Quantcast
Channel: Windows Performance Toolkit forum
Viewing all articles
Browse latest Browse all 1161

VDS Handle Leak - Windows Server 2008 R2

July 11, 2016, 10:09 am
$
0
0

one of the windows 2008 r2 server is experiencing Handle Leak issue on VDS.exe process. I have followed the below troubleshooting from Jeff_dailey and was able to identify the open handles.

https://channel9.msdn.com/Blogs/jeff_dailey/Understanding-handle-leaks-and-how-to-use-htrace-to-find-them 

However unable to identify what is causing the Events to be opened and not close them, eventually adding up to the virtual memory and increasing number of handles. Below is the result from Windbg.

Outstanding handles opened since the previous snapshot:
--------------------------------------
Handle = 0x0000000000007228 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717c5ba: ntdll!NtCreateThreadEx+0x000000000000000a
0x000007fefd0eae13: KERNELBASE!CreateRemoteThreadEx+0x0000000000000163
0x000007fefd122333: KERNELBASE!CreateThread+0x0000000000000033
0x000007fef60b49f4: verifier!AVrfpCreateThread+0x00000000000000b0
0x00000000ffb9f72b: vds!CVdsCallbackObject::Advise+0x000000000000040b
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
--------------------------------------
Handle = 0x0000000000007104 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x00000000ffb9f5ce: vds!CVdsCallbackObject::Advise+0x00000000000002ae
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
0x000007fefe9411c3: ole32!StubInvoke+0x00000000000000db
0x000007fefe7f9d70: ole32!CCtxComChnl::ContextInvoke+0x0000000000000190
0x000007fefe9413a6: ole32!AppInvoke+0x00000000000000c2
--------------------------------------
Handle = 0x000000000000701c - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x00000000ffb9f578: vds!CVdsCallbackObject::Advise+0x0000000000000258
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
0x000007fefe9411c3: ole32!StubInvoke+0x00000000000000db
0x000007fefe7f9d70: ole32!CCtxComChnl::ContextInvoke+0x0000000000000190
0x000007fefe9413a6: ole32!AppInvoke+0x00000000000000c2
--------------------------------------
Handle = 0x0000000000007190 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717c5ba: ntdll!NtCreateThreadEx+0x000000000000000a
0x000007fefd0eae13: KERNELBASE!CreateRemoteThreadEx+0x0000000000000163
0x000007fefd122333: KERNELBASE!CreateThread+0x0000000000000033
0x000007fef60b49f4: verifier!AVrfpCreateThread+0x00000000000000b0
0x00000000ffb9f72b: vds!CVdsCallbackObject::Advise+0x000000000000040b
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
--------------------------------------
Handle = 0x0000000000007120 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x00000000ffb9f5ce: vds!CVdsCallbackObject::Advise+0x00000000000002ae
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
0x000007fefe9411c3: ole32!StubInvoke+0x00000000000000db
0x000007fefe7f9d70: ole32!CCtxComChnl::ContextInvoke+0x0000000000000190
0x000007fefe9413a6: ole32!AppInvoke+0x00000000000000c2
--------------------------------------
Handle = 0x0000000000007100 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x00000000ffb9f578: vds!CVdsCallbackObject::Advise+0x0000000000000258
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
0x000007fefe9411c3: ole32!StubInvoke+0x00000000000000db
0x000007fefe7f9d70: ole32!CCtxComChnl::ContextInvoke+0x0000000000000190
0x000007fefe9413a6: ole32!AppInvoke+0x00000000000000c2
--------------------------------------
Handle = 0x0000000000007348 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717c5ba: ntdll!NtCreateThreadEx+0x000000000000000a
0x000007fefd0eae13: KERNELBASE!CreateRemoteThreadEx+0x0000000000000163
0x000007fefd122333: KERNELBASE!CreateThread+0x0000000000000033
0x000007fef60b49f4: verifier!AVrfpCreateThread+0x00000000000000b0
0x00000000ffb9f72b: vds!CVdsCallbackObject::Advise+0x000000000000040b
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
--------------------------------------
Handle = 0x00000000000070b4 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x00000000ffb9f5ce: vds!CVdsCallbackObject::Advise+0x00000000000002ae
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
0x000007fefe9411c3: ole32!StubInvoke+0x00000000000000db
0x000007fefe7f9d70: ole32!CCtxComChnl::ContextInvoke+0x0000000000000190
0x000007fefe9413a6: ole32!AppInvoke+0x00000000000000c2
--------------------------------------
Handle = 0x00000000000070f8 - OPEN
Thread ID = 0x0000000000006f10, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x00000000ffb9f578: vds!CVdsCallbackObject::Advise+0x0000000000000258
0x00000000ffb73771: vds!CVdsService::Advise+0x0000000000000059
0x000007feff1de9d5: RPCRT4!Invoke+0x0000000000000065
0x000007feff28b54e: RPCRT4!Ndr64StubWorker+0x000000000000061b
0x000007feff1e0e76: RPCRT4!NdrStubCall3+0x00000000000000b5
0x000007fefe940857: ole32!CStdStubBuffer_Invoke+0x000000000000005b
0x000007fefe94124d: ole32!SyncStubInvoke+0x000000000000005d
0x000007fefe9411c3: ole32!StubInvoke+0x00000000000000db
0x000007fefe7f9d70: ole32!CCtxComChnl::ContextInvoke+0x0000000000000190
0x000007fefe9413a6: ole32!AppInvoke+0x00000000000000c2
--------------------------------------
Handle = 0x0000000000007108 - OPEN
Thread ID = 0x000000000000946c, Process ID = 0x0000000000003684

0x000000007717befa: ntdll!ZwDuplicateObject+0x000000000000000a
0x000007fef60b4143: verifier!AVrfpNtDuplicateObject+0x000000000000006b
0x000007fefd0e2d95: KERNELBASE!DuplicateHandle+0x0000000000000035
0x0000000076f252fb: kernel32!DuplicateHandleImplementation+0x000000000000015b
0x000007feff1fc2b7: RPCRT4!THREAD::THREAD+0x00000000000000a7
0x000007feff1fc1ec: RPCRT4!ThreadSelfHelper+0x0000000000000028
0x000007feff1f0b37: RPCRT4!LrpcIoComplete+0x0000000000000121
0x000000007719290a: ntdll!TppAlpcpExecuteCallback+0x00000000000002cd
0x0000000077149d85: ntdll!TppWorkerThread+0x0000000000000554
0x0000000076f259bd: kernel32!BaseThreadInitThunk+0x000000000000000d
0x000000007715a2e1: ntdll!RtlUserThreadStart+0x000000000000001d
--------------------------------------
Handle = 0x0000000000007110 - OPEN
Thread ID = 0x000000000000946c, Process ID = 0x0000000000003684

0x000000007717bfba: ntdll!NtCreateEvent+0x000000000000000a
0x000007fef60b20bb: verifier!AVrfpNtCreateEvent+0x000000000000008b
0x000007fefd0e2d15: KERNELBASE!CreateEventExW+0x0000000000000061
0x000007fef60b2281: verifier!AVrfpCreateEventW+0x00000000000000a1
0x000007feff1fc195: RPCRT4!EVENT::EVENT+0x0000000000000035
0x000007feff1fc23a: RPCRT4!THREAD::THREAD+0x000000000000002a
0x000007feff1fc1ec: RPCRT4!ThreadSelfHelper+0x0000000000000028
0x000007feff1f0b37: RPCRT4!LrpcIoComplete+0x0000000000000121
0x000000007719290a: ntdll!TppAlpcpExecuteCallback+0x00000000000002cd
0x0000000077149d85: ntdll!TppWorkerThread+0x0000000000000554
0x0000000076f259bd: kernel32!BaseThreadInitThunk+0x000000000000000d
0x000000007715a2e1: ntdll!RtlUserThreadStart+0x000000000000001d
--------------------------------------
Displayed 0xb stack traces for outstanding handles opened since the previous snapshot.
0:2291> lsa KERNELBASE!DuplicateHandle+0x0000000000000035
0:2291> lsa vds!CVdsCallbackObject::Advise+0x000000000000040b

how can this be fixed, do i need to get a hotfix from Microsoft ?

Regards,

Satbir Bajwa

Search
Viewing all articles
Browse latest Browse all 1161

Trending Articles

High police presence reported in Broadfield including helicopter

October 17, 2014, 8:31 am

Police helicopter searches for Crawley suspect who made off from...

January 10, 2014, 7:55 am

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

Black Angus Grilled Artichokes

July 16, 2016, 4:37 pm

Problemas al unir un nodo al cluster entre sitios? Problema Resuelto!!

January 2, 2017, 11:28 am

Mahanoy Area board sets new graduation date

May 3, 2017, 9:00 pm

[SG News]Lady Who Shot Sexy Photos Of Herself At HDB Flats Is Exposed As Natalie

August 28, 2018, 5:53 am

1981-Depeche Mode - Speak & Spell multichannel WAV RE UP

April 25, 2015, 1:22 pm

Inception 2010 Hindi Dual Audio 650MB BRRip 720p ESubs HEVC

December 27, 2016, 4:23 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Who died from the T.V. Show pawn stars ?? #pawnstars

September 5, 2011, 2:31 pm

Who Is Sisanda Jonas? | Biography| Profile| History Of South African Media...

June 22, 2017, 7:22 pm

How to delete a request from a database table in a debug mode

June 30, 2013, 6:30 am

Mp3 Download: Mmatema Moremi - Ke Lerato

December 6, 2017, 6:52 am

Kundi Mat Khadkao Raja Lyrics Translation | Gabbar is Back

April 27, 2015, 11:03 am

LINKIN PARK – From Zero [iTunes Plus M4A]

November 14, 2024, 1:23 pm

Scunthorpe teen jailed for raping woman as she slept & taking...

October 12, 2014, 11:00 pm

Issues installing KB2533623 on Windows Server 2008 R2 SP1 64-Bit

January 26, 2013, 7:35 am

[GET] Ayesha Santos – Powerhouse Portfolio ($359.00)

May 17, 2025, 12:45 am

Daru and Sharab Status for Sharabi Friends in Hindi, Punjabi

March 17, 2020, 5:00 am
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>