Share via

!handle -1 not working WinDbg

Qingchuan Zhang 1 Reputation point
2022-03-15T17:24:44.28+00:00

https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/-handle

Has !handle -1 been deprecated? It doesn't work on my machine. Thanks for any help or clarification in advance!

183317-image.png

183365-screen-shot-2022-03-16-at-012247.png

Windows Hardware Performance
Windows Hardware Performance
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Hardware Performance: Delivering / providing hardware or hardware systems or adjusting / adapting hardware or hardware systems.
1,579 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Maybecompletelyw_0 276 Reputation points
    2022-03-17T12:01:18.343+00:00

    Don't know what's going on, but calling explicit (for user-mode)
    !ntsdexts.handle
    seems to accept -1 as a valid argument for <Handle> argument.

    0:000> !ntsdexts.help handle
!handle [handle [flags [type]]] - Dump handle information
       If no handle specified, all handles are dumped.
       Flags are bits indicating greater levels of detail.
If the handle is 0 or -1, all handles are scanned.  If the handle is not
zero, that particular handle is examined.  The flags are as follows:
    1   - Get type information (default)
    2   - Get basic information
    4   - Get name information
    8   - Get object specific info (where available)

If Type is specified, only object of that type are scanned.  Type is a
standard NT type name, e.g. Event, Semaphore, etc.  Case sensitive, of
course.

Examples:

    !handle     -- dumps the types of all the handles, and a summary table
    !handle 0 0 -- dumps a summary table of all the open handles
    !handle 0 f -- dumps everything we can find about a handle.
    !handle 0 f Event
                -- dumps everything we can find about open events

0:000> !ntsdexts.handle -1 0
45 Handles
Type            Count
None            6
Event           8
Section         5
File            3
Directory       3
Key             3
Thread          2
IoCompletion    3
TpWorkerFactory 3
ALPC Port       1
WaitCompletionPacket    8
  2. Maybecompletelyw_0 276 Reputation points
    2022-03-18T05:59:27.497+00:00 
    Windbg Preview
0:000> .chain
...
    dbghelp: image 10.0.22549.1000, API 10.0.6, 
        [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2202.7001.0_neutral__8wekyb3d8bbwe\amd64\dbghelp.dll]
    exts: image 10.0.22549.1000, API 1.0.0, 
        [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2202.7001.0_neutral__8wekyb3d8bbwe\amd64\WINXP\exts.dll]
    uext: image 10.0.22549.1000, API 1.0.0, 
        [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2202.7001.0_neutral__8wekyb3d8bbwe\amd64\winext\uext.dll]
    ntsdexts: image 10.0.22550.1002, API 1.0.0, 
        [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2202.7001.0_neutral__8wekyb3d8bbwe\amd64\WINXP\ntsdexts.dll]

Windows Kits 10
0:000> .chain
...
    dbghelp: image 10.0.19041.1, API 10.0.6, 
        [path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\dbghelp.dll]
    ext: image 10.0.19041.1, API 1.0.0, 
        [path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\winext\ext.dll]
    exts: image 10.0.19041.1, API 1.0.0, 
        [path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\WINXP\exts.dll]
    uext: image 10.0.19041.1, API 1.0.0, 
        [path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\winext\uext.dll]
    ntsdexts: image 10.0.19041.1, API 1.0.0, 
        [path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\WINXP\ntsdexts.dll]

Windows Kits 8.0
0:000> .chain
...
    dbghelp: image 6.2.9200.20512, API 6.2.6, built Fri Sep 07 07:45:49 2012
        [path: C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\dbghelp.dll]
    ext: image 6.2.9200.20522, API 1.0.0, built Fri Sep 21 10:17:05 2012
        [path: C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winext\ext.dll]
    exts: image 6.2.9200.16384, API 1.0.0, built Thu Jul 26 04:15:20 2012
        [path: C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\WINXP\exts.dll]
    uext: image 6.2.9200.16384, API 1.0.0, built Thu Jul 26 04:15:09 2012
        [path: C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winext\uext.dll]
    ntsdexts: image 6.2.9200.16384, API 1.0.0, built Thu Jul 26 04:16:01 2012
        [path: C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\WINXP\ntsdexts.dll]

Debugger from WinDDK 7600.16385.1
0:000> .chain
...
    dbghelp: image 6.12.0002.633, API 6.1.6, built Mon Feb 01 21:15:44 2010
        [path: C:\WinDDK\7600.16385.1\Debuggers\dbghelp.dll]
    ext: image 6.12.0002.633, API 1.0.0, built Mon Feb 01 21:15:46 2010
        [path: C:\WinDDK\7600.16385.1\Debuggers\winext\ext.dll]
    exts: image 6.12.0002.633, API 1.0.0, built Mon Feb 01 21:15:38 2010
        [path: C:\WinDDK\7600.16385.1\Debuggers\WINXP\exts.dll]
    uext: image 6.12.0002.633, API 1.0.0, built Mon Feb 01 21:15:36 2010
        [path: C:\WinDDK\7600.16385.1\Debuggers\winext\uext.dll]
    ntsdexts: image 6.1.7650.0, API 1.0.0, built Mon Feb 01 21:15:18 2010
        [path: C:\WinDDK\7600.16385.1\Debuggers\WINXP\ntsdexts.dll]

    Have output (cmd without specifying extension dll): 

    0:000> !handle -1 0
ERROR: !handle: extension exception 0x80070057.
    "Unrecognized argument '1'"

    So this glitch looks kind of antique.
    Not sure about behavior of windbg for arm.

    0 comments