Handle Leak Analysis via WinDbg

22-12-2014

The idea is to take two snapshots and compare them to find out the code where handle was allocated during the period.

Prerequisite

• We have the symbol file (usually PDB) of the application and modules.
• The handle leaking is reproducible, you know how to trigger the leaking, but don’t know exactly the reason or the code where causes the bug.

Steps

Enable Handle Trace

Break the application in WinDbg (Use Ctrl+Break) and then enable the handle trace using the following command.

!htrace -enable
g


Take a Snapshot of the Current Handles

Break the application again and take a snapshot using the following command

!htrace -snapshot
g


Trigger the Leaking

Run the operation which caused the handle leaking problem.

Monitor the application in TaskMgr, and find the number of handles is increasing.

Compare the Snapshots

Now, break the application again and use -diff to compare the current value with the snapshot we took before and WinDbg will show the code where handles were allocated.

!htrace -diff