none
is it possible to know if a virtual address is unmapped or mapped at any moment? RRS feed

  • Question

  • HI,

    In my driver i am accessing a memory address in my ISR but sometimes i am seeing a crash at that statement. I am suspecting that this crash is because that address has already been unmapped by the time i access it. 

     Is there anyway i can know if a virtual address is already unmapped? in other words is there an kernel mode API that tells me if an address is valid or not before i can access it?

    Also one more question is can i map a physical address to virtual address twice in my driver? It doesn't sound logical but just wanted to confirm on this. 


    vidyasagar196

    Thursday, August 7, 2014 6:58 PM

Answers

  • The way to ensure a virtual address is mapped is to either allocate from NonPaged pool or use one of the variants of MmMapLockedPages to lock the memory.  Attempts to test "is this memory non-pageable" do not work, since even if you get true, by the time you touch the memory it can be false.

    On your question of mapping a physical address, if you mean can you call MmMapIoSpace or one of the MmMapLockPages calls for the same region of memory, yes you can getting two virtual addresses (conside mapping a shared memory region into two processes).  If you mean take an inuse virtual address and map it again, no you cannot unless you mapped it previously and then unmap and remap it.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Thursday, August 7, 2014 7:12 PM

All replies

  • The way to ensure a virtual address is mapped is to either allocate from NonPaged pool or use one of the variants of MmMapLockedPages to lock the memory.  Attempts to test "is this memory non-pageable" do not work, since even if you get true, by the time you touch the memory it can be false.

    On your question of mapping a physical address, if you mean can you call MmMapIoSpace or one of the MmMapLockPages calls for the same region of memory, yes you can getting two virtual addresses (conside mapping a shared memory region into two processes).  If you mean take an inuse virtual address and map it again, no you cannot unless you mapped it previously and then unmap and remap it.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Thursday, August 7, 2014 7:12 PM
  • HI,

    In my driver i am accessing a memory address in my ISR but sometimes i am seeing a crash at that statement. I am suspecting that this crash is because that address has already been unmapped by the time i access it. 

     Is there anyway i can know if a virtual address is already unmapped? in other words is there an kernel mode API that tells me if an address is valid or not before i can access it?

    Also one more question is can i map a physical address to virtual address twice in my driver? It doesn't sound logical but just wanted to confirm on this. 


    vidyasagar196

    there is no easy way to tell what is where, due to address randomization etc

    I simply use classes and things like....

    myclass* = new class;

    etc

    you can check to see how much physical RAM is present, that can be done with a kernel32 call


    Corsair Carbide 300R with window
    Corsair TX850V2 70A@12V
    Asus M5A99FX PRO R2.0 CFX/SLI
    AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
    G.SKILL RipjawsX DDR3-2133 8 GB
    EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
    Asus PA238QR IPS LED HDMI DP 1080p
    ST2000DM001 & Windows 8.1 Enterprise x64
    Microsoft Wireless Desktop 2000
    Wacom Bamboo CHT470M
    Place your rig specifics into your signature like I have, makes it 100x easier to understand!

    Hardcore Games Legendary is the Only Way to Play!

    Thursday, August 7, 2014 7:16 PM
  • kernel32 is a user space libary, that cannot be used in an interrupt routine.  Most kernel drivers are still written in C, because of the severe limitations on C++ in the Windows kernel.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Thursday, August 7, 2014 7:20 PM
  • kernel32 is a user space libary, that cannot be used in an interrupt routine.  Most kernel drivers are still written in C, because of the severe limitations on C++ in the Windows kernel.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    I have to use C for kernel32 and user32 calls

    lower levels down at the device driver layer are SOL for those calls

    even drivers are now subject to address randomization as part of efforts to prevent malware from sneaking in

    sagar: what do you need in a driver that needs so much address space?


    Corsair Carbide 300R with window
    Corsair TX850V2 70A@12V
    Asus M5A99FX PRO R2.0 CFX/SLI
    AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
    G.SKILL RipjawsX DDR3-2133 8 GB
    EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
    Asus PA238QR IPS LED HDMI DP 1080p
    ST2000DM001 & Windows 8.1 Enterprise x64
    Microsoft Wireless Desktop 2000
    Wacom Bamboo CHT470M
    Place your rig specifics into your signature like I have, makes it 100x easier to understand!

    Hardcore Games Legendary is the Only Way to Play!

    Thursday, August 7, 2014 7:25 PM
  • Vegan, at least please indicate that kernel programming is not your MVP area of specialization.  Unfortunately, I have encountered people quoting your incorrect responses and believing that since you are an MVP you know everything.  I used to be a WDK MVP when they still had that specialty and you weren't one of the 20 of us.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Thursday, August 7, 2014 10:09 PM
  • Vegan, at least please indicate that kernel programming is not your MVP area of specialization.  Unfortunately, I have encountered people quoting your incorrect responses and believing that since you are an MVP you know everything.  I used to be a WDK MVP when they still had that specialty and you weren't one of the 20 of us.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    I am a general Windows MVP, but I am very good with C++

    I have used the WDK a few times for some jobs, but not much call for it lately.

    I have used a lot of functions from kernel32 and user32, i can post some examples if anyone wants to learn how to use it


    Corsair Carbide 300R with window
    Corsair TX850V2 70A@12V
    Asus M5A99FX PRO R2.0 CFX/SLI
    AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
    G.SKILL RipjawsX DDR3-2133 8 GB
    EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
    Asus PA238QR IPS LED HDMI DP 1080p
    ST2000DM001 & Windows 8.1 Enterprise x64
    Microsoft Wireless Desktop 2000
    Wacom Bamboo CHT470M
    Place your rig specifics into your signature like I have, makes it 100x easier to understand!

    Hardcore Games Legendary is the Only Way to Play!

    Friday, August 8, 2014 1:12 PM
  • I am a general Windows MVP, but I am very good with C++

    I have used the WDK a few times for some jobs, but not much call for it lately.

    I have used a lot of functions from kernel32 and user32, i can post some examples if anyone wants to learn how to use it

    Vegan,

        No one is questioning your competantence in your core areas.  Lets look at the three item's above:

    1.  Its nice that you are very good with C++, but for the most part kernel work is in C.  The subset of C++ allowed in the kernel is tiny.

    2.  Using the WDK a couple of times is like saying you developed a simple class in C++.  Pavel and I have both been doing this for many years, in my case 20 years of Windows Device Driver work and over 40 years of systems level programming and kernel work.

    3.  Having information on kernel32 and user32 are great for a user space programming forum, unfortunately this is not what this forum is for.

         Basically, you have shown you don't know how to program drivers by your responses in this forum. Unfortunately, your MVP status implies you should be treated as an expert which you undoubtly are in your areas of competance, but Windows device driver writintg is not one of them.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Friday, August 8, 2014 1:29 PM
  • I am a general Windows MVP, but I am very good with C++

    I have used the WDK a few times for some jobs, but not much call for it lately.

    I have used a lot of functions from kernel32 and user32, i can post some examples if anyone wants to learn how to use it

    Vegan,

        No one is questioning your competantence in your core areas.  Lets look at the three item's above:

    1.  Its nice that you are very good with C++, but for the most part kernel work is in C.  The subset of C++ allowed in the kernel is tiny.

    2.  Using the WDK a couple of times is like saying you developed a simple class in C++.  Pavel and I have both been doing this for many years, in my case 20 years of Windows Device Driver work and over 40 years of systems level programming and kernel work.

    3.  Having information on kernel32 and user32 are great for a user space programming forum, unfortunately this is not what this forum is for.

         Basically, you have shown you don't know how to program drivers by your responses in this forum. Unfortunately, your MVP status implies you should be treated as an expert which you undoubtly are in your areas of competance, but Windows device driver writintg is not one of them.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    The driver world is rather limited. Even the C headers are largely not available. That is not a real problem as drivers interact with a limited API.

    Game development sometimes uses special drivers as part of a DRM scheme. This is where I have done most of my study.

    Now the OP asked a question that is hard to do even with the application  layer, and impossible with driver layers



    Corsair Carbide 300R with window
    Corsair TX850V2 70A@12V
    Asus M5A99FX PRO R2.0 CFX/SLI
    AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
    G.SKILL RipjawsX DDR3-2133 8 GB
    EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
    Asus PA238QR IPS LED HDMI DP 1080p
    ST2000DM001 & Windows 8.1 Enterprise x64
    Microsoft Wireless Desktop 2000
    Wacom Bamboo CHT470M
    Place your rig specifics into your signature like I have, makes it 100x easier to understand!

    Hardcore Games Legendary is the Only Way to Play!

    Saturday, August 9, 2014 12:03 AM
  • > Even the C headers are largely not available

    I have no idea what you are talking about. All of the necessary headers for drivers are in the wdk . If you mean to say they are a different API surface from user mode and the space is smaller, that is correct. But that is neither here nor there, it is irrelevant. The proper driver API surface is what you get


    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Saturday, August 9, 2014 1:01 AM
  • > Even the C headers are largely not available

    I have no idea what you are talking about. All of the necessary headers for drivers are in the wdk . If you mean to say they are a different API surface from user mode and the space is smaller, that is correct. But that is neither here nor there, it is irrelevant. The proper driver API surface is what you get


    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Sorry I was tired so my comment was a bit terse.

    In one game the DRM goes as far to use a virtual machine emulator. Which was an attempt to get around debuggers.

    Yes, all of the headers needed for a standard driver are provided with the WDK

    I was considering the OP who was more towards application development than device driver development.


    Corsair Carbide 300R with window
    Corsair TX850V2 70A@12V
    Asus M5A99FX PRO R2.0 CFX/SLI
    AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
    G.SKILL RipjawsX DDR3-2133 8 GB
    EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
    Asus PA238QR IPS LED HDMI DP 1080p
    ST2000DM001 & Windows 8.1 Enterprise x64
    Microsoft Wireless Desktop 2000
    Wacom Bamboo CHT470M
    Place your rig specifics into your signature like I have, makes it 100x easier to understand!

    Hardcore Games Legendary is the Only Way to Play!

    Saturday, August 9, 2014 2:10 PM
  • Dear Vegan, note that moderators may sometimes delete posts that are way off or irrelevant.

    If this happens, hope you won't take offense... nothing personal.

    -- pa

    cease and desist from off topic comments


    Corsair Carbide 300R with window
    Corsair TX850V2 70A@12V
    Asus M5A99FX PRO R2.0 CFX/SLI
    AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
    G.SKILL RipjawsX DDR3-2133 8 GB
    EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
    Asus PA238QR IPS LED HDMI DP 1080p
    ST2000DM001 & Windows 8.1 Enterprise x64
    Microsoft Wireless Desktop 2000
    Wacom Bamboo CHT470M
    Place your rig specifics into your signature like I have, makes it 100x easier to understand!

    Hardcore Games Legendary is the Only Way to Play!

    Saturday, August 9, 2014 2:11 PM