I'm troubleshooting some memory fragmentation problems and I've been trying to figure out why things are being allocated and who's ultimately doing the allocation. So I enabled usermode stack traces for the process (+UST flag in gflags) and got a dump. When I analyze the dump and use the !heap -p -a Some_Address. I see a stack trace, but it's definitly not a full trace. I usually only see 4-7 functions in to the trace and then it stops. No errors are reported in the stack, but unfortunately it doesn't have enough information. I checked a bunch of the allocations and they all seem to have this same problem. I thought it might be the size of the stack database, but I would have expected to lost entire entries instead of just loosing part of them. Is there something I can do to increase the total size of the viewable stack. Some examples are below of the stacks I'm seeing.
0:000> !heap -p -a 3cb49008
address 3cb49008 found in
_HEAP @ 80000
HEAP_ENTRY Size Prev Flags UserPtr UserSize - state
3cb49000 0fdd 0000 [07] 3cb49008 07ed0 - (busy)
Trace: 6b69
7c855014 ntdll!RtlAllocateHeapSlowly+0x00000041
7c83d9aa ntdll!RtlAllocateHeap+0x00000e9f
776bcfce ole32!CRetailMalloc_Alloc+0x00000016
77d0404a oleaut32!APP_DATA::AllocCachedMem+0x0000004f
77d04341 oleaut32!SysAllocStringByteLen+0x0000003c
77d03f9b oleaut32!ErrStringCopyNoNull+0x00000016
77d0456f oleaut32!VariantCopy+0x0000007e
3ff1946 xxxx!_variant_t::_variant_t+0x00000016
0:000> !heap -p -a 2774cfc8
address 2774cfc8 found in
_HEAP @ 3cc0000
HEAP_ENTRY Size Prev Flags UserPtr UserSize - state
2774cfc0 0008 0000 [17] 2774cfc8 00020 - (busy)
Trace: 7de8
7c855014 ntdll!RtlAllocateHeapSlowly+0x00000041
7c83d9aa ntdll!RtlAllocateHeap+0x00000e9f
4f6ad17 xxxx!malloc+0x0000007a
0:000> !heap -p -a 3ca25e08
address 3ca25e08 found in
_HEAP @ 80000
HEAP_ENTRY Size Prev Flags UserPtr UserSize - state
3ca25e00 0007 0000 [07] 3ca25e08 00020 - (busy)
Trace: 8588
7c855014 ntdll!RtlAllocateHeapSlowly+0x00000041
7c83d9aa ntdll!RtlAllocateHeap+0x00000e9f
776bcfce ole32!CRetailMalloc_Alloc+0x00000016
77d0404a oleaut32!APP_DATA::AllocCachedMem+0x0000004f
77d04341 oleaut32!SysAllocStringByteLen+0x0000003c
77d03f9b oleaut32!ErrStringCopyNoNull+0x00000016
77d0456f oleaut32!VariantCopy+0x0000007e
4f35abd xxxx!std::_Construct<_variant_t,_variant_t>+0x0000004d
On 32-bit Windows the system uses EBP chain to take a stack trace. You need to disable FPO optimization (/Oy-). On 64-bit Windows you will get a good stack trace even with optimization.