Can hardware breakpoints be set (and trapped, and handled) inside a guest OS (specifially Windows XP2)?
I noticed the other day that software (malicious code, in fact) packed with the EXE compressor PELock won't run under QEMU+KVM. I guessed that this was because h/w breakpoints aren't being trapped. (The PELock incarnation used in this case relies on SEH and H/W breaks -- verifying that they take place correctly -- in its decryption code in order to try to make it harder to extract the original content from packed files.) A quick try with OllyDbg suggested that I wasn't able to provoke hardware traps in my own code, either. Olly allows me to specify a H/W breakpoint but I never seem to get control back at the desired address. INT 1 and INT 3 debugging work just fine (i.e. tracing and software breakpoints). Is this "one of those things" to do with virtualisation? QEMU+kqemu handles PELock files just fine. Apologies if this is an already-answered question. I couldn't find an answer on my own. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ kvm-devel mailing list kvm-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kvm-devel
