This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 56.00000000000001%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
For the record, I have Windows 11, "Version 10.0.22631 Build 22631".
The WIN32_MEMORY_REGION_INFORMATION structure is defined in "memoryapi.h" as the following:
typedef struct WIN32_MEMORY_REGION_INFORMATION {
PVOID AllocationBase;
ULONG AllocationProtect;
union {
ULONG Flags;
struct {
ULONG Private : 1;
ULONG MappedDataFile : 1;
ULONG MappedImage : 1;
ULONG MappedPageFile : 1;
ULONG MappedPhysical : 1;
ULONG DirectMapped : 1;
ULONG Reserved : 26;
} DUMMYSTRUCTNAME;
} DUMMYUNIONNAME;
SIZE_T RegionSize;
SIZE_T CommitSize;
} WIN32_MEMORY_REGION_INFORMATION;
It is 32 bytes in size in 64-bit mode, and 20 bytes in size in 32-bit mode. However, when supplied to the function QueryVirtualMemoryInformation in 32-bit mode, the call fails with the error ERROR_BAD_LENGTH. If one replaces the first two fields with 64-bit types, however, the function call succeeds, and indicates that it wrote 28 bytes to the structure.
I don't know if this is intended or not, but as it is the provided header file is broken. Perhaps the error lies with me only, I can't say. If not, there either ought to be documentation stating that the function does not work in 32-bit mode, or else the structure definition ought to be fixed.
I'm also not at all confident this is a sensible place to report this but I honestly didn't know where else to do it. I'm aware that this isn't a question. I posted it to the Windows Feedback Hub and it naturally got buried, especially with the lack of information forced by the low maximum character count.
I've written this which should reproduce the problem. In 64-bit mode the program has no problems. When compiled in 32-bit mode the code using the official structure fails, and the code which replaces the types with UINT64 succeeds.
https://github.com/roflcopter4/QueryVirtualMemoryInformation_BugRepro
It seems to me that the problem isn't the structure -- the 32-bit version of the function wants a buffer larger than the documented structure and seems to write garbage to the last 8 bytes of the buffer.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 34%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXY%3C/text%3E%3C/svg%3E)
I have the same question in 32-bit. The QueryVirtualMemoryInformation writes the [25,28]th bytes.
@Xiaopo Yang - MSFT If you examine the buffer before/after a call to the 32-bit version of QueryVirtualMemoryInformation you can see that the function writes to that last 8 bytes, not the last 4.
In the example code that I posted the uninitialized buffer is filled by the debugger with 0xCC as follows -
After the call to the function you can see that the debugger shows changes to all 8 bytes -
The 32-bit failure reproduced for me on Win 10 22H2.
Instead of checking the memory for a variable I suggest you use VirtualAlloc so that you can specific the memory size and the page protection values. That way you can determine if the information returned in the structure makes sense.
In my quick and dirty 32-bit test I found that adding the additional 8 bytes to the end of the structure made sense since it kept the size of pointers consistent at 4 bytes and the other memory attributes agreed with the call to VirtualAlloc for region size and protect values.
Update:
This is the code I used-
#define WIN32_LEAN_AND_MEAN
#include <Windows.h>
#include <stdio.h>
#include <tchar.h>
DWORD ShowLastError(LPCTSTR pszText, DWORD dwError = GetLastError());
typedef struct _MY_WIN32_MEMORY_REGION_INFORMATION : WIN32_MEMORY_REGION_INFORMATION {
#ifndef _WIN64
ULONG Extra1;
ULONG Extra2;
#endif
} MY_WIN32_MEMORY_REGION_INFORMATION;
int main()
{
SIZE_T ReturnSize;
MY_WIN32_MEMORY_REGION_INFORMATION mi;
PVOID pv = VirtualAlloc(NULL, 8192, MEM_RESERVE, PAGE_READWRITE);
_tprintf_s(_T("Memory Reserved by VirtualAlloc at 0x%p\n"), pv);
if (QueryVirtualMemoryInformation(GetCurrentProcess(), pv, MemoryRegionInfo, &mi, sizeof mi, &ReturnSize))
{
_tprintf_s(_T("Allocation BaseAddress is 0x%p\n"), mi.AllocationBase);
_tprintf_s(_T("Region Size is %Iu, Commit Size is %Iu\n"), mi.RegionSize, mi.CommitSize);
_tprintf_s(_T("Page Protect is %X\n"), mi.AllocationProtect);
}
else
ShowLastError(_T("QueryVirtualMemoryInformation"));
PBYTE pCommit = (PBYTE)pv + 4096;
PVOID pv2 = VirtualAlloc(pCommit, 4096, MEM_COMMIT, PAGE_READWRITE);
_tprintf_s(_T("\nMemory Committed by VirtualAlloc at 0x%p\n"), pCommit);
if (QueryVirtualMemoryInformation(GetCurrentProcess(), pv2, MemoryRegionInfo, &mi, sizeof mi, &ReturnSize))
{
_tprintf_s(_T("Allocation BaseAddress is 0x%p\n"), mi.AllocationBase);
_tprintf_s(_T("Region Size is %Iu, Commit Size is %Iu\n"), mi.RegionSize, mi.CommitSize);
_tprintf_s(_T("Page Protect is %X\n"), mi.AllocationProtect);
}
else
ShowLastError(_T("QueryVirtualMemoryInformation"));
PVOID pv3 = VirtualAlloc(pv, 4096, MEM_COMMIT, PAGE_READWRITE);
_tprintf_s(_T("\nMemory Committed by VirtualAlloc at 0x%p\n"), pv3);
if (QueryVirtualMemoryInformation(GetCurrentProcess(), pv3, MemoryRegionInfo, &mi, sizeof mi, &ReturnSize))
{
_tprintf_s(_T("Allocation BaseAddress is 0x%p\n"), mi.AllocationBase);
_tprintf_s(_T("Region Size is %Iu, Commit Size is %Iu\n"), mi.RegionSize, mi.CommitSize);
_tprintf_s(_T("Page Protect is %X\n"), mi.AllocationProtect);
}
else
ShowLastError(_T("QueryVirtualMemoryInformation"));
return 0;
}
DWORD ShowLastError(LPCTSTR pszText, DWORD dwError)
{
LPTSTR pszMsg = NULL;
FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, dwError, 0, (LPTSTR)&pszMsg, 0, NULL);
_tprintf_s(_T("%s : %s (%u)\n"), (pszText != NULL ? pszText : _T("Error was")), pszMsg, dwError);
LocalFree(pszMsg);
return dwError;
}
Yes, this specific issue is easily worked around. Indeed, you can just use VirtualQuery. But it's not really my point. The point is that this function doesn't work as documented.
@RoflCopter4, I have submitted new internal feedback at https://aka.ms/AAqom4t. You can also show your feedback link for tracing.
The point is that this function doesn't work as documented.
I agree and made the same observation in a different comment. The reason I posted the code was because the shared github repro allowed the function to succeed with a larger buffer but produced bad data for some of the structure members.