Prev: Getting the full DOS ImagePathName from PEB in a driver
Next: include files
From: Gary Kratkin on 11 Jan 2007 19:32
Hello, can anyone shed light on the following memory leaks? This is on
Vista build 6000. The same code runs on XP without problems. The RPC in
question passes 4 [IN] DWORD values. Note the callback from the RPC server
to the client.

Thanks for any help.
-Gary

BackTrace107757996/BackTrace107757996 grew by 180,153,384 bytes
(7,735,976->187,889,360):
ntdll!RtlAllocateHeap+0000021D
ntdll!RtlpAllocateUserBlock+000000A2
ntdll!RtlpLowFragHeapAllocFromContext+00000785
ntdll!RtlAllocateHeap+0000017C
RPCRT4!AllocWrapper+00000018
RPCRT4!BCACHE::Allocate+00000078
RPCRT4!RpcAllocateLrpcBuffer+0000000A
RPCRT4!I_RpcSendReceive+00000032
RPCRT4!NdrSendReceive+00000031
mydll!CallbackToRPCClient+00000xxx
mydll!IncomingRPCHandler+00000xxx
RPCRT4!DispatchToStubInCNoAvrf+00000041
RPCRT4!RPC_INTERFACE::DispatchToStubWorker+000000DF
RPCRT4!LRPC_SCALL::DispatchRequest+000000A2
RPCRT4!LRPC_SCALL::HandleRequest+000001D2
RPCRT4!LRPC_ADDRESS::ProcessIO+00000216
RPCRT4!LOADABLE_TRANSPORT::ProcessIOEvents+00000162
RPCRT4!ProcessIOEventsWrapper+0000000E
RPCRT4!BaseCachedThreadRoutine+0000005C
RPCRT4!ThreadStartRoutine+0000001E
kernel32!BaseThreadInitThunk+0000000E
ntdll!_RtlUserThreadStart+00000023

BackTrace107793404/BackTrace107793404 grew by 77,358,440 bytes
(30,943,464->108,301,904):
ntdll!RtlAllocateHeap+0000021D
ntdll!RtlpAllocateUserBlock+000000A2
ntdll!RtlpLowFragHeapAllocFromContext+00000785
ntdll!RtlAllocateHeap+0000017C
RPCRT4!AllocWrapper+00000018
RPCRT4!BCACHE::Allocate+00000078
RPCRT4!LRPC_ADDRESS::ProcessIO+000002B8
RPCRT4!LOADABLE_TRANSPORT::ProcessIOEvents+00000162
RPCRT4!ProcessIOEventsWrapper+0000000E
RPCRT4!BaseCachedThreadRoutine+0000005C
RPCRT4!ThreadStartRoutine+0000001E
kernel32!BaseThreadInitThunk+0000000E
ntdll!_RtlUserThreadStart+00000023
 | 
Pages: 1
Prev: Getting the full DOS ImagePathName from PEB in a driver
Next: include files