I'm back again, with another one of these threads.
This is another "system-wide performance killed" thing... After that previous problem was fixed in v4.14, I noticed this leak over a year ago, but didn't really try to look into it until yesterday -- argh, it turned out to be pretty simple to narrow down!I first really realized it when starting to boot XP with the /3GB switch, which reduces the available pool sizes. It's been a nightmare having the same slowdowns, all over again, after 2-3 weeks of uptime. Nothing short of restarting will fix it.
Using Poolmon, look at the Paged Strg tag.
On my main system, during normal operation, there are more than 36,000 leaks per day (for reference, if there are no leaks, the system starts with 104 net allocs and remains steady); or ~2.5MB/day. The other system doesn't seem to have any leaks during normal operation...
BUT there is a way to trigger the leaks (on any system, I assume), en masse, with a "stress test," by simply running Process Hacker! (Not sandboxed or anything; I've never tried that.) I had it running for an extended period when I first noticed the leak.
Reverting back to Sandboxie 4.20 (which I didn't try last year!) makes everything OK. (There's lots of Strg activity, but allocs are matched by frees.) 5.04, the oldest 5.x I have, does leak... Stopping the Sandboxie service has no effect. Only having it Disabled at startup prevents the leak. It seems that once the driver is started, the leaks will happen.
I think that's it... I'm just glad it turned out to be a simple and obvious leak that should be easily reproduced by running Process Hacker, and I didn't have to try messing with a kernel debugger or such to do more work for you guys to figure out what was happening. I'll leave that to you!
Looking forward to also having this one fixed soon, hopefully? Thanks!
(BTW, why don't I have a badge?!? 
)
(I haven't felt like trying anything else myself, yet, as I feel like I've done enough previously debugging Sandboxie issues, haha.)
