Created
November 30, 2021 22:57
-
-
Save MarioHewardt/82c81e8ff9a993b763abe95e96419dd5 to your computer and use it in GitHub Desktop.
Handle leak tracking in WinDbg Preview
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| • Launch WinDbg Preview as an Administrator | |
| • File->Attach to Process | |
| • Check ‘Show processes from all users’ | |
| • Select <process to attach to> | |
| • Click ‘Attach’ | |
| Once the debugger has attached: | |
| • Enter: .symfix | |
| • Enter: .reload | |
| • Enter: !htrace -enable | |
| • Enter: g | |
| • Wait until the handle leak manifests itself. Let it leak quite heavily before proceeding | |
| • Break into the debugger by clicking ‘Break’ icon | |
| • Enter: .logopen <path to a logfile> | |
| • Enter: !htrace -diff | |
| • Enter: .logclose | |
| • Enter: qd | |
| The <path to logfile> now contains all handles that have been opened but not closed since the first snapshot was taken in (11). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment