2 Museum (original) (raw)

The other day I had a “pressing” need to obtain the list of modules loaded in an OS/2 VM by examining the VM’s memory and CPU state. I was able to use existing code that worked on OS/2 V3.0 (Warp) and later. But the logic failed on OS/2 V2.11 and earlier.

I pulled out the trusty old OS/2 Debugging Handbook, Volume IV, which provides an excellent reference of internal OS/2 structures. I quickly established that although the overall architecture is the same, OS/2 V2.11 used a slightly different format of the MTE (Module Table Entry) structure in memory. Adjusting for the difference made the module discovery code work in OS/2 V2.1 and V2.11.

But not in OS/2 V2.0. I could tell that the layout of the SAS (System Anchor Segment) must be different between OS/2 V2.0 and V2.1. Only the OS/2 Debugging Handbook has nothing to say about OS/2 V2.0 at all—it talks only about V2.1 and later.

I tried to find the SAS definition in header files, since SAS.H/SAS.INC was shipped with the OS/2 DDK. But I have no OS/2 V2.0 DDK, and the oldest DDK (1993) I could find clearly defines the SAS layout used in OS/2 V2.1 and later.

Then I noticed that the OS/2 Dump Formatter (but not the Kernel Debugger!) has a promising-sounding .A command described as “Format the System Anchor Segment (SAS)”. Except… there’s no Dump Formatter for OS/2 V2.0! Only for V2.1 and later. That was a surprise to me, because I assumed that it had always “been there”. Clearly that’s not the case and it was introduced with OS/2 V2.1.

In desperation, I started searching the OS/2 2.0 Technical Library for information on kernel debugging. What I found was… nothing. Even though the Technical Library contains complete DDK documentation, the Kernel Debugger is not documented there.

After some more digging, I found an archive called KDEBUG.ZIP. This contains KDEBUG.DOC, or IBM OS/2 Kernel Debugger Preliminary Draft, dated September 14, 1992. Now that explains why the Kernel Debugger documentation wasn’t included in the OS/2 2.0 Technical Library: The Technical Library was published in March or April 1992, and the Kernel Debugger documentation simply wasn’t ready at the time.

Publishing mysteries aside, I soon established that KDEBUG.DOC holds no answers either. While it shows a couple of neat tricks for debugging module loading on OS/2 V2.0, it does not show the MTE layout and says nothing whatsoever about the SAS.

Here’s the relevant information from the Debugging Handbook that applies to OS/2 V2.1 and later, as shown by the Dump Formatter .A command:

--- SAS Virtual Memory Mgt. Section ---
Flat offset of arena records: FFF13304
Flat offset of object records: FFF1331C
Flat offset of context records: FFF1330C
Flat offset of kernel mte records: FFF0A891
Flat offset of linked mte list: FFF07934
Flat offset of page frame table: FFF11A70
Flat offset of page range table: FFF111EC
Flat offset of swap frame array: FFF03BAC
Flat offset of Idle Head: FFF10090
Flat offset of Free Head: FFF10080
Flat offset of Heap Array: FFF11B78
Flat offset of all mte records: FFF12E04

The last item, also known as SAS_vm_all_mte, is how one can find all modules loaded in an OS/2 V2.1 and later system. As far as I can tell, that item simply doesn’t exist in OS/2 V2.0 (the SAS VM section is shorter). Worse yet, SAS_vm_krnl_mte (the kernel MTE, aka DOSCALLS.DLL) and SAS_vm_glbl_mte (offset of linked MTE list) aren’t there either, or use a significantly different format that I’ve been unable to figure out.

This remains an open research topic. There’s still a chance that the OS/2 V2.0 SAS was documented somewhere. If not, it should still be doable the hard way, disassembling the relevant OS/2 V2.0 code.

Update: As a reader pointed out, there was a Dump Formatter for OS/2 2.0. Its existence is noted in the July 1992 issue of the IBM Personal Systems Journal (page 65). The publication offers no hint as to where the Dump Formatter might be obtained, only notes that “This utility is not included with OS/2 2.0; it is for experienced OS/2 support personnel only.”

For whatever reason, IBM distributed the OS/2 2.1 and later Dump Formatter through normal public support channels, together with debug kernels and service packs. The V2.0 Dump Formatter never made it there.

A package called DF20 with the OS/2 2.0 Dump Formatter could be obtained internally within IBM. I failed to find any obvious copy, either online or in my own OS/2 archives. Until I stumbled upon it on an IBM Technical Connection CD-ROM from 1995. The CD-ROM contains the newer OS2PDP archive (PDP = Problem Determination Package) which supports OS/2 2.1 and later, but there is also an archive called DUMPTOOL.ZIP which is in fact the DF20 package.

The DF20 package includes PMDF (Presentation Manager Dump Formatter) and Dump Formatters for OS/2 2.0 GA, OS/2 2.1 GA, plus several other interim versions from 1992-1993.

The PMDF utility (1993)

My attempts to use the Dump Formatter with OS/2 2.0 GA ended up in abject failure. Dumping the memory to floppies and unpacking the memory dump file went fine, but no matter what I tried, the Dump Formatter for the 6.307 kernel just crashed at startup every time. The exact same procedure performed on OS/2 2.1 worked without a hitch… but didn’t tell me anything I didn’t already know.

Eventually I realized that the DF20 package also supports OS/2 2.0 “preload” aka version 2.00.1. This version uses a newer kernel (revision 6.427) but the core data structures are unchanged relative to 2.0 GA.

The 6.427 Dump Formatter answered a few questions… and opened up several others. It’s still work in progress.