Does Windbg display addresses as virtual or physical when issuing a command such as

Question

Would someone be able to clarify whether when you type a command at the Windbg command prompt are the 64 bit addresses displayed in the very first column virtual or are they actually physical addresses ?

lkd> uf nt!KiInitSpinLocks
nt!KiInitSpinLocks:
fffff802`127eb05c 48895c2408      mov     qword ptr [rsp+8],rbx
fffff802`127eb061 48896c2410      mov     qword ptr [rsp+10h],rbp
fffff802`127eb066 4889742418      mov     qword ptr [rsp+18h],rsi
fffff802`127eb06b 57              push    rdi
fffff802`127eb06c 4883ec20        sub     rsp,20h
fffff802`127eb070 33ed            xor     ebp,ebp
fffff802`127eb072 488bd9          mov     rbx,rcx
fffff802`127eb075 c781a058000001000000 mov dword ptr [rcx+58A0h],1
fffff802`127eb07f 448d4520        lea     r8d,[rbp+20h]
fffff802`127eb083 488d8100590000  lea     rax,[rcx+5900h]
fffff802`127eb08a 89a998580000    mov     dword ptr [rcx+5898h],ebp
fffff802`127eb090 4889a9882c0000  mov     qword ptr [rcx+2C88h],rbp
fffff802`127eb097 8bf2            mov     esi,edx
fffff802`127eb099 418bc8          mov     ecx,r8d

Answer 1

Assuming you're on a physical machine (not a VM) and assuming that the physical memory is handled in a contiguous way (it needn't be in VMs), 0xfffff802127eb05c is at 18446735286 GB in your RAM.

But yeah, the documentation leaves it open. Just if you know that there is up to disassemble physical memory, you'll find the statement

The up command disassembles only physical memory, while the u command disassembles only virtual memory.