Skip to content

Instantly share code, notes, and snippets.

@asmichi

asmichi/SlowVirtualQueryOnCFGRegion.cpp

Last active November 10, 2018 18:40
Show Gist options
  • Save asmichi/1d86d5ca08a0ad6c36d1c0496bf9807c to your computer and use it in GitHub Desktop.
Save asmichi/1d86d5ca08a0ad6c36d1c0496bf9807c to your computer and use it in GitHub Desktop.
Download ZIP
Control Flow Guard 有効なプロセスに VirtualQueryEx しに行くと ms 単位で時間がかかる領域がある(Windows 10 1809 では直っているようだ)
Raw
SlowVirtualQueryOnCFGRegion.cpp
#define WIN32_LEAN_AND_MEAN
#define NOMINMAX
#include <Windows.h>
#include <cstdio>
#include <cstdlib>
#include <ratio>
#include <chrono>
namespace
{
void AbortOnWin32Error()
{
std::printf("LastError: %d\n", GetLastError());
std::exit(1);
}
class stopwatch
{
public:
stopwatch()
{
start_ = hrc::now();
}
double GetElapsedMicroseconds()
{
auto ts = std::chrono::duration_cast<std::chrono::microseconds>(hrc::now() - start_);
return static_cast<double>(ts.count());
}
private:
using hrc = std::chrono::high_resolution_clock;
hrc::time_point start_;
};
const size_t AllocationGranularity = 0x10000;
static void MeasureVirtualQuery(HANDLE hProcess)
{
std::printf("VirtualQueryEx time\n");
std::printf(" BaseAddress, RegionSize,State,Type : time / call\n");
const int N = 1000;
MEMORY_BASIC_INFORMATION mbi{};
PBYTE pCurrent = nullptr;
while (true)
{
stopwatch sw{};
for (int i = 0; i < N; i++)
{
if (VirtualQueryEx(hProcess, pCurrent, &mbi, sizeof(mbi)) == 0)
{
return;
}
}
std::printf(
"%p,%16llx,%5x,%4x : %10.4f us / call\n",
mbi.BaseAddress,
mbi.RegionSize,
mbi.State >> 12,
mbi.Type >> 16,
sw.GetElapsedMicroseconds() / N);
pCurrent = (PBYTE)mbi.BaseAddress + mbi.RegionSize;
}
}
} // namespace
int main()
{
STARTUPINFOW si{};
PROCESS_INFORMATION pi{};
wchar_t cmdLine[] = L"cmd /c echo.";
if (!CreateProcessW(nullptr, cmdLine, nullptr, nullptr, FALSE, CREATE_SUSPENDED, nullptr, nullptr, &si, &pi))
{
AbortOnWin32Error();
}
MeasureVirtualQuery(pi.hProcess);
ResumeThread(pi.hThread);
CloseHandle(pi.hThread);
WaitForSingleObject(pi.hProcess, INFINITE);
CloseHandle(pi.hProcess);
return 0;
}
/* Win10 Pro 1803 (Build 17134.376)
VirtualQueryEx time
BaseAddress, RegionSize,State,Type : time / call
0000000000000000, 7ffe0000, 10, 0 : 0.4810 us / call
000000007FFE0000, 1000, 1, 2 : 0.7020 us / call
000000007FFE1000, b000, 10, 0 : 0.4840 us / call
000000007FFEC000, 1000, 1, 2 : 0.7080 us / call
000000007FFED000, 4948c83000, 10, 0 : 0.4750 us / call
00000049C8C70000, 1000, 2, 2 : 0.7160 us / call
00000049C8C71000, 3000, 1, 2 : 4.1170 us / call
00000049C8C74000, fc000, 1, 2 : 4.0300 us / call
00000049C8D70000, 90000, 10, 0 : 0.4750 us / call
00000049C8E00000, 1ce000, 2, 2 : 4.8650 us / call
00000049C8FCE000, 3000, 1, 2 : 1.0220 us / call
00000049C8FD1000, 2f000, 2, 2 : 0.9490 us / call
00000049C9000000, 10a23500000, 10, 0 : 0.4700 us / call
00000153EC500000, 20000, 1, 2 : 0.8300 us / call
00000153EC520000, 19000, 1, 4 : 0.9570 us / call
00000153EC539000, 7000, 10, 0 : 0.4780 us / call
00000153EC540000, 4000, 1, 4 : 0.6940 us / call
00000153EC544000, c000, 10, 0 : 0.4740 us / call
00000153EC550000, 1000, 1, 4 : 0.6650 us / call
00000153EC551000, f000, 10, 0 : 0.4700 us / call
00000153EC560000, 1000, 1, 2 : 0.6600 us / call
00000153EC561000, 7ca1d9a7f000, 10, 0 : 0.4860 us / call
00007DF5C5FE0000, 2b000, 1, 4 : 2.1440 us / call
00007DF5C600B000, 5000, 10, 0 : 0.4740 us / call
00007DF5C6010000, 16f6000, 2, 4 : 21560.0600 us / call <- taking 21.6 ms / call !!!
00007DF5C7706000, 160000, 1, 4 : 2718.5530 us / call
00007DF5C7866000, 588000, 2, 4 : 10860.6580 us / call
00007DF5C7DEE000, 4000, 1, 4 : 53.5260 us / call
00007DF5C7DF2000, 1ffd9df5000, 2, 4 : 4191.0580 us / call
00007FF5A1BE7000, 3000, 1, 4 : 1.0450 us / call
00007FF5A1BEA000, 13808000, 2, 4 : 177.2590 us / call
00007FF5B53F2000, 1bf1000, 1, 4 : 1745.4760 us / call
00007FF5B6FE3000, 8000, 1, 4 : 1.4890 us / call
00007FF5B6FEB000, f025000, 2, 4 : 448.1360 us / call
00007FF5C6010000, 1295d0000, 10, 0 : 0.4800 us / call
00007FF6EF5E0000, 1000, 1, 100 : 1.1770 us / call
00007FF6EF5E1000, 2d000, 1, 100 : 1.6530 us / call
00007FF6EF60E000, b000, 1, 100 : 2.8130 us / call
00007FF6EF619000, 1c000, 1, 100 : 2.5420 us / call
00007FF6EF635000, 3000, 1, 100 : 0.7800 us / call
00007FF6EF638000, 1000, 1, 100 : 0.9100 us / call
00007FF6EF639000, a000, 1, 100 : 0.8420 us / call
00007FF6EF643000, 54fe7d000, 10, 0 : 0.4660 us / call
00007FFC3F4C0000, 1000, 1, 100 : 5.8820 us / call
00007FFC3F4C1000, 10f000, 1, 100 : 7.3070 us / call
00007FFC3F5D0000, 46000, 1, 100 : 2.3420 us / call
00007FFC3F616000, 6000, 1, 100 : 0.8220 us / call
00007FFC3F61C000, 1000, 1, 100 : 0.7910 us / call
00007FFC3F61D000, 4000, 1, 100 : 1.0940 us / call
00007FFC3F621000, e000, 1, 100 : 1.0140 us / call
00007FFC3F62F000, 1000, 1, 100 : 0.7850 us / call
00007FFC3F630000, 3000, 1, 100 : 3.9490 us / call
00007FFC3F633000, 6e000, 1, 100 : 3.7840 us / call
00007FFC3F6A1000, 3c094f000, 10, 0 : 0.4680 us / call
*/
/* Win10 Pro 1809 (Build 17763.55) (Note that this PC is a different PC much slower than the above one.)
VirtualQueryEx time
BaseAddress, RegionSize,State,Type : time / call
0000000000000000, 7ffe0000, 10, 0 : 5.8270 us / call
000000007FFE0000, 1000, 1, 2 : 9.7050 us / call
000000007FFE1000, 5000, 10, 0 : 6.3160 us / call
000000007FFE6000, 1000, 1, 2 : 10.2240 us / call
000000007FFE7000, 606fe19000, 10, 0 : 5.3170 us / call
00000060EFE00000, 83000, 2, 2 : 32.4930 us / call
00000060EFE83000, 3000, 1, 2 : 5.8620 us / call
00000060EFE86000, 17a000, 2, 2 : 64.9230 us / call
00000060F0000000, 1000, 2, 2 : 5.1580 us / call
00000060F0001000, 3000, 1, 2 : 5.3350 us / call
00000060F0004000, fc000, 1, 2 : 59.9180 us / call
00000060F0100000, 18b974b0000, 10, 0 : 3.6120 us / call
000001EC875B0000, 20000, 1, 2 : 6.5920 us / call
000001EC875D0000, 1a000, 1, 4 : 5.2840 us / call
000001EC875EA000, 6000, 10, 0 : 3.8550 us / call
000001EC875F0000, 4000, 1, 4 : 4.7610 us / call
000001EC875F4000, c000, 10, 0 : 3.4460 us / call
000001EC87600000, 1000, 1, 4 : 5.5380 us / call
000001EC87601000, f000, 10, 0 : 3.2210 us / call
000001EC87610000, 2000, 1, 2 : 4.3320 us / call
000001EC87612000, 7c09689fe000, 10, 0 : 3.6650 us / call
00007DF5F0010000, 1000, 1, 4 : 16.0230 us / call
00007DF5F0011000, f000, 10, 0 : 3.5380 us / call
00007DF5F0020000, 2b000, 1, 4 : 15.9510 us / call
00007DF5F004B000, 5000, 10, 0 : 3.4250 us / call
00007DF5F0050000, 1b88000, 2, 4 : 216.1270 us / call
00007DF5F1BD8000, 75000, 1, 4 : 107.7560 us / call
00007DF5F1C4D000, 1db000, 2, 4 : 115.5050 us / call
00007DF5F1E28000, 1000, 1, 4 : 71.3340 us / call
00007DF5F1E29000, 1ffda3e1000, 2, 4 : 105.5660 us / call
00007FF5CC20A000, 2000, 1, 4 : 2.3360 us / call
00007FF5CC20C000, 12b80000, 2, 4 : 117.5020 us / call
00007FF5DED8C000, 10e9000, 1, 4 : 12.6550 us / call
00007FF5DFE75000, 8000, 1, 4 : 4.6810 us / call
00007FF5DFE7D000, 101d3000, 2, 4 : 49.6940 us / call
00007FF5F0050000, 116e30000, 10, 0 : 2.1920 us / call
00007FF706E80000, 1000, 1, 100 : 3.4700 us / call
00007FF706E81000, 2f000, 1, 100 : 3.1110 us / call
00007FF706EB0000, b000, 1, 100 : 3.8370 us / call
00007FF706EBB000, 1c000, 1, 100 : 2.3420 us / call
00007FF706ED7000, 3000, 1, 100 : 2.1750 us / call
00007FF706EDA000, 1000, 1, 100 : 2.1240 us / call
00007FF706EDB000, a000, 1, 100 : 3.2410 us / call
00007FF706EE5000, 4f1a6b000, 10, 0 : 1.3430 us / call
00007FFBF8950000, 1000, 1, 100 : 4.1260 us / call
00007FFBF8951000, 117000, 1, 100 : 6.5520 us / call
00007FFBF8A68000, 47000, 1, 100 : 3.8280 us / call
00007FFBF8AAF000, b000, 1, 100 : 2.5110 us / call
00007FFBF8ABA000, e000, 1, 100 : 2.2450 us / call
00007FFBF8AC8000, 1000, 1, 100 : 2.2160 us / call
00007FFBF8AC9000, 3000, 1, 100 : 2.1660 us / call
00007FFBF8ACC000, 71000, 1, 100 : 28.8280 us / call
00007FFBF8B3D000, 4074b3000, 10, 0 : 1.5530 us / call
*/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment