New
#11
It appears to me the problem is in Shell32 with perhaps a stack overflow. I've never seen a stack trace this large but towards the top, you'll see "unaligned" and size heap crash. The resulting address is invalid in the following instruction. The problem is, I don't know how to fix it.
Code:0:000> .ecxr rax=0000000000000001 rbx=000000000027ba40 rcx=00000367bf021a00 rdx=00000000044f3b30 rsi=0000000077046580 rdi=000000000027bf30 rip=0000000076f28389 rsp=000000000027c140 rbp=0000000000000008 r8=000000ffffffffff r9=00000000044f3b40 r10=0000000000000000 r11=0000000000000001 r12=0000000000000001 r13=00000000fffffffe r14=00000000084a1b98 r15=0000000000000000 iopl=0 nv up ei pl nz na po nc cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010204 ntdll!RtlSizeHeap+0x89: 00000000`76f28389 0fb74118 movzx eax,word ptr [rcx+18h] ds:00000367`bf021a18=????Code:0:000> k *** Stack trace for last set context - .thread/.cxr resets it Child-SP RetAddr Call Site 00000000`0027c140 000007fe`fd709c12 ntdll!RtlSizeHeap+0x89 00000000`0027c190 000007fe`fd708125 shell32!CTCoAllocPolicy::_CoTaskMemSize+0x3e 00000000`0027c1d0 000007fe`fd7081a3 shell32!CTCoAllocPolicy::Realloc+0x61 00000000`0027c200 000007fe`fd709cbf shell32!CTPolicyCoTaskMem<_ITEMID_CHILD const __unaligned * __ptr64>::ReallocArray+0x4c 00000000`0027c250 000007fe`fd6d881f shell32!CTSimpleArray_EnsureCapacity+0x83 00000000`0027c280 000007fe`fd6d86bb shell32!CShellItemArray::Initialize+0x156 00000000`0027c330 000007fe`fbc7b65b shell32!SHCreateShellItemArrayFromIDLists+0x53 00000000`0027c380 000007fe`fbc78d9f ntshrui!CContextMenuOverExplorerCommands::_EnsureShellItemArray+0x54 00000000`0027c3b0 000007fe`fd6bf30a ntshrui!CContextMenuOverExplorerCommands::QueryContextMenu+0xf9 00000000`0027c470 000007fe`fd6bec85 shell32!HDXA_QueryContextMenu+0x454 00000000`0027c690 000007fe`fda73da9 shell32!CDefFolderMenu::QueryContextMenu+0x625 00000000`0027c8a0 000007fe`fda73e68 shell32!CContextMenuOnContextMenuArray::_QueryNthContextMenu+0x35 00000000`0027c8e0 000007fe`fd8ec869 shell32!CContextMenuOnContextMenuArray::QueryContextMenu+0xb0 00000000`0027ca10 000007fe`fd8ed25d shell32!CDefView::_DoContextMenuPopup+0x19d 00000000`0027cde0 000007fe`fd9d3e81 shell32!CDefView::OnBackgroundContextMenu+0x2d1 00000000`0027cea0 000007fe`fd8f36a0 shell32!CListViewHost::ShowContextMenu+0x1f1 00000000`0027cf30 000007fe`fd82edd4 shell32!CDefView::_OnContextMenu+0x110 00000000`0027cfb0 000007fe`fd710d37 shell32!CDefView::WndProc+0x889 00000000`0027d180 00000000`76e19bd1 shell32!CDefView::s_WndProc+0x7c 00000000`0027d1c0 00000000`76e13bfc user32!UserCallWinProcCheckWow+0x1ad 00000000`0027d280 00000000`76e13b78 user32!CallWindowProcAorW+0xdc 00000000`0027d2d0 000007fe`fb786215 user32!CallWindowProcW+0x18 00000000`0027d310 000007fe`fb7869a0 comctl32!CallOriginalWndProc+0x1d 00000000`0027d350 000007fe`fb786768 comctl32!CallNextSubclassProc+0x8c 00000000`0027d3d0 000007fe`fd710b6a comctl32!DefSubclassProc+0x7c 00000000`0027d420 000007fe`fd710f7b shell32!DefSubclassProc+0x56 00000000`0027d450 000007fe`fd710ea7 shell32!CListViewHost::_ViewSubclassWndProc+0x3e1 00000000`0027d710 000007fe`fb7869a0 shell32!CListViewHost::s_ViewSubclassWndProc+0x4f 00000000`0027d760 000007fe`fb786877 comctl32!CallNextSubclassProc+0x8c 00000000`0027d7e0 00000000`76e19bd1 comctl32!MasterSubclassProc+0xe7 00000000`0027d880 00000000`76e172cb user32!UserCallWinProcCheckWow+0x1ad 00000000`0027d940 00000000`76e16829 user32!DispatchClientMessage+0xc3 00000000`0027d9a0 00000000`76f511f5 user32!_fnDWORD+0x2d 00000000`0027da00 00000000`76e1685a ntdll!KiUserCallbackDispatcherContinue 00000000`0027da88 00000000`76e168a2 user32!NtUserMessageCall+0xa 00000000`0027da90 00000000`76e1760e user32!RealDefWindowProcWorker+0xa4 00000000`0027db60 000007fe`fb2d1644 user32!RealDefWindowProcW+0x5a 00000000`0027dba0 000007fe`fb2d1445 uxtheme!_ThemeDefWindowProc+0x278 00000000`0027dc50 00000000`76e189d3 uxtheme!ThemeDefWindowProcW+0x11 00000000`0027dc90 000007fe`fb7e8a9e user32!DefWindowProcW+0xe6 00000000`0027dce0 000007fe`fb7e6011 comctl32!CListView::WndProc+0x2a42 00000000`0027dee0 00000000`76e19bd1 comctl32!CListView::s_WndProc+0x6cd 00000000`0027df40 00000000`76e13bfc user32!UserCallWinProcCheckWow+0x1ad 00000000`0027e000 00000000`76e13b78 user32!CallWindowProcAorW+0xdc 00000000`0027e050 000007fe`fb786215 user32!CallWindowProcW+0x18 00000000`0027e090 000007fe`fb7869a0 comctl32!CallOriginalWndProc+0x1d 00000000`0027e0d0 000007fe`fb786768 comctl32!CallNextSubclassProc+0x8c 00000000`0027e150 000007fe`fd710b6a comctl32!DefSubclassProc+0x7c 00000000`0027e1a0 000007fe`fd710c4e shell32!DefSubclassProc+0x56 00000000`0027e1d0 000007fe`fb7869a0 shell32!CListViewHost::s_ListViewSubclassWndProc+0x31e 00000000`0027e2b0 000007fe`fb786877 comctl32!CallNextSubclassProc+0x8c 00000000`0027e330 00000000`76e19bd1 comctl32!MasterSubclassProc+0xe7 00000000`0027e3d0 00000000`76e172cb user32!UserCallWinProcCheckWow+0x1ad 00000000`0027e490 00000000`76e16829 user32!DispatchClientMessage+0xc3 00000000`0027e4f0 00000000`76f511f5 user32!_fnDWORD+0x2d 00000000`0027e550 00000000`76e1685a ntdll!KiUserCallbackDispatcherContinue 00000000`0027e5d8 00000000`76e13838 user32!NtUserMessageCall+0xa 00000000`0027e5e0 00000000`76e16bad user32!SendMessageWorker+0x73d 00000000`0027e670 000007fe`fb886824 user32!SendMessageW+0x5c 00000000`0027e6c0 000007fe`fb7e6a38 comctl32!CLVMouseManager::HandleMouse+0xf8c 00000000`0027e820 000007fe`fb7e6011 comctl32!CListView::WndProc+0x9dc 00000000`0027ea20 00000000`76e19bd1 comctl32!CListView::s_WndProc+0x6cd 00000000`0027ea80 00000000`76e13bfc user32!UserCallWinProcCheckWow+0x1ad 00000000`0027eb40 00000000`76e13b78 user32!CallWindowProcAorW+0xdc 00000000`0027eb90 000007fe`fb786215 user32!CallWindowProcW+0x18 00000000`0027ebd0 000007fe`fb7869a0 comctl32!CallOriginalWndProc+0x1d 00000000`0027ec10 000007fe`fb786768 comctl32!CallNextSubclassProc+0x8c 00000000`0027ec90 000007fe`fd710b6a comctl32!DefSubclassProc+0x7c 00000000`0027ece0 000007fe`fd710c4e shell32!DefSubclassProc+0x56 00000000`0027ed10 000007fe`fb7869a0 shell32!CListViewHost::s_ListViewSubclassWndProc+0x31e 00000000`0027edf0 000007fe`fb786877 comctl32!CallNextSubclassProc+0x8c 00000000`0027ee70 00000000`76e19bd1 comctl32!MasterSubclassProc+0xe7 00000000`0027ef10 00000000`76e198da user32!UserCallWinProcCheckWow+0x1ad 00000000`0027efd0 000007fe`fd71674e user32!DispatchMessageWorker+0x3b5 00000000`0027f050 000007fe`fd7166a4 shell32!CDesktopBrowser::_PeekForAMessage+0x17b 00000000`0027f0d0 000007fe`fd677805 shell32!CDesktopBrowser::_MessageLoop+0x24 00000000`0027f110 00000000`ff740ac1 shell32!SHDesktopMessageLoop+0x7e 00000000`0027f150 00000000`ff74b8d5 explorer!wWinMain+0xb1e 00000000`0027f800 00000000`76cf59ed explorer!DelayLoadFailureHook+0x208 00000000`0027f8c0 00000000`76f2c541 kernel32!BaseThreadInitThunk+0xd 00000000`0027f8f0 00000000`00000000 ntdll!RtlUserThreadStart+0x1d
Wow! Busy system too. The list of loaded modules won't fit in this message box. (Over 20,000 characters.)
Ah ha! Looks like a user program is in a loop.
Last edited by carwiz; 19 Apr 2014 at 08:01. Reason: Addition
I have no idea what user program that would be lol
Thanks for the stack trace analysis, Ken.
In post #8 the OP said no customization is applied. But still uxtheme is there in stack trace.Code:00000000`0027dba0 000007fe`fb2d1445 uxtheme!_ThemeDefWindowProc+0x278 00000000`0027dc50 00000000`76e189d3 uxtheme!ThemeDefWindowProcW+0x11
Such a thing is a 100% catch by the SFC /scannow command. SFC always cure all the uxtheme related issues. If failed, it reports on the issue. But in post #11 he replied
Unfortunately the before is not there in the thread, too.
Either he made something himself that is not suiting in his system, or ....sorry to say, our suggestions are nor being taken. Or both.
I don't have a single application that was made by me that runs persistently. Here are my SFC results to make things easier:
Also this is the "before":
^Here I said that I tried everything in that thread and it didn't change anything or help fix the problem.Already tried all that, it changed nothing.Hi Visual Studio.
You may follow this guide: Troubleshooting Explorer.exe Crashing Issues
^Here I said that I would've mentioned the SFC scan if it presented an error, which it did not.I would've mentioned it if it presented an error, which it didn't. No customizations have been applied.I am not asking you about virus.
I am asking about file types, coz sometimes some corrupt codec also can cause explorer crashes. Also you havent mentioned anything about the results of SFC. You also havent said anything about the customizations etc in the two of your posts, too.
That is an interesting screenshot, sfc should be run elevated.
SFC /SCANNOW Command - System File Checker
I get an error if it isn't run as admin, even in the admin account.
I didn't screenshot the window title, mine has "Administrator: Command Prompt" on it too, you can't tell if it's admin or not unless you see the window title (besides it defaulting to system32 for the cwd) which I didn't screenshot because it's common sense to run these utilities as admin.
Yes you can.Visual Studio said:
Elevated Command Prompt
I wasn't looking at the top, I was looking at the path in the cmd window.
Admin level = C:Windows\system32
Standard level = C:\Users\John
Common sense or not, you can clearly see it is not being run as admin.
Then how did it have proper permissions to check the file system?
Either way I do it, it gives me the same results.
Also pretty sure I mentioned that:
I didn't screenshot the window title, mine has "Administrator: Command Prompt" on it too, you can't tell if it's admin or not unless you see the window title (besides it defaulting to system32 for the cwd) which I didn't screenshot because it's common sense to run these utilities as admin.
Last edited by Visual Studio; 19 Apr 2014 at 17:36.