[Bochs-developers] monitoring OS API calls
Stanislav Shwartsman
stl at fidonet.org.il
Sat Mar 25 04:00:10 CST 2006
Hello,
Bochs already has two tools which able to do the things you describing.
Bochs instrumentation allows you to set callback function for memory access
occurred (it actually has a lot more capabilities) and you could write the
callbacks to monitor WinAPI calls or everything else you want.
Bochs internal debugger has virtual/linear/physical address breakpoint
capability already, it also has some code to monitor Linux system calls as
example.
May be part of the code is outdate and should be modified/fixed but I don't
think it should be a big effort to do that and I also could help you to do
it fixing bugs or adding debug capabilities to the CPU.
I think the tight choose for you it is Bochs with instrumentation; QEMU is
less attractive because it has DT and it is much harder to instrument
translated and not emulated code.
Stanislav
-----Original Message-----
From: bochs-developers-admin at lists.sourceforge.net
[mailto:bochs-developers-admin at lists.sourceforge.net] On Behalf Of Saulius
Krasuckas
Sent: Saturday, March 25, 2006 11:58 AM
To: bochs-developers at lists.sourceforge.net
Cc: wine-devel at winehq.org
Subject: [Bochs-developers] monitoring OS API calls
Hi,
I mean Windows there - my primary aim is to monitor WinAPI calls. There
exists quite a few of monitor apps to achieve this. But their nature is
soft-intrusive - they patch system DLLs on disk or PE images in memory.
I'd like to monitor calling of a functions from a lower-level side. One
possibility is to rewrite system DLLs, which is hard in a case of Windows.
Maybe another possibility can be to run OS in machine emulator and to
break on reading/executing some virtual memory addresses? I imagine
physical memory maps into linear addresses which maps into virtual
addresses (perhaps into unshared space of each win32 process).
Then it would be nice to implement a Debug Logging similar to one from the
Wine project. [*]
What effort is needed to implement breaking of emulation on execution of
given/defined virtual addresses (plus reading a CPU state and virtual
memory) of different Windows OS versions inside machine emulator?
Can such code be put as some plugin to BOCHS or so? Maybe I need to look
at the different machine virtualization projects like Qemu?
[*] http://winehq.org/site/developer-cheatsheet
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
bochs-developers mailing list
bochs-developers at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bochs-developers
More information about the wine-devel
mailing list