deleteva.c File Reference

#include "mi.h"

Go to the source code of this file.

Functions
VOID	MiDeleteVirtualAddresses (IN PUCHAR StartingAddress, IN PUCHAR EndingAddress, IN ULONG AddressSpaceDeletion, IN PMMVAD Vad)
VOID	MiDeletePte (IN PMMPTE PointerPte, IN PVOID VirtualAddress, IN ULONG AddressSpaceDeletion, IN PEPROCESS CurrentProcess, IN PMMPTE PrototypePte, IN PMMPTE_FLUSH_LIST PteFlushList OPTIONAL)
ULONG FASTCALL	MiReleasePageFileSpace (IN MMPTE PteContents)
VOID FASTCALL	MiUpdateModifiedWriterMdls (IN ULONG PageFileNumber)
VOID	MiFlushPteList (IN PMMPTE_FLUSH_LIST PteFlushList, IN ULONG AllProcessors, IN MMPTE FillPte)

---

Function Documentation

VOID MiDeletePte (  IN PMMPTE  PointerPte, IN PVOID  VirtualAddress, IN ULONG  AddressSpaceDeletion, IN PEPROCESS  CurrentProcess, IN PMMPTE  PrototypePte, IN PMMPTE_FLUSH_LIST PteFlushList  OPTIONAL )

Definition at line 506 of file deleteva.c. References ASSERT, DbgPrint, _MMWSLE::e1, FALSE, _MMWSL::FirstDynamic, FreePageList, KeBugCheckEx(), KeFlushSingleTb(), _MMWSLENTRY::LockedInMemory, _MMWSLENTRY::LockedInWs, MI_CAPTURE_DIRTY_BIT_TO_PFN, MI_GET_PAGE_FRAME_FROM_PTE, MI_GET_PAGE_FRAME_FROM_TRANSITION_PTE, MI_PFN_ELEMENT, MI_PTE_LOOKUP_NEEDED, MI_SET_PFN_DELETED, MI_WRITE_INVALID_PTE, MiCheckPdeForPagedPool(), MiDecrementCloneBlockReference(), MiDecrementShareAndValidCount, MiDecrementShareCount(), MiDecrementShareCountOnly, MiDoesPdeExistAndMakeValid(), MiDoesPpeExistAndMakeValid, MiFlushPteList(), MiFormatPfn(), MiFormatPte(), MiGetPteAddress, MiGetVirtualAddressMappedByPte, MiHighestUserPte, MiInsertPageInList(), MiLocateCloneAddress, MiLocateWsle(), MiPteToProto, MiReleasePageFileSpace(), MiReleaseWsle(), MiRemoveWsle(), MiSwapWslEntries(), MiUnlinkPageFromList(), MM_DBG_PTE_UPDATE, MM_MAXIMUM_FLUSH_COUNT, MM_PFN_LOCK_ASSERT, MmPageLocationList, MmWorkingSetList, MmWsle, MMWSLENTRY, NT_SUCCESS, NULL, _MMPFN::OriginalPte, PAGE_ALIGN, PMMCLONE_BLOCK, PMMCLONE_DESCRIPTOR, PMMPTE_FLUSH_LIST, PrototypePte, _MMPFN::PteAddress, _MMPFN::PteFrame, TRUE, _MMPTE::u, _MMPFN::u1, _MMWSLE::u1, _MMPFN::u2, _MMPFN::u3, _MMWSLENTRY::Valid, WSLE_NULL_INDEX, and ZeroPte. Referenced by MiDecommitPages(), MiDeletePageTablesForPhysicalRange(), MiDeleteVirtualAddresses(), MiGrowWsleHash(), MiRemoveMappedView(), MiRemoveWorkingSetPages(), MiUnmapLockedPagesInUserSpace(), and MmCleanProcessAddressSpace(). : This routine deletes the contents of the specified PTE. The PTE can be in one of the following states: - active and valid - transition - in paging file - in prototype PTE format Arguments: PointerPte - Supplies a pointer to the PTE to delete. VirtualAddress - Supplies the virtual address which corresponds to the PTE. This is used to locate the working set entry to eliminate it. AddressSpaceDeletion - Supplies TRUE if the address space is being deleted, FALSE otherwise. If TRUE is specified the TB is not flushed and valid addresses are not removed from the working set. CurrentProcess - Supplies a pointer to the current process. PrototypePte - Supplies a pointer to the prototype PTE which currently or originally mapped this page. This is used to determine if the PTE is a fork PTE and should have its reference block decremented. Return Value: None. Environment: Kernel mode, APCs disabled, PFN lock and working set mutex held. --*/ { PMMPTE PointerPde; PMMPTE PointerPpe; PMMPFN Pfn1; PMMPFN Pfn2; MMPTE PteContents; ULONG WorkingSetIndex; ULONG Entry; PVOID SwapVa; MMWSLENTRY Locked; ULONG WsPfnIndex; PMMCLONE_BLOCK CloneBlock; PMMCLONE_DESCRIPTOR CloneDescriptor; ULONG Waited; MM_PFN_LOCK_ASSERT(); #if DBG if (MmDebug & MM_DBG_PTE_UPDATE) { DbgPrint("deleting PTE\n"); MiFormatPte(PointerPte); } #endif //DBG PteContents = *PointerPte; if (PteContents.u.Hard.Valid == 1) { #ifdef _X86_ #if DBG #if !defined(NT_UP) if (PteContents.u.Hard.Writable == 1) { ASSERT (PteContents.u.Hard.Dirty == 1); } ASSERT (PteContents.u.Hard.Accessed == 1); #endif //NTUP #endif //DBG #endif //X86 // // PTE is valid. Check PFN database to see if this is a prototype PTE. // Pfn1 = MI_PFN_ELEMENT (PteContents.u.Hard.PageFrameNumber); WsPfnIndex = Pfn1->u1.WsIndex; #if DBG if (MmDebug & MM_DBG_PTE_UPDATE) { MiFormatPfn(Pfn1); } #endif //DBG CloneDescriptor = NULL; if (Pfn1->u3.e1.PrototypePte == 1) { CloneBlock = (PMMCLONE_BLOCK)Pfn1->PteAddress; // // Capture the state of the modified bit for this PTE. // MI_CAPTURE_DIRTY_BIT_TO_PFN (PointerPte, Pfn1); // // Decrement the share and valid counts of the page table // page which maps this PTE. // PointerPde = MiGetPteAddress (PointerPte); if (PointerPde->u.Hard.Valid == 0) { #if !defined (_WIN64) if (!NT_SUCCESS(MiCheckPdeForPagedPool (PointerPte))) { #endif KeBugCheckEx (MEMORY_MANAGEMENT, 0x61940, (ULONG_PTR)PointerPte, (ULONG_PTR)PointerPde->u.Long, (ULONG_PTR)MiGetVirtualAddressMappedByPte(PointerPte)); #if !defined (_WIN64) } #endif } MiDecrementShareAndValidCount (MI_GET_PAGE_FRAME_FROM_PTE (PointerPde)); // // Decrement the share count for the physical page. // MiDecrementShareCount (MI_GET_PAGE_FRAME_FROM_PTE (&PteContents)); // // Check to see if this is a fork prototype PTE and if so // update the clone descriptor address. // if (PointerPte <= MiHighestUserPte) { if (PrototypePte != Pfn1->PteAddress) { // // Locate the clone descriptor within the clone tree. // CloneDescriptor = MiLocateCloneAddress ((PVOID)CloneBlock); #if DBG if (CloneDescriptor == NULL) { DbgPrint("1PrototypePte %p Clone desc %p pfn pte addr %p\n", PrototypePte, CloneDescriptor, Pfn1->PteAddress); MiFormatPte(PointerPte); ASSERT (FALSE); } #endif // DBG } } } else { ASSERT (Pfn1->u2.ShareCount == 1); // // This PTE is a NOT a prototype PTE, delete the physical page. // // // Decrement the share and valid counts of the page table // page which maps this PTE. // MiDecrementShareAndValidCount (Pfn1->PteFrame); MI_SET_PFN_DELETED (Pfn1); // // Decrement the share count for the physical page. As the page // is private it will be put on the free list. // MiDecrementShareCountOnly (MI_GET_PAGE_FRAME_FROM_PTE (&PteContents)); // // Decrement the count for the number of private pages. // CurrentProcess->NumberOfPrivatePages -= 1; } // // Find the WSLE for this page and eliminate it. // // // If we are deleting the system portion of the address space, do // not remove WSLEs or flush translation buffers as there can be // no other usage of this address space. // if (AddressSpaceDeletion == FALSE) { WorkingSetIndex = MiLocateWsle (VirtualAddress, MmWorkingSetList, WsPfnIndex ); ASSERT (WorkingSetIndex != WSLE_NULL_INDEX); // // Check to see if this entry is locked in the working set // or locked in memory. // Locked = MmWsle[WorkingSetIndex].u1.e1; MiRemoveWsle (WorkingSetIndex, MmWorkingSetList); // // Add this entry to the list of free working set entries // and adjust the working set count. // MiReleaseWsle (WorkingSetIndex, &CurrentProcess->Vm); if ((Locked.LockedInWs == 1) || (Locked.LockedInMemory == 1)) { // // This entry is locked. // ASSERT (WorkingSetIndex < MmWorkingSetList->FirstDynamic); MmWorkingSetList->FirstDynamic -= 1; if (WorkingSetIndex != MmWorkingSetList->FirstDynamic) { Entry = MmWorkingSetList->FirstDynamic; ASSERT (MmWsle[Entry].u1.e1.Valid); SwapVa = MmWsle[Entry].u1.VirtualAddress; SwapVa = PAGE_ALIGN (SwapVa); Pfn2 = MI_PFN_ELEMENT ( MiGetPteAddress (SwapVa)->u.Hard.PageFrameNumber); #if 0 Entry = MiLocateWsleAndParent (SwapVa, &Parent, MmWorkingSetList, Pfn2->u1.WsIndex); // // Swap the removed entry with the last locked entry // which is located at first dynamic. // MiSwapWslEntries (Entry, Parent, WorkingSetIndex, MmWorkingSetList); #endif //0 MiSwapWslEntries (Entry, WorkingSetIndex, &CurrentProcess->Vm); } } else { ASSERT (WorkingSetIndex >= MmWorkingSetList->FirstDynamic); } // // Flush the entry out of the TB. // if (!ARGUMENT_PRESENT (PteFlushList)) { KeFlushSingleTb (VirtualAddress, TRUE, FALSE, (PHARDWARE_PTE)PointerPte, ZeroPte.u.Flush); } else { if (PteFlushList->Count != MM_MAXIMUM_FLUSH_COUNT) { PteFlushList->FlushPte[PteFlushList->Count] = PointerPte; PteFlushList->FlushVa[PteFlushList->Count] = VirtualAddress; PteFlushList->Count += 1; } MI_WRITE_INVALID_PTE (PointerPte, ZeroPte); } if (CloneDescriptor != NULL) { // // Flush PTEs as this could release the PFN_LOCK. // if (ARGUMENT_PRESENT (PteFlushList)) { MiFlushPteList (PteFlushList, FALSE, ZeroPte); } // // Decrement the reference count for the clone block, // note that this could release and reacquire // the mutexes hence cannot be done until after the // working set index has been removed. // if (MiDecrementCloneBlockReference ( CloneDescriptor, CloneBlock, CurrentProcess )) { // // The working set mutex was released. This may // have removed the current page directory & table page. // PointerPpe = MiGetPteAddress (PointerPde); do { MiDoesPpeExistAndMakeValid (PointerPpe, CurrentProcess, TRUE, &Waited); Waited = 0; // // If the call below results in a PFN release and // reacquire, then we must redo them both. // MiDoesPdeExistAndMakeValid (PointerPde, CurrentProcess, TRUE, &Waited); } while (Waited != 0); } } } } else if (PteContents.u.Soft.Prototype == 1) { // // This is a prototype PTE, if it is a fork PTE clean up the // fork structures. // if (PteContents.u.Soft.PageFileHigh != MI_PTE_LOOKUP_NEEDED) { // // Check to see if the prototype PTE is a fork prototype PTE. // if (PointerPte <= MiHighestUserPte) { if (PrototypePte != MiPteToProto (PointerPte)) { CloneBlock = (PMMCLONE_BLOCK)MiPteToProto (PointerPte); CloneDescriptor = MiLocateCloneAddress ((PVOID)CloneBlock); #if DBG if (CloneDescriptor == NULL) { DbgPrint("1PrototypePte %p Clone desc %p \n", PrototypePte, CloneDescriptor); MiFormatPte(PointerPte); ASSERT (FALSE); } #endif //DBG // // Decrement the reference count for the clone block, // note that this could release and reacquire // the mutexes. // MI_WRITE_INVALID_PTE (PointerPte, ZeroPte); if (ARGUMENT_PRESENT (PteFlushList)) { MiFlushPteList (PteFlushList, FALSE, ZeroPte); } if (MiDecrementCloneBlockReference ( CloneDescriptor, CloneBlock, CurrentProcess )) { // // The working set mutex was released. This may // have removed the current page directory & table page. // PointerPde = MiGetPteAddress (PointerPte); PointerPpe = MiGetPteAddress (PointerPde); // // If either call below results in a PFN release and // reacquire, then we must redo them both. // do { if (MiDoesPpeExistAndMakeValid (PointerPpe, CurrentProcess, TRUE, &Waited) == FALSE) { // // The PPE has been deleted when the PFN lock // was released. Just bail as the PDE/PTE are // gone now anyway. // return; } Waited = 0; // // If the call below results in a PFN release and // reacquire, then we must redo them both. If the // PDE was deleted when the PFN lock was released // then we just bail as the PTE is gone anyway. // if (MiDoesPdeExistAndMakeValid (PointerPde, CurrentProcess, TRUE, &Waited) == FALSE) { return; } } while (Waited != 0); } } } } } else if (PteContents.u.Soft.Transition == 1) { // // This is a transition PTE. (Page is private) // Pfn1 = MI_PFN_ELEMENT (PteContents.u.Trans.PageFrameNumber); MI_SET_PFN_DELETED (Pfn1); MiDecrementShareCount (Pfn1->PteFrame); // // Check the reference count for the page, if the reference // count is zero, move the page to the free list, if the reference // count is not zero, ignore this page. When the reference count // goes to zero, it will be placed on the free list. // if (Pfn1->u3.e2.ReferenceCount == 0) { MiUnlinkPageFromList (Pfn1); MiReleasePageFileSpace (Pfn1->OriginalPte); MiInsertPageInList (MmPageLocationList[FreePageList], MI_GET_PAGE_FRAME_FROM_TRANSITION_PTE(&PteContents)); } // // Decrement the count for the number of private pages. // CurrentProcess->NumberOfPrivatePages -= 1; } else { // // Must be page file space. // if (PteContents.u.Soft.PageFileHigh != MI_PTE_LOOKUP_NEEDED) { if (MiReleasePageFileSpace (*PointerPte)) { // // Decrement the count for the number of private pages. // CurrentProcess->NumberOfPrivatePages -= 1; } } } // // Zero the PTE contents. // MI_WRITE_INVALID_PTE (PointerPte, ZeroPte); return; }

VOID MiDeleteVirtualAddresses (  IN PUCHAR  StartingAddress, IN PUCHAR  EndingAddress, IN ULONG  AddressSpaceDeletion, IN PMMVAD  Vad )

Definition at line 26 of file deleteva.c. References APC_LEVEL, _MMPTE_FLUSH_LIST::Count, DbgPrint, FALSE, IS_PTE_NOT_DEMAND_ZERO, LOCK_PFN, MI_DECREMENT_USED_PTES_BY_HANDLE, MI_GET_USED_PTES_FROM_HANDLE, MI_GET_USED_PTES_HANDLE, MI_VA_TO_VPN, MI_WRITE_INVALID_PTE, MiDeletePte(), MiDoesPdeExistAndMakeValid(), MiDoesPpeExistAndMakeValid, MiFlushPteList(), MiGetPdeAddress, MiGetPpeAddress, MiGetProtoPteAddress, MiGetPteAddress, MiGetVirtualAddressMappedByPte, MiIsPteOnPdeBoundary, MiIsVirtualAddressOnPdeBoundary, MiIsVirtualAddressOnPpeBoundary, MiLocateSubsection(), MM_PFN_LOCK_ASSERT, NULL, PAGE_SIZE, PsGetCurrentProcess, _SUBSECTION::PtesInSubsection, _SUBSECTION::SubsectionBase, TRUE, _MMPTE::u, UNLOCK_PFN, and ZeroPte. Referenced by MiDeleteFreeVm(), MiRemoveMappedView(), and MmCleanProcessAddressSpace(). : This routine deletes the specified virtual address range within the current process. Arguments: StartingAddress - Supplies the first virtual address to delete. EndingAddress - Supplies the last address to delete. AddressSpaceDeletion - Supplies TRUE if the address space is being deleted, FALSE otherwise. If TRUE is specified the TB is not flushed and valid addresses are not removed from the working set. Vad - Supplies the virtual address descriptor which maps this range or NULL if we are not concerned about views. From the Vad the range of prototype PTEs is determined and this information is used to uncover if the PTE refers to a prototype PTE or a fork PTE. Return Value: None. Environment: Kernel mode, called with APCs disabled, working set mutex and PFN lock held. These mutexes may be released and reacquired to fault pages in. --*/ { PUCHAR Va; PUCHAR FirstValidVa; PVOID TempVa; PMMPTE PointerPte; PMMPTE PointerPde; PMMPTE PointerPpe; PMMPTE OriginalPointerPte; PMMPTE ProtoPte; PMMPTE ProtoPte2; PMMPTE LastProtoPte; PMMPTE LastProtoPte2; PEPROCESS CurrentProcess; PSUBSECTION Subsection; PVOID UsedPageTableHandle; PVOID UsedPageDirectoryHandle; KIRQL OldIrql; MMPTE_FLUSH_LIST FlushList; ULONG Waited; LOGICAL Skipped; OldIrql = APC_LEVEL; FlushList.Count = 0; MM_PFN_LOCK_ASSERT(); CurrentProcess = PsGetCurrentProcess(); Va = StartingAddress; PointerPpe = MiGetPpeAddress (Va); PointerPde = MiGetPdeAddress (Va); PointerPte = MiGetPteAddress (Va); OriginalPointerPte = PointerPte; do { while (MiDoesPpeExistAndMakeValid (PointerPpe, CurrentProcess, TRUE, &Waited) == FALSE) { // // This page directory parent entry is empty, go to the next one. // PointerPpe += 1; PointerPde = MiGetVirtualAddressMappedByPte (PointerPpe); PointerPte = MiGetVirtualAddressMappedByPte (PointerPde); Va = MiGetVirtualAddressMappedByPte (PointerPte); if (Va > EndingAddress) { // // All done, return. // return; } } Waited = 0; while (MiDoesPdeExistAndMakeValid (PointerPde, CurrentProcess, TRUE, &Waited) == FALSE) { // // This page directory entry is empty, go to the next one. // PointerPde += 1; PointerPte = MiGetVirtualAddressMappedByPte (PointerPde); Va = MiGetVirtualAddressMappedByPte (PointerPte); if (Va > EndingAddress) { // // All done, return. // return; } #if defined (_WIN64) if (MiIsPteOnPdeBoundary (PointerPde)) { PointerPpe = MiGetPteAddress (PointerPde); Waited = 1; break; } #endif } } while (Waited != 0); FirstValidVa = Va; UsedPageTableHandle = MI_GET_USED_PTES_HANDLE (Va); // // A valid PDE has been located, examine each PTE and delete them. // if ((Vad == (PMMVAD)NULL) || (Vad->u.VadFlags.PrivateMemory) || (Vad->FirstPrototypePte == (PMMPTE)NULL)) { ProtoPte = (PMMPTE)NULL; LastProtoPte = (PMMPTE)NULL; } else { ProtoPte = Vad->FirstPrototypePte; LastProtoPte = (PMMPTE)4; } // // Examine each PTE within the address range and delete it. // while (Va <= EndingAddress) { // // Note that the initial address could be aligned on a PPE or PDE // boundary so we must check for it here. // if (MiIsVirtualAddressOnPdeBoundary(Va)) { // // The virtual address is on a page directory boundary, // check the next PDE for validity and flush PTEs for the // previous page table page. // MiFlushPteList (&FlushList, FALSE, ZeroPte); // // If all the entries have been eliminated from the previous // page table page, delete the page table page itself. // if ((MI_GET_USED_PTES_FROM_HANDLE (UsedPageTableHandle) == 0) && (PointerPde->u.Long != 0)) { TempVa = MiGetVirtualAddressMappedByPte(PointerPde); MiDeletePte (PointerPde, TempVa, AddressSpaceDeletion, CurrentProcess, NULL, NULL); #if defined (_WIN64) if (Va == FirstValidVa) { UsedPageDirectoryHandle = MI_GET_USED_PTES_HANDLE (PointerPte); } else { UsedPageDirectoryHandle = MI_GET_USED_PTES_HANDLE (PointerPte - 1); } MI_DECREMENT_USED_PTES_BY_HANDLE (UsedPageDirectoryHandle); #endif } if (MiIsVirtualAddressOnPpeBoundary(Va)) { if (Va == FirstValidVa) { UsedPageDirectoryHandle = MI_GET_USED_PTES_HANDLE (PointerPte); } else { UsedPageDirectoryHandle = MI_GET_USED_PTES_HANDLE (PointerPte - 1); } if ((MI_GET_USED_PTES_FROM_HANDLE (UsedPageDirectoryHandle) == 0) && (PointerPpe->u.Long != 0)) { TempVa = MiGetVirtualAddressMappedByPte(PointerPpe); MiDeletePte (PointerPpe, TempVa, AddressSpaceDeletion, CurrentProcess, NULL, NULL); } } // // Release the PFN lock. This prevents a single thread // from forcing other high priority threads from being // blocked while a large address range is deleted. There // is nothing magic about the instructions within the // lock and unlock. // UNLOCK_PFN (OldIrql); PointerPde = MiGetPdeAddress (Va); PointerPpe = MiGetPpeAddress (Va); Skipped = FALSE; LOCK_PFN (OldIrql); do { while (MiDoesPpeExistAndMakeValid (PointerPpe, CurrentProcess, TRUE, &Waited) == FALSE) { // // This page directory parent entry is empty, // go to the next one. // Skipped = TRUE; PointerPpe += 1; PointerPde = MiGetVirtualAddressMappedByPte (PointerPpe); PointerPte = MiGetVirtualAddressMappedByPte (PointerPde); Va = MiGetVirtualAddressMappedByPte (PointerPte); if (Va > EndingAddress) { // // All done, return. // return; } } Waited = 0; while (MiDoesPdeExistAndMakeValid (PointerPde, CurrentProcess, TRUE, &Waited) == FALSE) { // // This page directory entry is empty, go to the next one. // Skipped = TRUE; PointerPde += 1; PointerPte = MiGetVirtualAddressMappedByPte (PointerPde); Va = MiGetVirtualAddressMappedByPte (PointerPte); if (Va > EndingAddress) { // // All done, remove any straggling page directories and // return. // #if defined (_WIN64) PointerPde -= 1; PointerPte = MiGetVirtualAddressMappedByPte (PointerPde); UsedPageDirectoryHandle = MI_GET_USED_PTES_HANDLE (PointerPte); if ((MI_GET_USED_PTES_FROM_HANDLE (UsedPageDirectoryHandle) == 0) && (PointerPpe->u.Long != 0)) { TempVa = MiGetVirtualAddressMappedByPte(PointerPpe); MiDeletePte (PointerPpe, TempVa, AddressSpaceDeletion, CurrentProcess, NULL, NULL); } #endif return; } #if defined (_WIN64) if (MiIsPteOnPdeBoundary (PointerPde)) { PointerPpe = MiGetPteAddress (PointerPde); Waited = 1; break; } #endif #if DBG if ((LastProtoPte != NULL) && (Vad->u2.VadFlags2.ExtendableFile == 0)) { ProtoPte2 = MiGetProtoPteAddress(Vad, MI_VA_TO_VPN (Va)); Subsection = MiLocateSubsection (Vad,MI_VA_TO_VPN (Va)); LastProtoPte2 = &Subsection->SubsectionBase[Subsection->PtesInSubsection]; if (Vad->u.VadFlags.ImageMap != 1) { if ((ProtoPte2 < Subsection->SubsectionBase) || (ProtoPte2 >= LastProtoPte2)) { DbgPrint ("bad proto pte %p va %p Vad %p sub %p\n", ProtoPte2,Va,Vad,Subsection); DbgBreakPoint(); } } } #endif //DBG } } while (Waited != 0); // // The PPE and PDE are now valid, get the page table use count. // UsedPageTableHandle = MI_GET_USED_PTES_HANDLE (Va); // // If we skipped chunks of address space, the prototype PTE pointer // must be updated now so VADs that span multiple subsections // are handled properly. // if ((Skipped == TRUE) && (LastProtoPte != NULL)) { ProtoPte = MiGetProtoPteAddress(Vad, MI_VA_TO_VPN(Va)); Subsection = MiLocateSubsection (Vad, MI_VA_TO_VPN(Va)); if (Subsection != NULL) { LastProtoPte = &Subsection->SubsectionBase[Subsection->PtesInSubsection]; #if DBG if (Vad->u.VadFlags.ImageMap != 1) { if ((ProtoPte < Subsection->SubsectionBase) || (ProtoPte >= LastProtoPte)) { DbgPrint ("bad proto pte %p va %p Vad %p sub %p\n", ProtoPte,Va,Vad,Subsection); DbgBreakPoint(); } } #endif //DBG } else { // // The Vad span is larger than the section being mapped. // Null the proto PTE local as no more proto PTEs will // need to be deleted at this point. // LastProtoPte = (PMMPTE)NULL; } } } // // The PPE and PDE are now valid, delete the PTEs. // if (PointerPte->u.Long != 0) { // // One less used page table entry in this page table page. // MI_DECREMENT_USED_PTES_BY_HANDLE (UsedPageTableHandle); if (IS_PTE_NOT_DEMAND_ZERO (*PointerPte)) { if (LastProtoPte != NULL) { if (ProtoPte >= LastProtoPte) { ProtoPte = MiGetProtoPteAddress(Vad, MI_VA_TO_VPN(Va)); Subsection = MiLocateSubsection (Vad, MI_VA_TO_VPN(Va)); LastProtoPte = &Subsection->SubsectionBase[Subsection->PtesInSubsection]; } #if DBG if (Vad->u.VadFlags.ImageMap != 1) { if ((ProtoPte < Subsection->SubsectionBase) || (ProtoPte >= LastProtoPte)) { DbgPrint ("bad proto pte %p va %p Vad %p sub %p\n", ProtoPte,Va,Vad,Subsection); DbgBreakPoint(); } } #endif //DBG } MiDeletePte (PointerPte, (PVOID)Va, AddressSpaceDeletion, CurrentProcess, ProtoPte, &FlushList); } else { MI_WRITE_INVALID_PTE (PointerPte, ZeroPte); } } Va += PAGE_SIZE; PointerPte += 1; ProtoPte += 1; } // // Flush out entries for the last page table page. // MiFlushPteList (&FlushList, FALSE, ZeroPte); // // If all the entries have been eliminated from the previous // page table page, delete the page table page itself. // if ((MI_GET_USED_PTES_FROM_HANDLE (UsedPageTableHandle) == 0) && (PointerPde->u.Long != 0)) { TempVa = MiGetVirtualAddressMappedByPte(PointerPde); MiDeletePte (PointerPde, TempVa, AddressSpaceDeletion, CurrentProcess, NULL, NULL); #if defined (_WIN64) UsedPageDirectoryHandle = MI_GET_USED_PTES_HANDLE (PointerPte - 1); MI_DECREMENT_USED_PTES_BY_HANDLE (UsedPageDirectoryHandle); if ((MI_GET_USED_PTES_FROM_HANDLE (UsedPageDirectoryHandle) == 0) && (PointerPpe->u.Long != 0)) { TempVa = MiGetVirtualAddressMappedByPte(PointerPpe); MiDeletePte (PointerPpe, TempVa, AddressSpaceDeletion, CurrentProcess, NULL, NULL); } #endif } // // All done, return. // return; }

VOID MiFlushPteList (  IN PMMPTE_FLUSH_LIST  PteFlushList, IN ULONG  AllProcessors, IN MMPTE  FillPte )

Definition at line 1160 of file deleteva.c. References ASSERT, FALSE, KeFlushEntireTb(), KeFlushMultipleTb(), KeFlushSingleTb(), MiLockSystemSpaceAtDpcLevel, MiUnlockSystemSpaceFromDpcLevel, MM_FLUSH_COUNTER_MASK, MM_MAXIMUM_FLUSH_COUNT, MM_PFN_LOCK_ASSERT, MmFlushCounter, and TRUE. Referenced by MiDeletePte(), MiDeleteSystemPagableVm(), MiDeleteVirtualAddresses(), MiProcessValidPteList(), MiReleaseSystemPtes(), MiRemoveMappedPtes(), MiRemoveWorkingSetPages(), MiReserveSystemPtes2(), and MmCleanProcessAddressSpace(). 01168 : 01169 01170 This routine flushes all the PTEs in the PTE flush list. 01171 If the list has overflowed, the entire TB is flushed. 01172 01173 Arguments: 01174 01175 PteFlushList - Supplies an optional pointer to the list to be flushed. 01176 01177 AllProcessors - Supplies TRUE if the flush occurs on all processors. 01178 01179 FillPte - Supplies the PTE to fill with. 01180 01181 Return Value: 01182 01183 None. 01184 01185 Environment: 01186 01187 Kernel mode, PFN lock held. 01188 01189 --*/ 01190 01191 { 01192 ULONG count; 01193 01194 ASSERT (ARGUMENT_PRESENT (PteFlushList)); 01195 MM_PFN_LOCK_ASSERT (); 01196 01197 count = PteFlushList->Count; 01198 01199 if (count != 0) { 01200 if (count != 1) { 01201 if (count < MM_MAXIMUM_FLUSH_COUNT) { 01202 KeFlushMultipleTb (count, 01203 &PteFlushList->FlushVa[0], 01204 TRUE, 01205 (BOOLEAN)AllProcessors, 01206 &((PHARDWARE_PTE)PteFlushList->FlushPte[0]), 01207 FillPte.u.Flush); 01208 } else { 01209 01210 // 01211 // Array has overflowed, flush the entire TB. 01212 // 01213 01214 if (AllProcessors == TRUE) { 01215 MiLockSystemSpaceAtDpcLevel(); 01216 KeFlushEntireTb (TRUE, TRUE); 01217 MmFlushCounter = (MmFlushCounter + 1) & MM_FLUSH_COUNTER_MASK; 01218 MiUnlockSystemSpaceFromDpcLevel(); 01219 } else { 01220 KeFlushEntireTb (TRUE, FALSE); 01221 } 01222 } 01223 } else { 01224 KeFlushSingleTb (PteFlushList->FlushVa[0], 01225 TRUE, 01226 (BOOLEAN)AllProcessors, 01227 (PHARDWARE_PTE)PteFlushList->FlushPte[0], 01228 FillPte.u.Flush); 01229 } 01230 PteFlushList->Count = 0; 01231 } 01232 return; 01233 } }

ULONG FASTCALL MiReleasePageFileSpace (  IN MMPTE  PteContents  )

Definition at line 1014 of file deleteva.c. References ASSERT, _MMPAGING_FILE::CurrentUsage, FALSE, _MMPAGING_FILE::FreeSpace, GET_PAGING_FILE_NUMBER, GET_PAGING_FILE_OFFSET, MiUpdateModifiedWriterMdls(), MM_PFN_LOCK_ASSERT, MM_USABLE_PAGES_FREE, MmNumberOfActiveMdlEntries, MmPagingFile, MmPagingFileDebug, RtlClearBits(), and TRUE. Referenced by MiCleanSection(), MiCompleteProtoPteFault(), MiCopyOnWrite(), MiDecommitPages(), MiDecrementCloneBlockReference(), MiDecrementReferenceCount(), MiDeletePte(), MiDeleteSystemPagableVm(), MiMakeOutswappedPageResident(), MiPurgeImageSection(), MiResetVirtualMemory(), MiSegmentDelete(), MiSetDirtyBit(), MiSetModifyBit(), MiSetPageModified(), MiWriteComplete(), MmPurgeSection(), MmSetAddressRangeModified(), and MmUnlockPages(). : This routine frees the paging file allocated to the specified PTE and adjusts the necessary quotas. Arguments: PteContents - Supplies the PTE which is in page file format. Return Value: Returns TRUE if any paging file space was deallocated. Environment: Kernel mode, APCs disabled, PFN lock held. --*/ { ULONG FreeBit; ULONG PageFileNumber; MM_PFN_LOCK_ASSERT(); if (PteContents.u.Soft.Prototype == 1) { // // Not in page file format. // return FALSE; } FreeBit = GET_PAGING_FILE_OFFSET (PteContents); if ((FreeBit == 0) || (FreeBit == 0xFFFFF)) { // // Page is not in a paging file, just return. // return FALSE; } PageFileNumber = GET_PAGING_FILE_NUMBER (PteContents); ASSERT (RtlCheckBit( MmPagingFile[PageFileNumber]->Bitmap, FreeBit) == 1); #if DBG if ((FreeBit < 8192) && (PageFileNumber == 0)) { ASSERT ((MmPagingFileDebug[FreeBit] & 1) != 0); MmPagingFileDebug[FreeBit] ^= 1; } #endif //DBG RtlClearBits ( MmPagingFile[PageFileNumber]->Bitmap, FreeBit, 1); MmPagingFile[PageFileNumber]->FreeSpace += 1; MmPagingFile[PageFileNumber]->CurrentUsage -= 1; // // Check to see if we should move some MDL entries for the // modified page writer now that more free space is available. // if ((MmNumberOfActiveMdlEntries == 0) || (MmPagingFile[PageFileNumber]->FreeSpace == MM_USABLE_PAGES_FREE)) { MiUpdateModifiedWriterMdls (PageFileNumber); } return TRUE; }

VOID FASTCALL MiUpdateModifiedWriterMdls (  IN ULONG  PageFileNumber  )

Definition at line 1098 of file deleteva.c. References _MMMOD_WRITER_MDL_ENTRY::CurrentList, _MMPAGING_FILE::Entry, _MMMOD_WRITER_LISTHEAD::Event, FALSE, KeSetEvent(), _MMMOD_WRITER_MDL_ENTRY::Links, _MMMOD_WRITER_LISTHEAD::ListHead, MM_IO_IN_PROGRESS, MM_PAGING_FILE_MDLS, MmFreePagingSpaceLow, MmNumberOfActiveMdlEntries, MmPagingFile, MmPagingFileHeader, _MMMOD_WRITER_MDL_ENTRY::PagingListHead, and PMMMOD_WRITER_MDL_ENTRY. Referenced by MiAttemptPageFileExtension(), MiExtendPagingFileMaximum(), and MiReleasePageFileSpace(). : This routine ensures the MDLs for the specified paging file are in the proper state such that paging i/o can continue. Arguments: PageFileNumber - Supplies the page file number to check the MDLs for. Return Value: None. Environment: Kernel mode, PFN lock held. --*/ { ULONG i; PMMMOD_WRITER_MDL_ENTRY WriterEntry; // // Put the MDL entries into the active list. // for (i = 0; i < MM_PAGING_FILE_MDLS; i += 1) { if ((MmPagingFile[PageFileNumber]->Entry[i]->Links.Flink != MM_IO_IN_PROGRESS) && (MmPagingFile[PageFileNumber]->Entry[i]->CurrentList == &MmFreePagingSpaceLow)) { // // Remove this entry and put it on the active list. // WriterEntry = MmPagingFile[PageFileNumber]->Entry[i]; RemoveEntryList (&WriterEntry->Links); WriterEntry->CurrentList = &MmPagingFileHeader.ListHead; KeSetEvent (&WriterEntry->PagingListHead->Event, 0, FALSE); InsertTailList (&WriterEntry->PagingListHead->ListHead, &WriterEntry->Links); MmNumberOfActiveMdlEntries += 1; } } return; }

---