Bug: Excel add-in using .NET leaks some registry handles due to ClickToRun

%3CLINGO-SUB%20id%3D%22lingo-sub-3444021%22%20slang%3D%22en-US%22%3EBug%3A%20Excel%20add-in%20using%20.NET%20leaks%20some%20registry%20handles%20due%20to%20ClickToRun%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3444021%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20not%20sure%20what%20is%20the%20best%20way%20to%20report%20this%20issue.%20It%20is%20low%20level%20technical.%20If%20someone%20knows%20of%20a%20better%20way%20to%20report%20this%20to%20Microsoft%2C%20please%20let%20me%20know.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20written%20av%20Excel%20add-in%20that%20uses%20.NET%20Framework%20(4.8).%3C%2FP%3E%3CP%3EIt%20polls%20our%20our%20backend%20for%20updates%20every%20now%20and%20then.%3C%2FP%3E%3CP%3EWe%20have%20noticed%20that%20there%20is%20a%20leak%20of%20open%20handles%20to%20the%20registry%20and%20that%20it%20grows%20over%20time.%3C%2FP%3E%3CP%3EThis%20does%20not%20always%20happen%20and%20it%20took%20some%20effort%20to%20understand%20where%20this%20leak%20comes%20from.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EIt%20turned%20out%20that%20this%20only%20happens%20if%20Excel%20is%20installed%20via%20ClickToRun%20and%20it%20is%20related%20to%20registry%20virtualization.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThis%20is%20what%20we%20have%20found%3A%3C%2FSPAN%3E%3C%2FP%3E%3CUL%3E%3CLI%3EAs%20a%20part%20of%20setting%20up%20the%20HTTP%20communication%2C%20.NET%20will%20attempt%20to%20use%20a%20proxy%20server.%20It%20looks%20for%20registry%20settings%20to%20see%20if%20any%20proxy%20server%20is%20configured.%3C%2FLI%3E%3CLI%3ERegardless%20if%20a%20proxy%20server%20is%20configured%20or%20not%2C%20.NET%20starts%20to%20monitor%20a%20registry%20key%20mentioned%20using%26nbsp%3B%3CSPAN%3ERegNotifyChangeKeyValue%3A%26nbsp%3BHKEY_LOCAL_MACHINE%5CSOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CInternet%20Settings%3C%2FSPAN%3E%3C%2FLI%3E%3CLI%3EClickToRun%20virtulizes%20this%20part%20of%20the%20registry%20and%20it%20is%20redirected%20to%26nbsp%3B%3CSPAN%3EHKEY_LOCAL_MACHINE%5CSOFTWARE%5CMicrosoft%5COffice%5CClickToRun%5CREGISTRY%5CMACHINE%5CSoftware%5CMicrosoft%5CWindows%5CCurrentVersion%5CInternet%20Settings%3C%2FSPAN%3E%3C%2FLI%3E%3CLI%3E%3CSPAN%3EThis%20virtualization%20does%20not%20work%20well%20with%20how%20.NET%20uses%26nbsp%3BRegNotifyChangeKeyValue%20to%20listen%20for%20changes.%20Each%20time%20the%20session%20is%20set%20up%20a%20handle%20to%20the%20registry%20will%20be%20leaked.%3C%2FSPAN%3E%3C%2FLI%3E%3CLI%3E%3CSPAN%3EThere%20is%20no%20leak%20if%20Excel%20is%20not%20installed%20via%20ClickToRun%20or%20if%20virtualization%20for%20the%20mentioned%20registry%20key%20is%20turned%20off%20by%20adding%20this%20path%20to%26nbsp%3BPassThroughPaths%20%26nbsp%3B%20in%26nbsp%3BHKEY_LOCAL_MACHINE%5CSOFTWARE%5CMicrosoft%5COffice%5CClickToRun%5CREGISTRY%5CMACHINE%5CSoftware%5CMicrosoft%5CAppV%5CSubsystem%5CVirtualRegistry%3C%2FSPAN%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%3EThis%20is%20cleary%20a%20bug%2Fincompatibility%20in%20ClickToRun%20when%20using%20.NET%20Framework.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EWhat%20you%20see%20as%20leaked%20handles%20in%20ProcessMonitor%20are%20a%20lot%20of%20handles%20to%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CPRE%3E%3CSPAN%3E%5CREGISTRY%5CMACHINE%5CSOFTWARE%5CMicrosoft%5COffice%5CClickToRun%5CREGISTRY%5CMACHINE%5CSoftware%5CMicrosoft%5CWindows%5CCurrentVersion%5CInternet%20Settings%3C%2FSPAN%3E%3C%2FPRE%3E%3CP%3E%3CSPAN%3EI%20don't%20know%20how%20to%20best%20report%20this%20to%20Microsoft.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3444021%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EDeveloper%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3449006%22%20slang%3D%22en-US%22%3ERe%3A%20Bug%3A%20Excel%20add-in%20using%20.NET%20leaks%20some%20registry%20handles%20due%20to%20ClickToRun%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3449006%22%20slang%3D%22en-US%22%3EYou%20could%20report%20this%20from%20within%20Excel%20using%20Help%2C%20Feedback%2C%20I%20don't%20like%20something.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3480658%22%20slang%3D%22en-US%22%3ERe%3A%20Bug%3A%20Excel%20add-in%20using%20.NET%20leaks%20some%20registry%20handles%20due%20to%20ClickToRun%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3480658%22%20slang%3D%22en-US%22%3EIt%20is%20already%20reported%20using%20the%20feedback%20function%20in%20Excel.%3C%2FLINGO-BODY%3E
New Contributor

I am not sure what is the best way to report this issue. It is low level technical. If someone knows of a better way to report this to Microsoft, please let me know.

 

We have written av Excel add-in that uses .NET Framework (4.8).

It polls our our backend for updates every now and then.

We have noticed that there is a leak of open handles to the registry and that it grows over time.

This does not always happen and it took some effort to understand where this leak comes from.

 

It turned out that this only happens if Excel is installed via ClickToRun and it is related to registry virtualization.

This is what we have found:

  • As a part of setting up the HTTP communication, .NET will attempt to use a proxy server. It looks for registry settings to see if any proxy server is configured.
  • Regardless if a proxy server is configured or not, .NET starts to monitor a registry key mentioned using RegNotifyChangeKeyValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  • ClickToRun virtulizes this part of the registry and it is redirected to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  • This virtualization does not work well with how .NET uses RegNotifyChangeKeyValue to listen for changes. Each time the session is set up a handle to the registry will be leaked.
  • There is no leak if Excel is not installed via ClickToRun or if virtualization for the mentioned registry key is turned off by adding this path to PassThroughPaths   in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\AppV\Subsystem\VirtualRegistry

This is cleary a bug/incompatibility in ClickToRun when using .NET Framework.

 

What you see as leaked handles in ProcessMonitor are a lot of handles to 

\REGISTRY\MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings

I don't know how to best report this to Microsoft.

2 Replies
You could report this from within Excel using Help, Feedback, I don't like something.
It is already reported using the feedback function in Excel.