get size of all allocated memory

Haibo

Hi guys,
is there any way to get total size of allocated memory from a app crash dump?
I know !heap can return details for specific heap, but is there a way to display total size directly?

Regards
Herb

Tim_Roberts

"[email protected] windbg"@lists.osr.com wrote:
> is there any way to get total size of allocated memory from a app crash dump?
> I know !heap can return details for specific heap, but is there a way to display total size directly?

I'm not sure "total size of allocated memory" has any meaning.  What are
you hoping to do with this information?  Are you looking for kernel-mode
memory, or user-mode memory for one process, or for all processes?

--
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.

Haibo

Hi Tim,
It is about user mode memory, I want to know this because I occasionally see memory allocation failure when analyzing user uploaded dumps, I want to confirm if it is really caused by memory leak.

Regards
Herb

Tim_Roberts

The information in !process <pid> 7 should show you memory statistics like this.
—
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.

raj_r

@Tim !process with any flags doesnt provide memory statistics afaik

@op you can use !vm with 0x10 flag which might provide what you are looking for


Pid ImageName Commit SharedCommit Debt

8c0 firefox.exe 147972 Kb 0 Kb 0 Kb
af0 firefox.exe 69472 Kb 0 Kb 0 Kb
f40 firefox.exe 65856 Kb 0 Kb 0 Kb
500 AvastSvc.exe 64144 Kb 0 Kb 0 Kb
384 svchost.exe 63872 Kb 0 Kb 0 Kb
ea4 firefox.exe 43980 Kb 0 Kb 0 Kb
ce4 firefox.exe 43564 Kb 0 Kb 0 Kb
d6c explorer.exe 40400 Kb 0 Kb 0 Kb

!process pid 7 results below for process d6c explorer.exe

kd> !process 0d6c 7
Searching for Process with Cid == d6c
PROCESS 8658f518 SessionId: 1 Cid: 0d6c Peb: 7ffdf000 ParentCid: 0d5c
DirBase: 7e235440 ObjectTable: cac07978 HandleCount: 796.
Image: explorer.exe
VadRoot 8522e180 Vads 463 Clone 0 Private 8001. Modified 8118. Locked 0.
DeviceMap c9c11910
Token ca7e17f8
ElapsedTime 05:10:56.310
UserTime 00:00:10.904
KernelTime 00:00:17.550
QuotaPoolUsage[PagedPool] 444756
QuotaPoolUsage[NonPagedPool] 35340
Working Set Sizes (now,min,max) (11134, 50, 345) (44536KB, 200KB, 1380KB)
PeakWorkingSetSize 15292
VirtualSize 253 Mb
PeakVirtualSize 311 Mb
PageFaultCount 90501
MemoryPriority BACKGROUND
BasePriority 8
CommitCharge 10100

THREAD 851d3d48 Cid 0d6c.0d70 Teb: 7ffde000 Win32Thread:
ffb96788 WAIT: (WrUserRequest) UserMode Non-Alertable
85316218 SynchronizationEvent
Not impersonating
DeviceMap c9c11910


On 3/6/18, Tim Roberts <[email protected]> <[email protected]> wrote:
> The information in !process <pid> 7 should show you memory statistics like
> this.
> —
> Tim Roberts, [email protected]
> Providenza & Boekelheide, Inc.
>
>
> ---
> WINDBG is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software
> drivers!
> Details at <http://www.osr.com/seminars&gt;
>
> To unsubscribe, visit the List Server section of OSR Online at
> <http://www.osronline.com/page.cfm?name=ListServer&gt;
>