[<<Previous Entry]
[^^Up^^]
[Next Entry>>]
[Menu]
[About The Guide]
Int 67 Fn 3F U - QEMM-386 V4.23+ - Installation Check [m]
AH = 3Fh
CX = 5145h ("QE")
DX = 4D4Dh ("MM")
Return: AH = 00h if installed
ES:DI -> QEMM API entry point
Notes: if no other program has hooked INT 67, an alternate installation
check is to test for the string
"QUARTERDECK EXPANDED MEMORY MANAGER 386" at offset 14h in the INT 67
handler's segment; the word at offset 12h contains the offset in
the handler's segment of the API entry point
although this function is still undocumented, Quarterdeck has recently
documented two alternate methods for determining the QEMM API entry
point, as well as several of the API functions
MICEMM (Micronics Expanded Memory Manager) versions 2.0C and 4D support
the alternate QEMM installation check and entry point functions 00h,
02h, and 03h; version 4D only provides the signature string if the
commandline argument "DV" is provided
386MAX v6.01 responds to this call, but DESQview 2.42 does not
recognize the returned entry point as providing QEMM's capabilities
because a) only functions 0Ch (different from QEMM 0Ch) and
1000h-1009h are supported,
b) status is returned as for EMS functions, not QEMM funcs
c) the protected-mode entry point returned by function 1000h
only supports functions 0Ch, 1004h, 1005h, and 100Ah
the string check mentioned above is not supported by 386MAX
See Also: AX=5BF0h,AH=DDh,AX=FFA5h,INT 15/AX=11DEh,INT 21/AX=4402h/SF=01h
See Also: INT 21/AX=4402h"QEMM",INT 21/AX=4402h"386MAX",INT 2F/AX=D201h/BX=5145h
Call QEMM entry point with:
AH = 00h get QEMM state (documented)
Return: CF clear
AL = QEMM state
bit 0 set if QEMM turned OFF
bit 1 set if in "Auto" mode
AH = 01h set QEMM state (documented)
AL = new state
bit 0 set: place QEMM in OFF state
Return: CF clear if successful
CF set on error
AH = 02h get ???
Return: CF clear
AX = segment of ??? data structure
Data Structure
Offset Size Description
00h DWORD page table entry for ???
???
AH = 03h get QEMM version (documented)
Return: CF clear
AX = BX = version in BCD
Notes: the most recent official docs state that the version is
returned in both AX and BX; older documentation only
mentions BX
MICEMM returns AX=0001h, BX unchanged
AH = 04h allocate 4K page and set AUTO/ON mode
Return: CF clear if successful
DX = page number of a 4K page
CF set if unable to allocate page
Note: QEMM mode unchanged if not AUTO/OFF
AH = 05h free 4K page and turn QEMM off
DX = page number returned by function 04h
Return: CF clear
Note: QEMM mode unchanged if not AUTO/ON
AH = 06h make new mapping context???
DX = page number of 4K page to hold page table
Return: CF clear
Note: copies page table into given page and then sets ???
page table entry to point at copy
AH = 07h get mapping context
Return: CF clear
DX = page number of page table for current mapping
context
AH = 08h set mapping context???
DX = linear page number of page table
Return: CF clear
AH = 09h get linear page number for page table entry
CX = page table index
Return: CF clear
DX = linear page number
AH = 0Ah set linear page number for page table entry
CX = page table index
DX = linear page number
Return: CF clear
AH = 0Bh map 4K pages
BX = number of pages
CX = first page number (must be 0100h to allocate HMA)
DX = EMS handle (memory belonging to EMS handle will be mapped
into the address space beginning with the first page
allocated to the handle)
Return: AH = 00h
AH = 0Ch get available memory
Return: CF clear
BX = 0001h
CX = total 4K pages???
DX = number of 4K pages free
AH = 0Dh ??? (related to callbacks)
AL = 00h/01h/02h ???
Return: CF clear
AH = 0Eh set ??? callbacks
DS:BX -> FAR routine for ???
ES:DX -> FAR routine for ???
Return: CF clear
Note: DS:BX callback should return BX=???; ES:DX is called
with BX=???, and should set the ??? from which the
other handler read the value of BX. BH and BL
appear to be separate values.
AH = 0Fh unmap 4K pages
CX = first page number
DX = number of pages
Return: CF clear
AL = 00h/01h if ???
Note: if CX=0100h and DX=0010h, the HMA is remapped to
simulate a disabled A20
AX = 1000h get protected-mode interface
DS:SI -> 16-byte buffer for two GDT entries
ES:DI -> buffer for 4K page table
Return: CF clear
EAX = offset of protected-mode API entry point
DS:SI buffer filled with two GDT descriptors
first is QEMM code segment, second is data???
ES:DI buffer filled with 4K page table
DI points to first unused page table entry
See Also: INT 67/AX=DE01h
AX = 1001h get CPU debug registers
ES:DI -> buffer for debug registers (8 DWORDs)
Return: CF clear
BL = INT01 handling (see function 1002h)
ES:DI buffer filled
AX = 1002h set CPU debug registers
BL = INT01 handling
00h reflect all debugging exceptions as V86-mode INT 01's
else convert debugging exceptions other than single-step
into V86-mode INT 03's, single-step to INT 01's
ES:DI -> buffer containing debug registers (8 DWORDs)
Return: CF clear
Notes: identical to INT 67/AX=DE09h if BL=01h
the INT01 handling flag is set to 01h by the general-
protection violation handler for certain privileged
instructions
AX = 1003h get machine status word CR0
Return: CF clear
EAX = contents of CR0
See Also: INT 67/AX=DE07h
AX = 1004h allocate a 4K page
Return: CF clear if successful
EDX = linear address of allocated page
CF set on error
See Also: INT 67/AX=DE04h
AX = 1005h free 4K page
EDX = linear address of page to free
Return: CF clear
See Also: INT 67/AX=DE05h
AX = 1006h NOP
Return: CF set
AX = 1007h get maximum physical memory address
Return: CF clear
EDX = physical address of highest 4K memory page
See Also: INT 67/AX=DE02h
AX = 1008h get physical address of page in first megabyte
CX = page number (linear address shifted right 12 bits)
Return: CF clear
EDX = linear address of page
See Also: function 1F00h
AX = 1009h switch to protected mode
ESI = linear address in first megabyte of system reg values
(see INT 67/AX=DE0Ch)
interrupts disabled
Return: interrupts disabled
GDTR, IDTR, LDTR, TR loaded
SS:ESP must have at least 16 bytes space, and the
entry point is required to set up a new stack
before enabling interrupts
EAX, ESI, DS, ES, FS, GS destroyed
AX = 100Ah switch back to virtual-86 mode
DS = selector for data segment from function 1000h
SS:ESP in first megabyte of linear memory
interrupts disabled
STACK: QWORD return address from FAR call to 32-bit segment
DWORD EIP
DWORD CS
DWORD reserved for EFLAGS
DWORD ESP
DWORD SS
DWORD ES
DWORD DS
DWORD FS
DWORD GS
will switch to virtual86 mode with interrupts disabled, all
segment registers loaded, and EAX destroyed.
AH = 11h get memory type map
AL = zero/nonzero ??? (set by QEMM.COM but apparently ignored
by QEMM 6.00)
ES:DI -> 256-byte buffer for memory types
Return: CF clear
BL = ???
ES:DI buffer filled
Note: each byte of the buffer corresponds to a 4K page, and
contains the type of that page: 00h = mappable,
02h = mapped ROM, 03h = high RAM, 04h = excluded,
05h = video, 06h = ROM, 07h = adapter ROM,
08h = split ROM, 09h = page frame, 0Ah = RAMmable,
0Bh = conventional
AH = 12h get HIRAM chain
Return: CF clear
BX = segment of first MCB in high memory
0000h if no high memory
AX = 1300h VIDRAMEGA???
BL = 00h copy ???
nonzero copy ??? (reverse)
Return: CF clear
AL = 00h if all pages clean
= 01h if any page dirty
AX = 1301h check if ???
DX:DI = start address of range to check ???
CX = length of range
Return: CF clear
CX = ??? (0000h or 1000h)
AX = 1302h ???
BL = ???
BH = ???
CX = ???
SI = offset of ???
DI = offset of ???
???
Return: CF clear
???
Note: disables certain interrupts at the two 8259 PICs during
execution; also modifies CRT controller during
execution under certain circumstances
AX = 1303h initialize VIDRAM EMS
BX = number of pages (less 1) of EMS to allocate
Return: CF clear if successful
DX = EMS handle
CF set on error
AX = 1304h shutdown VIDRAM EMS
DX = EMS handle
Return: CF clear
AX = 1305h ??? (related to VIDRAM, changes memory mappings)
CX = ???
Return: CF clear
Note: disables certain interrupts at the two 8259 PICs during
execution (see AX=130Ch) and runs inside a QEMM
critical section
AX = 1306h set DESQview critical section counter address
ES:BX -> WORD DESQview critical section counter or 0000h:0000h
Return: CF clear
Note: also sets a pointer in the low-memory part of QEMM to
the current value of INT 15 if ES:BX not 0000h:0000h
AX = 1307h ??? (changes memory mappings)
Return: CF clear
Note: disables certain interrupts at the two 8259 PICs during
execution (see AX=130Ch) and runs inside a QEMM
critical section
AX = 1308h set/reset ???
BL = ??? (zero/nonzero)
Return: CF clear
AX = 1309h Hercules mode-change support
ES:BX -> new address for Hercules mode-change callback
Return: CF clear
Note: the callback function is called whenever the CRTC mode
register is written, with AL set to the value written
AX = 130Ah virtualize EGA/VGA I/O ports 03C8h/03C9h???
CX:DX -> buffer for storing CRTC register contents???
or 0000h:0000h to disable
Return: CF clear
AX = 130Bh ???
BL = ??? (??? or 00h)
Return: CF clear
???
Note: calls AX=130Eh in some cases
AX = 130Ch set interrupts to mask
BX = interrupts to mask out during AX=1302h,AX=1307h,AX=1308h,
AX=130Dh,AX=1310h (BL = master PIC, BH = slave PIC)
Return: CF clear
AX = 130Dh map EGA memory at A0000h
???
Return: CF clear
Note: disables certain interrupts at the two 8259 PICs during
execution (see AX=130Ch) and runs inside a QEMM
critical section
.NG limit reached, continued in next section...
This page created by ng2html v1.05, the Norton guide to HTML conversion utility.
Written by Dave Pearson