DosQueryMemState

From EDM2
Jump to: navigation, search

DosQueryMemState gets the status of a range of pages in memory. Its input parameters are an address and size. The address is rounded down to page boundary and size is rounded up to a whole number of pages. The status of the pages in the range is returned in the state parameter, and the size of the range queried is returned in the size parameter. If the pages in the range have conflicting states, then the state of the first page is returned.

Syntax

APIRET APIENTRY DosQueryMemState ( PVOID addr, PULONG psize, PULONG pflags ) ;

Linkage Definition:

IMPORTS DOSQUERYMEMSTATE = DOSCALL1.307

Parameters

PVOID addr
Base address of pages to be queried.
PULONG psize
Pointer to location in user space that contains the requested size of the region to query.
PULONG pflags
Pointer to location in user space that will receive the attribute flags describing the region.
The attribute flags are defined as follows:
PAG_NPOUT 0x00000000 Page is not present, not in core.
PAG_PRESENT 0x00000001 Page is present.
PAG_NPIN 0x00000002 Page is not present, but in core.
PAG_PRESMASK 0x00000003 Present state mask.
PAG_RESIDENT 0x00000010 Page is resident (non-swappable).
PAG_SWAPPABLE 0x00000020 Page is swappable.
PAG_DISCARDABLE 0x00000030 Page is discardable.

Return Code

ulrc (APIRET) returns
DosQueryMemState returns one of the following values:
  • 0 NO_ERROR
  • 87 ERROR_INVALID_PARAMETER
  • 487 ERROR_INVALID_ADDRESS

This function returns zero if successful. The information returned by this function is extremely volatile, and decisions based upon it should reflect that volatility.

Example Code

int main(int argc, char *argv[], char *envp[]){
   APIRET rc=0;
   PVOID pMem;
   ULONG status;
   ULONG size;
   ULONG pages;
   ULONG onepage = 0x1000;

   if (argc   3) {

      printf("Syntax  MEMSTATE  address>  size>\n");
      return 0;

   } else {

      pMem = (PVOID) strtoul(argv[1], NULL, 0);
      size = strtoul(argv[2], NULL, 0);
      pages = (size+0x0fff) >> 12;

      printf("address     state\n");
      while (pages--) {

         rc = DosQueryMemState(pMem,  onepage,  status);

         if (rc) printf("0x%08x DosQueryMemState returned %u\n",pMem, rc);
         else {
            printf("0x%08x 0x%08x ", pMem, status);
            if ((status   PAG_PRESMASK) == PAG_NPOUT) printf("not present, not in-core, ");
            else if (status   PAG_PRESENT) printf("present, in-core, ");
            else if (status   PAG_NPIN) printf("not present, in-core, ");

            if ((status   PAG_TYPEMASK) == PAG_INVALID) printf("invalid\n");
            if ((status   PAG_TYPEMASK) == PAG_RESIDENT) printf("resident\n");
            if ((status   PAG_TYPEMASK) == PAG_SWAPPABLE) printf("swappable\n");
            if ((status   PAG_TYPEMASK) == PAG_DISCARDABLE) printf("discardable\n");
         }
         pMem = (PVOID)((ULONG)pMem + 0x1000);

      } /* endwhile */

   } /* end if*/

   return rc;
}

Related Functions

Retrieved from "http://www.edm2.com/index.php?title=DosQueryMemState&oldid=76616"