2
00000000`30c9dc40 00007ffc`ddbbbc0d : 00000000`30c9e150 00000000`30c9e150 00000000`30c9e130 00007ffc`d2a54808 : rpcrt4!Invoke+0x73
00000000`30c9dcb0 00007ffc`ddae68f9 : 00000000`00a48b00 00000000`00000000 00000000`00a48b00 00000000`30c9e450 : rpcrt4!Ndr64StubWorker+0xbfd
00000000`30c9e380 00007ffc`df5012c9 : 00000000`00000000 00000000`30c9e5b0 00007ffc`d2a55090 00000000`10aaece0 : rpcrt4!NdrStubCall3+0xc9
00000000`30c9e3e0 00000000`00000000 : 00000000`30c9e5b0 00007ffc`d2a55090 00000000`10aaece0 00000000`10b03ab8 : combase+0x12c9


Any suggestions on how to find the cause?

Continue reading...
 
You must log in or register to reply here.

Similar threads

S
Explorer frequently crashes on Windows Server 2016 Datacenter
Replies
0
Views
235
Steve Thresher
S
K
Systems Crash with Error: NMI_HARDWARE_FAILURE
Replies
0
Views
1K
kokoto
K
RS4,system version 17134.After the first OOBE into the system,wait for a period of time,then restart the system,there will be a black screen,and the t
Replies
0
Views
443
君hou
Back
Top Bottom