da/d14/special_8c_source.html

 /*

  * PROJECT:         ReactOS Kernel

  * LICENSE:         BSD - See COPYING.ARM in the top level directory

  * FILE:            ntoskrnl/mm/ARM3/special.c

  * PURPOSE:         ARM Memory Manager Special Pool implementation

  * PROGRAMMERS:     ReactOS Portable Systems Group

  */


 /*

     References:

     http://msdn.microsoft.com/en-us/library/ff551832(v=VS.85).aspx

 */


 /* INCLUDES *******************************************************************/


 #include <ntoskrnl.h>

 #define NDEBUG

 #include <debug.h>


 #define MODULE_INVOLVED_IN_ARM3

 #include <mm/ARM3/miarm.h>


 extern ULONG ExpPoolFlags;

 extern PMMPTE MmSystemPteBase;


 PMMPTE

 NTAPI

 MiReserveAlignedSystemPtes(IN ULONG NumberOfPtes,

                            IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType,

                            IN ULONG Alignment);


 /* GLOBALS ********************************************************************/


 #define SPECIAL_POOL_PAGED_PTE    0x2000

 #define SPECIAL_POOL_NONPAGED_PTE 0x4000

 #define SPECIAL_POOL_PAGED        0x8000


 PVOID MmSpecialPoolStart;

 PVOID MmSpecialPoolEnd;

 PVOID MiSpecialPoolExtra;

 ULONG MiSpecialPoolExtraCount;


 PMMPTE MiSpecialPoolFirstPte;

 PMMPTE MiSpecialPoolLastPte;


 PFN_COUNT MmSpecialPagesInUse;

 PFN_COUNT MmSpecialPagesInUsePeak;

 PFN_COUNT MiSpecialPagesPagable;

 PFN_COUNT MiSpecialPagesPagablePeak;

 PFN_COUNT MiSpecialPagesNonPaged;

 PFN_COUNT MiSpecialPagesNonPagedPeak;

 PFN_COUNT MiSpecialPagesNonPagedMaximum;


 BOOLEAN MmSpecialPoolCatchOverruns = TRUE;


 typedef struct _MI_FREED_SPECIAL_POOL

 {

     POOL_HEADER OverlaidPoolHeader;

     /* TODO: Add overlaid verifier pool header */

     ULONG Signature;

     ULONG TickCount;

     ULONG NumberOfBytesRequested;

     BOOLEAN Pagable;

     PVOID VirtualAddress;

     PVOID StackPointer;

     ULONG StackBytes;

     PETHREAD Thread;

     UCHAR StackData[0x400];

 } MI_FREED_SPECIAL_POOL, *PMI_FREED_SPECIAL_POOL;


 /* PRIVATE FUNCTIONS **********************************************************/


 VOID NTAPI MiTestSpecialPool(VOID);


 BOOLEAN

 NTAPI

 MmUseSpecialPool(SIZE_T NumberOfBytes, ULONG Tag)

 {

     /* Special pool is not suitable for allocations bigger than 1 page */

     if (NumberOfBytes > (PAGE_SIZE - sizeof(POOL_HEADER)))

     {

         return FALSE;

     }


     if (MmSpecialPoolTag == '*')

     {

         return TRUE;

     }


     return Tag == MmSpecialPoolTag;

 }


 BOOLEAN

 NTAPI

 MmIsSpecialPoolAddress(PVOID P)

 {

     return ((P >= MmSpecialPoolStart) &&

             (P <= MmSpecialPoolEnd));

 }


 BOOLEAN

 NTAPI

 MmIsSpecialPoolAddressFree(PVOID P)

 {

     PMMPTE PointerPte;


     ASSERT(MmIsSpecialPoolAddress(P));

     PointerPte = MiAddressToPte(P);


     if (PointerPte->u.Soft.PageFileHigh == SPECIAL_POOL_PAGED_PTE ||

         PointerPte->u.Soft.PageFileHigh == SPECIAL_POOL_NONPAGED_PTE)

     {

         /* Guard page PTE */

         return FALSE;

     }


     /* Free PTE */

     return TRUE;

 }


 VOID

 NTAPI

 MiInitializeSpecialPool(VOID)

 {

     ULONG SpecialPoolPtes, i;

     PMMPTE PointerPte;


     /* Check if there is a special pool tag */

     if ((MmSpecialPoolTag == 0) ||

         (MmSpecialPoolTag == -1)) return;


     /* Calculate number of system PTEs for the special pool */

     if (MmNumberOfSystemPtes >= 0x3000)

         SpecialPoolPtes = MmNumberOfSystemPtes / 3;

     else

         SpecialPoolPtes = MmNumberOfSystemPtes / 6;


     /* Don't let the number go too high */

     if (SpecialPoolPtes > 0x6000) SpecialPoolPtes = 0x6000;


     /* Round up to the page size */

     SpecialPoolPtes = PAGE_ROUND_UP(SpecialPoolPtes);


     ASSERT((SpecialPoolPtes & (PTE_PER_PAGE - 1)) == 0);


     /* Reserve those PTEs */

     do

     {

         PointerPte = MiReserveAlignedSystemPtes(SpecialPoolPtes,

                                                 SystemPteSpace,

                                                 /*0x400000*/0); // FIXME:

         if (PointerPte) break;


         /* Reserving didn't work, so try to reduce the requested size */

         ASSERT(SpecialPoolPtes >= PTE_PER_PAGE);

         SpecialPoolPtes -= PTE_PER_PAGE;

     } while (SpecialPoolPtes);


     /* Fail if we couldn't reserve them at all */

     if (!SpecialPoolPtes) return;


     /* Make sure we got enough */

     ASSERT(SpecialPoolPtes >= PTE_PER_PAGE);


     /* Save first PTE and its address */

     MiSpecialPoolFirstPte = PointerPte;

     MmSpecialPoolStart = MiPteToAddress(PointerPte);


     for (i = 0; i < PTE_PER_PAGE / 2; i++)

     {

         /* Point it to the next entry */

         PointerPte->u.List.NextEntry = &PointerPte[2] - MmSystemPteBase;


         /* Move to the next pair */

         PointerPte += 2;

     }


     /* Save extra values */

     MiSpecialPoolExtra = PointerPte;

     MiSpecialPoolExtraCount = SpecialPoolPtes - PTE_PER_PAGE;


     /* Mark the previous PTE as the last one */

     MiSpecialPoolLastPte = PointerPte - 2;

     MiSpecialPoolLastPte->u.List.NextEntry = MM_EMPTY_PTE_LIST;


     /* Save end address of the special pool */

     MmSpecialPoolEnd = MiPteToAddress(MiSpecialPoolLastPte + 1);


     /* Calculate maximum non-paged part of the special pool */

     MiSpecialPagesNonPagedMaximum = MmResidentAvailablePages >> 4;


     /* And limit it if it turned out to be too big */

     if (MmNumberOfPhysicalPages > 0x3FFF)

         MiSpecialPagesNonPagedMaximum = MmResidentAvailablePages >> 3;


     DPRINT1("Special pool start %p - end %p\n", MmSpecialPoolStart, MmSpecialPoolEnd);

     ExpPoolFlags |= POOL_FLAG_SPECIAL_POOL;


     //MiTestSpecialPool();

 }


 NTSTATUS

 NTAPI

 MmExpandSpecialPool(VOID)

 {

     ULONG i;

     PMMPTE PointerPte;


     MI_ASSERT_PFN_LOCK_HELD();


     if (MiSpecialPoolExtraCount == 0)

         return STATUS_INSUFFICIENT_RESOURCES;


     PointerPte = MiSpecialPoolExtra;

     ASSERT(MiSpecialPoolFirstPte == MiSpecialPoolLastPte);

     ASSERT(MiSpecialPoolFirstPte->u.List.NextEntry == MM_EMPTY_PTE_LIST);

     MiSpecialPoolFirstPte->u.List.NextEntry = PointerPte - MmSystemPteBase;


     ASSERT(MiSpecialPoolExtraCount >= PTE_PER_PAGE);

     for (i = 0; i < PTE_PER_PAGE / 2; i++)

     {

         /* Point it to the next entry */

         PointerPte->u.List.NextEntry = &PointerPte[2] - MmSystemPteBase;


         /* Move to the next pair */

         PointerPte += 2;

     }


     /* Save remaining extra values */

     MiSpecialPoolExtra = PointerPte;

     MiSpecialPoolExtraCount -= PTE_PER_PAGE;


     /* Mark the previous PTE as the last one */

     MiSpecialPoolLastPte = PointerPte - 2;

     MiSpecialPoolLastPte->u.List.NextEntry = MM_EMPTY_PTE_LIST;


     /* Save new end address of the special pool */

     MmSpecialPoolEnd = MiPteToAddress(MiSpecialPoolLastPte + 1);


     return STATUS_SUCCESS;

 }


 PVOID

 NTAPI

 MmAllocateSpecialPool(SIZE_T NumberOfBytes, ULONG Tag, POOL_TYPE PoolType, ULONG SpecialType)

 {

     KIRQL Irql;

     MMPTE TempPte = ValidKernelPte;

     PMMPTE PointerPte;

     PFN_NUMBER PageFrameNumber;

     LARGE_INTEGER TickCount;

     PVOID Entry;

     PPOOL_HEADER Header;

     PFN_COUNT PagesInUse;


     DPRINT("MmAllocateSpecialPool(%x %x %x %x)\n", NumberOfBytes, Tag, PoolType, SpecialType);


     /* Check if the pool is initialized and quit if it's not */

     if (!MiSpecialPoolFirstPte) return NULL;


     /* Get the pool type */

     PoolType &= BASE_POOL_TYPE_MASK;


     /* Check whether current IRQL matches the pool type */

     Irql = KeGetCurrentIrql();


     if (((PoolType == PagedPool) && (Irql > APC_LEVEL)) ||

         ((PoolType != PagedPool) && (Irql > DISPATCH_LEVEL)))

     {

         /* Bad caller */

         KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                      Irql,

                      PoolType,

                      NumberOfBytes,

                      0x30);

     }


     /* Some allocations from Mm must never use special pool */

     if (Tag == 'tSmM')

     {

         /* Reject and let normal pool handle it */

         return NULL;

     }


     /* TODO: Take into account various limitations */


     /* Heed the maximum limit of nonpaged pages */

     if ((PoolType == NonPagedPool) &&

         (MiSpecialPagesNonPaged > MiSpecialPagesNonPagedMaximum))

     {

         return NULL;

     }


     /* Lock PFN database */

     Irql = MiAcquirePfnLock();


     /* Reject allocation in case amount of available pages is too small */

     if (MmAvailablePages < 0x100)

     {

         /* Release the PFN database lock */

         MiReleasePfnLock(Irql);

         DPRINT1("Special pool: MmAvailablePages 0x%x is too small\n", MmAvailablePages);

         return NULL;

     }


     /* Check if special pool PTE list is exhausted */

     if (MiSpecialPoolFirstPte->u.List.NextEntry == MM_EMPTY_PTE_LIST)

     {

         /* Try to expand it */

         if (!NT_SUCCESS(MmExpandSpecialPool()))

         {

             /* No reserves left, reject this allocation */

             static int once;

             MiReleasePfnLock(Irql);

             if (!once++) DPRINT1("Special pool: No PTEs left!\n");

             return NULL;

         }

         ASSERT(MiSpecialPoolFirstPte->u.List.NextEntry != MM_EMPTY_PTE_LIST);

     }


     /* Save allocation time */

     KeQueryTickCount(&TickCount);


     /* Get a pointer to the first PTE */

     PointerPte = MiSpecialPoolFirstPte;


     /* Set the first PTE pointer to the next one in the list */

     MiSpecialPoolFirstPte = MmSystemPteBase + PointerPte->u.List.NextEntry;


     /* Allocate a physical page */

     if (PoolType == PagedPool)

     {

         MI_SET_USAGE(MI_USAGE_PAGED_POOL);

     }

     else

     {

         MI_SET_USAGE(MI_USAGE_NONPAGED_POOL);

     }

     MI_SET_PROCESS2("Kernel-Special");

     PageFrameNumber = MiRemoveAnyPage(MI_GET_NEXT_COLOR());


     /* Initialize PFN and make it valid */

     TempPte.u.Hard.PageFrameNumber = PageFrameNumber;

     MiInitializePfnAndMakePteValid(PageFrameNumber, PointerPte, TempPte);


     /* Release the PFN database lock */

     MiReleasePfnLock(Irql);


     /* Increase page counter */

     PagesInUse = InterlockedIncrementUL(&MmSpecialPagesInUse);

     if (PagesInUse > MmSpecialPagesInUsePeak)

         MmSpecialPagesInUsePeak = PagesInUse;


     /* Put some content into the page. Low value of tick count would do */

     Entry = MiPteToAddress(PointerPte);

     RtlFillMemory(Entry, PAGE_SIZE, TickCount.LowPart);


     /* Calculate header and entry addresses */

     if ((SpecialType != 0) &&

         ((SpecialType == 1) || (!MmSpecialPoolCatchOverruns)))

     {

         /* We catch underruns. Data is at the beginning of the page */

         Header = (PPOOL_HEADER)((PUCHAR)Entry + PAGE_SIZE - sizeof(POOL_HEADER));

     }

     else

     {

         /* We catch overruns. Data is at the end of the page */

         Header = (PPOOL_HEADER)Entry;

         Entry = (PVOID)((ULONG_PTR)((PUCHAR)Entry - NumberOfBytes + PAGE_SIZE) & ~((LONG_PTR)sizeof(POOL_HEADER) - 1));

     }


     /* Initialize the header */

     RtlZeroMemory(Header, sizeof(POOL_HEADER));


     /* Save allocation size there */

     Header->Ulong1 = (ULONG)NumberOfBytes;


     /* Make sure it's all good */

     ASSERT((NumberOfBytes <= PAGE_SIZE - sizeof(POOL_HEADER)) &&

            (PAGE_SIZE <= 32 * 1024));


     /* Mark it as paged or nonpaged */

     if (PoolType == PagedPool)

     {

         /* Add pagedpool flag into the pool header too */

         Header->Ulong1 |= SPECIAL_POOL_PAGED;


         /* Also mark the next PTE as special-pool-paged */

         PointerPte[1].u.Soft.PageFileHigh |= SPECIAL_POOL_PAGED_PTE;


         /* Increase pagable counter */

         PagesInUse = InterlockedIncrementUL(&MiSpecialPagesPagable);

         if (PagesInUse > MiSpecialPagesPagablePeak)

             MiSpecialPagesPagablePeak = PagesInUse;

     }

     else

     {

         /* Mark the next PTE as special-pool-nonpaged */

         PointerPte[1].u.Soft.PageFileHigh |= SPECIAL_POOL_NONPAGED_PTE;


         /* Increase nonpaged counter */

         PagesInUse = InterlockedIncrementUL(&MiSpecialPagesNonPaged);

         if (PagesInUse > MiSpecialPagesNonPagedPeak)

             MiSpecialPagesNonPagedPeak = PagesInUse;

     }


     /* Finally save tag and put allocation time into the header's blocksize.

        That time will be used to check memory consistency within the allocated

        page. */

     Header->PoolTag = Tag;

     Header->BlockSize = (UCHAR)TickCount.LowPart;

     DPRINT("%p\n", Entry);

     return Entry;

 }


 VOID

 NTAPI

 MiSpecialPoolCheckPattern(PUCHAR P, PPOOL_HEADER Header)

 {

     ULONG BytesToCheck, BytesRequested, Index;

     PUCHAR Ptr;


     /* Get amount of bytes user requested to be allocated by clearing out the paged mask */

     BytesRequested = (Header->Ulong1 & ~SPECIAL_POOL_PAGED) & 0xFFFF;

     ASSERT(BytesRequested <= PAGE_SIZE - sizeof(POOL_HEADER));


     /* Get a pointer to the end of user's area */

     Ptr = P + BytesRequested;


     /* Calculate how many bytes to check */

     BytesToCheck = (ULONG)((PUCHAR)PAGE_ALIGN(P) + PAGE_SIZE - Ptr);


     /* Remove pool header size if we're catching underruns */

     if (((ULONG_PTR)P & (PAGE_SIZE - 1)) == 0)

     {

         /* User buffer is located in the beginning of the page */

         BytesToCheck -= sizeof(POOL_HEADER);

     }


     /* Check the pattern after user buffer */

     for (Index = 0; Index < BytesToCheck; Index++)

     {

         /* Bugcheck if bytes don't match */

         if (Ptr[Index] != Header->BlockSize)

         {

             KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                          (ULONG_PTR)P,

                          (ULONG_PTR)&Ptr[Index],

                          Header->BlockSize,

                          0x24);

         }

     }

 }


 VOID

 NTAPI

 MmFreeSpecialPool(PVOID P)

 {

     PMMPTE PointerPte;

     PPOOL_HEADER Header;

     BOOLEAN Overruns = FALSE;

     KIRQL Irql = KeGetCurrentIrql();

     POOL_TYPE PoolType;

     ULONG BytesRequested, BytesReal = 0;

     ULONG PtrOffset;

     PUCHAR b;

     PMI_FREED_SPECIAL_POOL FreedHeader;

     LARGE_INTEGER TickCount;

     PMMPFN Pfn;


     DPRINT("MmFreeSpecialPool(%p)\n", P);


     /* Get the PTE */

     PointerPte = MiAddressToPte(P);


     /* Check if it's valid */

     if (PointerPte->u.Hard.Valid == 0)

     {

         /* Bugcheck if it has NOACCESS or 0 set as protection */

         if (PointerPte->u.Soft.Protection == MM_NOACCESS ||

             !PointerPte->u.Soft.Protection)

         {

             KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                          (ULONG_PTR)P,

                          (ULONG_PTR)PointerPte,

                          0,

                          0x20);

         }

     }


     /* Determine if it's a underruns or overruns pool pointer */

     PtrOffset = (ULONG)((ULONG_PTR)P & (PAGE_SIZE - 1));

     if (PtrOffset)

     {

         /* Pool catches overruns */

         Header = PAGE_ALIGN(P);

         Overruns = TRUE;

     }

     else

     {

         /* Pool catches underruns */

         Header = (PPOOL_HEADER)((PUCHAR)PAGE_ALIGN(P) + PAGE_SIZE - sizeof(POOL_HEADER));

     }


     /* Check if it's non paged pool */

     if ((Header->Ulong1 & SPECIAL_POOL_PAGED) == 0)

     {

         /* Non-paged allocation, ensure that IRQ is not higher that DISPATCH */

         PoolType = NonPagedPool;

         ASSERT(PointerPte[1].u.Soft.PageFileHigh == SPECIAL_POOL_NONPAGED_PTE);

         if (Irql > DISPATCH_LEVEL)

         {

             KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                          Irql,

                          PoolType,

                          (ULONG_PTR)P,

                          0x31);

         }

     }

     else

     {

         /* Paged allocation, ensure */

         PoolType = PagedPool;

         ASSERT(PointerPte[1].u.Soft.PageFileHigh == SPECIAL_POOL_PAGED_PTE);

         if (Irql > APC_LEVEL)

         {

             KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                          Irql,

                          PoolType,

                          (ULONG_PTR)P,

                          0x31);

         }

     }


     /* Get amount of bytes user requested to be allocated by clearing out the paged mask */

     BytesRequested = (Header->Ulong1 & ~SPECIAL_POOL_PAGED) & 0xFFFF;

     ASSERT(BytesRequested <= PAGE_SIZE - sizeof(POOL_HEADER));


     /* Check memory before the allocated user buffer in case of overruns detection */

     if (Overruns)

     {

         /* Calculate the real placement of the buffer */

         BytesReal = PAGE_SIZE - PtrOffset;


         /* If they mismatch, it's unrecoverable */

         if (BytesRequested > BytesReal)

         {

             KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                          (ULONG_PTR)P,

                          BytesRequested,

                          BytesReal,

                          0x21);

         }


         if (BytesRequested + sizeof(POOL_HEADER) < BytesReal)

         {

             KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                          (ULONG_PTR)P,

                          BytesRequested,

                          BytesReal,

                          0x22);

         }


         /* Actually check the memory pattern */

         for (b = (PUCHAR)(Header + 1); b < (PUCHAR)P; b++)

         {

             if (*b != Header->BlockSize)

             {

                 /* Bytes mismatch */

                 KeBugCheckEx(SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION,

                              (ULONG_PTR)P,

                              (ULONG_PTR)b,

                              Header->BlockSize,

                              0x23);

             }

         }

     }


     /* Check the memory pattern after the user buffer */

     MiSpecialPoolCheckPattern(P, Header);


     /* Fill the freed header */

     KeQueryTickCount(&TickCount);

     FreedHeader = (PMI_FREED_SPECIAL_POOL)PAGE_ALIGN(P);

     FreedHeader->Signature = 0x98764321;

     FreedHeader->TickCount = TickCount.LowPart;

     FreedHeader->NumberOfBytesRequested = BytesRequested;

     FreedHeader->Pagable = PoolType;

     FreedHeader->VirtualAddress = P;

     FreedHeader->Thread = PsGetCurrentThread();

     /* TODO: Fill StackPointer and StackBytes */

     FreedHeader->StackPointer = NULL;

     FreedHeader->StackBytes = 0;


     if (PoolType == NonPagedPool)

     {

         /* Non pagable. Get PFN element corresponding to the PTE */

         Pfn = MI_PFN_ELEMENT(PointerPte->u.Hard.PageFrameNumber);


         /* Count the page as free */

         InterlockedDecrementUL(&MiSpecialPagesNonPaged);


         /* Lock PFN database */

         Irql = MiAcquirePfnLock();


         /* Delete this PFN */

         MI_SET_PFN_DELETED(Pfn);


         /* Decrement share count of this PFN */

         MiDecrementShareCount(Pfn, PointerPte->u.Hard.PageFrameNumber);


         MI_ERASE_PTE(PointerPte);


         /* Flush the TLB */

         //FIXME: Use KeFlushSingleTb() instead

         KeFlushEntireTb(TRUE, TRUE);

     }

     else

     {

         /* Pagable. Delete that virtual address */

         MiDeleteSystemPageableVm(PointerPte, 1, 0, NULL);


         /* Count the page as free */

         InterlockedDecrementUL(&MiSpecialPagesPagable);


         /* Lock PFN database */

         Irql = MiAcquirePfnLock();

     }


     /* Mark next PTE as invalid */

     MI_ERASE_PTE(PointerPte + 1);


     /* Make sure that the last entry is really the last one */

     ASSERT(MiSpecialPoolLastPte->u.List.NextEntry == MM_EMPTY_PTE_LIST);


     /* Update the current last PTE next pointer */

     MiSpecialPoolLastPte->u.List.NextEntry = PointerPte - MmSystemPteBase;


     /* PointerPte becomes the new last PTE */

     PointerPte->u.List.NextEntry = MM_EMPTY_PTE_LIST;

     MiSpecialPoolLastPte = PointerPte;


     /* Release the PFN database lock */

     MiReleasePfnLock(Irql);


     /* Update page counter */

     InterlockedDecrementUL(&MmSpecialPagesInUse);

 }


 VOID

 NTAPI

 MiTestSpecialPool(VOID)

 {

     ULONG i;

     PVOID p1, p2[100];

     //PUCHAR p3;

     ULONG ByteSize;

     POOL_TYPE PoolType = PagedPool;


     // First allocate/free

     for (i=0; i<100; i++)

     {

         ByteSize = (100 * (i+1)) % (PAGE_SIZE - sizeof(POOL_HEADER));

         p1 = MmAllocateSpecialPool(ByteSize, 'TEST', PoolType, 0);

         DPRINT1("p1 %p size %lu\n", p1, ByteSize);

         MmFreeSpecialPool(p1);

     }


     // Now allocate all at once, then free at once

     for (i=0; i<100; i++)

     {

         ByteSize = (100 * (i+1)) % (PAGE_SIZE - sizeof(POOL_HEADER));

         p2[i] = MmAllocateSpecialPool(ByteSize, 'TEST', PoolType, 0);

         DPRINT1("p2[%lu] %p size %lu\n", i, p1, ByteSize);

     }

     for (i=0; i<100; i++)

     {

         DPRINT1("Freeing %p\n", p2[i]);

         MmFreeSpecialPool(p2[i]);

     }


     // Overrun the buffer to test

     //ByteSize = 16;

     //p3 = MmAllocateSpecialPool(ByteSize, 'TEST', NonPagedPool, 0);

     //p3[ByteSize] = 0xF1; // This should cause an exception


     // Underrun the buffer to test

     //p3 = MmAllocateSpecialPool(ByteSize, 'TEST', NonPagedPool, 1);

     //p3--;

     //*p3 = 0xF1; // This should cause an exception


 }


 /* EOF */

PVOID
DWORD *typedef PVOID
Definition: winlogon.h:60

KeGetCurrentIrql
#define KeGetCurrentIrql()
Definition: env_spec_w32.h:706

MiTestSpecialPool
VOID NTAPI MiTestSpecialPool(VOID)
Definition: special.c:652

MI_ERASE_PTE
FORCEINLINE VOID MI_ERASE_PTE(IN PMMPTE PointerPte)
Definition: miarm.h:959

MmResidentAvailablePages
PFN_NUMBER MmResidentAvailablePages
Definition: freelist.c:27

IN
#define IN
Definition: typedefs.h:38

MiSpecialPoolExtraCount
ULONG MiSpecialPoolExtraCount
Definition: special.c:41

TRUE
#define TRUE
Definition: types.h:120

NonPagedPool
Definition: ketypes.h:866

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

_POOL_HEADER::PoolTag
ULONG PoolTag
Definition: kmt_test_kernel.h:91

MI_ASSERT_PFN_LOCK_HELD
#define MI_ASSERT_PFN_LOCK_HELD()
Definition: mm.h:910

MmIsSpecialPoolAddressFree
BOOLEAN NTAPI MmIsSpecialPoolAddressFree(PVOID P)
Definition: special.c:103

_MMPTE_LIST::NextEntry
ULONG64 NextEntry
Definition: mmtypes.h:145

Entry
struct _Entry Entry
Definition: kefuncs.h:640

PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81

_MI_FREED_SPECIAL_POOL::OverlaidPoolHeader
POOL_HEADER OverlaidPoolHeader
Definition: special.c:58

PtrOffset
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1557

PFN_COUNT
ULONG PFN_COUNT
Definition: mmtypes.h:102

ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel)?(CompletionRoutine!=NULL):TRUE)

MM_EMPTY_PTE_LIST
#define MM_EMPTY_PTE_LIST
Definition: mm.h:83

POOL_FLAG_SPECIAL_POOL
#define POOL_FLAG_SPECIAL_POOL
Definition: miarm.h:262

STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2690

PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3

MmNumberOfSystemPtes
ULONG MmNumberOfSystemPtes
Definition: init.c:42

Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898

MmAllocateSpecialPool
PVOID NTAPI MmAllocateSpecialPool(SIZE_T NumberOfBytes, ULONG Tag, POOL_TYPE PoolType, ULONG SpecialType)
Definition: special.c:245

MI_USAGE_PAGED_POOL
Definition: mm.h:258

MI_GET_NEXT_COLOR
#define MI_GET_NEXT_COLOR()
Definition: miarm.h:211

MM_NOACCESS
#define MM_NOACCESS
Definition: miarm.h:69

MiAcquirePfnLock
FORCEINLINE KIRQL MiAcquirePfnLock(VOID)
Definition: mm.h:875

_MI_FREED_SPECIAL_POOL::Thread
PETHREAD Thread
Definition: special.c:67

POOL_HEADER
struct _POOL_HEADER POOL_HEADER

Alignment_
Definition: ftraster.c:320

u
GLenum GLclampf GLint GLenum GLuint GLenum GLenum GLsizei GLenum const GLvoid GLfloat GLfloat GLfloat GLfloat GLclampd GLint GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean GLboolean GLboolean GLboolean GLint GLenum GLsizei const GLvoid GLenum GLint GLenum GLint GLint GLsizei GLint GLenum GLint GLint GLint GLint GLsizei GLenum GLsizei const GLuint GLboolean GLenum GLenum GLint GLsizei GLenum GLsizei GLenum const GLvoid GLboolean const GLboolean GLenum const GLdouble * u
Definition: glfuncs.h:88

MmAvailablePages
PFN_NUMBER MmAvailablePages
Definition: freelist.c:26

_MI_FREED_SPECIAL_POOL::StackBytes
ULONG StackBytes
Definition: special.c:66

Irql
_Out_ PKIRQL Irql
Definition: csq.h:179

PAGE_ROUND_UP
#define PAGE_ROUND_UP(x)
Definition: scsiport_int.h:13

MiReleasePfnLock
FORCEINLINE VOID MiReleasePfnLock(_In_ KIRQL OldIrql)
Definition: mm.h:882

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63

p2
const GLfloat * p2
Definition: s_aatritemp.h:44

MiSpecialPoolLastPte
PMMPTE MiSpecialPoolLastPte
Definition: special.c:44

MmSpecialPoolEnd
PVOID MmSpecialPoolEnd
Definition: special.c:39

KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591

i
GLenum GLclampf GLint i
Definition: glfuncs.h:14

MiAddressToPte
#define MiAddressToPte(x)
Definition: mmx86.c:19

MmSpecialPoolTag
ULONG MmSpecialPoolTag
Definition: pool.c:27

miarm.h

PFN_NUMBER
ULONG PFN_NUMBER
Definition: ke.h:8

MiSpecialPagesNonPagedPeak
PFN_COUNT MiSpecialPagesNonPagedPeak
Definition: special.c:51

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

FALSE
#define FALSE
Definition: types.h:117

_POOL_HEADER::BlockSize
USHORT BlockSize
Definition: kmt_test_kernel.h:77

Header
Definition: Header.h:8

MI_FREED_SPECIAL_POOL
struct _MI_FREED_SPECIAL_POOL MI_FREED_SPECIAL_POOL

MiSpecialPagesPagable
PFN_COUNT MiSpecialPagesPagable
Definition: special.c:48

_MI_FREED_SPECIAL_POOL
Definition: special.c:56

SPECIAL_POOL_PAGED_PTE
#define SPECIAL_POOL_PAGED_PTE
Definition: special.c:34

MI_SET_PROCESS2
#define MI_SET_PROCESS2(x)
Definition: mm.h:252

MmUseSpecialPool
BOOLEAN NTAPI MmUseSpecialPool(SIZE_T NumberOfBytes, ULONG Tag)
Definition: special.c:77

NULL
smooth NULL
Definition: ftsmooth.c:416

MiPteToAddress
PVOID FORCEINLINE MiPteToAddress(PMMPTE PointerPte)
Definition: mm.h:197

DPRINT
void DPRINT(...)
Definition: polytest.cpp:61

MiDecrementShareCount
VOID NTAPI MiDecrementShareCount(IN PMMPFN Pfn1, IN PFN_NUMBER PageFrameIndex)
Definition: pfnlist.c:1133

_ETHREAD
Definition: pstypes.h:1032

BASE_POOL_TYPE_MASK
#define BASE_POOL_TYPE_MASK
Definition: ExPools.c:15

MI_SET_USAGE
#define MI_SET_USAGE(x)
Definition: mm.h:251

_MMPTE_SOFTWARE::Protection
ULONG64 Protection
Definition: mmtypes.h:88

PPOOL_HEADER
struct _POOL_HEADER * PPOOL_HEADER

_MI_FREED_SPECIAL_POOL::NumberOfBytesRequested
ULONG NumberOfBytesRequested
Definition: special.c:62

_MI_FREED_SPECIAL_POOL::StackData
UCHAR StackData[0x400]
Definition: special.c:68

KeQueryTickCount
VOID NTAPI KeQueryTickCount(IN PLARGE_INTEGER TickCount)
Definition: clock.c:165

KeFlushEntireTb
VOID NTAPI KeFlushEntireTb(IN BOOLEAN Invalid, IN BOOLEAN AllProcessors)
Definition: cpu.c:413

b
#define b
Definition: ke_i.h:79

_MI_FREED_SPECIAL_POOL::TickCount
ULONG TickCount
Definition: special.c:61

MiSpecialPagesNonPagedMaximum
PFN_COUNT MiSpecialPagesNonPagedMaximum
Definition: special.c:52

MiSpecialPoolExtra
PVOID MiSpecialPoolExtra
Definition: special.c:40

BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:24

_MMPTE::List
MMPTE_LIST List
Definition: mmtypes.h:222

POOL_TYPE
INT POOL_TYPE
Definition: typedefs.h:76

_MMPTE_HARDWARE::Valid
ULONG64 Valid
Definition: mmtypes.h:150

Index
static const UCHAR Index[8]
Definition: usbohci.c:11

MMSYSTEM_PTE_POOL_TYPE
enum _MMSYSTEM_PTE_POOL_TYPE MMSYSTEM_PTE_POOL_TYPE

PAGE_ALIGN
#define PAGE_ALIGN(Va)

PTE_PER_PAGE
#define PTE_PER_PAGE
Definition: mm.h:19

MiSpecialPagesNonPaged
PFN_COUNT MiSpecialPagesNonPaged
Definition: special.c:50

TempPte
HARDWARE_PTE_ARMV6 TempPte
Definition: winldr.c:75

ValidKernelPte
MMPTE ValidKernelPte
Definition: init.c:31

MiInitializeSpecialPool
VOID NTAPI MiInitializeSpecialPool(VOID)
Definition: special.c:123

UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

MI_PFN_ELEMENT
FORCEINLINE PMMPFN MI_PFN_ELEMENT(IN PFN_NUMBER Pfn)
Definition: miarm.h:1393

PoolType
IN REFCLSID IN PUNKNOWN IN POOL_TYPE PoolType
Definition: unknown.h:68

_MMPTE_SOFTWARE::PageFileHigh
ULONG64 PageFileHigh
Definition: mmtypes.h:93

NumberOfBytes
IN SIZE_T NumberOfBytes
Definition: ndis.h:3915

_MMPFN
Definition: mm.h:303

InterlockedDecrementUL
#define InterlockedDecrementUL(Addend)
Definition: ex.h:1466

_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:104

PAGE_SIZE
#define PAGE_SIZE
Definition: env_spec_w32.h:49

MiSpecialPoolCheckPattern
VOID NTAPI MiSpecialPoolCheckPattern(PUCHAR P, PPOOL_HEADER Header)
Definition: special.c:418

MmSpecialPoolCatchOverruns
BOOLEAN MmSpecialPoolCatchOverruns
Definition: special.c:54

PagedPool
Definition: ketypes.h:867

SPECIAL_POOL_PAGED
#define SPECIAL_POOL_PAGED
Definition: special.c:36

MmIsSpecialPoolAddress
BOOLEAN NTAPI MmIsSpecialPoolAddress(PVOID P)
Definition: special.c:95

_MMPTE
Definition: mmtypes.h:211

MiDeleteSystemPageableVm
PFN_COUNT NTAPI MiDeleteSystemPageableVm(IN PMMPTE PointerPte, IN PFN_NUMBER PageCount, IN ULONG Flags, OUT PPFN_NUMBER ValidPages)
Definition: virtual.c:297

MmSpecialPagesInUse
PFN_COUNT MmSpecialPagesInUse
Definition: special.c:46

_MMPTE::u
union _MMPTE::@2170 u

DISPATCH_LEVEL
#define DISPATCH_LEVEL
Definition: env_spec_w32.h:696

MiRemoveAnyPage
PFN_NUMBER NTAPI MiRemoveAnyPage(IN ULONG Color)
Definition: pfnlist.c:475

MiReserveAlignedSystemPtes
PMMPTE NTAPI MiReserveAlignedSystemPtes(IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType, IN ULONG Alignment)
Definition: syspte.c:88

MmExpandSpecialPool
NTSTATUS NTAPI MmExpandSpecialPool(VOID)
Definition: special.c:204

SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:78

_MMPTE::Hard
MMPTE_HARDWARE Hard
Definition: mmtypes.h:217

MI_SET_PFN_DELETED
#define MI_SET_PFN_DELETED(x)
Definition: miarm.h:163

MmNumberOfPhysicalPages
PFN_COUNT MmNumberOfPhysicalPages
Definition: init.c:48

_POOL_HEADER::Ulong1
ULONG Ulong1
Definition: kmt_test_kernel.h:81

SystemPteSpace
Definition: miarm.h:382

InterlockedIncrementUL
#define InterlockedIncrementUL(Addend)
Definition: ex.h:1469

MmSpecialPoolStart
PVOID MmSpecialPoolStart
Definition: special.c:38

_MMPTE::Soft
MMPTE_SOFTWARE Soft
Definition: mmtypes.h:219

MI_USAGE_NONPAGED_POOL
Definition: mm.h:259

MmSystemPteBase
PMMPTE MmSystemPteBase
Definition: syspte.c:21

_LARGE_INTEGER
Definition: typedefs.h:100

DPRINT1
#define DPRINT1
Definition: precomp.h:8

SPECIAL_POOL_NONPAGED_PTE
#define SPECIAL_POOL_NONPAGED_PTE
Definition: special.c:35

Tag
IN ULONG IN ULONG Tag
Definition: evtlib.h:159

PMI_FREED_SPECIAL_POOL
struct _MI_FREED_SPECIAL_POOL * PMI_FREED_SPECIAL_POOL

_MI_FREED_SPECIAL_POOL::Signature
ULONG Signature
Definition: special.c:60

MiSpecialPagesPagablePeak
PFN_COUNT MiSpecialPagesPagablePeak
Definition: special.c:49

ExpPoolFlags
ULONG ExpPoolFlags
Definition: expool.c:47

_POOL_HEADER
Definition: kmt_test_kernel.h:63

MiInitializePfnAndMakePteValid
VOID NTAPI MiInitializePfnAndMakePteValid(IN PFN_NUMBER PageFrameIndex, IN PMMPTE PointerPte, IN MMPTE TempPte)
Definition: pfnlist.c:1036

ULONG
unsigned int ULONG
Definition: retypes.h:1

RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261

_MMPTE_HARDWARE::PageFrameNumber
ULONG64 PageFrameNumber
Definition: mmtypes.h:171

MmSpecialPagesInUsePeak
PFN_COUNT MmSpecialPagesInUsePeak
Definition: special.c:47

void
Definition: nsiface.idl:2306

MmFreeSpecialPool
VOID NTAPI MmFreeSpecialPool(PVOID P)
Definition: special.c:457

p1
const GLfloat * p1
Definition: s_aatritemp.h:43

_MI_FREED_SPECIAL_POOL::StackPointer
PVOID StackPointer
Definition: special.c:65

_MI_FREED_SPECIAL_POOL::VirtualAddress
PVOID VirtualAddress
Definition: special.c:64

ByteSize
_IRQL_requires_same_ _In_ CLONG ByteSize
Definition: rtltypes.h:389

RtlFillMemory
#define RtlFillMemory(Dest, Length, Fill)
Definition: winternl.h:593

APC_LEVEL
#define APC_LEVEL
Definition: env_spec_w32.h:695

MiSpecialPoolFirstPte
PMMPTE MiSpecialPoolFirstPte
Definition: special.c:43

KeBugCheckEx
VOID NTAPI KeBugCheckEx(_In_ ULONG BugCheckCode, _In_ ULONG_PTR BugCheckParameter1, _In_ ULONG_PTR BugCheckParameter2, _In_ ULONG_PTR BugCheckParameter3, _In_ ULONG_PTR BugCheckParameter4)
Definition: rtlcompat.c:94

_MI_FREED_SPECIAL_POOL::Pagable
BOOLEAN Pagable
Definition: special.c:63

LONG_PTR
#define LONG_PTR
Definition: generated.c:25

P
#define P(row, col)
Definition: m_matrix.c:147