Get the unallocated memory on 32-bit Windows, 4GB sys

And what will you do if some other product tries this trick. I have
known of people who did this in highly controlled embedded environments,
but even then some of them ran into problems. You say this is ramdisk
like which means you a storing the users data, corruption should be your
first concern, and there is no way to protect against someone else
assuming the memory is available.

Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

-----Original Message-----
From: xxxxx@gmail.com [mailto:xxxxx@gmail.com]
Posted At: Tuesday, March 16, 2010 9:50 AM
Posted To: ntdev
Conversation: Get the unallocated memory on 32-bit Windows, 4GB sys
Subject: RE: Get the unallocated memory on 32-bit Windows, 4GB sys

This is for a product similar to a ramdisk. The ability to utilize a
gig of RAM that is sitting there unused is considered an important
feature because it allow users to get a great deal more out of their
system.

__________ Information from ESET Smart Security, version of virus
signature database 4949 (20100316) __________

The message was checked by ESET Smart Security.

http://www.eset.com

Then be sure to let us know what the product is. I want to tell all my
clients to be sure to avoid this crap at all costs.

Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

-----Original Message-----
From: xxxxx@gmail.com [mailto:xxxxx@gmail.com]
Posted At: Tuesday, March 16, 2010 10:48 AM
Posted To: ntdev
Conversation: Get the unallocated memory on 32-bit Windows, 4GB sys
Subject: RE: Get the unallocated memory on 32-bit Windows, 4GB sys

We do not have the luxury of only serving the OEM market. This is a
retail product and there are substantial users who would purchase the
product if it squeezes more out of their systems without upgrades.
Getting this memory serves a sweet spot in todays market.

__________ Information from ESET Smart Security, version of virus
signature database 4949 (20100316) __________

The message was checked by ESET Smart Security.

http://www.eset.com

We do not have the luxury of only serving the OEM market. This is a retail product and there are substantial users who would purchase the product if it squeezes more out of their systems without upgrades. Getting this memory serves a sweet spot in todays market.

Perhaps, but it doesn’t appear to be a currently unoccupied ‘sweet spot.’ There’s already at least one product that claims to be able to do this (>4GB & 3.2GB to 4GB), has gotten itself through the logo process, retails for about $60, supports formating as NTFS or any other Windows support FS and claims to be ‘patent pending.’ Taking all of that at face value, that’s a lot of work for $60/copy, especially if you’re playing catchup.

mm

xxxxx@gmail.com wrote:

We do not have the luxury of only serving the OEM market. This is a retail product and there are substantial users who would purchase the product if it squeezes more out of their systems without upgrades. Getting this memory serves a sweet spot in todays market.

You are using a very unusual definition of the word “substantial”. The
number of users who (1) have 4GB RAM, (2) have a motherboard that has a
PCI hole of sufficient size to make this worthwhile, (3) are running
32-bit operating systems, (4) are absolutely unwilling to upgrade to Win
7 64, and (5) have the technical wherewithal to know that there is a PCI
hole must be vanishingly small.

However, as they say, it’s your funeral. Assuming you can learn that
there is a PCI hole, how large the hole is, and where the memory has
been mapped, all you have to do is map it in to kernel space, exactly
like mapping a PCI board’s BAR. At that point, it’s yours to use
(although, as Don quite correctly pointed out, it’s also available to
any other utility like yours, and there is no arbitration).


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

So is it a correct summary to say it will work fine unless another device driver doing the same thing is present?

Measuring the market opportunity is not my department. I would prefer to let it go and focus on features that appeal to all users, but that doesn’t matter because I am not a chief, just an indian. As there is a similar product out there grabbing this memory and has logo and wows their customers with it, I really do not seem to have any technical case to present against this feature.

How can a driver detect this memory in preparation for mapping?

A logo is not validation of the design, the logo tests are not omniscient to know that the driver is doing undocumented things. All it means in this case is that it passed a bunch of generic tests

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@gmail.com
Sent: Wednesday, March 17, 2010 12:17 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Get the unallocated memory on 32-bit Windows, 4GB sys

So is it a correct summary to say it will work fine unless another device driver doing the same thing is present?

Measuring the market opportunity is not my department. I would prefer to let it go and focus on features that appeal to all users, but that doesn’t matter because I am not a chief, just an indian. As there is a similar product out there grabbing this memory and has logo and wows their customers with it, I really do not seem to have any technical case to present against this feature.

How can a driver detect this memory in preparation for mapping?


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Unless another driver uses it, or the BIOS is weird and uses it, or they
have a cheap video device that is reported by the BIOS but may not show
up in your calculation, and I am sure there are more that I forgot. As
far as the chief and the Indian argument, if you are a professional it
is your responsibility to point out all the problems.

Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

-----Original Message-----
From: xxxxx@gmail.com [mailto:xxxxx@gmail.com]
Posted At: Wednesday, March 17, 2010 3:17 AM
Posted To: ntdev
Conversation: Get the unallocated memory on 32-bit Windows, 4GB sys
Subject: RE: Get the unallocated memory on 32-bit Windows, 4GB sys

So is it a correct summary to say it will work fine unless another
device driver doing the same thing is present?

Measuring the market opportunity is not my department. I would prefer
to let it go and focus on features that appeal to all users, but that
doesn’t matter because I am not a chief, just an indian. As there is a
similar product out there grabbing this memory and has logo and wows
their customers with it, I really do not seem to have any technical
case to present against this feature.

How can a driver detect this memory in preparation for mapping?

__________ Information from ESET Smart Security, version of virus
signature database 4951 (20100317) __________

The message was checked by ESET Smart Security.

http://www.eset.com

“I want to tell all my clients to be sure to avoid this crap at all costs.”

Now I am curious about this. Since it was important enough to trumpet this announcement in this thread can you let us know the outcome now that a released driver doing this has been identified?

Any product that uses undocumented things should be avoided at all costs.

wrote in message news:xxxxx@ntdev…
> “I want to tell all my clients to be sure to avoid this crap at all
> costs.”
>
> Now I am curious about this. Since it was important enough to trumpet this
> announcement in this thread can you let us know the outcome now that a
> released driver doing this has been identified?
>
>

Granted and agreed, so if the OP will identify both theirs and their
competitors product we will equally scoff, hurrah, and harangue both of
them. The OP did miss the point. Don wants to know BOTH products to avoid
BOTH, not just the OPs.

The personal opinion of
Gary G. Little

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Alexander Grigoriev
Sent: Thursday, March 18, 2010 9:22 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Get the unallocated memory on 32-bit Windows, 4GB sys

Any product that uses undocumented things should be avoided at all costs.

wrote in message news:xxxxx@ntdev…
> “I want to tell all my clients to be sure to avoid this crap at all
> costs.”
>
> Now I am curious about this. Since it was important enough to trumpet this

> announcement in this thread can you let us know the outcome now that a
> released driver doing this has been identified?
>
>


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Information from ESET Smart Security, version of virus signature
database 4955 (20100318)


The message was checked by ESET Smart Security.

http://www.eset.com

Information from ESET Smart Security, version of virus signature
database 4955 (20100318)


The message was checked by ESET Smart Security.

http://www.eset.com

“Alexander Grigoriev” wrote in message
news:xxxxx@ntdev…
> Any product that uses undocumented things should be avoided at all costs.

Ts ts. A nice phrase, but… are you ready to part with DebugView?
Quite a lot undocumented things eventually became documented - see
winternl.h.
Yet other things still are not documented completely and accurately, so
people dig and hack and manage to create interesting products anyway.
These days, it’s hard to make money without taking risks.
And trust the management, they know better :slight_smile:

Regards,
– pa

I draw the line at a couple of things:

  1. Is this for a test system (such as DebugView)?

  2. Is this for a well controlled environment, i.e. the hardware and the
    OS version are stable?

Beyond the above, it has to depend on “how undocumented” something is.
But if I have the choice of a product that uses undocumented and one
that doesn’t I agree with Alexander.

As far as the OP’s product, I hope we get a clue what it is, since I
want nothing to do with that shit.

Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

-----Original Message-----
From: Pavel A. [mailto:xxxxx@fastmail.fm]
Posted At: Thursday, March 18, 2010 6:04 PM
Posted To: ntdev
Conversation: Get the unallocated memory on 32-bit Windows, 4GB sys
Subject: Re: Get the unallocated memory on 32-bit Windows, 4GB sys

“Alexander Grigoriev” wrote in message
> news:xxxxx@ntdev…
> > Any product that uses undocumented things should be avoided at all
costs.
>
> Ts ts. A nice phrase, but… are you ready to part with DebugView?
> Quite a lot undocumented things eventually became documented - see
> winternl.h.
> Yet other things still are not documented completely and accurately,
so
> people dig and hack and manage to create interesting products anyway.
> These days, it’s hard to make money without taking risks.
> And trust the management, they know better :slight_smile:
>
> Regards,
> – pa
>
>
>
>
> Information from ESET Smart Security, version of virus
signature
> database 4956 (20100318)

>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>

> Since another device driver on the market is doing it, this is not a an acceptable answer to

managment so perhaps undocumented techniques are the way forward.

You must know the exact upper bound of Windows-visible RAM, and then call MmMapIoSpace on the RAM above this bound.

How will you know the bounds - I don’t know. Undocumented.


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

>upgrades. Getting this memory serves a sweet spot in todays market.

Do you understand that, if there will be another product doing the same, the major interops with crashes are inevitable?


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

> The actual size of the PCI hole depends on your BIOS, but is typically a few dozen megabytes.

Down to 3.2GB on some motherboards.


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

“As far as the OP’s product, I hope we get a clue what it is, since I want nothing to do with that shit.”

Sounds as if you are back peddling and will not warn all of your clients about the shipping product. No biggie, just checking.

On Fri, Mar 19, 2010 at 12:04 AM, Pavel A. wrote:
> “Alexander Grigoriev” wrote in message
> news:xxxxx@ntdev…
>>
>> Any product that uses undocumented things should be avoided at all costs.
>
> Ts ts. A nice phrase, but… are you ready to part with DebugView?
> Quite a lot undocumented things eventually became documented - see
> winternl.h.
> Yet other things still are not documented completely and accurately, so
> people dig and hack and manage to create interesting products anyway.
> These days, it’s hard to make money without taking risks.
> And trust the management, they know better :slight_smile:

DebugView is not production ready kernel mode software for
heterogeneous and generic environment. I think that for debugging and
for learning stuff it is perfectly acceptable to use undocumented
features, write drivers in ASM, hook the kernel etc.

When it comes to delivering software to users, you must play by the
book in the most strict sense.


Aram Hăvărneanu

>Since another device driver on the market is doing it, this is not a an acceptable answer

to managment so perhaps undocumented techniques are the way forward.

Ironically you have just presented a key argument against use of “unconventional” stuff - if driver X is doing it and driver Y attempts to do the same (they have no chance to coordinate their “efforts”, do they), what is going to happen to the target machine???

Anton Bassov

By which book, please tell me? By the WDK documentation?
It is not complete and totally correct, as everyone who ever tried something
not trivial might learn.

There are certain well known don’ts like hooking.
But sometimes we have to rely on results of our own research, that are not
documented at all - not as do’s neither as don’ts.
It is in a gray area, risky. There are certain known means to contain the
risk
and make it acceptable.
DebugView is a small example of something not readily taken from a book -
it was delivered to users first, and book writers explained it later.
Same with CD & DVD recording software, same with P2P networking,
same with NTFS hacks (Partition Magic, Ghost), VMware, and many many others.

Management knows what customers are willing to pay for. This is their job.
Developer’s job is to do what management wants, and do it well enough :slight_smile:

Regards,
–pa

“Aram Havarneanu” wrote in message news:xxxxx@ntdev…
> On Fri, Mar 19, 2010 at 12:04 AM, Pavel A. wrote:
>> “Alexander Grigoriev” wrote in message
>> news:xxxxx@ntdev…
>>>
>>> Any product that uses undocumented things should be avoided at all
>>> costs.
>>
>> Ts ts. A nice phrase, but… are you ready to part with DebugView?
>> Quite a lot undocumented things eventually became documented - see
>> winternl.h.
>> Yet other things still are not documented completely and accurately, so
>> people dig and hack and manage to create interesting products anyway.
>> These days, it’s hard to make money without taking risks.
>> And trust the management, they know better :slight_smile:
>
> DebugView is not production ready kernel mode software for
> heterogeneous and generic environment. I think that for debugging and
> for learning stuff it is perfectly acceptable to use undocumented
> features, write drivers in ASM, hook the kernel etc.
>
> When it comes to delivering software to users, you must play by the
> book in the most strict sense.
>
> –
> Aram HÄfvÄfrneanu

" Management knows what customers are willing to pay for. This is their job.
Developer’s job is to do what management wants, and do it well enough "

BULLSHIT! Pure unmitigated bovine fecal matter. All knowing management
cannot find their ass, half the time, if their head was shoved up their
asshole. Ever heard of the Edsel? Delorean? Apollo 1? All management fuck
ups. Mny would throw Vista into that pile and I am sure there is a LINUX
release that is more embrrassment than useful. Management is interested in
time to market and reducing overhead to maximize profits. I’ll lay you odds
that Toyota’s grief will go back to a MANAGEMENT decision shaving a corner,
cutting a penny, some place to save millions.

Using the memory above that usable by a 32 bit operating is simply dumb, and
I can believe a MANAGEMENT idea.

The personal opinion of
Gary G. Little

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Pavel A.
Sent: Saturday, March 20, 2010 4:43 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Get the unallocated memory on 32-bit Windows, 4GB sys

By which book, please tell me? By the WDK documentation?
It is not complete and totally correct, as everyone who ever tried something
not trivial might learn.

There are certain well known don’ts like hooking.
But sometimes we have to rely on results of our own research, that are not
documented at all - not as do’s neither as don’ts.
It is in a gray area, risky. There are certain known means to contain the
risk
and make it acceptable.
DebugView is a small example of something not readily taken from a book -
it was delivered to users first, and book writers explained it later.
Same with CD & DVD recording software, same with P2P networking,
same with NTFS hacks (Partition Magic, Ghost), VMware, and many many others.

Management knows what customers are willing to pay for. This is their job.
Developer’s job is to do what management wants, and do it well enough :slight_smile:

Regards,
–pa

“Aram Havarneanu” wrote in message news:xxxxx@ntdev…
> On Fri, Mar 19, 2010 at 12:04 AM, Pavel A. wrote:
>> “Alexander Grigoriev” wrote in message
>> news:xxxxx@ntdev…
>>>
>>> Any product that uses undocumented things should be avoided at all
>>> costs.
>>
>> Ts ts. A nice phrase, but… are you ready to part with DebugView?
>> Quite a lot undocumented things eventually became documented - see
>> winternl.h.
>> Yet other things still are not documented completely and accurately, so
>> people dig and hack and manage to create interesting products anyway.
>> These days, it’s hard to make money without taking risks.
>> And trust the management, they know better :slight_smile:
>
> DebugView is not production ready kernel mode software for
> heterogeneous and generic environment. I think that for debugging and
> for learning stuff it is perfectly acceptable to use undocumented
> features, write drivers in ASM, hook the kernel etc.
>
> When it comes to delivering software to users, you must play by the
> book in the most strict sense.
>
> –
> Aram H?fv?frneanu


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Information from ESET Smart Security, version of virus signature
database 4961 (20100320)


The message was checked by ESET Smart Security.

http://www.eset.com

Information from ESET Smart Security, version of virus signature
database 4961 (20100320)


The message was checked by ESET Smart Security.

http://www.eset.com