How do I get the information shown in vmmap programatically?

99封情书 提交于 2019-12-10 11:33:19

问题


As anyone who has watched the Mark Russovich talk "Mysteries of Memory Management Revealed" knows, the vmmap tool can show you things that count against your process limit (2GB on vanilla 32 bit windows) that few other tools seem to know about.

I would like to be able to programmatically monitor my real total memory size (the one that's germane to the process limit) so I can at least log what's going on when I approach the process limit. Is there any information publicly available on how vmmap does this?

... Also, why is this information so darn hard to get??

Things I know about that (AFAIK) don't quite give you the full picture:

  • ::GetProcessMemoryInfo looks like it only returns info about private memory usage
  • System.Diagnostics.Process.VirtualMemorySize64 returns a pretty large number that still doesn't quite match the total shown by vmmap -- in fact it doesn't match ANYTHING shown in vmmap :(

回答1:


I used the Dependency Walker to look at which Windows API functions were imported from Kernel32.dll by vmmap.exe and found the following functions which are probably relevant:

VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualProtectEx
VirtualQueryEx

Take a look at those and see if you can find what vmmap is doing. Of course any other API calls made dynamically (i.e. via LoadLibrary) would not show up in the dependency walker. It's also known to be broke when dealing with side-bys-de loaded DLLs.




回答2:


There is an open-source command-line implementation of VMMap-like functionality in twpol/vmmap, and it successfully shows all of the same information about a process that SysInternals VMMap does.

See also this fork which implements fast heap enumeration, but I haven't personally tested this one.



来源:https://stackoverflow.com/questions/16342952/how-do-i-get-the-information-shown-in-vmmap-programatically

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!