Copy-On-Write的问题

Windows内核调试

Copy-On-Write的问题

井底之蛙 2010-09-26, 20:38 下午
最近查了一下Copy-On-Write的资料:
struct   _hardware_pte_x86 (sizeof=4)
       +0 bits0-0 valid
       +0 bits1-1 write
       +0 bits2-2 owner
       +0 bits3-3 writethrough
       +0 bits4-4 cachedisable
       +0 bits5-5 accessed
       +0 bits6-6 dirty
       +0 bits7-7 largepage
       +0 bits8-8 global
       +0 bits9-9 copyonwrite
       +0 bits10-10 prototype
       +0 bits11-11 reserved
       +0 bits12-31 pageframenumber
bits 9 被用于Copy-On-Write机制,但是
我在VMware中的PAE winXP SP2试验,发现ntdll的页面Copy-On-Write没有置位!!我百思不得其解,但我确实观察到了Copy-On-Write,郁闷~~~,我用windbg观察的,参考了http://advdbg.com/blogs/advdbg_system/articles/627.aspx,发现PTE最后12位都是025,大家帮帮忙

Powered by Community Server Powered by CnForums.Net