While using Application Verifier and windbg to debug one of my VSTO addins, I found out that on Word close I get the following stop:
VERIFIER STOP 00000902: pid 0x3F1C: An HKEY was leaked.
00000632 : Value of the leaked HKEY.
0422EA9C : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
1D3F6FE8 : Address of the owner dll name. Run du <address> to read the dll name.
74040000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
What is the best way to find out the cause of this stop?
Following the advice I did dps 0422EA9C
and the following was returned:
0422ea9c 0423f164
0422eaa0 0000e001
0422eaa4 001c0000
0422eaa8 740f3da0 vfbasics!AVrfpRegOpenKeyW+0xb0
0422eaac 74041e54 oledlg!CStringCache::Init+0x47
0422eab0 74041b51 oledlg!DllMain+0x2e
0422eab4 74041869 oledlg!_CRT_INIT+0x26d
0422eab8 7415c66d verifier!AVrfpStandardDllEntryPointRoutine+0x99
0422eabc 741c95fa vrfcore!VfCoreStandardDllEntryPointRoutine+0x12a
0422eac0 740e7904 vfbasics!AVrfpStandardDllEntryPointRoutine+0xa4
0422eac4 77698d04 ntdll!LdrpCallInitRoutine+0x14
0422eac8 7769c23d ntdll!LdrpRunInitializeRoutines+0x26f
0422eacc 7769aeb5 ntdll!LdrpLoadDll+0x453
0422ead0 7769afcc ntdll!LdrLoadDll+0xaa
0422ead4 740e7d2d vfbasics!AVrfpLdrLoadDll+0x5d
0422ead8 75072ca8 KERNELBASE!LoadLibraryExW+0x1f7
0422eadc 74e548f4 kernel32!LoadLibraryW+0x11
0422eae0 741a6871 vstoee!DllGetClassObject+0x4320
0422eae4 741a68a1 vstoee!DllGetClassObject+0x4350
0422eae8 6b5bfca5 mso!Ordinal4378+0x8dc
0422eaec 6ac85248 mso!MsoFLongSave+0xaa353
0422eaf0 6a686ddd mso!Ordinal9769+0x60b
0422eaf4 6a68667a mso!Ordinal1832+0x13b
0422eaf8 6be22bbb wwlib!DllGetClassObject+0x5dbef
0422eafc 6bdc7c2f wwlib!DllGetClassObject+0x2c63
0422eb00 6bdc4a4b wwlib!FMain+0x253
0422eb04 013815c4 winword+0x15c4
0422eb08 01381558 winword+0x1558
0422eb0c 74e5337a kernel32!BaseThreadInitThunk+0xe
0422eb10 776992b2 ntdll!__RtlUserThreadStart+0x70
0422eb14 77699285 ntdll!_RtlUserThreadStart+0x1b
0422eb18 00000000
Then du 1D3F6FE8
returned
1d3f6fe8 "oledlg.dll"
Interestingly, If I run Application Verifier / WinDbg on Word without my addin loaded I still get a stop:
APPLICATION_VERIFIER_LEAK_ALLOCATION (900)
A heap allocation was leaked.
This stop is generated if the owner dll of the allocation was dynamically unloaded while owning resources.
Arguments:
Arg1: 0b7e2fb8, Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
Arg2: 041495f4, Address to the allocation stack trace. Run dps <address> to view the allocation stack.
Arg3: 0c446fe4, Address of the owner dll name. Run du <address> to read the dll name.
Arg4: 70b50000, Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
GetPageUrlData failed, server returned HTTP status 404
URL requested: http://watson.microsoft.com/StageOne/winword_exe/15_0_4737_1003/559b7227/vrfcore_dll/10_0_15063_137/f4688fdb/80000003/00003809.htm?Retriage=1
Is this the same thing but reported differently?
I looked deeper into this as the very helpful comments above pointed me to think this is not an issue with my addin code but rather with the VSTO host application ie. Word.
So I created a simple VSTO addin with a one button ribbon that just opens a taskpane with a label which says “Hello!” (nothing else – no WPF) and I can confirm that even in this scenario I still get the HKEY Leak on shutdown…
For completeness, when no addins are loaded I get a different stop:
=======================================
VERIFIER STOP 0000000000000300: pid 0x4008: Invalid handle exception for current stack trace.
00000000C0000008 : Exception code.
000000000F9DE670 : Exception record. Use .exr to display it.
000000000F9DE180 : Context record. Use .cxr to display it.
0000000000000000 : Not used.
=======================================
This verifier stop is continuable.
After debugging it use `go' to continue.
=======================================
ModLoad: 711a0000 711c5000 C:\windows\SysWOW64\POWRPROF.DLL
=======================================
VERIFIER STOP 00000900: pid 0x4008: A heap allocation was leaked.
0BDCCFB8 : Address of the leaked allocation. Run !heap -p -a <address> to get additional information about the allocation.
041D9C54 : Address to the allocation stack trace. Run dps <address> to view the allocation stack.
0C36AFE4 : Address of the owner dll name. Run du <address> to read the dll name.
749C0000 : Base of the owner dll. Run .reload <dll_name> = <address> to reload the owner dll. Use 'lm' to get more information about the loaded and unloaded modules.
=======================================
!avrf suggests a APPLICATION_VERIFIER_LEAK_ALLOCATION (900) so I don't think this is a problem with anything but Application Verifier.