[Bochs-developers] monitoring OS API calls
Fabian Scheler
fabian.scheler at gmail.com
Sat Mar 25 03:55:29 CST 2006
Hi,
well, how should this be possible with the help of an emulator like
bochs? All you have is a binary image containing windows that is
executed by bochs, how do you want to find out which API functions are
called? At least you need a windows image that also contains debug
symbols so you can find out which addresses are related to a OS API
call. When you have this you may extend the simulation of the
call-instruction to trace the OS API calls.
Ciao, Fabian
2006/3/25, Saulius Krasuckas <saulius2 at ar.fi.lt>:
> Hi,
>
> I mean Windows there - my primary aim is to monitor WinAPI calls. There
> exists quite a few of monitor apps to achieve this. But their nature is
> soft-intrusive - they patch system DLLs on disk or PE images in memory.
>
> I'd like to monitor calling of a functions from a lower-level side. One
> possibility is to rewrite system DLLs, which is hard in a case of Windows.
> Maybe another possibility can be to run OS in machine emulator and to
> break on reading/executing some virtual memory addresses? I imagine
> physical memory maps into linear addresses which maps into virtual
> addresses (perhaps into unshared space of each win32 process).
>
> Then it would be nice to implement a Debug Logging similar to one from the
> Wine project. [*]
>
> What effort is needed to implement breaking of emulation on execution of
> given/defined virtual addresses (plus reading a CPU state and virtual
> memory) of different Windows OS versions inside machine emulator?
>
> Can such code be put as some plugin to BOCHS or so? Maybe I need to look
> at the different machine virtualization projects like Qemu?
>
>
> [*] http://winehq.org/site/developer-cheatsheet
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> that extends applications into web and mobile media. Attend the live webcast
> and join the prime developer group breaking into this new coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> bochs-developers mailing list
> bochs-developers at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bochs-developers
>
More information about the wine-devel
mailing list