TalkBackVideo Understanding handle leaks and How to use !htrace to find them
Written by Jeff Dailey
Hello, my name is Jeff Dailey, I’m an Escalation Engineer for the Global Escalation Services Platforms team. I’d like to show you how to debug and find leaking handles within your application or other process. We can do this with the !htrace command in windbg . Windbg is the Microsoft Windows Debugger most of us use in GES/CPR for debugging.
Handles are a value we use in user mode, that when passed to a call that transitions to kernel, are used as an offset in your handle table to reference kernel mode objects. Kernel mode objects are generally allocated from pool. If you are having pool consumption problems and seeing errors like 2020 or 2019’s reported there is a good chance you may have a handle leak associated with them. This is generally due to not doing a CloseHandle() on the handle when you have finished using it.
You can vide the channel9 "how to debug handle leaks" video here
The following is the sample source for a handle leak that we will be debugging in our demo video.
// leakyhandles.cpp : Defines the entry point for the console application.
int main(int argc, char* argv)
hEvent = CreateEvent(NULL,TRUE,TRUE,NULL);
hEvent2 = CreateEvent(NULL,TRUE,TRUE,NULL);
Escalation Engineer (Platforms core team)