Getting complete stack trace in WinDbg for .Net native images

Question

I'm investigating a native memory leak in our .Net 4.0 application that uses System.DirectoryServices managed wrappers for AD operations.

I've called !heap -l and got many results, including something like this:

000007fdb4bb1e65: KERNELBASE!LocalAlloc+0x0000000000000071
000007fdacb73794: adsldpc!AllocADsStr+0x000000000000004a
000007fdacb8967c: adsldpc!Oids+0x00000000000000bc
000007fdacb8a7d1: adsldpc!ObjectClassDescription+0x00000000000002bd
000007fdacb8e72d: adsldpc!FillClassInfoArray+0x0000000000000135
000007fdacb8f55c: adsldpc!ProcessSchemaInfo+0x000000000000008c
000007fdacb8ff3d: adsldpc!LdapReadSchemaInfoFromServer+0x000000000000072d
000007fdacb920da: adsldpc!LdapGetSchema+0x00000000000003fe
000007fdacb86388: adsldpc!LdapGetSyntaxOfAttributeOnServerHelper+0x000000000000003c
000007fdacb86e45: adsldpc!LdapGetSyntaxOfAttributeOnServer+0x0000000000000031
000007fdacb7af1a: adsldpc!ADsGetColumn+0x000000000000043a
000007fdabb5c0a8: adsldp!CLDAPGenObject::GetColumn+0x0000000000000050
000007fd4769c15d: +0x000007fd4769c15d

We do not use any native code in our application directly, so I guessed 000007fd4769c15d is an address in System.DirectoryServices native image and I've called !IP2MD 000007fd4769c15d with the following results:

MethodDesc:   000007fd4773ab28
Method Name:  DomainBoundILStubClass.IL_STUB_CLRtoCOM(IntPtr, IntPtr, IntPtr)
Class:        000007fd46b6a758
MethodTable:  000007fd46b6a7d0
mdToken:      0000000006000000
Module:       000007fd46b60348
IsJitted:     yes
CodeAddr:     000007fd4769c090
Transparency: Safe critical

So now I have code address, but have no idea what to do with it. I want to 'unwind' stack trace further to see which code called this method. How I can achieve something like this?

Answer 1

Set a breakpoint on the value of CodeAddr with bu 000007fd4769c090. Then g to continue. Once the breakpoint is hit, kb for the native stack and !clrstack for the managed stack.