rommel@lan.informatik.tu-muenchen.dbp.de (Kai-Uwe Rommel) (08/20/90)
Here is some information about the DosQProcStatus()
This is a message which I found in some PD software (named RUNNING) from
listserv@blekul11.bitnet:
Date: 10-19-89 00:29
From: Franz Krainer
To: All
Subj: More About The Function Behind Ps.exe And Pstat.exe
The undocumented function in OS/2 v1.2 which is used by PSTAT.EXE and PS.EXE
to get system information about processes, threads etc. has to be declared in
the following way:
/*** DosQProcStatus
*
* Fills a buffer with system information about threads, processes,
* dynylink-libraries, system semaphores and named shared segments.
*
*/
USHORT APIENTRY DosQProcStatus(
PVOID pBuf, /* address of a transfer buffer */
USHORT cbBuf); /* size of buffer in bytes */
pBuf is the adress of a buffer, cbBuf is the size of the buffer. OS/2
fills this buffer with system information. The amount of information
you will get depends on how many system resources are actually used.
The size of the buffer (and therefore the value of cbBuf) should be
around 4 kBytes. This should be enough, even in the case of a heavy
loaded system. The data you will get back is structured as a linked
list. Each entry starts with a 16-bit code (0001 = thread information
entry, 0004 = named shared segment etc.). The second 16-bit value is
the pointer to the next entry followed by specific information about
the entry. Franz. --- FD 2.00 * Origin: Ockham's Razor
(Vienna/Austria) (2:310/11.17)
[End of message]
There was other information about the structure of the buffer.
I had to correct it at some points. Here is a summary of what I know.
The buffer is a sequence of USHORT values, a (varying) number of them
builds each record. These records are ordered in a linked list. The
first USHORT of each records is it's type:
0 process record
1 thread record
2 module record
3 system semaphore record
4 shared memory record
FFFF end of buffer
The buffer contains records for each process, thread, module, semaphore
and shared memory segment currently known by the system. The term
module refers to a EXE or DLL module here.
The second USHORT of each record is the offset of the next record and
thus establishes the forward link in the list. The offset is NOT from
the beginning of the buffer but is the offset of the next record from
the beginning of the segment in which the buffer is located!
All other USHORT's contain information specific to the record types.
The offset in the structures listed below is the number of the USHORT
from the beginning of the record.
type 0 (process record):
0 - type (process = 0)
1 - offset to next record
2 - PID
3 - parent PID
4 - screen session ID
5 - module handle of the EXE running for this process
(other unknown information)
type 1 (thread record)
0 - type (thread = 1)
1 - offset to next record
2 - some handle number ?
3 - PID of process to which this thread belongs
4 - thread ID
(other unknown information)
type 2 (module record)
These are records for modules (EXE and DLL) loaded either by
DosExecPgm (EXE) or DosLoadModule(DLL).
0 - type (module = 2)
1 - offset to next record
2 - module handle
3 - number of dependencies
4 - offset to list of dependencies (offset of the 6th word below)
5 - offset to module name
6 - list of dependent module handles
..
- module name (null-terminated string)
(other unknown information)
type 3 (systen semaphore record)
0 - type (semaphore = 3)
1 - offset to next record
2 - index ? (seems to refer to owner)
3 - two bytes (low = number of references, high = number of requests)
4 - flag ?
6 - semaphore name (null-terminated string)
type 4 (shared memory record)
0 - type (shared memory = 4)
1 - offset to next record
2 - handle
3 - segment selector
4 - number of references
6 - name of segment (null-terminated string)
(other unknown information)
Semaphore information is still a bit unclear.
The following sample program demonstrates how to use the information
about processes, threads and modules. The analyzing code in
parse_processes() was based on the code of the program RUNNING which I
got from listserv@blekul11 but I corrected and rearranged the code.
---------cut-here-------
/* PROCS.C
*
* Sample program using the DosQPocStatus() function
* Kai Uwe Rommel - Sat 04-Aug-1990 to Mon 20-Aug-1990
*/
#define INCL_NOPM
#define INCL_DOSPROCESS
#define INCL_DOSMODULEMGR
#include <os2.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
extern USHORT APIENTRY DosQProcStatus(PVOID pBuf, USHORT cbBuf);
struct process
{
USHORT pid;
USHORT ppid;
USHORT session;
USHORT threads;
USHORT children;
USHORT modhandle;
USHORT module;
};
struct module
{
USHORT modhandle;
USHORT max_dependents;
USHORT *dependents;
UCHAR *modname;
USHORT listed;
};
struct process **procs = NULL;
struct module **mods = NULL;
USHORT max_procs = 0;
USHORT cur_procs = 0;
USHORT max_mods = 0;
USHORT cur_mods = 0;
int compare_proc(struct process **p1, struct process **p2)
{
return (*p1) -> pid - (*p2) -> pid;
}
int compare_mod(struct module **m1, struct module **m2)
{
return (*m1) -> modhandle - (*m2) -> modhandle;
}
int parse_processes(UCHAR * bBuf)
{
USHORT type, tpid;
USHORT count, kount;
UCHAR buffer[256];
UCHAR *cptr, *ptr;
UCHAR *next;
ptr = bBuf;
while ( (type = *(USHORT *) ptr) != 0xFFFFU )
{
ptr += 2;
next = *(UCHAR **) ptr;
ptr += 2;
switch ( type )
{
case 0: /* process */
if ( cur_procs >= max_procs )
{
max_procs += 50;
if ( !(procs = realloc(procs, max_procs * sizeof(struct process *))) )
return 1;
}
if ( !(procs[cur_procs] = calloc(1, sizeof(struct process))) )
return 1;
procs[cur_procs] -> pid = *(USHORT *) ptr;
ptr += 2;
procs[cur_procs] -> ppid = *(USHORT *) ptr;
ptr += 2;
procs[cur_procs] -> session = *(USHORT *) ptr;
ptr += 2;
procs[cur_procs] -> modhandle = *(USHORT *) ptr;
procs[cur_procs] -> threads = 0;
++cur_procs;
break;
case 1: /* thread */
ptr += 2;
tpid = *(USHORT *) ptr;
for ( count = 0; count < cur_procs; count++ )
if ( procs[count] -> pid == tpid )
{
++procs[count] -> threads;
break;
}
break;
case 2: /* module */
if ( cur_mods >= max_mods )
{
max_mods += 50;
if ( !(mods = realloc(mods, max_mods * sizeof(struct module *))) )
return 1;
}
if ( !(mods[cur_mods] = calloc(1, sizeof(struct module))) )
return 1;
mods[cur_mods] -> modhandle = *(USHORT *) ptr;
ptr += 2;
mods[cur_mods] -> max_dependents = *(USHORT *) ptr;
ptr += 2;
ptr += 2;
ptr += 2;
if ( mods[cur_mods] -> max_dependents )
{
if ( !(mods[cur_mods] -> dependents = calloc(mods[cur_mods] -> max_dependents, sizeof(USHORT))) )
return 1;
for ( count = 0; count < mods[cur_mods] -> max_dependents; count++ )
{
mods[cur_mods] -> dependents[count] = *(USHORT *) ptr;
ptr += 2;
}
}
for ( cptr = buffer; *cptr++ = *ptr++; );
if ( !(mods[cur_mods] -> modname = strdup(buffer)) )
return 1;
++cur_mods;
break;
case 3: /* system semaphore */
break;
case 4: /* shared memory */
break;
default: /* other ? */
break;
}
ptr = next;
}
qsort(procs, cur_procs, sizeof(struct process *), compare_proc);
qsort(mods, cur_mods, sizeof(struct module *), compare_mod);
for ( count = 0; count < cur_procs; count++ )
for ( kount = 0; kount < cur_mods; kount++ )
if ( procs[count] -> modhandle == mods[kount] -> modhandle )
{
procs[count] -> module = kount;
break;
}
for ( count = 0; count < cur_procs; count++ )
for ( kount = 0; kount < cur_procs; kount++ )
if ( procs[count] -> pid == procs[kount] -> ppid )
(procs[count] -> children)++;
return 0;
}
void proctree(USHORT pid, USHORT indent)
{
USHORT count;
UCHAR *mName, pName[256];
for (count = 0; count < cur_procs; count++)
if ( procs[count] -> ppid == pid )
{
if ( procs[count] -> module )
{
mName = mods[procs[count] -> module] -> modname;
DosGetModName(procs[count] -> modhandle, sizeof(pName), pName);
}
else
{
mName = "unknown"; /* Zombie process, i.e. result for DosCwait() */
pName[0] = 0; /* or DOS box or swapper (?) */
}
#ifdef FULL
printf("%5d %5d %02x %4d %4d %-8s %*s%s\n",
procs[count] -> pid, procs[count] -> ppid, procs[count] -> session,
procs[count] -> children, procs[count] -> threads,
mName, indent, "", pName);
#else
printf("%5d %02x %4d %-8s %*s%s\n",
procs[count] -> pid, procs[count] -> session,
procs[count] -> threads, mName, indent, "", pName);
#endif
proctree(procs[count] -> pid, indent + 2);
}
}
void modlist(void)
{
UCHAR pName[256];
USHORT count;
for (count = 0; count < cur_mods; count++)
{
DosGetModName(mods[count] -> modhandle, sizeof(pName), pName);
printf("%-8s %04x %s\n",
mods[count] -> modname, mods[count] -> modhandle, pName);
}
}
void modtree(USHORT module, USHORT indent)
{
UCHAR *mName, pName[256];
USHORT cnt1, cnt2;
if ( !module )
return;
mName = mods[module] -> modname;
DosGetModName(mods[module] -> modhandle, sizeof(pName), pName);
if ( mods[module] -> listed )
{
printf("%*s%s*\n", indent, "", mName);
return;
}
else
printf("%*s%-8s%*s%s\n", indent, "", mName, 32 - indent, "", pName);
mods[module] -> listed = 1;
for ( cnt1 = 0; cnt1 < mods[module] -> max_dependents; cnt1++ )
for ( cnt2 = 0; cnt2 < cur_mods; cnt2++ )
if ( mods[cnt2] -> modhandle == mods[module] -> dependents[cnt1] )
modtree(cnt2, indent + 2);
}
void main(void)
{
UCHAR *pBuf;
USHORT count;
pBuf = malloc(0x8000);
DosQProcStatus(pBuf, 0x8000);
if ( parse_processes(pBuf) )
{
printf("Error: Out of memory!\n");
DosExit(EXIT_PROCESS, 1);
}
free(pBuf);
#ifdef FULL
printf("\n PID PPID SESS CHLDS THRDS MODULE PROGRAM");
printf("\n------ ------ ---- ----- ----- -------- ------->\n");
#else
printf("\n PID SESS THRDS MODULE PROGRAM");
printf("\n------ ---- ----- -------- ------->\n");
#endif
proctree(0, 0);
printf("\nMODULE HANDLE PATH");
printf("\n-------- ------ ---->\n");
modlist();
printf("\nMODULE TREE");
printf("\n-----------\n");
for (count = 0; count < cur_procs; count++)
modtree(procs[count] -> module, 0);
/* semlist(); not yet written */
/* shmlist(); */
for (count = 0; count < cur_procs; count++)
free(procs[count]);
for (count = 0; count < cur_mods; count++)
{
if ( mods[count] -> max_dependents )
free(mods[count] -> dependents);
free(mods[count] -> modname);
free(mods[count]);
}
free(procs);
free(mods);
max_procs = max_mods = cur_procs = cur_mods = 0;
procs = NULL;
mods = NULL;
}
/* End of PROCS.C */
---------cut-here-------
--
/* Kai Uwe Rommel
* Munich
* rommel@lan.informatik.tu-muenchen.dbp.de
*/tholen@uhccux.uhcc.Hawaii.Edu (David Tholen) (08/20/90)
In article <4043@tuminfo1.lan.informatik.tu-muenchen.dbp.de>, rommel@lan.informatik.tu-muenchen.dbp.de (Kai-Uwe Rommel) writes: > Here is some information about the DosQProcStatus() > > [deleted] > > The undocumented function in OS/2 v1.2 which is used by PSTAT.EXE and PS.EXE What is PS.EXE? I'm running IBM's November update of version 1.2, and it has PSTAT.EXE, but not PS.EXE.
rommel@lan.informatik.tu-muenchen.dbp.de (Kai-Uwe Rommel) (08/23/90)
In article <9063@uhccux.uhcc.Hawaii.Edu> tholen@uhccux.uhcc.Hawaii.Edu (David Tholen) writes: >What is PS.EXE? I'm running IBM's November update of version 1.2, and it has >PSTAT.EXE, but not PS.EXE. PS.EXE is a similar program like PSTAT but with PM interface. I have seen it included with the Toolkit for 1.1. I don't know if it still exists in the 1.2 toolkit because I don't have it. Kai Uwe Rommel -- /* Kai Uwe Rommel * Munich * rommel@lan.informatik.tu-muenchen.dbp.de */