Memory Map (x86)

Memory Map (x86)

Revision as of 05:41, 22 May 2012 by  Amirsaniyan  (Talk | contribs)
( diff← Older revision | Latest revision (diff) | Newer revision → (diff)

This article describes the contents of the computer's physical memory at the moment that the BIOS jumps to your bootloader code.

Contents

 [hide

"Low" memory (< 1 MiB)

When a typical x86 PC boots it will be in Real Mode, with an active BIOS. During the time the CPU remains in Real Mode, IRQ0 (the clock) will fire repeatedly, and the hardware that is used to boot the PC (floppy, hard disk, CD, Network card, USB) will also generate IRQs. This means that during the PC boot process, the Real Mode IVT (see below) must be carefully preserved, because it is being used.

When the IVT is activated by an IRQ, it will call a BIOS routine to handle the IRQ. Bootloaders will also access BIOS functions. This means that the two memory workspaces that the BIOS uses (the BDA and the EBDA) must also be carefully preserved during boot. Also, every time the BIOS handles an IRQ0 (18 times a second), several bytes in the BDA get overwritten by the BIOS -- so do not attempt to store anything there while IRQs are active in Real Mode.

After all the BIOS functions have been called, and your kernel is loaded into memory somewhere, the bootloader or kernel may exit Real Mode forever (often by going into 32bit Protected Mode). If the kernel never uses Real Mode again, then the first 0x500 bytes of memory in the PC may be reused and overwritten. (However, it is very common to temporarily return to Real Mode in order to change the Video Display Mode.)

When the CPU is in Protected Mode, System Management Mode (SMM) is still invisibly active, and cannot be shut off. SMM also seems to use the EBDA. So the EBDA memory area should never be overwritten.

Note: the EBDA is a variable-sized memory area (on different BIOSes). If it exists, it is always immediately below 0xA0000 in memory. It is absolutely guaranteed to be less than 128 KiB in size. It is often 1 KiB. The biggest ones ever actually seen are 8 KiB. You can determine the size of the EBDA by using BIOS function INT 12h, or (often) by examining the word at 0x40E in the BDA (see below). Both of those methods will tell you the location of the bottom of the EBDA.

It should also be noted that your bootloader code is probably loaded and running in memory at physical addresses 0x7C00 through 0x7DFF. So that memory area is likely to also be unusable until execution has been transferred to a second stage bootloader, or to your kernel.

Overview

startendsizetypedescription
Low Memory (the first MiB)
0x000000000x000003FF1 KiBRAM - partially unusable (see above)Real Mode IVT (Interrupt Vector Table)
0x000004000x000004FF256 bytesRAM - partially unusable (see above)BDA (BIOS data area)
0x000005000x00007BFFalmost 30 KiBRAM (guaranteed free for use)Conventional memory
0x00007C00 (typical location)0x00007DFF512 bytesRAM - partially unusable (see above)Your OS BootSector
0x00007E000x0007FFFF480.5 KiBRAM (guaranteed free for use)Conventional memory
0x000800000x0009FBFFapproximately 120 KiB, depending on EBDA sizeRAM (free for use, if it exists)Conventional memory
0x0009FC00 (typical location)0x0009FFFF1 KiBRAM (unusable)EBDA (Extended BIOS Data Area)
0x000A00000x000FFFFF384 KiBvarious (unusable)Video memory, ROM Area

BIOS Data Area (BDA)

The BDA is only partially standardized, and almost all the values stored there are completely obsolete and uninteresting. The following is a partial list. See the External Links references below for more detail.

address (size)description
0x0400 (4 words)IO ports for COM1-COM4 serial (each address is 1 word, zero if none)
0x0408 (3 words)IO ports for LPT1-LPT3 parallel (each address is 1 word, zero if none)
0x040E (word)EBDA base address >> 4 (usually!)
0x0410 (word)packed bit flags for detected hardware
0x0417 (word)keyboard state flags
0x041E (32 bytes)keyboard buffer
0x0449 (byte)Display Mode
0x044A (word)number of columns in text mode
0x0463 (2 bytes, taken as a word)base IO port for video
0x046C (word)# of IRQ0 timer ticks since boot
0x0475 (byte)# of hard disk drives detected
0x0480 (word)keyboard buffer start
0x0482 (word)keyboard buffer end
0x0497 (byte)last keyboard LED/Shift key state


Extended BIOS Data Area (EBDA)

You may see "maps" of the EBDA if you search the web. However, those maps are for the original IBM BIOS EBDA. They do not apply to any current EBDA, used by any current BIOS. The EBDA area is not standardized. It does contain data that your OS will need, but you must do a bytewise pattern search to find those tables. (SeePlug-and-Play.)

ROM Area

startendsizeregion/exceptiondescription
Standard usage of the ROM Area
0x000A00000x000BFFFF128 KiBvideo RAMVGA display memory
0x000C00000x000C7FFF32 KiB (typically)ROMVideo BIOS
0x000C80000x000EFFFF160 KiB (typically)ROMs and unusable spaceMapped hardware & Misc.
0x000F00000x000FFFFF64 KiBROMMotherboard BIOS

"Upper" Memory (> 1 MiB)

The region of RAM above 1 MiB is not standardized, well-defined, or contiguous. There are likely to be regions of it that contain memory mapped hardware, that nothing but a device driver should ever access. There are likely to be regions of it that contain ACPI tables which your initialization code will probably want to read, and that then can be overwritten and reused. Some ACPI areas cannot be "reclaimed" this way. Some of the computer's RAM may extend above 4 GiB.

Use the BIOS function INT 15h, EAX=0xE820 to get a reliable map of Upper Memory.


startendsizeregion/exceptiondescription
High Memory
0x001000000x00EFFFFF0x00E00000 (14 MiB)RAM -- free for use (if it exists)Extended memory 1, 2
0x00F000000x00FFFFFF0x00100000 (1 MiB)Possible memory mapped hardwareISA Memory Hole 15-16MB 3
0x01000000 ???????? ???????? (whatever exists)RAM -- free for useMore Extended memory 1
0xC0000000 (sometimes, depends on motherboard and devices)0xFFFFFFFF0x40000000 (1 GiB)various (typically reserved for memory mapped devices)Memory mapped PCI devices, PnP NVRAM?, IO APIC/s, local APIC/s, BIOS, ...
0x0000000100000000 (possible memory above 4 GiB) ???????????????? ???????????????? (whatever exists)RAM -- free for use (PAE/64bit)More Extended memory 1
 ???????????????? ???????????????? ????????????????Possible memory mapped hardwarePotentially usable for memory mapped PCI devices in modern hardware (but typically not, due to backward compatibility)

1: Different computers have different amounts of RAM, therefore the amount of extended memory you might find will vary and may be anything from "none" (e.g. an old 80386 system) to "lots".

2: Free for use except that your bootloader (ie. GRUB) may have loaded your "modules" here, and you don't want to overwrite those.

3: The "ISA Memory Hole" (from 0x00F00000 to 0x00FFFFFF) was used for memory mapped ISA devices (e.g. video cards). Modern computers have no need for this hole, but some chipsets still support it (as an optional feature) and some motherboards may still allow it to be enabled with BIOS options, so it may exist in a modern computers with no ISA devices.



在Windows下,x64和x86共享内存的方式是一样的。以下是一个简单的示例代码: ``` #include <windows.h> int main() { HANDLE hMapFile; LPCTSTR pBuf; hMapFile = CreateFileMapping( INVALID_HANDLE_VALUE, // Use paging file NULL, // Default security PAGE_READWRITE, // Read/write access 0, // Maximum object size (high-order DWORD) 1024, // Maximum object size (low-order DWORD) L"Local\\MyFileMappingObject"); // Name of the mapping object pBuf = (LPTSTR)MapViewOfFile( hMapFile, // Handle to mapping object FILE_MAP_ALL_ACCESS, // Read/write permission 0, 0, 1024); CopyMemory((PVOID)pBuf, "Hello, shared memory!", sizeof("Hello, shared memory!")); // Unmap the shared memory UnmapViewOfFile(pBuf); // Close the handle to the mapping object CloseHandle(hMapFile); return 0; } ``` 这段代码创建了一个大小为1024字节的共享内存对象,并将其命名为"Local\MyFileMappingObject"。然后它映射到进程的地址空间中,并使用CopyMemory函数将字符串"Hello, shared memory!"写入共享内存。最后,它取消映射共享内存对象并关闭句柄。 其他进程可以通过使用相同的名称打开共享内存对象来访问该共享内存。例如,以下代码打开相同的共享内存并读取其中的数据: ``` #include <windows.h> int main() { HANDLE hMapFile; LPCTSTR pBuf; hMapFile = OpenFileMapping( FILE_MAP_ALL_ACCESS, // Read/write permission FALSE, // Do not inherit the name L"Local\\MyFileMappingObject"); // Name of the mapping object pBuf = (LPTSTR)MapViewOfFile( hMapFile, // Handle to mapping object FILE_MAP_ALL_ACCESS, // Read/write permission 0, 0, 1024); printf("Data read from shared memory: %s\n", pBuf); // Unmap the shared memory UnmapViewOfFile(pBuf); // Close the handle to the mapping object CloseHandle(hMapFile); return 0; } ``` 这段代码打开了相同的共享内存对象,并通过MapViewOfFile函数映射到进程的地址空间中。然后,它读取共享内存中的数据并将其打印到控制台上。最后,它取消映射共享内存对象并关闭句柄。 需要注意的是,共享内存对象的名称必须以"Local\"开头,否则将无法在多个进程之间共享。此外,不同的进程之间应该协调好共享内存的读写顺序,以避免数据竞争和死锁等问题。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值