The actual guarantee and contract that I would allow for is:
You can assume that address space allocations in the user mode region of a 32-bit process that a driver (or 32-bit mode application code) makes can be safely truncated to 32-bit. That, or cases where you’re receiving pointers from 32-bit user mode where IoIs32bitProcess returns TRUE are the cases where I’d consider 32-bit truncation to be safe.
Please don’t truncate pointers outside of these cases however, as that gets into making assumptions about how Wow64 works and that’s not safe to do. (That being said, I cannot offhand think of a situation where you’d be typically dealing with a pointer from a 32-bit process which wasn’t provided in the cases listed above.)
Today, there is a single VAD above the highest 32-bit application address for a given process that helps to prevent stray allocations from going into that space:
fffffa80029a9010 ( 5) fffe0 7fffffef -1 Private READONLY
How this works is subject to change and it’s possible that there may one way be other reservations or allocations to support Wow64 one day. Unless you’re manually grunging around in the VAD tree or doing other undocumented and unsafe operations which you really shouldn’t be doing, you should be insulated from that by the above contract.
From: xxxxx@lists.osr.com [xxxxx@lists.osr.com] On Behalf Of Maxim S. Shatskih [xxxxx@storagecraft.com]
Sent: Thursday, August 06, 2009 7:28 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] MmMapLockedPagesSpecifyCache doubt
Is it since the OS is a 32 bit one the address is always less than 2 GB???
On 32bit OS - yes (sometimes 3GB, sometimes 2GB)
For 32bit process in 64bit OS - too. Any functions which deal with user memory will never allocate/create a VAD which goes beyound the 32bit-accessible 4GB.
More so, skipping the LARGEADDRESSAWARE linker flag when building the EXE will force the 64bit kernel to place all VADs below 3GB, even not 4GB.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer