2. Tech
  3. JIURL plays Win2K memory paging mechanism (2)

JIURL plays Win2K memory paging mechanism (2)

zhaozj2021-02-16  50

JIURL play Win2k memory paging mechanism Part (b) Author: JIURL Home: http://jiurl.yeah.net Date: 2003-7-30

Process Page Directory and Page Table In Virtual Address Space When performing an instruction to access memory, if the paging flag in the register has been set, the CPU automates the conversion of the virtual address to the physical address to complete the instruction. . The CPU does not require the virtual address of the page directory and page table during the conversion address. However, after the paging flag is set, the CPU converts the address in all instructions as a virtual address into a physical address. So all procedures are all virtual addresses. The page table and page directory of a process are maintained by the system, such as a process request or release memory, and the system needs to set some of the corresponding page items. The system needs to access the page directory and page table, but the system can only use virtual addresses, so the system must map the page directory and page table to the address space. 1024 page tables corresponding to 4G address space are sequentially mapped to 4M address space from 0xC0000000 to 0xc03FFFF. The page table corresponding to the first 4M address space is mapped to the first 4K address space (4K started by 0xC00000000) started from 0xC0000000. The page table corresponding to the second 4M address space is mapped to the second 4k address space starting at 0xC0000000 (4K starting at 0xC0001000), in this type. The page directory is mapped to the 4K address space at the beginning of the 0xC0300000. The 4M address space of 0xC0000000 to 0xc03FFFF is located in a high 2G system address space and requires RING0 permissions to access. Terminal Tittings and Valid Page Item Page Number and Page Number The least, 0 bits, indicate whether a page maps the physical memory. The lowest bit is 1, valid (VALID), indicating that the page maps the physical memory. Page catalogs and page entries, 4 bytes, 32bit, have a similar structure. With the kernel debugger (kd) included with Win2K DDK, we can get the structural definition of a valid page record entry and page entry. For systems using X86 CPU, this structure is defined as follows! Struct hardware_pte_x86struct _hardware_pte_x86 (sizeof = 4) 0 bits0-0 Valid 0 bits1-1 Write 0 bits2-2 Owner 0 bits3-3 WritethRough 0 bits4-4 cachedisable 0 bits5-5 accessed 0 bits6-6 dirty 0 bits7-7 largepage 0 Bits8-8 Global 0 Bits9-9 CopyonWrite 0 Bits10-10 prototype 0 bits11-11 reserved 0 bits12-31 PageFramenumber: Page 12-31 of page items or page items, long 20 bits. The page frame number of the physical page. (Make this 32-bit and 0xffff000, you get the address of the first byte of the 4kb physical page), because the size of the page is 4KB, so only 20 digits are required, you can address each 4G size range. page. For page directory entries, the resulting physical page is placed in a page table. Bits0-0 Valid: Invalid is 0, this page does not map physical memory. Treatment for 1. This page maps physical memory. Bits1-1 Write: This page is read only. To 1 this page can be read and written. Bits2-2 Owner: Access to 0 This page requires RING0 permissions, only the core state (kernel-mode) can be accessed. To 1 access this page RING3 permission, the User-Mode code can be accessed.

Bits3-3 Writethrough: 0 pairs of Write-Back Caching policies for 0 pairs. Use the Write-Through Caching Policy for 1 pair related pages. Direct writes, while writing the data while writing to cache, the data is written to the corresponding memory unit. Ensure the consistency of the corresponding unit data in Cache and Memory. The direct-write speed is slow, and some operations are unnecessary. For example, the CPU has updated a Cache unit for multiple times, which will cause the corresponding memory cell to be written for continuously, and the effect is actually the same as the last update of writing. . Write-back, the CPU modifies the contents of the cache, and does not immediately modify the corresponding unit in the memory. The corresponding memory unit is modified only when the back-write operation is executed. For example, the content of the Cache unit triggers the reply operation from the Cache. Some unnecessary operations are also avoided. If the CD (Cache Disable) flag in CR0 is 1, the processor ignores the WriteTHRough flag. CD logo, 30bit of the CR0 register. Observing the foundation, this bit is 0 in WIN2K after initialization. That is to say, the WriteTHrough flag in the page directory entry and page item works. Bits4-4 Cachedisable: Cache is allowed to be Cache. For 1 for Cache this page. If the CD (Cache Disable) flag in CR0 is 1, the processor ignores the cachedisable flag. CD logo, 30bit of the CR0 register. Observing the foundation, this bit is 0 in WIN2K after initialization. That is to say, the cachedisable flag in the page directory entry and page item works. Bits5-5 Accessed: 0 page is not accessed (read or written). This page is accessed (read or written) for 1. BITS6-6 DIRTY: The content in this page is not changed. The content in this page has been changed (written). BITS7-7 LARGEPAGE: 0 indicates that the page size is 4K, and 1 indicates that the page size is 4m. BITS8-8 Global: It is not Global Page for 0. To 1 is a global page. If the Page Global Enable (PGE) flag in CR4 is 1, it means that the Global Page in the TLB (Translation Lookaside Buffal cache is not expired) when the process conversion is in the TLB (Translation Lookaside Buffer). Used to prevent common page (such as the execution code of the kernel or operating system) is replaced out of the TLB cache. The PGE flag of the register CR4 is the 7th bit. Observing that the win2k after initialization is 1. BITS9-9 CopyonWrite: Used for Copy-on-Write mechanism. BITS10-10 prototype: Used for inter-process memory sharing mechanism. Bits11-11 RESERVED: Reserved Page Directory and Page Table We can use Softice to get the page directory of the specified process, the method is as follows, first unparalleled the addr command, will list the process in the current system. Then the ADDR process name is switched to the address space of the process. Then DD C0300000 L 1000 will output 0x1000 bytes at 0xC0300000 at the command window (16), which is 4k bytes. Then exit Softice, use the File in the menu of Symbol Loader -> Save Softice History as .. You can save the content you just output to the file. The page directory of each process is mapped to 0xc0300000, so we get the contents of the page directory. I also wrote a program called Jiurlptsee to output the page directory and page table of the specified process.

The following content is from this program. Open a notepad process page directory: c0300000: 05f5b067 058ae067 067b5067 00eae067c0300010: 03bfa067 00000000 00000000 00000000c0300020: 00000000 00000000 00000000 00000000c0300030: 00000000 00000000 00000000 00000000c0300040: 00000000 00000000 00000000 00000000c0300050: 00000000 00000000 00000000 00000000c0300060: 00000000 00000000 00000000 00000000c0300070: 00000000 00000000 00000000 00000000c0300080: 00000000 00000000 00000000 00000000c0300090: 00000000 00000000 00000000 00000000c03000a0: 00000000 00000000 00000000 00000000c03000b0: 00000000 00000000 00000000 00000000c03000c0: 00000000 00000000 00000000 00000000c03000d0: 00000000 00000000 00000000 00000000c03000e0: 00000000 00000000 00000000 00000000c03000f0: 00000000 00000000 00000000 00000000c0300100: 043b1067 00000000 00000000 00000000c0300110: 00000000 00000000 00000000 000000000000000000000000 million 00000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000 000 000,000 00000c0300160: 00000000 00000000 00000000 00000000c0300170: 00000000 00000000 00000000 00000000c0300180: 00000000 00000000 00000000 00000000c0300190: 00000000 00000000 00000000 00000000c03001a0: 00000000 00000000 00000000 00000000c03001b0: 00000000 00000000 00000000 00000000c03001c0: 00000000 00000000 00000000 00000000c03001d0: 00000000 00000000 00000000 00000000c03001e0: 00000000 00000000 00000000 00000000c03001f0: 00000000 00000000 00000000 00000000c0300200: 00000000 00000000 00000000 00000000c0300210: 00000000 00000000 00000000 00000000c0300220: 00000000 00000000 00000000 00000000c0300230: 00000000 00000000 00000000 00000000c0300240: 00000000 00000000 00000000 00000000c0300250: 00000000 00000000 00000000 00000000c0300260:

00000000 00000000 00000000 00000000c0300270: 00000000 00000000 00000000 00000000c0300280: 00000000 00000000 00000000 00000000c0300290: 00000000 00000000 00000000 00000000c03002a0: 00000000 00000000 00000000 00000000c03002b0: 00000000 00000000 00000000 00000000c03002c0: 00000000 00000000 00000000 00000000c03002d0: 00000000 00000000 00000000 00000000c03002e0: 00000000 00000000 00000000 00000000c03002f0: 00000000 00000000 00000000 00000000c0300300: 00000000 00000000 00000000 00000000c0300310: 00000000 00000000 00000000 00000000c0300320: 00000000 00000000 00000000 00000000c0300330: 00000000 00000000 00000000 00000000c0300340: 00000000 00000000 00000000 00000000c0300350: 00000000 00000000 00000000 00000000c0300360: 00000000 00000000 00000000 00000000c0300370: 00000000 00000000 00000000 00000000c0300380: 00000000 00000000 00000000 00000000c0300390: 00000000 00000000 00000000 00000000c03003a0: 000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000 00000000 00000000c03003d0: 00000000 00000000 00000000 00000000c03003e0: 00000000 00000000 00000000 00000000c03003f0: 00000000 00000000 00000000 00000000c0300400: 00000000 00000000 00000000 00000000c0300410: 00000000 00000000 00000000 00000000c0300420: 00000000 00000000 00000000 00000000c0300430: 00000000 00000000 00000000 00000000c0300440: 00000000 00000000 00000000 00000000c0300450: 00000000 00000000 00000000 00000000c0300460: 00000000 00000000 00000000 00000000c0300470: 00000000 00000000 00000000 00000000c0300480: 00000000 00000000 00000000 00000000c0300490: 00000000 00000000 00000000 00000000c03004a0: 00000000 00000000 00000000 00000000c03004b0: 00000000 00000000 00000000 00000000c03004c0:

00000000 00000000 00000000 00000000c03004d0: 00000000 00000000 00000000 00000000c03004e0: 00000000 00000000 00000000 00000000c03004f0: 00000000 00000000 00000000 00000000c0300500: 00000000 00000000 00000000 00000000c0300510: 00000000 00000000 00000000 00000000c0300520: 00000000 00000000 00000000 00000000c0300530: 00000000 00000000 00000000 00000000c0300540: 00000000 00000000 00000000 00000000c0300550: 00000000 00000000 00000000 00000000c0300560: 00000000 00000000 00000000 00000000c0300570: 00000000 00000000 00000000 00000000c0300580: 00000000 00000000 00000000 00000000c0300590: 00000000 00000000 00000000 00000000c03005a0: 00000000 00000000 00000000 00000000c03005b0: 00000000 00000000 00000000 00000000c03005c0: 00000000 00000000 00000000 00000000c03005d0: 00000000 00000000 00000000 00000000c03005e0: 00000000 00000000 00000000 00000000c03005f0: 00000000 00000000 00000000 00000000c0300600: 0000000010 聽 00000000000610: 0000000000000000000000002 0000000 00000000 00000000c0300630: 00000000 00000000 00000000 00000000c0300640: 00000000 00000000 00000000 00000000c0300650: 00000000 00000000 00000000 00000000c0300660: 00000000 00000000 00000000 00000000c0300670: 00000000 00000000 00000000 00000000c0300680: 00000000 00000000 00000000 00000000c0300690: 00000000 00000000 00000000 00000000c03006a0: 00000000 00000000 00000000 00000000c03006b0: 00000000 00000000 00000000 00000000c03006c0: 00000000 00000000 00000000 00000000c03006d0: 00000000 00000000 00000000 0423a067c03006e0: 00000000 00000000 00000000 00000000c03006f0: 00000000 00000000 00000000 00000000c0300700: 00000000 00000000 00000000 00000000c0300710: 00000000 00000000 00000000 00000000c0300720:

00000000 00000000 00000000 00000000c0300730: 00000000 00000000 00000000 00000000c0300740: 00000000 00000000 00000000 00000000c0300750: 00000000 00000000 00000000 0154b067c0300760: 00000000 00000000 01fa4067 00000000c0300770: 00000000 03946067 06825067 00d00067c0300780: 01cc7067 00000000 00000000 00000000c0300790: 00000000 00000000 00000000 00000000c03007a0: 00000000 00000000 00000000 00000000c03007b0: 00000000 00000000 00000000 00000000c03007c0: 00000000 00000000 00000000 00000000c03007d0: 00000000 00000000 00000000 00000000c03007e0: 00000000 00000000 00000000 00000000c03007f0: 00000000 02869067 00000000 07b98067c0300800: 000001e3 004001e3 008001e3 00c001e3c0300810: 010001e3 014001e3 018001e3 01c001e3c0300820: 020001e3 024001e3 028001e3 02c001e3c0300830: 030001e3 034001e3 038001e3 03c001e3c0300840: 040001e3 044001e3 048001e3 04c001e3c0300850: 050001e3 054001e3 058001e3 05c001e3c0300860: 060001E3 064001E3 068001E3 06C001E3C0300870: 070001E3 074001E3 078001E3 07C001E3C0300880: 080001E3 0 84001e3 088001e3 08c001e3c0300890: 090001e3 094001e3 098001e3 09c001e3c03008a0: 0a0001e3 0a4001e3 0a8001e3 0ac001e3c03008b0: 0b0001e3 0b4001e3 0b8001e3 0bc001e3c03008c0: 0c0001e3 0c4001e3 0c8001e3 0cc001e3c03008d0: 0d0001e3 0d4001e3 0d8001e3 0dc001e3c03008e0: 0e0001e3 0e4001e3 0e8001e3 0ec001e3c03008f0: 0f0001e3 0f4001e3 0f8001e3 0fc001e3c0300900: 100001e3 104001e3 108001e3 10c001e3c0300910: 110001e3 114001e3 118001e3 11c001e3c0300920: 120001e3 124001e3 128001e3 12c001e3c0300930: 130001e3 134001e3 138001e3 13c001e3c0300940: 140001e3 144001e3 148001e3 14c001e3c0300950: 150001e3 154001e3 158001e3 15c001e3c0300960: 160001e3 164001e3 168001e3 16c001e3c0300970: 170001e3 174001e3 178001e3 17c001e3c0300980:

180001e3 184001e3 188001e3 18c001e3c0300990: 190001e3 194001e3 198001e3 19c001e3c03009a0: 1a0001e3 1a4001e3 1a8001e3 1ac001e3c03009b0: 1b0001e3 1b4001e3 1b8001e3 1bc001e3c03009c0: 1c0001e3 1c4001e3 1c8001e3 1cc001e3c03009d0: 1d0001e3 1d4001e3 1d8001e3 1dc001e3c03009e0: 1e0001e3 1e4001e3 1e8001e3 1ec001e3c03009f0: 1f0001e3 1f4001e3 1f8001e3 1fc001e3c0300a00: 06470163 00000000 00000000 00000000c0300a10: 00000000 00000000 00000000 00000000c0300a20: 00000000 00000000 00000000 00000000c0300a30: 00000000 00000000 00000000 00000000c0300a40: 016f1163 016f2163 016f3163 016f4163c0300a50: 016f5163 016f6163 016d7163 016d8163c0300a60: 016d9163 016da163 016db163 016dc163c0300a70: 016dd163 016de163 016df163 01740163c0300a80: 01701163 01702163 01703163 01704163c0300a90: 01705163 01706163 01707163 01708163c0300aa0: 01709163 0170a163 0170b163 0170c163c0300ab0: 0170d163 0170e163 0170f163 01710163c0300ac0: 01711163 01712163 01713163 01714163C0300AD0: 01715163 01716163 016F7163 016F8163C0300AE0: 016F9163 0 16fa163 016fb163 016fc163c0300af0: 016fd163 016fe163 016ff163 01760163c0300b00: 01721163 01722163 01723163 01724163c0300b10: 01725163 01726163 01727163 01728163c0300b20: 01729163 0172a163 0172b163 0172c163c0300b30: 0172d163 0172e163 0172f163 01730163c0300b40: 01731163 01732163 01733163 01734163c0300b50: 01735163 01736163 01717163 01718163c0300b60: 01719163 0171a163 0171b163 0171c163c0300b70: 0171d163 0171e163 0171f163 01780163c0300b80: 01741163 01742163 01743163 01744163c0300b90: 01745163 01746163 01747163 01748163c0300ba0: 01749163 0174a163 0174b163 0174c163c0300bb0: 0174d163 0174e163 0174f163 01750163c0300bc0: 01751163 01752163 01753163 01754163c0300bd0: 01755163 01756163 01737163 01738163c0300be0:

01739163 0173a163 0173b163 0173c163c0300bf0: 0173d163 0173e163 0173f163 017a0163c0300c00: 05cf0063 04a11063 00000000 01670163c0300c10: 01671163 01672163 01673163 01674163c0300c20: 01675163 01676163 01657163 01658163c0300c30: 01659163 0165a163 0165b163 0165c163c0300c40: 0165d163 0165e163 0165f163 016c0163c0300c50: 01681163 01682163 01683163 01684163c0300c60: 01685163 01686163 01687163 01688163c0300c70: 01689163 0168a163 0168b163 0168c163c0300c80: 0168d163 0168e163 0168f163 01690163c0300c90: 01691163 01692163 01693163 01694163c0300ca0: 01695163 01696163 01677163 01678163c0300cb0: 01679163 0167a163 0167b163 0167c163c0300cc0: 0167d163 0167e163 0167f163 016e0163c0300cd0: 016a1163 016a2163 016a3163 016a4163c0300ce0: 016a5163 016a6163 016a7163 016a8163c0300cf0: 016a9163 016aa163 016ab163 016ac163c0300d00: 016ad163 016ae163 016af163 016b0163c0300d10: 016b1163 016b2163 016b3163 016b4163c0300d20: 016B5163 016B6163 01697163 01698163C0300D30: 0169163 0169A163 0169B163 0169C163C0300D40: 0169D163 0 169e163 0169f163 01700163c0300d50: 016c1163 016c2163 016c3163 016c4163c0300d60: 016c5163 016c6163 016c7163 016c8163c0300d70: 016c9163 016ca163 016cb163 016cc163c0300d80: 016cd163 016ce163 016cf163 016d0163c0300d90: 016d1163 016d2163 016d3163 016d4163c0300da0: 016d5163 016d6163 016b7163 016b8163c0300db0: 016b9163 016ba163 016bb163 016bc163c0300dc0: 016bd163 016be163 016bf163 01720163c0300dd0: 016e1163 016e2163 016e3163 016e4163c0300de0: 016e5163 016e6163 016e7163 016e8163c0300df0: 016e9163 016ea163 016eb163 016ec163c0300e00: 016ed163 016ee163 016ef163 016f0163c0300e10: 01765163 026f6163 05189163 055ab163c0300e20: 00000000 0740f163 05a71163 05f43163c0300e30: 0090a163 0297e163 04867163 00000000c0300e40:

00000000 00000000 00000000 00000000c0300e50: 00000000 00000000 00000000 00000000c0300e60: 00000000 00000000 00000000 00000000c0300e70: 00000000 00000000 01768163 01769163c0300e80: 0176a163 0176b163 0176c163 0176d163c0300e90: 0176e163 0176f163 01770163 01771163c0300ea0: 01772163 01773163 01774163 01775163c0300eb0: 01776163 01757163 01758163 01759163c0300ec0: 0175a163 0175b163 0175c163 0175d163c0300ed0: 0175e163 0175f163 017c0163 01781163c0300ee0: 01782163 01783163 01784163 01785163c0300ef0: 01786163 01787163 01788163 01789163c0300f00: 0178a163 01000163 01001163 01002163c0300f10: 01003163 01004163 01005163 01006163c0300f20: 01007163 01008163 01009163 0100a163c0300f30: 0100b163 0100c163 0100d163 0100e163c0300f40: 0100f163 01010163 01011163 01012163c0300f50: 01013163 01014163 01015163 01016163c0300f60: 01017163 01018163 01019163 0101a163c0300f70: 0101b163 0101c163 0101d163 0101e163c0300f80: 0101F163 01020163 01021163 01022163C0300F90: 01023163 01024163 01025163 01026163C0300FA0: 01027163 0 1028163 01029163 0102a163c0300fb0: 0102b163 0102c163 0102d163 0102e163c0300fc0: 0102f163 01030163 01031163 01032163c0300fd0: 01033163 01034163 01035163 01036163c0300fe0: 01037163 01038163 01039163 0103a163c0300ff0: 0103b163 0103c163 0103d163 00031163 Let's analyze this page catalog. 4G address space, low 2G is user space, the first 512 page directory item is used for this 2G address transformation. High 2G is the system space, the latter 512 page directory item is used for this 2G address transformation. Each 32bit, the 0bit is a valid bit, which is 0 indicates a page table of the virtual address space corresponding to the item. In the top 512, we saw a lot of 00000000, the lowest bit is 0, indicating that these items do not have a page table. That is to say, the corresponding 4MB address space is not physical memory map. We see that there is a large number of pages in the user address space, which is not a mapping of the physical page, and what map is not empty. We look at the page directory of another process, then compare with this.

System process's page directory: c0300000: 01860067 00000000 00000000 00000000c0300010: 00000000 00000000 00000000 00000000c0300020: 00000000 00000000 00000000 00000000c0300030: 00000000 00000000 00000000 00000000c0300040: 00000000 00000000 00000000 00000000c0300050: 00000000 00000000 00000000 00000000c0300060: 00000000 00000000 00000000 00000000c0300070: 00000000 00000000 00000000 00000000c0300080: 00000000 00000000 00000000 00000000c0300090: 00000000 00000000 00000000 00000000c03000a0: 00000000 00000000 00000000 00000000c03000b0: 00000000 00000000 00000000 00000000c03000c0: 00000000 00000000 00000000 00000000c03000d0: 00000000 00000000 00000000 00000000c03000e0: 00000000 00000000 00000000 00000000c03000f0: 00000000 00000000 00000000 00000000c0300100: 00000000 00000000 00000000 00000000c0300110: 00000000 00000000 00000000 00000000c0300120: 00000000 00000000 0000000000000000000000 million 0000000000000000000000000000000000-008 0000-002: 0000c0300160: 00000000 00000000 00000000 00000000c0300170: 00000000 00000000 00000000 00000000c0300180: 00000000 00000000 00000000 00000000c0300190: 00000000 00000000 00000000 00000000c03001a0: 00000000 00000000 00000000 00000000c03001b0: 00000000 00000000 00000000 00000000c03001c0: 00000000 00000000 00000000 00000000c03001d0: 00000000 00000000 00000000 00000000c03001e0: 00000000 00000000 00000000 00000000c03001f0: 00000000 00000000 00000000 00000000c0300200: 00000000 00000000 00000000 00000000c0300210: 00000000 00000000 00000000 00000000c0300220: 00000000 00000000 00000000 00000000c0300230: 00000000 00000000 00000000 00000000c0300240: 00000000 00000000 00000000 00000000c0300250: 00000000 00000000 00000000 00000000c0300260:

00000000 00000000 00000000 00000000c0300270: 00000000 00000000 00000000 00000000c0300280: 00000000 00000000 00000000 00000000c0300290: 00000000 00000000 00000000 00000000c03002a0: 00000000 00000000 00000000 00000000c03002b0: 00000000 00000000 00000000 00000000c03002c0: 00000000 00000000 00000000 00000000c03002d0: 00000000 00000000 00000000 00000000c03002e0: 00000000 00000000 00000000 00000000c03002f0: 00000000 00000000 00000000 00000000c0300300: 00000000 00000000 00000000 00000000c0300310: 00000000 00000000 00000000 00000000c0300320: 00000000 00000000 00000000 00000000c0300330: 00000000 00000000 00000000 00000000c0300340: 00000000 00000000 00000000 00000000c0300350: 00000000 00000000 00000000 00000000c0300360: 00000000 00000000 00000000 00000000c0300370: 00000000 00000000 00000000 00000000c0300380: 00000000 00000000 00000000 00000000c0300390: 00000000 00000000 00000000 00000000c03003a0: 000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000 00000000 00000000c03003d0: 00000000 00000000 00000000 00000000c03003e0: 00000000 00000000 00000000 00000000c03003f0: 00000000 00000000 00000000 00000000c0300400: 00000000 00000000 00000000 00000000c0300410: 00000000 00000000 00000000 00000000c0300420: 00000000 00000000 00000000 00000000c0300430: 00000000 00000000 00000000 00000000c0300440: 00000000 00000000 00000000 00000000c0300450: 00000000 00000000 00000000 00000000c0300460: 00000000 00000000 00000000 00000000c0300470: 00000000 00000000 00000000 00000000c0300480: 00000000 00000000 00000000 00000000c0300490: 00000000 00000000 00000000 00000000c03004a0: 00000000 00000000 00000000 00000000c03004b0: 00000000 00000000 00000000 00000000c03004c0:

00000000 00000000 00000000 00000000c03004d0: 00000000 00000000 00000000 00000000c03004e0: 00000000 00000000 00000000 00000000c03004f0: 00000000 00000000 00000000 00000000c0300500: 00000000 00000000 00000000 00000000c0300510: 00000000 00000000 00000000 00000000c0300520: 00000000 00000000 00000000 00000000c0300530: 00000000 00000000 00000000 00000000c0300540: 00000000 00000000 00000000 00000000c0300550: 00000000 00000000 00000000 00000000c0300560: 00000000 00000000 00000000 00000000c0300570: 00000000 00000000 00000000 00000000c0300580: 00000000 00000000 00000000 00000000c0300590: 00000000 00000000 00000000 00000000c03005a0: 00000000 00000000 00000000 00000000c03005b0: 00000000 00000000 00000000 00000000c03005c0: 00000000 00000000 00000000 00000000c03005d0: 00000000 00000000 00000000 00000000c03005e0: 00000000 00000000 00000000 00000000c03005f0: 00000000 00000000 00000000 00000000c0300600: 0000000010 聽 00000000000610: 0000000000000000000000002 0000000 00000000 00000000c0300630: 00000000 00000000 00000000 00000000c0300640: 00000000 00000000 00000000 00000000c0300650: 00000000 00000000 00000000 00000000c0300660: 00000000 00000000 00000000 00000000c0300670: 00000000 00000000 00000000 00000000c0300680: 00000000 00000000 00000000 00000000c0300690: 00000000 00000000 00000000 00000000c03006a0: 00000000 00000000 00000000 00000000c03006b0: 00000000 00000000 00000000 00000000c03006c0: 00000000 00000000 00000000 00000000c03006d0: 00000000 00000000 00000000 00000000c03006e0: 00000000 00000000 00000000 00000000c03006f0: 00000000 00000000 00000000 00000000c0300700: 00000000 00000000 00000000 00000000c0300710: 00000000 00000000 00000000 00000000c0300720:

00000000 00000000 00000000 00000000c0300730: 00000000 00000000 00000000 00000000c0300740: 00000000 00000000 00000000 00000000c0300750: 00000000 00000000 00000000 00000000c0300760: 00000000 00000000 00000000 00000000c0300770: 00000000 00000000 00000000 02119067c0300780: 00000000 00000000 00000000 00000000c0300790: 00000000 00000000 00000000 00000000c03007a0: 00000000 00000000 00000000 00000000c03007b0: 00000000 00000000 00000000 00000000c03007c0: 00000000 00000000 00000000 00000000c03007d0: 00000000 00000000 00000000 00000000c03007e0: 00000000 00000000 00000000 00000000c03007f0: 00000000 00000000 00000000 02138067c0300800: 000001e3 004001e3 008001e3 00c001e3c0300810: 010001e3 014001e3 018001e3 01c001e3c0300820: 020001e3 024001e3 028001e3 02c001e3c0300830: 030001e3 034001e3 038001e3 03c001e3c0300840: 040001e3 044001e3 048001e3 04c001e3c0300850: 050001e3 054001e3 058001e3 05c001e3c0300860: 060001E3 064001E3 068001E3 06C001E3C0300870: 070001E3 074001E3 078001E3 07C001E3C0300880: 080001E3 0 84001e3 088001e3 08c001e3c0300890: 090001e3 094001e3 098001e3 09c001e3c03008a0: 0a0001e3 0a4001e3 0a8001e3 0ac001e3c03008b0: 0b0001e3 0b4001e3 0b8001e3 0bc001e3c03008c0: 0c0001e3 0c4001e3 0c8001e3 0cc001e3c03008d0: 0d0001e3 0d4001e3 0d8001e3 0dc001e3c03008e0: 0e0001e3 0e4001e3 0e8001e3 0ec001e3c03008f0: 0f0001e3 0f4001e3 0f8001e3 0fc001e3c0300900: 100001e3 104001e3 108001e3 10c001e3c0300910: 110001e3 114001e3 118001e3 11c001e3c0300920: 120001e3 124001e3 128001e3 12c001e3c0300930: 130001e3 134001e3 138001e3 13c001e3c0300940: 140001e3 144001e3 148001e3 14c001e3c0300950: 150001e3 154001e3 158001e3 15c001e3c0300960: 160001e3 164001e3 168001e3 16c001e3c0300970: 170001e3 174001e3 178001e3 17c001e3c0300980:

180001e3 184001e3 188001e3 18c001e3c0300990: 190001e3 194001e3 198001e3 19c001e3c03009a0: 1a0001e3 1a4001e3 1a8001e3 1ac001e3c03009b0: 1b0001e3 1b4001e3 1b8001e3 1bc001e3c03009c0: 1c0001e3 1c4001e3 1c8001e3 1cc001e3c03009d0: 1d0001e3 1d4001e3 1d8001e3 1dc001e3c03009e0: 1e0001e3 1e4001e3 1e8001e3 1ec001e3c03009f0: 1f0001e3 1f4001e3 1f8001e3 1fc001e3c0300a00: 06470163 06f15163 00000000 00000000c0300a10: 00000000 00000000 00000000 00000000c0300a20: 00000000 00000000 00000000 00000000c0300a30: 00000000 00000000 00000000 00000000c0300a40: 016f1163 016f2163 016f3163 016f4163c0300a50: 016f5163 016f6163 016d7163 016d8163c0300a60: 016d9163 016da163 016db163 016dc163c0300a70: 016dd163 016de163 016df163 01740163c0300a80: 01701163 01702163 01703163 01704163c0300a90: 01705163 01706163 01707163 01708163c0300aa0: 01709163 0170a163 0170b163 0170c163c0300ab0: 0170d163 0170e163 0170f163 01710163c0300ac0: 01711163 01712163 01713163 01714163C0300AD0: 01715163 01716163 016F7163 016F8163C0300AE0: 016F9163 0 16fa163 016fb163 016fc163c0300af0: 016fd163 016fe163 016ff163 01760163c0300b00: 01721163 01722163 01723163 01724163c0300b10: 01725163 01726163 01727163 01728163c0300b20: 01729163 0172a163 0172b163 0172c163c0300b30: 0172d163 0172e163 0172f163 01730163c0300b40: 01731163 01732163 01733163 01734163c0300b50: 01735163 01736163 01717163 01718163c0300b60: 01719163 0171a163 0171b163 0171c163c0300b70: 0171d163 0171e163 0171f163 01780163c0300b80: 01741163 01742163 01743163 01744163c0300b90: 01745163 01746163 01747163 01748163c0300ba0: 01749163 0174a163 0174b163 0174c163c0300bb0: 0174d163 0174e163 0174f163 01750163c0300bc0: 01751163 01752163 01753163 01754163c0300bd0: 01755163 01756163 01737163 01738163c0300be0:

01739163 0173a163 0173b163 0173c163c0300bf0: 0173d163 0173e163 0173f163 017a0163c0300c00: 00030067 01520063 00000000 01670163c0300c10: 01671163 01672163 01673163 01674163c0300c20: 01675163 01676163 01657163 01658163c0300c30: 01659163 0165a163 0165b163 0165c163c0300c40: 0165d163 0165e163 0165f163 016c0163c0300c50: 01681163 01682163 01683163 01684163c0300c60: 01685163 01686163 01687163 01688163c0300c70: 01689163 0168a163 0168b163 0168c163c0300c80: 0168d163 0168e163 0168f163 01690163c0300c90: 01691163 01692163 01693163 01694163c0300ca0: 01695163 01696163 01677163 01678163c0300cb0: 01679163 0167a163 0167b163 0167c163c0300cc0: 0167d163 0167e163 0167f163 016e0163c0300cd0: 016a1163 016a2163 016a3163 016a4163c0300ce0: 016a5163 016a6163 016a7163 016a8163c0300cf0: 016a9163 016aa163 016ab163 016ac163c0300d00: 016ad163 016ae163 016af163 016b0163c0300d10: 016b1163 016b2163 016b3163 016b4163c0300d20: 016B5163 016B6163 01697163 01698163C0300D30: 0169163 0169A163 0169B163 0169C163C0300D40: 0169D163 0 169e163 0169f163 01700163c0300d50: 016c1163 016c2163 016c3163 016c4163c0300d60: 016c5163 016c6163 016c7163 016c8163c0300d70: 016c9163 016ca163 016cb163 016cc163c0300d80: 016cd163 016ce163 016cf163 016d0163c0300d90: 016d1163 016d2163 016d3163 016d4163c0300da0: 016d5163 016d6163 016b7163 016b8163c0300db0: 016b9163 016ba163 016bb163 016bc163c0300dc0: 016bd163 016be163 016bf163 01720163c0300dd0: 016e1163 016e2163 016e3163 016e4163c0300de0: 016e5163 016e6163 016e7163 016e8163c0300df0: 016e9163 016ea163 016eb163 016ec163c0300e00: 016ed163 016ee163 016ef163 016f0163c0300e10: 01765163 026f6163 05189163 055ab163c0300e20: 059ad163 0740f163 05a71163 05f43163c0300e30: 0090a163 0297e163 04867163 034ae163c0300e40:

00000300 00000300 00000300 00000300c0300e50: 00000300 00000300 00000300 00000300c0300e60: 00000300 00000300 00000300 00000300c0300e70: 00000300 00000300 01768163 01769163c0300e80: 0176a163 0176b163 0176c163 0176d163c0300e90: 0176e163 0176f163 01770163 01771163c0300ea0: 01772163 01773163 01774163 01775163c0300eb0: 01776163 01757163 01758163 01759163c0300ec0: 0175a163 0175b163 0175c163 0175d163c0300ed0: 0175e163 0175f163 017c0163 01781163c0300ee0: 01782163 01783163 01784163 01785163c0300ef0: 01786163 01787163 01788163 01789163c0300f00: 0178a163 01000163 01001163 01002163c0300f10: 01003163 01004163 01005163 01006163c0300f20: 01007163 01008163 01009163 0100a163c0300f30: 0100b163 0100c163 0100d163 0100e163c0300f40: 0100f163 01010163 01011163 01012163c0300f50: 01013163 01014163 01015163 01016163c0300f60: 01017163 01018163 01019163 0101a163c0300f70: 0101b163 0101c163 0101d163 0101e163c0300f80: 0101F163 01020163 01021163 01022163C0300F90: 01023163 01024163 01025163 01026163C0300FA0: 01027163 0 Let us analyze 0103b163 0103c163 0103d163 00031163: 1028163 01029163 0102a163c0300fb0: 0102b163 0102c163 0102d163 0102e163c0300fc0: 0102f163 01030163 01031163 01032163c0300fd0: 01033163 01034163 01035163 01036163c0300fe0: 01037163 01038163 01039163 0103a163c0300ff0. This is the page directory of the system process. First in the user address space, it is a large piece of no physical memory mapping. Then we use UltraEdit to compare the two page directories. It is found that there is no valid item in the same location in the user address space (low 2G, the first 512 items) of the two processes, which explains that each process has its own independent user address space, each mapping different physical memory. The comparison result of the system address space (high 2g, 512 items) is the same as the content of the most. The page table is the same, the corresponding page table will be on the same physical page, that is, the page table is definitely the same. Then the page table corresponding physical pages is the same. Note Most of the content in the system address space of the two processes is the same. The page directory item at the c0300c00 corresponds to the 4M address space where the page table and the page directory, the page table of each process, and the contents of the page table, so they are of course different in different physical pages, comparison results.

Let's take a look at the contents in the page table, we choose the page table table table table (Page Directory 4) in the page directory of the notepad.

Notepad process page directory entry 1 corresponding page table: c0001000: 00000000 00000000 00000000 00000000c0001010: 00000000 00000000 00000000 00000000c0001020: 00000000 00000000 00000000 00000000c0001030: 00000000 00000000 0464f025 046dd025c0001040: 00000000 00000000 00000000 00000000c0001050: 00000000 00000000 00000000 00000000c0001060: 00000000 00000000 00000000 00000000c0001070: 00000000 00000000 00000000 00000000c0001080: 00000000 00000000 00000000 00000000c0001090: 00000000 00000000 00000000 00000000c00010a0: 00000000 00000000 00000000 00000000c00010b0: 00000000 00000000 00000000 00000000c00010c0: 00000000 00000000 00000000 00000000c00010d0: 00000000 00000000 00000000 00000000c00010e0: 00000000 00000000 00000000 00000000c00010f0: 00000000 00000000 00000000 00000000c0001100: 00000000 00000000 00000000 00000000c0001110: 00000000 00000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000 00 00000000000000 00 000000c0001160: 00000000 00000000 00000000 00000000c0001170: 00000000 00000000 00000000 00000000c0001180: 00000000 00000000 00000000 00000000c0001190: 00000000 00000000 00000000 00000000c00011a0: 00000000 00000000 00000000 00000000c00011b0: 00000000 00000000 00000000 00000000c00011c0: 00000000 00000000 00000000 00000000c00011d0: 00000000 00000000 00000000 00000000c00011e0: 00000000 00000000 00000000 00000000c00011f0: 00000000 00000000 00000000 00000000c0001200: 00000000 00000000 00000000 00000000c0001210: 00000000 00000000 00000000 00000000c0001220: 00000000 00000000 00000000 00000000c0001230: 00000000 00000000 00000000 00000000c0001240: 00000000 00000000 00000000 00000000c0001250: 00000000 00000000 00000000 00000000c0001260:

00000000 00000000 00000000 00000000c0001270: 00000000 00000000 00000000 00000000c0001280: 00000000 00000000 00000000 00000000c0001290: 00000000 00000000 00000000 00000000c00012a0: 00000000 00000000 00000000 00000000c00012b0: 00000000 00000000 00000000 00000000c00012c0: 00000000 00000000 00000000 00000000c00012d0: 00000000 00000000 00000000 00000000c00012e0: 00000000 00000000 00000000 00000000c00012f0: 00000000 00000000 00000000 00000000c0001300: 00000000 00000000 00000000 00000000c0001310: 00000000 00000000 00000000 00000000c0001320: 00000000 00000000 00000000 00000000c0001330: 00000000 00000000 00000000 00000000c0001340: 00000000 00000000 00000000 00000000c0001350: 00000000 00000000 00000000 00000000c0001360: 00000000 00000000 00000000 00000000c0001370: 00000000 00000000 00000000 00000000c0001380: 00000000 00000000 00000000 00000000c0001390: 00000000 00000000 00000000 00000000c00013a0: 0000000010000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000 0 0000000 00000000 00000000c00013d0: 00000000 00000000 00000000 00000000c00013e0: 00000000 00000000 00000000 00000000c00013f0: 00000000 00000000 00000000 00000000c0001400: 00000000 00000000 00000000 00000000c0001410: 00000000 00000000 00000000 00000000c0001420: 00000000 00000000 00000000 00000000c0001430: 00000000 00000000 00000000 00000000c0001440: 00000000 00000000 00000000 00000000c0001450: 00000000 00000000 00000000 00000000c0001460: 00000000 00000000 00000000 00000000c0001470: 00000000 00000000 00000000 00000000c0001480: 00000000 00000000 00000000 00000000c0001490: 00000000 00000000 00000000 00000000c00014a0: 00000000 00000000 00000000 00000000c00014b0: 00000000 00000000 00000000 00000000c00014c0:

00000000 00000000 00000000 00000000c00014d0: 00000000 00000000 00000000 00000000c00014e0: 00000000 00000000 00000000 00000000c00014f0: 00000000 00000000 00000000 00000000c0001500: 00000000 00000000 00000000 00000000c0001510: 00000000 00000000 00000000 00000000c0001520: 00000000 00000000 00000000 00000000c0001530: 00000000 00000000 00000000 00000000c0001540: 00000000 00000000 00000000 00000000c0001550: 00000000 00000000 00000000 00000000c0001560: 00000000 00000000 00000000 00000000c0001570: 00000000 00000000 00000000 00000000c0001580: 00000000 00000000 00000000 00000000c0001590: 00000000 00000000 00000000 00000000c00015a0: 00000000 00000000 00000000 00000000c00015b0: 00000000 00000000 00000000 00000000c00015c0: 00000000 00000000 00000000 00000000c00015d0: 00000000 00000000 00000000 00000000c00015e0: 00000000 00000000 00000000 00000000c00015f0: 00000000 00000000 00000000 00000000c0001600: 0000000010 000,000 000 000,000 000,0000000000000000000 00000000 0000-00 0000-00 0000-00 0000-00 0000-00-00 000000-00 0000-00 0000-00-00 0000 0000000 00000000 00000000c0001630: 00000000 00000000 00000000 00000000c0001640: 00000000 00000000 00000000 00000000c0001650: 00000000 00000000 00000000 00000000c0001660: 00000000 00000000 00000000 00000000c0001670: 00000000 00000000 00000000 00000000c0001680: 00000000 00000000 00000000 00000000c0001690: 00000000 00000000 00000000 00000000c00016a0: 00000000 00000000 00000000 00000000c00016b0: 00000000 00000000 00000000 00000000c00016c0: 00000000 00000000 00000000 00000000c00016d0: 00000000 00000000 00000000 00000000c00016e0: 00000000 00000000 00000000 00000000c00016f0: 00000000 00000000 00000000 00000000c0001700: 00000000 00000000 00000000 00000000c0001710: 00000000 00000000 00000000 00000000c0001720:

00000000 00000000 00000000 00000000c0001730: 00000000 00000000 00000000 00000000c0001740: 00000000 00000000 00000000 00000000c0001750: 00000000 00000000 00000000 00000000c0001760: 00000000 00000000 00000000 00000000c0001770: 00000000 00000000 00000000 00000000c0001780: 00000000 00000000 00000000 00000000c0001790: 00000000 00000000 00000000 00000000c00017a0: 00000000 00000000 00000000 00000000c00017b0: 00000000 00000000 00000000 00000000c00017c0: 00000000 00000000 00000000 00000000c00017d0: 00000000 00000000 00000000 00000000c00017e0: 00000000 00000000 00000000 00000000c00017f0: 00000000 00000000 00000000 00000000c0001800: 00000000 00000000 00000000 00000000c0001810: 00000000 00000000 00000000 00000000c0001820: 00000000 00000000 00000000 00000000c0001830: 00000000 00000000 00000000 00000000c0001840: 00000000 00000000 00000000 00000000c0001850: 00000000 00000000 00000000 00000000c0001860: 0000000010 聽 00000000000000000000000 0000000000 0000-00 0000-00 0000-00 0000-00 0000-00-00 000000 0000000 00000000 00000000c0001890: 00000000 00000000 00000000 00000000c00018a0: 00000000 00000000 00000000 00000000c00018b0: 00000000 00000000 00000000 00000000c00018c0: 00000000 00000000 00000000 00000000c00018d0: 00000000 00000000 00000000 00000000c00018e0: 00000000 00000000 00000000 00000000c00018f0: 00000000 00000000 00000000 00000000c0001900: 00000000 00000000 00000000 00000000c0001910: 00000000 00000000 00000000 00000000c0001920: 00000000 00000000 00000000 00000000c0001930: 00000000 00000000 00000000 00000000c0001940: 00000000 00000000 00000000 00000000c0001950: 00000000 00000000 00000000 00000000c0001960: 00000000 00000000 00000000 00000000c0001970: 00000000 00000000 00000000 00000000c0001980:

00000000 00000000 00000000 00000000c0001990: 00000000 00000000 00000000 00000000c00019a0: 00000000 00000000 00000000 00000000c00019b0: 00000000 00000000 00000000 00000000c00019c0: 00000000 00000000 00000000 00000000c00019d0: 00000000 00000000 00000000 00000000c00019e0: 00000000 00000000 00000000 00000000c00019f0: 00000000 00000000 00000000 00000000c0001a00: 00000000 00000000 00000000 00000000c0001a10: 00000000 00000000 00000000 00000000c0001a20: 00000000 00000000 00000000 00000000c0001a30: 00000000 00000000 00000000 00000000c0001a40: 00000000 00000000 00000000 00000000c0001a50: 00000000 00000000 00000000 00000000c0001a60: 00000000 00000000 00000000 00000000c0001a70: 00000000 00000000 00000000 00000000c0001a80: 01fd8067 00000000 00000000 00000000c0001a90: 00000000 00000000 00000000 00000000c0001aa0: 00000000 00000000 00000000 00000000c0001ab0: 00000000 00000000 00000000 00000000c0001ac0: 02ed9047 0000000 000 million 00000000000000000000000000 00000000 0000-00 0000-00 0000-00-00 0000-00 0000-00-00 0000-00 0000-00-00 0000-00 0000-00-00 0000-00 0000-00-00 0000 0000000 00000000 00000000c0001af0: 00000000 00000000 00000000 00000000c0001b00: 05d3c047 0243d047 006de047 0217f047c0001b10: 04f39047 0695a047 01c5b047 00000000c0001b20: 00000000 00000000 00000000 00000000c0001b30: 00000000 00000000 00000000 00000000c0001b40: 07596005 07597005 00000000 00000000c0001b50: 00000000 00000000 00000000 00000000c0001b60: 00000000 00000000 00000000 00000000c0001b70: 00000000 00000000 00000000 00000000c0001b80: 0272a047 00000000 00000000 00000000c0001b90: 00000000 00000000 00000000 00000000c0001ba0: 00000000 00000000 00000000 00000000c0001bb0: 00000000 00000000 00000000 00000000c0001bc0: 06825047 00000000 00000000 00000000c0001bd0: 00000000 00000000 00000000 00000000c0001be0:

00000000 00000000 00000000 00000000c0001bf0: 00000000 00000000 00000000 00000000c0001c00: 00000000 00000000 00000000 00000000c0001c10: 00000000 00000000 00000000 00000000c0001c20: 00000000 00000000 00000000 00000000c0001c30: 00000000 00000000 00000000 00000000c0001c40: 00000000 00000000 00000000 00000000c0001c50: 00000000 00000000 00000000 00000000c0001c60: 00000000 00000000 00000000 00000000c0001c70: 00000000 00000000 00000000 00000000c0001c80: 00000000 00000000 00000000 00000000c0001c90: 00000000 00000000 00000000 00000000c0001ca0: 00000000 00000000 00000000 00000000c0001cb0: 00000000 00000000 00000000 00000000c0001cc0: 00000000 00000000 00000000 00000000c0001cd0: 00000000 00000000 00000000 00000000c0001ce0: 00000000 00000000 00000000 00000000c0001cf0: 00000000 00000000 00000000 00000000c0001d00: 00000000 00000000 00000000 00000000c0001d10: 00000000 00000000 00000000 00000000c0001d20: 00000000 000,000 00 000 000 000 00000000 0000000 0000000 000,000000 0001D40: 00000000 0 0000000 00000000 00000000c0001d50: 00000000 00000000 00000000 00000000c0001d60: 00000000 00000000 00000000 00000000c0001d70: 00000000 00000000 00000000 00000000c0001d80: 00000000 00000000 00000000 00000000c0001d90: 00000000 00000000 00000000 00000000c0001da0: 00000000 00000000 00000000 00000000c0001db0: 00000000 00000000 00000000 00000000c0001dc0: 04daf047 03c90047 05ba1047 03de2047c0001dd0: 00000000 00000000 00000000 00000000c0001de0: 00000000 00000000 00000000 00000000c0001df0: 00000000 00000000 00000000 00000000c0001e00: 00ef1047 052d2047 05573047 065f4047c0001e10: 01c55047 03a56047 03457047 045b8047c0001e20: 076d9047 037ba047 04f3b047 0347c047c0001e30: 033dd047 05a1e047 01dbf047 02220047c0001e40:

00000000 00000000 00000000 00000000c0001e50: 00000000 00000000 00000000 00000000c0001e60: 00000000 00000000 00000000 00000000c0001e70: 00000000 00000000 00000000 00000000c0001e80: 00000000 00000000 00000000 00000000c0001e90: 00000000 00000000 00000000 00000000c0001ea0: 00000000 00000000 00000000 00000000c0001eb0: 00000000 00000000 00000000 00000000c0001ec0: 00000000 00000000 00000000 00000000c0001ed0: 00000000 00000000 00000000 00000000c0001ee0: 00000000 00000000 00000000 00000000c0001ef0: 00000000 00000000 00000000 00000000c0001f00: 00000000 00000000 00000000 00000000c0001f10: 00000000 00000000 00000000 00000000c0001f20: 00000000 00000000 00000000 00000000c0001f30: 00000000 00000000 00000000 00000000c0001f40: 00000000 00000000 00000000 00000000c0001f50: 00000000 00000000 00000000 00000000c0001f60: 00000000 00000000 00000000 00000000c0001f70: 00000000 00000000 00000000 00000000c0001f80: 00000000100000000000000000000000000000 000000000000 000000 0000-00 0000-00 0000000 00000000 00000000c0001fb0: 00000000 00000000 00000000 00000000c0001fc0: 00000000 00000000 00000000 00000000c0001fd0: 00000000 00000000 00000000 00000000c0001fe0: 00000000 00000000 00000000 00000000c0001ff0: 00000000 00000000 00000000 00000000 analyze this page table, a page table is responsible for 4MB address space. Each valid item indicates that the page is mapped to the physical page. As seen from this page, a large number of items are not physical page mapping. This 4MB address space is only partially mapped by physical memory. Large Page Section in the address space In the page directory we can see 128 pages of directory items from 0xC0300800 to 0xc03009FC are 0x1e3, that is, 111100011. The 7th, LargePage flag of these items, indicating that the 128 page directory items are 128 4M pages. The 128 items corresponding to the virtual address space 0x80000000 - 0x9ffffff, the size 0x20000000 BYTES = 512 m bytes. For the X86 CPU, you must support the 4K page directory entry and 4M page directory item, which requires the PSE flag in the register CR4 to 1, and the 4th bit of the register CR4 is the PSE flag.

Observing the PSE flag value in Win2K discovery register CR4 is 1, indicating that Win2K can be mixed 4m pages and 4k pages simultaneously. KD> R CR4R CR4CR4 = 000002d1 For 4M page catalog items, its 22nd to 31bit, this high 10 bit indicates a 4M page physical address, and the 12bit to 21bit This 10bit must be 0. The minimum 12bit is still those markers. For 4K page directory, it is referred to in the physical page to put a page table. For 4M page catalog, the physical page it is referred to is directly used to place code and data. That is to say that this item is no longer needed. When the CPU performs the conversion of the virtual address to the physical address, use the high 10bit as an index in the page directory, find the page directory entry, the Large Page flag of the discovery page is set, and remove the physical address in this item. Then use the low 22bit of the virtual address as the page offset to get the physical address. The core module of the system is generally relatively large, and the system's core module will use, so their page table item is better in the TLB (Translation Look-Aside Buffer) cache, if you use 4K pages, you need more 4K Page, you need to take up more TLB caches. The TLB cache is a very valuable resource. If you use 4M pages, you can save a lot of TLB caches. The actual Win2K's two most important core modules HAL.DLL and NTOSKRNL.EXE are placed in the address space of this 4M page. Observe the physical address in this 128 page directory items, it will find that the address space 80000000 - 9FFFFFFFFFFff will be mapped with the physical memory 00000000 - 1FFFFFF. For example, I have 128M physical memory, they will map all in this address space. From a valid sign, this 128 page directory items are valid. And actually they are always effective. They correspond to 512M address space. If only 128M physical memory is, it is much better, and there is virtually no physical memory map. There is no physical memory mapping, and the page directory item indicates effective, then what will it be? The result is no blue screen, reading successfully, all the content read is FF. If this 128 page directory item is not 4m page directory item, but 4K page directory, 128 page tables will be corresponding. Then now, the 128 flieves from the C0200000 starting from the C0200000, that is, the c0200000 - c027ffff This 512K address space is? The observation is that in their 128 pages, mapped and 128 page directory items corresponding to the first 4K of the 4M address space. For example, the address c0200000's 4K and address 80000000's 4K content is the same, all of which are a physical address of 00000000. The 4K content of the address C0201000 is the same, the content of 4K content is the same, all of which are 4K of the physical address of 00400000. About 80000000-9FFFFFFFFff will be mapped with physical memory 00000000-1FFFFFF. And this 128 page directory items are always effective. We can also find evidence in the ntoskrnl! MmgetphysicalAddress function. MmgetPhysicalAddress, convert the specified virtual address into a physical address, and the parameter introduction can see DDK. This is a very simple function, with Softice to break down on this function, then write a driver, triggering this function with a different range of virtual addresses. Use Softice to follow this function's execution process. It will be found that the address in 80000000-9FFFFFFFFFFF is not valid, indicating that they are always effective.

转载请注明原文地址:https://www.9cbs.com/read-26136.html

9cbs

New Post(0)