Memory Management in Windows

1. Windows Memory Structure

Every process in Windows is assigned its own virtual address space. For 32-bit processes, the address space is 4 GB, because the 32-bit pointer can have any value between 0x00000000 and 0xffffffff. For 64-bit processes, this space is 16eb. Since each process can receive its own private address space, when a thread in the process is running, this thread can only access the memory of its only process. Memory of all other processes is hidden and cannot be accessed.

The virtual address space of each process must be divided into various partitions. The address space partition is implemented according to the basic implementation of the operating system. The partitions of different windows kernels are also slightly different. The following uses 32-bit Windows 2000 (x86 and Alpha processors)

In addition, if you want to expand your partitions to 3 GB, you can add the/3 GB switch to boot in Windows 2000 Advanced Server and Windows 2000 data center versions on x86. INI file. When the/3 GB switch is used, the number of threads, stacks, and other resources that the system can create is reduced. In addition, the system uses a maximum of 16 gb ram, and usually 64 gb ram. Because there is not enough virtual space in the kernel mode to manage more RAM.

2. Areas in the address space

When a process is created and assigned an address space, the subject of the available space is idle and unallocated. To use each part of the address space, you must call the virtualalloc function to allocate each area in the address space. The operation for allocating the region of each address space is called reserve)

When you reserve an area of the address space, the area must be a multiple of the system's page size, and the allocation boundary must start with an allocation granularity. For example, the page size of X86 is 4 kb, And the allocation granularity is 64 KB.

To use a reserved address space area, you must allocate a physical storage and map the storage to the reserved address space area. This process is called submitting physical storage. You can also call the virtualalloc function, but it is different from the previously reserved input parameters. You can check this function by yourself. Of course, you can also submit the physical storage while retaining the address space.

In older operating systems, physical memory is regarded as the capacity of all the ram of the computer. If the computer has 16 mb ram, the load and run applications can use up to 16 mb ram. Today's operating system makes the disk space look like memory. A file on a disk is usually called a page file, which contains the virtual memory that can be used by all processes. (You can view the page file information of the virtual memory in "My Computer> Properties> advanced)

In this way, when an application calls the virtrualalloc function and submits the physical storage to an area of the address space, the address space is actually allocated from a file on the hard disk.

When a thread in a user process tries to access a data block in the address space of the process. Generally, two situations occur:

1. If the data the thread tries to access is in Ram, the CPU only needs to map the virtual address to the physical address of the memory and then execute the required access.

2. The data is not in Ram, but somewhere in the page file. At this time, access will cause page failure. The CPU will notify the operating system, and the operating system will find a blank page from Ram. If no blank page is found, a page must be released. If the page has not been modified, it can be released directly. Otherwise, you must first copy the page from Ram to the page swap file, and then the system enters the page file to find the data to be accessed, and load the data to the idle Memory Page. Then, the operating system updates its virtual memory address used to specify the data, which has now been mapped to the table in the corresponding physical memory address in Ram.

3. Windows Memory Management Method

Windows provides three methods for memory management:

L virtual memory, most suitable for managing large objects or arrays of Structures

L memory ing files are most suitable for managing large data streams (usually from files) and sharing data among multiple processes running on a single computer.

L memory stack, which is most suitable for managing a large number of small objects.

3.1 virtual memory

To use the virtual memory, follow these steps:

1. retain an area in the address space and call the virtualalloc function.

2. Submit the physical memory in the reserved region. After a region is retained, you must submit the physical memory to the region before accessing the memory address contained in the region. The system allocates submitted physical storage to a region from its page file. For details about the specific parameter settings of calling the virtualalloc function, see msdn. Of course, you can also operate the reserved region and submit the physical memory at one time.

3. Reclaim the virtual memory and release the address space area, call the virtualfree function, and if you want to release a region, you must release all the address spaces in the region reserved. Of course, you can still call the virtualfree function instead of releasing the region, but the parameters are different.

3.2 memory ing File

Like the virtual memory, the memory ing file can be used to reserve an address space area and submit the physical memory to the area. The difference between them is that physical storage comes from a file already on the disk, rather than a system page file. Once the file is mapped, it can be accessed, just as the entire file is loaded into the memory.

Memory ing files are generally used for three different purposes:

1. The system uses a memory ing file to facilitate and execute the .exe and DLL files. This greatly saves the page file space and the time required for the application to start and run.

2. You can use the memory ing file to access the data files on the disk. This allows you to perform I/O operations on files without having to cache the file content.

3. Memory ing files can be used to allow multiple processes running on the same computer to share data with each other.

To use a memory ing file, follow these steps:

1) Create or open a file kernel object used to identify the file on the disk that you want to use as the memory ing file (createfile function)

2) create a file ing kernel object to tell the system the file size and how you plan to access the file

(Createfilemapping function)

3) Let the system map all or part of the file ing object to your address space

(Mapviewoffile function, requires that the file displacement is a multiple of the allocation granularity)

When using the memory ing file, you must perform the following steps to clear it:

4) Tell the system to remove the image mapped to the kernel object from the address space of your process.

(Unmapviewoffile function)

5) close the file ing Kernel Object

(Closehandle function, 2nd) object created in step 1)

6) close the file Kernel Object

(Closehandle function, 1st) object created in step 1)

Memory ing files can also be used to share data between processes. The data sharing method is to map two or more processes to the view of the same file ing object, which means that they will share the same page of the physical storage. In addition, you can create memory ing files supported by system page files, instead of memory ing files supported by dedicated hard disk files. In this way, you do not need to call the createfile function. You only need to pass invalid_handle_value to the hfile parameter of createfilemapping, and pass a string ending with 0 as the pszname parameter. Other processes can use the createfilemapping or openfilemapping function.

3.3 Stack

A stack can be used to allocate many small data blocks, such as managing a chain table and a link tree. The advantage of stack is that you can ignore the issue of allocation granularity and page boundaries. The disadvantage of the stack is that the memory block allocation and release speed is slower than other mechanisms, and physical memory submission and recovery cannot be directly controlled.

When a process is initialized, the system creates a stack in the address space of the process. This stack is the default stack of the process. By default, the address space of the stack is 1 MB. The system can expand the default stack of a process. Because the default stack of a process can be called by many Windows functions, access to the default stack is performed in order. That is, the system must ensure that only one thread can allocate and release memory blocks in the default stack at a time within the specified time. Of course, you can also create some auxiliary stacks in the process address space.

Some operation functions of the stack are as follows (you can check msdn for details ):

1. Create a stack heapcreate

2. allocate memory block heapalloc from the stack

3. Change the memory block size heaprealloc

4. Release the memory block heapfree

5. Undo stack heapdestroy