应用程序验证程序停止:HKEY 泄露
Application Verifier Stop: An HKEY was leaked
在使用 Application Verifier 和 windbg 调试我的一个 VSTO 插件时,我发现在关闭 Word 时出现以下停止:
VERIFIER STOP 00000902: pid 0x3F1C: An HKEY was leaked.
00000632 : Value of the leaked HKEY.
0422EA9C : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
1D3F6FE8 : Address of the owner dll name. Run du <address> to read the dll name.
74040000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
找出停止原因的最佳方法是什么?
听从了我的建议 dps 0422EA9C
返回以下内容:
0422ea9c 0423f164
0422eaa0 0000e001
0422eaa4 001c0000
0422eaa8 740f3da0 vfbasics!AVrfpRegOpenKeyW+0xb0
0422eaac 74041e54 oledlg!CStringCache::Init+0x47
0422eab0 74041b51 oledlg!DllMain+0x2e
0422eab4 74041869 oledlg!_CRT_INIT+0x26d
0422eab8 7415c66d verifier!AVrfpStandardDllEntryPointRoutine+0x99
0422eabc 741c95fa vrfcore!VfCoreStandardDllEntryPointRoutine+0x12a
0422eac0 740e7904 vfbasics!AVrfpStandardDllEntryPointRoutine+0xa4
0422eac4 77698d04 ntdll!LdrpCallInitRoutine+0x14
0422eac8 7769c23d ntdll!LdrpRunInitializeRoutines+0x26f
0422eacc 7769aeb5 ntdll!LdrpLoadDll+0x453
0422ead0 7769afcc ntdll!LdrLoadDll+0xaa
0422ead4 740e7d2d vfbasics!AVrfpLdrLoadDll+0x5d
0422ead8 75072ca8 KERNELBASE!LoadLibraryExW+0x1f7
0422eadc 74e548f4 kernel32!LoadLibraryW+0x11
0422eae0 741a6871 vstoee!DllGetClassObject+0x4320
0422eae4 741a68a1 vstoee!DllGetClassObject+0x4350
0422eae8 6b5bfca5 mso!Ordinal4378+0x8dc
0422eaec 6ac85248 mso!MsoFLongSave+0xaa353
0422eaf0 6a686ddd mso!Ordinal9769+0x60b
0422eaf4 6a68667a mso!Ordinal1832+0x13b
0422eaf8 6be22bbb wwlib!DllGetClassObject+0x5dbef
0422eafc 6bdc7c2f wwlib!DllGetClassObject+0x2c63
0422eb00 6bdc4a4b wwlib!FMain+0x253
0422eb04 013815c4 winword+0x15c4
0422eb08 01381558 winword+0x1558
0422eb0c 74e5337a kernel32!BaseThreadInitThunk+0xe
0422eb10 776992b2 ntdll!__RtlUserThreadStart+0x70
0422eb14 77699285 ntdll!_RtlUserThreadStart+0x1b
0422eb18 00000000
然后du 1D3F6FE8
返回
1d3f6fe8 "oledlg.dll"
有趣的是,如果我 运行 Word 上的 Application Verifier / WinDbg 没有加载我的插件,我仍然会停止:
APPLICATION_VERIFIER_LEAK_ALLOCATION (900)
A heap allocation was leaked.
This stop is generated if the owner dll of the allocation was dynamically unloaded while owning resources.
Arguments:
Arg1: 0b7e2fb8, Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
Arg2: 041495f4, Address to the allocation stack trace. Run dps <address> to view the allocation stack.
Arg3: 0c446fe4, Address of the owner dll name. Run du <address> to read the dll name.
Arg4: 70b50000, Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
GetPageUrlData failed, server returned HTTP status 404
URL requested: http://watson.microsoft.com/StageOne/winword_exe/15_0_4737_1003/559b7227/vrfcore_dll/10_0_15063_137/f4688fdb/80000003/00003809.htm?Retriage=1
这是同一件事但报告不同吗?
我对此进行了更深入的研究,因为上面非常有用的评论让我认为这不是我的插件代码的问题,而是 VSTO 主机应用程序的问题,即。单词.
所以我创建了一个简单的 VSTO 插件,它有一个按钮功能区,它只打开一个带有标签的任务窗格,上面写着“你好!” (没有别的 - 没有 WPF)而且我可以确认即使在这种情况下我仍然会在关机时出现 HKEY 泄漏......
为了完整起见,当没有加载插件时,我得到一个不同的停止:
=======================================
VERIFIER STOP 0000000000000300: pid 0x4008: Invalid handle exception for current stack trace.
00000000C0000008 : Exception code.
000000000F9DE670 : Exception record. Use .exr to display it.
000000000F9DE180 : Context record. Use .cxr to display it.
0000000000000000 : Not used.
=======================================
This verifier stop is continuable.
After debugging it use `go' to continue.
=======================================
ModLoad: 711a0000 711c5000 C:\windows\SysWOW64\POWRPROF.DLL
=======================================
VERIFIER STOP 00000900: pid 0x4008: A heap allocation was leaked.
0BDCCFB8 : Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
041D9C54 : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
0C36AFE4 : Address of the owner dll name. Run du <address> to read the dll name.
749C0000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
=======================================
!avrf 建议 APPLICATION_VERIFIER_LEAK_ALLOCATION (900) 所以我认为这不是应用程序验证程序以外的任何问题。
在使用 Application Verifier 和 windbg 调试我的一个 VSTO 插件时,我发现在关闭 Word 时出现以下停止:
VERIFIER STOP 00000902: pid 0x3F1C: An HKEY was leaked.
00000632 : Value of the leaked HKEY.
0422EA9C : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
1D3F6FE8 : Address of the owner dll name. Run du <address> to read the dll name.
74040000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
找出停止原因的最佳方法是什么?
听从了我的建议 dps 0422EA9C
返回以下内容:
0422ea9c 0423f164
0422eaa0 0000e001
0422eaa4 001c0000
0422eaa8 740f3da0 vfbasics!AVrfpRegOpenKeyW+0xb0
0422eaac 74041e54 oledlg!CStringCache::Init+0x47
0422eab0 74041b51 oledlg!DllMain+0x2e
0422eab4 74041869 oledlg!_CRT_INIT+0x26d
0422eab8 7415c66d verifier!AVrfpStandardDllEntryPointRoutine+0x99
0422eabc 741c95fa vrfcore!VfCoreStandardDllEntryPointRoutine+0x12a
0422eac0 740e7904 vfbasics!AVrfpStandardDllEntryPointRoutine+0xa4
0422eac4 77698d04 ntdll!LdrpCallInitRoutine+0x14
0422eac8 7769c23d ntdll!LdrpRunInitializeRoutines+0x26f
0422eacc 7769aeb5 ntdll!LdrpLoadDll+0x453
0422ead0 7769afcc ntdll!LdrLoadDll+0xaa
0422ead4 740e7d2d vfbasics!AVrfpLdrLoadDll+0x5d
0422ead8 75072ca8 KERNELBASE!LoadLibraryExW+0x1f7
0422eadc 74e548f4 kernel32!LoadLibraryW+0x11
0422eae0 741a6871 vstoee!DllGetClassObject+0x4320
0422eae4 741a68a1 vstoee!DllGetClassObject+0x4350
0422eae8 6b5bfca5 mso!Ordinal4378+0x8dc
0422eaec 6ac85248 mso!MsoFLongSave+0xaa353
0422eaf0 6a686ddd mso!Ordinal9769+0x60b
0422eaf4 6a68667a mso!Ordinal1832+0x13b
0422eaf8 6be22bbb wwlib!DllGetClassObject+0x5dbef
0422eafc 6bdc7c2f wwlib!DllGetClassObject+0x2c63
0422eb00 6bdc4a4b wwlib!FMain+0x253
0422eb04 013815c4 winword+0x15c4
0422eb08 01381558 winword+0x1558
0422eb0c 74e5337a kernel32!BaseThreadInitThunk+0xe
0422eb10 776992b2 ntdll!__RtlUserThreadStart+0x70
0422eb14 77699285 ntdll!_RtlUserThreadStart+0x1b
0422eb18 00000000
然后du 1D3F6FE8
返回
1d3f6fe8 "oledlg.dll"
有趣的是,如果我 运行 Word 上的 Application Verifier / WinDbg 没有加载我的插件,我仍然会停止:
APPLICATION_VERIFIER_LEAK_ALLOCATION (900)
A heap allocation was leaked.
This stop is generated if the owner dll of the allocation was dynamically unloaded while owning resources.
Arguments:
Arg1: 0b7e2fb8, Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
Arg2: 041495f4, Address to the allocation stack trace. Run dps <address> to view the allocation stack.
Arg3: 0c446fe4, Address of the owner dll name. Run du <address> to read the dll name.
Arg4: 70b50000, Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
GetPageUrlData failed, server returned HTTP status 404
URL requested: http://watson.microsoft.com/StageOne/winword_exe/15_0_4737_1003/559b7227/vrfcore_dll/10_0_15063_137/f4688fdb/80000003/00003809.htm?Retriage=1
这是同一件事但报告不同吗?
我对此进行了更深入的研究,因为上面非常有用的评论让我认为这不是我的插件代码的问题,而是 VSTO 主机应用程序的问题,即。单词.
所以我创建了一个简单的 VSTO 插件,它有一个按钮功能区,它只打开一个带有标签的任务窗格,上面写着“你好!” (没有别的 - 没有 WPF)而且我可以确认即使在这种情况下我仍然会在关机时出现 HKEY 泄漏......
为了完整起见,当没有加载插件时,我得到一个不同的停止:
=======================================
VERIFIER STOP 0000000000000300: pid 0x4008: Invalid handle exception for current stack trace.
00000000C0000008 : Exception code.
000000000F9DE670 : Exception record. Use .exr to display it.
000000000F9DE180 : Context record. Use .cxr to display it.
0000000000000000 : Not used.
=======================================
This verifier stop is continuable.
After debugging it use `go' to continue.
=======================================
ModLoad: 711a0000 711c5000 C:\windows\SysWOW64\POWRPROF.DLL
=======================================
VERIFIER STOP 00000900: pid 0x4008: A heap allocation was leaked.
0BDCCFB8 : Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
041D9C54 : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
0C36AFE4 : Address of the owner dll name. Run du <address> to read the dll name.
749C0000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
=======================================
!avrf 建议 APPLICATION_VERIFIER_LEAK_ALLOCATION (900) 所以我认为这不是应用程序验证程序以外的任何问题。