Some !heap
switches are known to behave incorrectly when large allocations flow through the Heap Manager. The Heap Manager will forward large allocations directly to VirtualAlloc
, and while some of the !heap
commands know how to keep track of these allocations, other commands do not. You should also try updating your WinDbg version to the most recent Windows SDK, because the !heap
commands are intimately tied to the Heap Manager's internal data structures, which change with Windows versions.
I recommend using VMMap in such situations to detect large allocation sources.