[Bochs-developers] monitoring OS API calls
stl at fidonet.org.il
Sat Mar 25 04:00:10 CST 2006
Bochs already has two tools which able to do the things you describing.
Bochs instrumentation allows you to set callback function for memory access
occurred (it actually has a lot more capabilities) and you could write the
callbacks to monitor WinAPI calls or everything else you want.
Bochs internal debugger has virtual/linear/physical address breakpoint
capability already, it also has some code to monitor Linux system calls as
May be part of the code is outdate and should be modified/fixed but I don't
think it should be a big effort to do that and I also could help you to do
it fixing bugs or adding debug capabilities to the CPU.
I think the tight choose for you it is Bochs with instrumentation; QEMU is
less attractive because it has DT and it is much harder to instrument
translated and not emulated code.
From: bochs-developers-admin at lists.sourceforge.net
[mailto:bochs-developers-admin at lists.sourceforge.net] On Behalf Of Saulius
Sent: Saturday, March 25, 2006 11:58 AM
To: bochs-developers at lists.sourceforge.net
Cc: wine-devel at winehq.org
Subject: [Bochs-developers] monitoring OS API calls
I mean Windows there - my primary aim is to monitor WinAPI calls. There
exists quite a few of monitor apps to achieve this. But their nature is
soft-intrusive - they patch system DLLs on disk or PE images in memory.
I'd like to monitor calling of a functions from a lower-level side. One
possibility is to rewrite system DLLs, which is hard in a case of Windows.
Maybe another possibility can be to run OS in machine emulator and to
break on reading/executing some virtual memory addresses? I imagine
physical memory maps into linear addresses which maps into virtual
addresses (perhaps into unshared space of each win32 process).
Then it would be nice to implement a Debug Logging similar to one from the
Wine project. [*]
What effort is needed to implement breaking of emulation on execution of
given/defined virtual addresses (plus reading a CPU state and virtual
memory) of different Windows OS versions inside machine emulator?
Can such code be put as some plugin to BOCHS or so? Maybe I need to look
at the different machine virtualization projects like Qemu?
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
bochs-developers mailing list
bochs-developers at lists.sourceforge.net
More information about the wine-devel