This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH 1/4] 'catch syscall' feature -- Architecture-independent part


On Tuesday 04 November 2008 22:11:27, Thiago Jung Bauermann wrote:
> El mar, 04-11-2008 a las 23:12 +0200, Eli Zaretskii escribiÃ:
> > Who said that a syscall is necessarily defined by some number?
> 
> I assumed every OS used numbers to define syscalls ...
> 
> > More generally, let's say I'd like to implement support for this on
> > Windows -- how would I need to go about it?
> 
> ... but from what you are saying it seems that in Windows it's
> different. What's the proper datatype to represent a syscall there?

Depends on what you're calling a syscall on Windows.

If talking about userland->kernel calls, similarly to this
new feature, an integer.

 http://www.metasploit.com/users/opcode/syscalls.html
 http://www.codeguru.com/cpp/w-p/system/devicedriverdevelopment/article.php/c8035

strace-like tracers on Windows are usually more interested in
tracing calls to all kinds of dlls, and they usually do so by
playing games with the import tables, I believe.

-- 
Pedro Alves


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]