Enumerating GDI Handles in (own) process. [modified]
-
Modification: I didn't mention that I'm working under W7! Morning all! I have a GDI leak in a program that I'm trying to track down. I've found various programs (GDIView, MemoryValidator, DPus, Deleaker), and none of them do what I want (though they have been useful to narrow the issue down). What I want to do, is to be able to get a list of all the GDI handles that exist in my process - then I can make a before / after comparison to see which ones should be around, and which not. The nearest functions I can find are
GetObject, andGetObjectType- but to use those I have to loop around 4 billion times, and I get a lot of false positives - not to mention, it takes a LONG time to do 4 billion calls in an out of kernel mode. There's alsoGetGuiResources, but that just gives a total. Where's myEnumGuiResourcesExfunction!? Any hints? I've had a look at DbgHelp.dll too, and it does not seem useful in this case. Here's hoping y'all can say "Oh, just look at the frobble sdk - it's perfect!" Iain.I have now moved to Sweden for love (awwww).
modified on Tuesday, May 25, 2010 7:46 AM
-
Modification: I didn't mention that I'm working under W7! Morning all! I have a GDI leak in a program that I'm trying to track down. I've found various programs (GDIView, MemoryValidator, DPus, Deleaker), and none of them do what I want (though they have been useful to narrow the issue down). What I want to do, is to be able to get a list of all the GDI handles that exist in my process - then I can make a before / after comparison to see which ones should be around, and which not. The nearest functions I can find are
GetObject, andGetObjectType- but to use those I have to loop around 4 billion times, and I get a lot of false positives - not to mention, it takes a LONG time to do 4 billion calls in an out of kernel mode. There's alsoGetGuiResources, but that just gives a total. Where's myEnumGuiResourcesExfunction!? Any hints? I've had a look at DbgHelp.dll too, and it does not seem useful in this case. Here's hoping y'all can say "Oh, just look at the frobble sdk - it's perfect!" Iain.I have now moved to Sweden for love (awwww).
modified on Tuesday, May 25, 2010 7:46 AM
I don't know if you have already checked out this [^] (moreover I don't know if it might be helpful, as it is a bit outdated). :)
If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler. -- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong. -- Iain Clarke
[My articles] -
I don't know if you have already checked out this [^] (moreover I don't know if it might be helpful, as it is a bit outdated). :)
If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler. -- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong. -- Iain Clarke
[My articles]Yes, I had... But it's out of date now. I did miss out a vital fact that I'm working under Windows 7. Thanks for trying though! Iain.
I have now moved to Sweden for love (awwww).
-
Modification: I didn't mention that I'm working under W7! Morning all! I have a GDI leak in a program that I'm trying to track down. I've found various programs (GDIView, MemoryValidator, DPus, Deleaker), and none of them do what I want (though they have been useful to narrow the issue down). What I want to do, is to be able to get a list of all the GDI handles that exist in my process - then I can make a before / after comparison to see which ones should be around, and which not. The nearest functions I can find are
GetObject, andGetObjectType- but to use those I have to loop around 4 billion times, and I get a lot of false positives - not to mention, it takes a LONG time to do 4 billion calls in an out of kernel mode. There's alsoGetGuiResources, but that just gives a total. Where's myEnumGuiResourcesExfunction!? Any hints? I've had a look at DbgHelp.dll too, and it does not seem useful in this case. Here's hoping y'all can say "Oh, just look at the frobble sdk - it's perfect!" Iain.I have now moved to Sweden for love (awwww).
modified on Tuesday, May 25, 2010 7:46 AM
This might be completely useless, but Sysinternals do a utility called, IIRC, Handle. I think you can run it against a single process. Probably shows way too much, but filtering the output sounds a lot less painful than 2^32. You might need to cobble up some way of suspending your process at appropriate before/afters. Good luck! Leaks are the original and best PITA.
Software rusts. Simon Stephenson, ca 1994.
-
This might be completely useless, but Sysinternals do a utility called, IIRC, Handle. I think you can run it against a single process. Probably shows way too much, but filtering the output sounds a lot less painful than 2^32. You might need to cobble up some way of suspending your process at appropriate before/afters. Good luck! Leaks are the original and best PITA.
Software rusts. Simon Stephenson, ca 1994.
I thought I looked at Handle - and on a further check, I had. Sadly, it's great for events, file handles, etc - but completely skips gdi handles. I checked out devenv.exe. I can't believe VS2008 doesn't have any bitmap objects open for it's toolbars... So, nul point, but keep trying! Iain. ps. I didn't think this would be hard either, but...
I have now moved to Sweden for love (awwww).
-
Modification: I didn't mention that I'm working under W7! Morning all! I have a GDI leak in a program that I'm trying to track down. I've found various programs (GDIView, MemoryValidator, DPus, Deleaker), and none of them do what I want (though they have been useful to narrow the issue down). What I want to do, is to be able to get a list of all the GDI handles that exist in my process - then I can make a before / after comparison to see which ones should be around, and which not. The nearest functions I can find are
GetObject, andGetObjectType- but to use those I have to loop around 4 billion times, and I get a lot of false positives - not to mention, it takes a LONG time to do 4 billion calls in an out of kernel mode. There's alsoGetGuiResources, but that just gives a total. Where's myEnumGuiResourcesExfunction!? Any hints? I've had a look at DbgHelp.dll too, and it does not seem useful in this case. Here's hoping y'all can say "Oh, just look at the frobble sdk - it's perfect!" Iain.I have now moved to Sweden for love (awwww).
modified on Tuesday, May 25, 2010 7:46 AM
There are probably shed loads of functions to hook, but could you hook the various Creates and Deletes for GDI objects and keep a count of what's using what that way? There was a time when everyone under the sun was writing API hooks so there are plenty of implementations out there for 32 bit code at least. Cheers, Ash
-
There are probably shed loads of functions to hook, but could you hook the various Creates and Deletes for GDI objects and keep a count of what's using what that way? There was a time when everyone under the sun was writing API hooks so there are plenty of implementations out there for 32 bit code at least. Cheers, Ash
I think this will end up being the way I go... This is for my day job, but maybe I'll end up with an article out of it! This looks like a good start: API Hooking with MS Detours[^] Thanks, Iain.
I have now moved to Sweden for love (awwww).
-
Modification: I didn't mention that I'm working under W7! Morning all! I have a GDI leak in a program that I'm trying to track down. I've found various programs (GDIView, MemoryValidator, DPus, Deleaker), and none of them do what I want (though they have been useful to narrow the issue down). What I want to do, is to be able to get a list of all the GDI handles that exist in my process - then I can make a before / after comparison to see which ones should be around, and which not. The nearest functions I can find are
GetObject, andGetObjectType- but to use those I have to loop around 4 billion times, and I get a lot of false positives - not to mention, it takes a LONG time to do 4 billion calls in an out of kernel mode. There's alsoGetGuiResources, but that just gives a total. Where's myEnumGuiResourcesExfunction!? Any hints? I've had a look at DbgHelp.dll too, and it does not seem useful in this case. Here's hoping y'all can say "Oh, just look at the frobble sdk - it's perfect!" Iain.I have now moved to Sweden for love (awwww).
modified on Tuesday, May 25, 2010 7:46 AM
-
sashoalm wrote:
oops, didn't refresh the page, now i saw you already had this answer, sorry
I've *never* done that.... erm... Thanks for the thought though! Iain.
I have now moved to Sweden for love (awwww).
-
Modification: I didn't mention that I'm working under W7! Morning all! I have a GDI leak in a program that I'm trying to track down. I've found various programs (GDIView, MemoryValidator, DPus, Deleaker), and none of them do what I want (though they have been useful to narrow the issue down). What I want to do, is to be able to get a list of all the GDI handles that exist in my process - then I can make a before / after comparison to see which ones should be around, and which not. The nearest functions I can find are
GetObject, andGetObjectType- but to use those I have to loop around 4 billion times, and I get a lot of false positives - not to mention, it takes a LONG time to do 4 billion calls in an out of kernel mode. There's alsoGetGuiResources, but that just gives a total. Where's myEnumGuiResourcesExfunction!? Any hints? I've had a look at DbgHelp.dll too, and it does not seem useful in this case. Here's hoping y'all can say "Oh, just look at the frobble sdk - it's perfect!" Iain.I have now moved to Sweden for love (awwww).
modified on Tuesday, May 25, 2010 7:46 AM
Hey! Don't know if this question is still actual or not (better late then never i guess) but i found this: http://www.codeguru.com/forum/archive/index.php/t-176997.html[^], they talk about a way to query all the handles of a process and their "types", don't know if this can help you at all or not, maybe it doesn't even include GDI handles, didn't try it but i thought i share, perhaps it has some usefull info.
> The problem with computers is that they do what you tell them to do and not what you want them to do. < > Computers are evil, EVIL i tell you!! <
-
Hey! Don't know if this question is still actual or not (better late then never i guess) but i found this: http://www.codeguru.com/forum/archive/index.php/t-176997.html[^], they talk about a way to query all the handles of a process and their "types", don't know if this can help you at all or not, maybe it doesn't even include GDI handles, didn't try it but i thought i share, perhaps it has some usefull info.
> The problem with computers is that they do what you tell them to do and not what you want them to do. < > Computers are evil, EVIL i tell you!! <
Nice search, thanks. It does talk about the sysinternals utilities - and they skip over GDI handles, so I'm not overly optimistic. But trying it out has to be easier than writing my own hooking stuff! Thanks, Iain.
I have now moved to Sweden for love (awwww).
