In windbg, how do I get a heap header address from !heap -l results?

I am playing around with windbg's !heap command, particular the "-l" switch which detects memory leaks.

When -l does detect a leak, I am having problems navigating from its results to a stack trace for the source of the leak.

Here is a snippet of the results from !heap -l. Formatting has been changed to make the output more readable.

0:066> !heap -l Searching the memory for potential unreachable busy blocks.

Entry User Heap Segment

0324b500 0324b508 01580000 03230000

0324b520 0324b528 01580000 03230000

(Size, PrevSize, Unused, and Flags columns omitted for simplicity.)

Windbg's documentation for !heap tells me to use dt _DPH_BLOCK_INFORMATION with the header address, followed by dds with the blocks' StackTrace field. But the output for !heap -l doesn't specify a header address! It's only specififying Entry, User, Heap, and Segment. I've racked my brain loo开发者_如何学Cking over the other commands but can't figure out how to get the header address from any of these fields. Can someone help?

Did you enable the needed debug options with AppVerifier or Gflags ? Memory blocks will have a _DPH_BLOCK_INFORMATION only if pageheap option is enabled, and you will be able to display the stack backtrace if that option is also enabled. To display the stack trace of a block, you can use !heap -p -a <block address>.

Be aware that !heap -l may display lots of false positives if not used at application exit time. You could also try umdh (also included in Debugging Tools for Windows), or DebugDiag.