应用程序验证程序停止:HKEY 泄露

Application Verifier Stop: An HKEY was leaked

在使用 Application Verifier 和 windbg 调试我的一个 VSTO 插件时,我发现在关闭 Word 时出现以下停止:

VERIFIER STOP 00000902: pid 0x3F1C: An HKEY was leaked. 

00000632 : Value of the leaked HKEY.
0422EA9C : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
1D3F6FE8 : Address of the owner dll name. Run du <address> to read the dll name.
74040000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.

找出停止原因的最佳方法是什么?

听从了我的建议 dps 0422EA9C

返回以下内容:

0422ea9c  0423f164
0422eaa0  0000e001
0422eaa4  001c0000
0422eaa8  740f3da0 vfbasics!AVrfpRegOpenKeyW+0xb0
0422eaac  74041e54 oledlg!CStringCache::Init+0x47
0422eab0  74041b51 oledlg!DllMain+0x2e
0422eab4  74041869 oledlg!_CRT_INIT+0x26d
0422eab8  7415c66d verifier!AVrfpStandardDllEntryPointRoutine+0x99
0422eabc  741c95fa vrfcore!VfCoreStandardDllEntryPointRoutine+0x12a
0422eac0  740e7904 vfbasics!AVrfpStandardDllEntryPointRoutine+0xa4
0422eac4  77698d04 ntdll!LdrpCallInitRoutine+0x14
0422eac8  7769c23d ntdll!LdrpRunInitializeRoutines+0x26f
0422eacc  7769aeb5 ntdll!LdrpLoadDll+0x453
0422ead0  7769afcc ntdll!LdrLoadDll+0xaa
0422ead4  740e7d2d vfbasics!AVrfpLdrLoadDll+0x5d
0422ead8  75072ca8 KERNELBASE!LoadLibraryExW+0x1f7
0422eadc  74e548f4 kernel32!LoadLibraryW+0x11
0422eae0  741a6871 vstoee!DllGetClassObject+0x4320
0422eae4  741a68a1 vstoee!DllGetClassObject+0x4350
0422eae8  6b5bfca5 mso!Ordinal4378+0x8dc
0422eaec  6ac85248 mso!MsoFLongSave+0xaa353
0422eaf0  6a686ddd mso!Ordinal9769+0x60b
0422eaf4  6a68667a mso!Ordinal1832+0x13b
0422eaf8  6be22bbb wwlib!DllGetClassObject+0x5dbef
0422eafc  6bdc7c2f wwlib!DllGetClassObject+0x2c63
0422eb00  6bdc4a4b wwlib!FMain+0x253
0422eb04  013815c4 winword+0x15c4
0422eb08  01381558 winword+0x1558
0422eb0c  74e5337a kernel32!BaseThreadInitThunk+0xe
0422eb10  776992b2 ntdll!__RtlUserThreadStart+0x70
0422eb14  77699285 ntdll!_RtlUserThreadStart+0x1b
0422eb18  00000000

然后du 1D3F6FE8

返回

1d3f6fe8  "oledlg.dll"

有趣的是,如果我 运行 Word 上的 Application Verifier / WinDbg 没有加载我的插件,我仍然会停止:

APPLICATION_VERIFIER_LEAK_ALLOCATION (900)
A heap allocation was leaked.
This stop is generated if the owner dll of the allocation was dynamically unloaded while owning resources. 
Arguments:
Arg1: 0b7e2fb8, Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation. 
Arg2: 041495f4, Address to the allocation stack trace. Run dps <address> to view the allocation stack. 
Arg3: 0c446fe4, Address of the owner dll name. Run du <address> to read the dll name. 
Arg4: 70b50000, Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules. 
GetPageUrlData failed, server returned HTTP status 404
URL requested: http://watson.microsoft.com/StageOne/winword_exe/15_0_4737_1003/559b7227/vrfcore_dll/10_0_15063_137/f4688fdb/80000003/00003809.htm?Retriage=1

这是同一件事但报告不同吗?

我对此进行了更深入的研究,因为上面非常有用的评论让我认为这不是我的插件代码的问题,而是 VSTO 主机应用程序的问题,即。单词.

所以我创建了一个简单的 VSTO 插件,它有一个按钮功能区,它只打开一个带有标签的任务窗格,上面写着“你好!” (没有别的 - 没有 WPF)而且我可以确认即使在这种情况下我仍然会在关机时出现 HKEY 泄漏......

为了完整起见,当没有加载插件时,我得到一个不同的停止:

=======================================
VERIFIER STOP 0000000000000300: pid 0x4008: Invalid handle exception for current stack trace. 

    00000000C0000008 : Exception code.
    000000000F9DE670 : Exception record. Use .exr to display it.
    000000000F9DE180 : Context record. Use .cxr to display it.
    0000000000000000 : Not used.


=======================================
This verifier stop is continuable.
After debugging it use `go' to continue.

=======================================

ModLoad: 711a0000 711c5000   C:\windows\SysWOW64\POWRPROF.DLL


=======================================
VERIFIER STOP 00000900: pid 0x4008: A heap allocation was leaked. 

    0BDCCFB8 : Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
    041D9C54 : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
    0C36AFE4 : Address of the owner dll name. Run du <address> to read the dll name.
    749C0000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.


=======================================

!avrf 建议 APPLICATION_VERIFIER_LEAK_ALLOCATION (900) 所以我认为这不是应用程序验证程序以外的任何问题。