Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
It’s my understanding that debuggers use ReadProcessMemory (in a Windows environment) to read another process’ memory.. what am I wondering is: ReadProcessMemory reads another process’ memory to a buffer so it causes overhead. Do debuggers read small chunks of memory or do they read the entire process’ memory in one shot?
API does not guarantee atomic read. Eventually it copies data (as opposed to providing access to original bytes through address mapping), and if the debuggee is still running it might be altering the memory in question while the API call is in progress.