Windows 8 DLL File Information - verifier.dll |
The following DLL report was generated by automatic DLL script that scanned and loaded all DLL files in the system32 directory of Windows 8, extracted the information from them, and then saved it into HTML reports. If you want to view a report of another DLL, go to the main page of this Web site.
General Information
File Description: | Standard application verifier provider dll |
File Version: | 6.2.9200.16384 (win8_rtm.120725-1247) |
Company: | Microsoft Corporation |
Product Name: | Microsoft® Windows® Operating System |
DLL popularity | Very Low - There is no any other DLL in system32 directory that is statically linked to this file. |
File Size: | 360 KB |
Total Number of Exported Functions: | 25 |
Total Number of Exported Functions With Names: | 25 |
Section Headers
Name | Virtual Address | Raw Data Size | % of File | Characteristics | Section Contains... |
---|---|---|---|---|---|
.text | 0x00001000 | 145,408 Bytes | 39.4% | Read, Execute | Code |
.data | 0x00025000 | 75,264 Bytes | 20.4% | Write, Read | Initialized Data |
.idata | 0x00043000 | 4,608 Bytes | 1.3% | Read | Initialized Data |
.rsrc | 0x00045000 | 132,096 Bytes | 35.8% | Read | Initialized Data |
.reloc | 0x00066000 | 10,240 Bytes | 2.8% | Read, Discardable | Initialized Data |
Static Linking
verifier.dll is statically linked to the following files:ntdll.dll
This means that when verifier.dll is loaded, the above files are automatically loaded too. If one of these files is corrupted or missing, verifier.dll won't be loaded.
General Resources Information
Resource Type | Number of Items | Total Size | % of File |
---|---|---|---|
Icons | 0 | 0 Bytes | 0.0% |
Animated Icons | 0 | 0 Bytes | 0.0% |
Cursors | 0 | 0 Bytes | 0.0% |
Animated Cursors | 0 | 0 Bytes | 0.0% |
Bitmaps | 0 | 0 Bytes | 0.0% |
AVI Files | 0 | 0 Bytes | 0.0% |
Dialog-Boxes | 0 | 0 Bytes | 0.0% |
HTML Related Files | 0 | 0 Bytes | 0.0% |
Menus | 0 | 0 Bytes | 0.0% |
Strings | 689 | 126,792 Bytes | 34.4% |
Type Libraries | 0 | 0 Bytes | 0.0% |
Manifest | 0 | 0 Bytes | 0.0% |
All Others | 1 | 964 Bytes | 0.3% |
Total | 690 | 127,756 Bytes | 34.7% |
Icons in this file
No icons found in this file
Cursors in this file
No cursors found in this file
Dialog-boxes list (up to 200 dialogs)
No dialog resources in this file.
String resources in this dll (up to 200 strings)
String ID | String Text |
---|---|
60 | AVRF: Terminate process after verifier stop failed with %X |
61 | This verifier stop is not continuable. Process will be terminated when you use the `go' debugger command. |
62 | This verifier stop is continuable. After debugging it use `go' to continue. |
63 | AVRF: Formatting message failed in VerifierStopMessageEx |
64 | AVRF: Noncontinuable verifier stop %p encountered. Terminating process ... |
65 | ======================================= VERIFIER STOP %p: pid 0x%X: %S %p : %S %p : %S %p : %S %p : %S %S ======================================= %S ======================================= |
66 | ======================================= VERIFIER STOP %p: pid 0x%X: %s %p : %s %p : %s %p : %s %p : %s %s ======================================= %s ======================================= |
100 | Full |
101 | Dlls |
102 | Size |
103 | SizeStart |
104 | SizeEnd |
105 | RandRate |
106 | Backward |
107 | Unalign |
108 | Traces |
109 | Protect |
110 | NoSync |
111 | NoLock |
112 | Faults |
113 | FaultRate |
114 | TimeOut |
115 | Addr |
116 | AddrStart |
117 | AddrEnd |
118 | Random |
200 | TRUE for full page heap. FALSE for normal page heap. |
201 | Page heap allocations for target dlls only. Name of the binaries with extension (.dll or something else). |
202 | Page heap allocations for size range. |
203 | Beginning of the size range. |
204 | Ending of the size range. |
205 | Decimal integer in range [0..100] representing probability to make page heap allocation vs. a normal heap allocation. |
206 | Catch backwards overruns. |
207 | No alignment for allocations. |
208 | Collect stack traces |
209 | Protect heap internal structures. Can be used to detect random corruptions but execution is slower. |
210 | Check for unsynchronized access. Do not use this flag for an MPheap process. |
211 | Disable critical section verifier. |
212 | Fault injection |
213 | Probability (1..10000) for heap calls failures |
214 | Time during process initialization (in milliseconds) when faults are not allowed. |
215 | Page heap allocations for address range |
216 | Beginning of the address range |
217 | Ending of the address range |
218 | Page heap allocations with probability. |
300 | Failed within the address range where the specified dlls are loaded. |
301 | Doesn't fail within those dlls. |
302 | Grace period as Milliseconds. |
303 | Wait API. |
304 | Heap allocation. |
305 | Virtual memory allocation. |
306 | Registry API. |
307 | File API. |
308 | Event Manipulation. |
309 | Map View. |
310 | Ole API. |
311 | Disable automatic stack expansion. |
350 | DllMainCheck |
351 | Check LoadLibrary/FreeLibrary calling when DllMain is active |
360 | Traces |
361 | Maximum number of traces in the handle history buffer. |
370 | Delay |
371 | Delay until rollover in (seconds). |
380 | AsyncCheck |
381 | Check asynchronous calls that require a persistent thread |
390 | ExecWritePage |
391 | Checking the usage of executable and writable memory |
392 | FillReadBuffer |
393 | Fills I/O buffer with a pattern before initiating the I/O, to catch bugs around uninitialized buffers |
394 | ForcePendingIO |
395 | Probability in parts per million for forcing STATUS_PENDING in place of STATUS_SUCCESS |
396 | ExcludeDlls |
397 | Excludes these dlls (comma separated) from leak detection. Max size is 255 characters |
400 | Checks for errors in lock usage. This might cause access violations when errors are located. A debugger is required to see the test results. |
401 | Checks that applications and components use RPC correctly. Common mistakes and problems while using RPC are flagged. A debugger is required to see the test results. |
402 | Checks that applications and components use COM correctly. Common mistakes and problems while using COM are flagged. A debugger is required to see the test results. |
403 | Checks that applications and components use TLS (Thread Local Storage) APIs correctly. Common mistakes and problems while using TLS APIs are flagged. A debugger is required to see the test results. |
404 | Helps catch uninitialized variables |
405 | Detects first chance access violation exceptions. A debugger is required to see the test results. |
406 | Checks for handle errors. This might cause access violations when errors are located. A debugger is required to see the test results. |
407 | Checks the heap errors. A debugger is required to see the test results. |
408 | Checks for adequate stack size by stopping stack growth. This causes a stack overflow error if the original stack size is too small. You can prevent this from happening by increasing the stack commit size. |
409 | Checks usage of virtual memory APIs. A debugger is required to see the test results. |
410 | Checks usage of dangerous API usage. |
411 | Forces the GetTickCount API to roll over faster than they normally would. This allows applications to test their handling of timer rollover more easily. |
412 | Checks for dirty threadpool thread and other threadpool related issues. |
413 | Low Resource Simulation also known as Fault Injection, tries to simulate an environment under low resources, such as out of memory. |
414 | Checks issues related to I/O transfers. |
415 | Checks that when a dll is unloaded there are no outstanding resources allocated by it. |
416 | Checks for errors in SRW locks usage. Invalid SRW lock usage can result in application crashes or hangs. A debugger is required to see the test results. |
3000 | Dangerous call to TerminateThread. |
3001 | Thread ID for the caller of Terminatethread. |
3002 | Not used. |
3003 | Not used. |
3004 | Not used. |
3006 | This stop is generated if a thread (thread ID is parameter1) is terminated explicitly using TerminateThread.This function is very dangerous because it introduces data corruption and deadlocks (as per MSDN). |
3010 | Potential stack overflow in low memory conditions. |
3011 | Not used. |
3012 | Not used. |
3013 | Not used. |
3014 | Not used. |
3016 | This stop is generated if the initial stack commit size of a thread is such that a stack overflow can be raised in low memory conditions if stack cannot be extended. |
3020 | ExitProcess called while multiple threads still running. |
3021 | Number of threads running. |
3022 | Not used. |
3023 | Not used. |
3024 | Not used. |
3026 | This stop is generated if a thread calls ExitProcess while there are several threads running. In such a case, internally TerminateThread will be called for each thread and this can create deadlocks or data corruptions. |
3030 | LoadLibrary is called during DllMain. |
3031 | Dll Name (use du to dump). |
3032 | Dll base address. |
3033 | Not used. |
3034 | Not used. |
3036 | This stop is generated if the code inside DllMain calls LoadLibrary or FreeLibary. It's the behavior forbidden by MSDN. |
3040 | FreeLibrary is called during DllMain. |
3041 | Dll Name (use du to dump). |
3042 | Dll base address. |
3043 | Not used. |
3044 | Not used. |
3046 | This stop is generated if the code inside DllMain calls LoadLibrary or FreeLibary. It's the behavior forbidden by MSDN. |
3050 | SetProcessWorkingSetSize is called with MinimumWorkingSetSize = 0xFFFFFFFF. |
3051 | Not used. |
3052 | Not used. |
3053 | Not used. |
3054 | Not used. |
3056 | Please use MinimumWorkingSetSize = (SIZE_T) -1. |
3060 | SetProcessWorkingSetSize is called with MaximumWorkingSetSize = 0xFFFFFFFF. |
3061 | Not used. |
3062 | Not used. |
3063 | Not used. |
3064 | Not used. |
3066 | Please use MaximumWorkingSetSize = (SIZE_T) -1. |
3070 | SetProcessWorkingSetSizeEx is called with MinimumWorkingSetSize = 0xFFFFFFFF. |
3071 | Not used. |
3072 | Not used. |
3073 | Not used. |
3074 | Not used. |
3076 | Please use MinimumWorkingSetSize = (SIZE_T) -1. |
3080 | SetProcessWorkingSetSizeEx is called with MaximumWorkingSetSize = 0xFFFFFFFF. |
3081 | Not used. |
3082 | Not used. |
3083 | Not used. |
3084 | Not used. |
3086 | Please use MaximumWorkingSetSize = (SIZE_T) -1. |
4000 | Thread cannot own a critical section. |
4001 | Thread ID. |
4002 | Critical section address. |
4003 | Critical section debug information address. |
4004 | Critical section initialization stack trace. |
4006 | This stop is generated if a thread (thread ID is parameter1) is terminated, suspended or is in a state (worker thread finished a work item) in which it cannot hold a critical section. The current thread is the culprit. To debug this stop use the following debugger commands: $ kb - to get the current stack trace. If the current thread is the owner of the critical section it is probably calling ExitThread. The current thread should have released the critical section before exiting. If the current thread is calling TerminateThread or SuspendThread then it should not do this for a thread holding a critical section. $ !cs -s parameter2 - dump information about this critical section. $ ln parameter2 - to show symbols near the address of the critical section. This should help identify the leaked critical section. $ dps parameter4 - to dump the stack trace for this critical section initialization. |
4010 | Unloading DLL containing an active critical section. |
4011 | Critical section address. |
4012 | Critical section initialization stack trace. |
4013 | DLL name address. |
4014 | DLL base address. |
4016 | This stop is generated if a DLL has a global variable containing a critical section and the DLL is unloaded but the critical section has not been deleted. To debug this stop use the following debugger commands: $ du parameter3 - to dump the name of the culprit DLL. $ .reload dllname or .reload dllname = parameter4 - to reload the symbols for that DLL. $ !cs -s parameter1 - dump information about this critical section. $ ln parameter1 - to show symbols near the address of the critical section. This should help identify the leaked critical section. $ dps parameter2 - to dump the stack trace for this critical section initialization. |
4020 | Freeing heap block containing an active critical section. |
4021 | Critical section address. |
4022 | Critical section initialization stack trace. |
4023 | Heap block address. |
4024 | Heap block size. |
4026 | This stop is generated if a heap allocation contains a critical section, the allocation is freed and the critical section has not been deleted. To debug this stop use the following debugger commands: $ !cs -s parameter1 - dump information about this critical section. $ ln parameter1 - to show symbols near the address of the critical section. This should help identify the leaked critical section. $ dps parameter2 - to dump the stack trace for this critical section initialization. $ parameter3 and parameter4 might help understand where this heap block was allocated (the size of the allocation is probably significant). |
4030 | Double initialized or corrupted critical section. |
4031 | Critical section address. |
4032 | Address of the debug information structure found in the active list. |
4033 | First initialization stack trace. |
4034 | Second initialization stack trace. |
4036 | Usually this stop is generated if a critical section has been initialized more than one time. In this case parameter3 and parameter4 are the stack trace addresses for two of these initializations. Some other times it is possible to get this stop if the critical section or its debug information structure has been corrupted. In this second case it is possible that parameter3 and parameter4 are invalid and useless. To debug this stop: $ !cs -s -d parameter2 - dump information about this critical section. $ ln parameter1 - to show symbols near the address of the critical section. This might help identify the critical section if this is a global variable. $ dps parameter3 and dps parameter4 - to identify the two code paths for initializing this critical section. |
4040 | Free memory containing an active critical section. |
4041 | Critical section address. |
4042 | Critical section debug information address. |
4043 | Critical section initialization stack trace. |
4044 | Not used. |
4046 | This stop is generated if the memory containing a critical section was freed but the critical section has not been deleted using DeleteCriticalSection. To debug this stop use the following debugger commands: $ !cs -s -d parameter2 - dump information about this critical section. $ dps parameter3 - to identify the code path for initializing this critical section. In most cases the lock verifier detects immediately leaked critical sections contained in a heap allocation, a DLL range, a virtual memory allocation or a MapViewOfFile mapped memory range and issues different stops in these cases. So there are very few cases left for this verifier stop. The lock must be in a memory range freed by kernel-mode code or freed cross-process by APIs like VirtualFreeEx. Most typically this stop will be encountered if a previous stop (e.g. LOCK_IN_FREED_HEAP or LOCK_IN_UNLOADED_DLL) was continued by hitting `g' in the debugger console. |
4050 | Corrupted critical section. |
4051 | Critical section address. |
4052 | Invalid debug information address of this critical section. |
4053 | Address of the debug information found in the active list. |
4054 | Initialization stack trace. |
4056 | This stop is generated if the DebugInfo field of the critical section is pointing freed memory. Usually another valid DebugInfo structure is found in the active critical section list. Without corruption the two pointers should be identical. To debug this stop use the following debugger commands: $ !cs -s -d parameter3 - dump information about this critical section based on the current contents of the debug info structure found in the active list (this structure is rarely corrupted so usually this information is trustworthy). $ !cs -s parameter1 - dump information about this critical section based on the current contents of the critical section structure (the structure is corrupted already so sometimes this information is NOT trustworthy). $ dps parameter4 - to identify the code path for initializing this critical section. Dump the critical section at address parameter1 and look for the corruption pattern. With good symbols for ntdll.dl you can use the following commands: $ dt ntdll!_RTL_CRITICAL_SECTION LOCK_ADDRESS $ dt ntdll!_RTL_CRITICAL_SECTION_DEBUG DEBUG_ADDRESS |
4060 | Invalid critical section owner thread. |
4061 | Critical section address. |
4062 | Owning thread. |
4063 | Expected owning thread. |
4064 | Critical section debug info address. |
4066 | This stop is generated if the owner thread ID is invalid in the current context. To debug this stop: $ !cs -s parameter1 - dump information about this critical section. $ ln parameter1 - to show symbols near the address of the critical section. This should help identify the critical section. |
4070 | Invalid critical section recursion count. |
4071 | Critical section address. |
4072 | Recursion count. |
4073 | Expected recursion count. |
4074 | Critical section debug info address. |
4076 | This stop is generated if the recursion count field of the critical section structure is invalid in the current context. To debug this stop: $ !cs -s parameter1 - dump information about this critical section. $ ln parameter1 - to show symbols near the address of the critical section. This should help identify the critical section. |
4080 | Deleting critical section with invalid lock count. |
4081 | Critical section address. |
4082 | Lock count. |
4083 | Expected lock count. |
4084 | Owning thread. |
4086 | This stop is generated if a critical section is owned by a thread if it is deleted or if the critical section is uninitialized. To debug this stop: $ !cs -s parameter1 - dump information about this critical section. If the owning thread is 0 the critical section has not been initialized. $ ln parameter1 - to show symbols near the address of the critical section. This should help identify the critical section. |
4090 | Critical section over-released or corrupted. |
4091 | Critical section address. |
COM Classes/Interfaces
There is no type library in this file with COM classes/interfaces information
Exported Functions List
The following functions are exported by this dll:AVrfAPILookupCallback | VerifierAddFreeMemoryCallback |
VerifierCheckPageHeapAllocation | VerifierCreateRpcPageHeap |
VerifierDeleteFreeMemoryCallback | VerifierDestroyRpcPageHeap |
VerifierDisableFaultInjectionExclusionRange | VerifierDisableFaultInjectionTargetRange |
VerifierEnableFaultInjectionExclusionRange | VerifierEnableFaultInjectionTargetRange |
VerifierEnumerateResource | VerifierForceNormalHeap |
VerifierGetInfoForException | VerifierGetMemoryForDump |
VerifierGetPropertyValueByName | VerifierGetProviderHelper |
VerifierIsAddressInAnyPageHeap | VerifierIsCurrentThreadHoldingLocks |
VerifierIsDllEntryActive | VerifierIsPerUserSettingsEnabled |
VerifierQueryRuntimeFlags | VerifierSetFaultInjectionProbability |
VerifierSetFlags | VerifierSetRuntimeFlags |
VerifierStopMessage |
Imported Functions List
The following functions are imported by this dll:- ntdll.dll:
DbgPrint DbgPrintEx LdrAccessResource LdrFindEntryForAddress LdrFindResource_U LdrGetDllHandle LdrGetProcedureAddress LdrLoadDll LdrLockLoaderLock LdrQueryImageFileExecutionOptions LdrQueryImageFileKeyOption LdrQueryProcessModuleInformation LdrUnloadDll LdrUnlockLoaderLock NtAllocateVirtualMemory NtClearEvent NtClose NtCreateEvent NtCreateKey NtCreateSection NtDelayExecution NtFreeVirtualMemory NtGetContextThread NtMapViewOfSection NtOpenEvent NtOpenKey NtOpenSection NtOpenThread NtProtectVirtualMemory NtQueryEvent NtQueryInformationProcess NtQueryInformationThread NtQueryObject NtQueryPerformanceCounter NtQuerySystemInformation NtQuerySystemTime NtQueryVirtualMemory NtReadVirtualMemory NtResumeThread NtSetEvent NtSuspendThread NtTerminateProcess NtUnmapViewOfSection NtWaitForMultipleObjects NtWaitForSingleObject NtWriteVirtualMemory RtlAcquirePebLock RtlAcquireResourceExclusive RtlAcquireResourceShared RtlAcquireSRWLockExclusive RtlAcquireSRWLockShared RtlAddVectoredExceptionHandler RtlAllocateHeap RtlCaptureStackBackTrace RtlCheckForOrphanedCriticalSections RtlCompareUnicodeString RtlConvertExclusiveToShared RtlConvertSharedToExclusive RtlCreateHeap RtlDecodePointer RtlDelete RtlDeleteCriticalSection RtlDeleteElementGenericTableAvl RtlDeleteResource RtlDeregisterWait RtlDeregisterWaitEx RtlDestroyHeap RtlDllShutdownInProgress RtlEncodePointer RtlEnterCriticalSection RtlEnumerateGenericTableAvl RtlEnumerateGenericTableWithoutSplayingAvl RtlEqualUnicodeString RtlFindClearBitsAndSet RtlFlushSecureMemoryCache RtlFreeAnsiString RtlFreeAnsiString RtlFreeHeap RtlGetUserInfoHeap RtlImageNtHeader RtlInitAnsiString RtlInitUnicodeString RtlInitializeConditionVariable RtlInitializeCriticalSection RtlInitializeCriticalSectionAndSpinCount RtlInitializeCriticalSectionEx RtlInitializeGenericTableAvl RtlInitializeResource RtlInitializeSListHead RtlInsertElementGenericTableAvl RtlInterlockedPopEntrySList RtlInterlockedPushEntrySList RtlLeaveCriticalSection RtlLockHeap RtlLookupElementGenericTableAvl RtlNtStatusToDosError RtlQueryDepthSList RtlRaiseException RtlRaiseStatus RtlRandom RtlRegisterWait RtlReleasePebLock RtlReleaseResource RtlReleaseSRWLockExclusive RtlReleaseSRWLockShared RtlRemoveVectoredExceptionHandler RtlSetEnvironmentVariable RtlSetHeapInformation RtlSetThreadPoolStartFunc RtlSetUserFlagsHeap RtlSetUserValueHeap RtlSizeHeap RtlSplay RtlTryEnterCriticalSection RtlUnhandledExceptionFilter RtlUnicodeStringToAnsiString RtlUnlockHeap RtlUnwind RtlUpcaseUnicodeChar RtlValidateHeap RtlWalkFrameChain RtlpWaitForCriticalSection _alloca_probe _strcmpi _vsnprintf _vsnwprintf _wcsicmp _wcsnicmp iswspace memcpy memmove memset sscanf wcsstr