yowslymie
Reputation: 31
More heaps found in each dump, where do they come from?
I am investigating a native memory leak through WinDbg.
With consecutive dumps, !heap -s returns more heaps every dump. Number of heaps returned in the first dump: 1170, second dump: 1208.
There are three sizes of heaps that are returning a lot:
0:000> !heap -stat -h 2ba60000
heap @ 2ba60000
group-by: TOTSIZE max-display: 20
size #blocks total ( %) (percent of total busy bytes)
1ffa 1 - 1ffa (35.44)
1000 1 - 1000 (17.73)
a52 1 - a52 (11.44)
82a 1 - 82a (9.05)
714 1 - 714 (7.84)
64c 1 - 64c (6.98)
Most blocks refer to the same callstack:
777a5887 ntdll!RtlAllocateHeap
73f9f1de sqlsrv32!SQLAllocateMemory
73fc0370 sqlsrv32!SQLAllocConnect
73fc025d sqlsrv32!SQLAllocHandle
74c6a146 odbc32!GetInfoForConnection
74c6969d odbc32!SQLInternalDriverConnectW
74c6bc24 odbc32!SQLDriverConnectW
74c63141 odbc32!SQLDriverConnect
When will a new heap will be created, and how you would dive deeper into this to find the root cause?
Upvotes: 2
Views: 105
Answers (1)
Kjell Gunnar
Reputation: 3067
If you are able to do live debugging, you can try to set a break:
bp ntdll!RtlCreateHeap "kc;gc"
will display the call stack and continue. Maybe you see the culprit. Do also the same with ntdll!RtlDebugCreateHeap
Upvotes: 1
Related Questions
- why create-dump-file operation increases working set (Memory) size tremendously?
- Understanding the output of WinDbg command !heap -x -v
- What do the 'size' numbers mean in the windbg !heap output?
- What's the meaning of "Internal" in "!heap -h" output in windbg?
- contradiction between !heap -x -v and !heap -flt s
- How to interpret the result of !heap -l from Windbg
- Windows heap allocations call stacks - strange callstack
- Why number of heap is always 1?
- output of !heap -s command need clarifications
- output garbage from windbg heap summary