There is a header file in Uniflex called sys/page_monitor.h
Sounds intriguing. But its not mentioned in any docs for C or Assembly calls.
Some time back I used Ghidra to figure out the dispatch table for all the kernel calls which is made up of a function address and a stack size to use. No mention of pagemonitor 
Last week I noticed something interesting at the start of the kernel code to dispatch those functions:
If the Kernel function code is > 0x100 (cmpi.w #$100,D7w) , it uses a different table (vendor_syscalls) to dispatch functions. So whats in there?
Just 1 function called… page_monitor Bingo!
As was the norm back in the day, there are no function declarations showing what arguments are expected but a read thru the assembly code with Ghidra indicates its expecting a function code between 0-5 and 2 other arguments.
The sys/page_monitor.h file lists these:
/* Function codes */
#define SET_READ_MONITOR 0
#define SET_WRITE_MONITOR 1
#define CLEAR_READ_MONITOR 2
#define CLEAR_WRITE_MONITOR 3
#define RETURN_READ_INFORMATION 4
#define RETURN_WRITE_INFORMATION 5
So a good bet, argument 1 is the function.
A bit more disassembly and it looks like SET_READ_MONITOR takes a (start) address and possibly a length, possibly an end address. Experiments so far has resulted in the kernel exploding spectacularly and the machine halting…
Both RETURN_READ_INFORMATION and RETURN_WRITE_INFORMATION seem to expect a pointer to a buffer and a length param. The length param must be 10 which is consistent with sys/page_monitor.h describing a struct to return info that is…10 bytes long.
struct fault_information {
char *fault_address;
short data_size;
long data;
};
Does a function like this ring any bells for anyone? I’ll keep playing around and see how many ways I can halt the machine 