[ros-kernel] NtQuerySection dubts

Hartmut Birr Hartmut.Birr at gmx.de
Tue May 4 22:38:10 CEST 2004 

Hi,    

the differences between NT5 an ROS are that ros starts the allocation of
stacks, virtual memory and so on at the next address above the loaded image.
Win XP starts below the base address of the loaded image and if there is no
space above the image. On ROS the address 0x571100 points anywhere in  the
stack, virtual memory and so on. If you change the address to 0x1001100, you
get the same results for ROS and WinXP. The only difference is the length of
the block.    

- Hartmut> 

-----Original Message-----
> From: ros-kernel-bounces at reactos.com 
> [mailto:ros-kernel-bounces at reactos.com] On Behalf Of Mike Nordell
> Sent: Tuesday, May 04, 2004 7:36 PM
> To: ros-kernel
> Subject: [ros-kernel] NtQuerySection dubts
> 
> 
> Hartmut Birr provided a large part of the VirtualQuery 
> problem a few days ago, making it work for a particular kind 
> of requests. However, there are parts missing.
> 
> To make a long story short, the AllocationBase seems again 
> wrong on ROS and here's the source (to be added to 
> regressions?). Comparing NT and ROS output it's quite 
> obvious. As I myself again isn't too familiar with the area...
> 
> #include <windows.h>
> 
> int main()
> {
>     LPCVOID p = (LPCVOID)0x571100; // intentionally outside .exe
>     MEMORY_BASIC_INFORMATION mbi;
>     DWORD dwRet = VirtualQuery(p, &mbi, sizeof(mbi));
>     printf("dwRet       = 0x%#x\n", dwRet);
>     printf("MEMORY_BASIC_INFORMATION {\n");
>     printf("BaseAddress      :  0x%#x\n", mbi.BaseAddress);
>     printf("AllocationBase   :  0x%#x\n", mbi.AllocationBase);
>     printf("AllocationProtect:  0x%#x\n", mbi.AllocationProtect);
>     printf("RegionSize       :  0x%#x\n", mbi.RegionSize);
>     printf("State            :  0x%#x\n", mbi.State);
>     printf("Protect          :  0x%#x\n", mbi.Protect);
>     printf("Type             :  0x%#x\n", mbi.Type);
>     return 0;
> }
> 
> 
> Output from NT5:
> 0x571000, 0, 0, 0x77a0f000, 0x10000, 1, 0
> >From ROS:
> 0x571000, 0x51f000, 0x40, 0xbe000, 0x1000, 0x40, 0x20000
> 
> Can anyone verify these findings?
> 
> 
> /Mike
> 
> _______________________________________________
> Ros-kernel mailing list
> Ros-kernel at reactos.com http://reactos.com/mailman/listinfo/ros-kernel
>

More information about the Ros-kernel mailing list