Handle Leak

[narinishi]

System Details

• OS: Windows 8.1 (64-bit)
• Thorium Version: 122.0.6261.132 (Official Build) (64-bit)

Problem
Process Hacker shows a very high handle count for one thorium.exe instance

Screenshots

Additional Notes

[narinishi]

possibly related win32ss/supermium#372

[Alex313031]

@narinishi @IDA-RE-things

Can one of y'all test by:

1. Downloading the portable release of the last M109, M119, and M122 version. (This way we can compare all three, and using a fresh, clean user data profile for reproducibility.) Also remember to download the same type for each (i.e. SSE3, AVX, etc.) to eliminate instruction set differences.

2. Test each, one at a time, by opening the same page (doesn't matter the page, as long as each test uses the same page), making sure that no other instances of Chromium/Thorium/Supermium are running.

3. Recording the max and/or average Handle count.

Goal of this is to test each release in an identical environment, to remove any other variables, and see if handle counts have truly increased, and if so, by how much compared to the baseline M109 release.

I will try to reproduce on my side, and try to see what handle might be being erroneously being repeatedly opened. That way we might track down the cause, although win32ss will probably have to be the ultimate fixer, since I don't modify or have much experience working with the Win7 specific code that he restored post-M110.

[narinishi]

The handle count was taken with no tabs open. However, I had previously been using the instance to browse various sites. I still have it open and the handle count has slightly increased.

I am also using Supermium 122.0.6261.85 (Official Build) (64-bit) and the handle count is nowhere near as high.

[Alex313031]

@narinishi Really? Because the handle leak in Thorium on my end on a Win 7 x64 machine is less than Supermium. Mine got to 11,000 after letting it sit for 3 days.

[narinishi]

@narinishi Really? Because the handle leak in Thorium on my end on a Win 7 x64 machine is less than Supermium. Mine got to 11,000 after letting it sit for 3 days.

Yeah. I started a Thorium instance yesterday and it's already at 9,958 handles. Whereas Supermium instance running for two days is below 1,600. I did experience a memory leak with Supermium recently though, although its handles stayed normal.

EDIT: By the way, am using Thorium 122.0.6261.158 now.

[narinishi]

Came across a guide for determining handle leaks https://randomascii.wordpress.com/2021/07/25/finding-windows-handle-leaks-in-chromium-and-others/

[narinishi]

There are two types of handles that Thorium is leaking. I have a process with 7002 total handles, 1641 are of type WaitCompletionPacket and 3487 are of type Event.

[JoachimHenze]

Progwrp 1.1.0.5010:
-A few function stubs added covering uxtheme and ole32, mostly for Windows 2000 targets
-Condition variable implementation rewritten, handle leak eliminated
progwrp.zip
Does that help you?

I do suggest that this version (or an even newer) should be bundled with next Thorium-legacy release.
Currently Thorium-legacy "Thorium_SSE3_122.0.6261.168_WINXP_x32.zip" still ships with outdated Progwrp 1.1.0.5002 which is known to massively leak handles (on XPSP3 at least).

Not sure whether that would affect Win8.1x64 too, or whether the dll is entirely unused then.

[narinishi]

Not sure whether that would affect Win8.1x64 too, or whether the dll is entirely unused then.

Regular Thorium Legacy on 8.1 doesn't depend on progwrp, but I can try seeing if the XP version will run.

[narinishi]

Thorium for XP with latest progwrp isn't any better behaved - only a couple of hours and already near 15k handles

[Alex313031]

@JoachimHenze @narinishi He fixed this in latest progwrp. Wait until new builds come out tommorow, which will also have more bug fixes as well as FTP support!

The new builds will use the latest 1.1.0.5010 dll

[narinishi]

@JoachimHenze @narinishi He fixed this in latest progwrp. Wait until new builds come out tommorow, which will also have more bug fixes as well as FTP support!

The new builds will use the latest 1.1.0.5010 dll

I was using the 1.1.0.5010 dll

[Alex313031]

@narinishi @JoachimHenze Fixed in latest release > https://github.com/Alex313031/thorium-legacy/releases/tag/122.0.6261.171

[narinishi]

Still seems to occur

[IDA-RE-things]

you can make sure that this leak is not related to progwrp.dll at all, by using special version of progwrp for Win7+, which just redirects calls to system dll's :
https://github.com/IDA-RE-things/Chrome-xp-api-adapter/releases

@narinishi : the issue should be reopened to be visible by developer.