EPOC16 Kernel memory organisation
This document is incomplete. Questionable sections are marked with an at (@) symbol.
Kernel memory can be examined with the system call GenGetOsData, or in blocks of assembler with the system call GenDataSegment. Some useful information is available at known offsets. In addition, a handle is actually the offset, in kernel memory, of the start of a data structure, which can therefore also be examined.
Constant offsets
| Offset | Length | Description |
| 1036 | 2 | number of seconds before auto power-off |
| 1052 | 2 | increments every 1/32 second, but is not synchronised to the real time clock (it drifts) |
| 1056 | 2 | delay in 1/32 seconds until current time next changes |
| 1058 | 4 | current abstime |
Data structures
The bottom 12 bits of a process ID are actually the address of the process's control block. This has the following format:
| Offset | Length | Description |
| 0 | 2 | pointer to next process in the same queue |
| 2 | 2 | pointer to previous process in the same queue |
| 4 | 2 | @@ queKey
|
| 6 | 2 | @@ queData
|
| 8 | 1 | @@ deltaType
|
| 9 | 1 | @@ addressTrap
|
| 10 | 1 | Process status |
| 11 | 1 | non-zero if the process is to be suspended |
| 12 | 1 | @@ priority
|
| 13 | 1 | @@ priorityH
|
| 14 | 1 | zero if executing ROM code, non-zero if executing RAM code |
| 15 | 1 | zero for processes, non-zero for sub-tasks |
| 16 | 14 | process name |
| 29 | 1 | zero if non-active, non-zero if active |
| 30 | 2 | handle of the semaphore of the process |
| 32 | 2 | @@ *semHead
|
| 34 | 2 | address of the start of the heap |
| 36 | 2 | amount to grow heap by, in 16 byte units |
| 38 | 2 | address of the message control block (0 if none set up) |
| 40 | 2 | minimum heap size, in 16 byte units |
| 42 | 2 | file server's handle for the process (0 if not using files) |
| 44 | 2 | handle of the process's data segment (used for DS and SS) |
| 46 | 2 | handle of the process's code segment (used for CS) |
| 48 | 2 | @@ *saveSP
|
| 50 | 2 | @@ *saveBP
|
| 52 | 1 | 0 = unattended, 1 = notify |
| 53 | 1 | non-zero if waiting for the sound semaphore |
| 54 | 2 | top 4 bits of the process ID @@ in which bits ? |
| 56 | 2 | checksum of code |
| 58 | 2 |
ProcOnTerminate message type |
Process Status (Offset 10)
- 1 = running (there is only one running process)
- 2 = ready to run
- 3 = waiting for a timer to expire
- 4 = suspended
- 5 = waiting for a semaphore
- 255 = entry not in use
One queue (offsets 0 and 2) is maintained for ready processes, in priority order, one for processes waiting for a timer, in timer order, and one for each semaphore.
The checksum (offset 56) is used to determine whether two programs of the same name are running the same code, which can then be shared between them.
The battery status data structure has an address returned by the system call HwGetBatData. It has the following format: @@@@
| Offset | Length | Description |
| 0 | 1 | main battery level |
| 1 | 1 | main battery status |
| 2 | 1 | backup battery level |
| 3 | 1 | mains power status |
| 4 | 2 | warning flags |
| 6 | ???? | insertion date |
| @ | @ | ticks in use battery |
| @ | @ | ticks in use mains power |
| @ | @ | milliamp-ticks |
No Comments