I've got a Windows 7 machine that keeps running low in RAM. I can see the free RAM going down over a few hours until the point the machine becomes unresponsive. I've checked the process list and none of them takes that much RAM.
I've also checked the number of handles per process and various other indicators but still can't find why the machine runs out of RAM.
Is there any good way to check how the memory is used in Windows?
Edit
Here is the result of tasklist a few minutes before the machine becomes unresponsive:
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 24 K
System 4 Services 0 300 K
smss.exe 196 Services 0 1,024 K
csrss.exe 272 Services 0 4,336 K
wininit.exe 320 Services 0 4,184 K
csrss.exe 332 Console 1 3,516 K
winlogon.exe 372 Console 1 6,316 K
services.exe 416 Services 0 8,112 K
lsass.exe 432 Services 0 10,088 K
lsm.exe 440 Services 0 3,664 K
svchost.exe 548 Services 0 8,152 K
svchost.exe 620 Services 0 6,564 K
svchost.exe 660 Services 0 15,764 K
LogonUI.exe 724 Console 1 18,428 K
svchost.exe 768 Services 0 7,992 K
svchost.exe 828 Services 0 9,724 K
svchost.exe 852 Services 0 28,092 K
svchost.exe 176 Services 0 13,096 K
spoolsv.exe 824 Services 0 10,608 K
svchost.exe 952 Services 0 11,632 K
svchost.exe 1076 Services 0 8,524 K
fshoster32.exe 1120 Services 0 9,148 K
fsorsp.exe 1200 Services 0 8,036 K
fsgk32.exe 1324 Services 0 3,084 K
cygrunsrv.exe 1552 Services 0 5,852 K
conhost.exe 1864 Services 0 2,996 K
sshd.exe 1896 Services 0 7,804 K
FSMA32.EXE 2024 Services 0 1,628 K
svchost.exe 1320 Services 0 5,092 K
fssm32.exe 1704 Services 0 2,196 K
FSHDLL64.EXE 2120 Services 0 644 K
SearchIndexer.exe 3260 Services 0 13,596 K
sshd.exe 138920 Services 0 8,696 K
sshd.exe 138448 Services 0 8,696 K
sshd.exe 138660 Services 0 8,696 K
bash.exe 137924 Services 0 5,380 K
bash.exe 137820 Services 0 3,832 K
SAV32CLI.EXE 136344 Services 0 133,868 K
WmiPrvSE.exe 139444 Services 0 7,168 K
sshd.exe 139672 Services 0 8,692 K
sshd.exe 139876 Services 0 8,684 K
bash.exe 139992 Services 0 5,432 K
bash.exe 140040 Services 0 3,996 K
bash.exe 140200 Services 0 5,400 K
bash.exe 139424 Services 0 4,048 K
typeperf.exe 139300 Services 0 5,372 K
sleep.exe 138268 Services 0 2,272 K
sshd.exe 139612 Services 0 7,168 K
sshd.exe 137720 Services 0 5,700 K
bash.exe 139524 Services 0 5,304 K
bash.exe 138952 Services 0 3,756 K
tasklist.exe 137580 Services 0 5,164 K
bash.exe 139460 Services 0 5,452 K
bash.exe 139796 Services 0 104 K
At that point, wmic OS get FreePhysicalMemory /Value reports about 400 MB of free memory out of 2GB.
RamMap:
Task Manager:
Answer
The high memory usgae comes from a high Page table usage. To see which processes use it, install the Windows Performance Toolkit, open a command prompt as admin and run this command:
xperf -on ReferenceSet -BufferSize 1024 -MaxFile 512 -FileMode Circular && timeout 5 && xperf -d MemUsage.etl
Open the MemUsage.etl with Windows Performance Analyzer (WPA.exe), drag and drop the graph "ResidentSet" from the left graph list to the analysis pane:
Now move the "Page Category" column to the left side and expand the "Page Table" entry:
Here you see the processes which have the high pagetable usage. On the right site (after the blue line), you see page table memory usage in MB for each process.
No comments:
Post a Comment