从ACPI!ACPITableLoadnt!KeInsertQueueDpc到nt!KiRetireDpcList中的ACPI!ACPIBuildDeviceDpc--非常重要

从ACPI!ACPITableLoadnt!KeInsertQueueDpc到nt!KiRetireDpcList中的ACPI!ACPIBuildDeviceDpc--非常重要

//
// Do we need to run the DPC?
//
if (!AcpiBuildDpcRunning) {

KeInsertQueueDpc( &AcpiBuildDpc, 0, 0);

}

0: kd> t
Breakpoint 21 hit
eax=00000000 ebx=00000000 ecx=f743b898 edx=00000000 esi=f743b898 edi=804ee150
eip=80a36484 esp=f789a198 ebp=f789a1c0 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
nt!KeInsertQueueDpc:
80a36484 55 push ebp
0: kd> kc
#
00 nt!KeInsertQueueDpc
01 ACPI!ACPITableLoad
02 ACPI!ACPICallBackLoad
03 ACPI!AMLILoadDDB
04 ACPI!ACPIInitializeDDB
05 ACPI!ACPIInitializeDDBs
06 ACPI!ACPIInitialize
07 ACPI!ACPIInitStartACPI
08 ACPI!ACPIRootIrpStartDevice
09 ACPI!ACPIDispatchIrp
0a nt!IofCallDriver
0b nt!IopSynchronousCall
0c nt!IopStartDevice
0d nt!PipProcessStartPhase1
0e nt!PipProcessDevNodeTree
0f nt!PipDeviceActionWorker
10 nt!PipRequestDeviceAction
11 nt!IopInitializeBootDrivers
12 nt!IoInitSystem
13 nt!Phase1Initialization
14 nt!PspSystemThreadStartup
15 nt!KiThreadStartup
0: kd> dv
Dpc = 0xf743b840
SystemArgument1 = 0x00000000
SystemArgument2 = 0x00000000
OldIrql = 0x00 ''
Inserted = 0xf7 ''
0: kd> dx -r1 ((ntkrnlmp!_KDPC *)0xf743b840)
((ntkrnlmp!_KDPC *)0xf743b840) : 0xf743b840 [Type: _KDPC *]
[+0x000] Type : 19 [Type: short]
[+0x002] Number : 0x0 [Type: unsigned char]
[+0x003] Importance : 0x1 [Type: unsigned char]
[+0x004] DpcListEntry [Type: _LIST_ENTRY]
[+0x00c] DeferredRoutine : 0xf73fc5b2 [Type: void (*)(_KDPC *,void *,void *,void *)]
[+0x010] DeferredContext : 0x0 [Type: void *]
[+0x014] SystemArgument1 : 0x0 [Type: void *]
[+0x018] SystemArgument2 : 0x0 [Type: void *]
[+0x01c] DpcData : 0x0 [Type: void *]
0: kd> u f73fc5b2
ACPI!ACPIBuildDeviceDpc [d:\srv03rtm\base\busdrv\acpi\driver\nt\buildsrc.c @ 478]:
f73fc5b2 53 push ebx
f73fc5b3 8b1d70b042f7 mov ebx,dword ptr [ACPI!_imp_KefAcquireSpinLockAtDpcLevel (f742b070)]
f73fc5b9 56 push esi
f73fc5ba be98b843f7 mov esi,offset ACPI!AcpiBuildQueueLock (f743b898)
f73fc5bf 8bce mov ecx,esi
f73fc5c1 ffd3 call ebx
f73fc5c3 803d9eb843f700 cmp byte ptr [ACPI!AcpiBuildDpcRunning (f743b89e)],0
f73fc5ca 740d je ACPI!ACPIBuildDeviceDpc+0x27 (f73fc5d9)

0: kd> dt _kpcr ffdff000
hal!_KPCR
+0x000 NtTib : _NT_TIB
+0x000 Used_ExceptionList : 0xf7899ab0 _EXCEPTION_REGISTRATION_RECORD
+0x004 Used_StackBase : (null)
+0x008 PerfGlobalGroupMask : (null)
+0x00c TssCopy : 0x80042000 Void
+0x010 ContextSwitches : 0x1d
+0x014 SetMemberCopy : 1
+0x018 Used_Self : (null)
+0x01c SelfPcr : 0xffdff000 _KPCR
+0x020 Prcb : 0xffdff120 _KPRCB
+0x024 Irql : 0 ''
+0x028 IRR : 0
+0x02c IrrActive : 0
+0x030 IDR : 0xffffffff
+0x034 KdVersionBlock : 0x80b0e468 Void
+0x038 IDT : 0x8003f400 _KIDTENTRY
+0x03c GDT : 0x8003f000 _KGDTENTRY
+0x040 TSS : 0x80042000 _KTSS
+0x044 MajorVersion : 1
+0x046 MinorVersion : 1
+0x048 SetMember : 1
+0x04c StallScaleFactor : 0xe10
+0x050 SpareUnused : 0 ''
+0x051 Number : 0 ''
+0x052 Spare0 : 0 ''
+0x053 SecondLevelCacheAssociativity : 0 ''
+0x054 VdmAlert : 0
+0x058 KernelReserved : [14] 0
+0x090 SecondLevelCacheSize : 0
+0x094 HalReserved : [16] 0
0: kd> dx -id 0,0,899a2278 -r1 ((nt!_KPRCB *)0xffdff120)
((nt!_KPRCB *)0xffdff120) : 0xffdff120 [Type: _KPRCB *]
[+0x000] MinorVersion : 0x1 [Type: unsigned short]
[+0x002] MajorVersion : 0x1 [Type: unsigned short]
[+0x004] CurrentThread : 0x899a1020 [Type: _KTHREAD *]
[+0x008] NextThread : 0x0 [Type: _KTHREAD *]
[+0x00c] IdleThread : 0x80b200c0 [Type: _KTHREAD *]
[+0x010] Number : 0 [Type: char]
[+0x011] Reserved : 0 [Type: char]
[+0x012] BuildType : 0x1 [Type: unsigned short]
[+0x014] SetMember : 0x1 [Type: unsigned long]
[+0x018] CpuType : 6 [Type: char]
[+0x019] CpuID : 1 [Type: char]
[+0x01a] CpuStep : 0x503 [Type: unsigned short]
[+0x01c] ProcessorState [Type: _KPROCESSOR_STATE]
[+0x33c] KernelReserved [Type: unsigned long [16]]
[+0x37c] HalReserved [Type: unsigned long [16]]
[+0x3bc] PrcbPad0 [Type: unsigned char [92]]
[+0x418] LockQueue [Type: _KSPIN_LOCK_QUEUE [16]]
[+0x498] PrcbPad1 [Type: unsigned char [8]]
[+0x4a0] NpxThread : 0x0 [Type: _KTHREAD *]
[+0x4a4] InterruptCount : 0x103 [Type: unsigned long]
[+0x4a8] KernelTime : 0x3b [Type: unsigned long]
[+0x4ac] UserTime : 0x0 [Type: unsigned long]
[+0x4b0] DpcTime : 0x0 [Type: unsigned long]
[+0x4b4] DebugDpcTime : 0x0 [Type: unsigned long]
[+0x4b8] InterruptTime : 0x0 [Type: unsigned long]
[+0x4bc] AdjustDpcThreshold : 0x1 [Type: unsigned long]
[+0x4c0] PageColor : 0x534 [Type: unsigned long]
[+0x4c4] SkipTick : 0x1 [Type: unsigned char]
[+0x4c5] DebuggerSavedIRQL : 0x2 [Type: unsigned char]
[+0x4c6] Spare1 [Type: unsigned char [6]]
[+0x4cc] ParentNode : 0x80b20640 [Type: _KNODE *]
[+0x4d0] MultiThreadProcessorSet : 0x3 [Type: unsigned long]
[+0x4d4] MultiThreadSetMaster : 0xffdff120 [Type: _KPRCB *]
[+0x4d8] ThreadStartCount [Type: unsigned long [2]]
[+0x4e0] CcFastReadNoWait : 0x0 [Type: unsigned long]
[+0x4e4] CcFastReadWait : 0x0 [Type: unsigned long]
[+0x4e8] CcFastReadNotPossible : 0x0 [Type: unsigned long]
[+0x4ec] CcCopyReadNoWait : 0x0 [Type: unsigned long]
[+0x4f0] CcCopyReadWait : 0x0 [Type: unsigned long]
[+0x4f4] CcCopyReadNoWaitMiss : 0x0 [Type: unsigned long]
[+0x4f8] KeAlignmentFixupCount : 0x0 [Type: unsigned long]
[+0x4fc] SpareCounter0 : 0x0 [Type: unsigned long]
[+0x500] KeDcacheFlushCount : 0x0 [Type: unsigned long]
[+0x504] KeExceptionDispatchCount : 0xe5 [Type: unsigned long]
[+0x508] KeFirstLevelTbFills : 0x0 [Type: unsigned long]
[+0x50c] KeFloatingEmulationCount : 0x0 [Type: unsigned long]
[+0x510] KeIcacheFlushCount : 0x0 [Type: unsigned long]
[+0x514] KeSecondLevelTbFills : 0x0 [Type: unsigned long]
[+0x518] KeSystemCalls : 0x2ab [Type: unsigned long]
[+0x51c] SpareCounter1 : 0x0 [Type: unsigned long]
[+0x520] PPLookasideList [Type: _PP_LOOKASIDE_LIST [16]]
[+0x5a0] PPNPagedLookasideList [Type: _PP_LOOKASIDE_LIST [32]]
[+0x6a0] PPPagedLookasideList [Type: _PP_LOOKASIDE_LIST [32]]
[+0x7a0] PacketBarrier : 0x0 [Type: unsigned long]
[+0x7a4] ReverseStall : 0x7 [Type: unsigned long]
[+0x7a8] IpiFrame : 0xf789a0b8 [Type: void *]
[+0x7ac] PrcbPad2 [Type: unsigned char [52]]
[+0x7e0] CurrentPacket [Type: void * [3]]
[+0x7ec] TargetSet : 0x0 [Type: unsigned long]
[+0x7f0] WorkerRoutine : 0x80a39124 [Type: void (*)(void *,void *,void *,void *)]
[+0x7f4] IpiFrozen : 0x24 [Type: unsigned long]
[+0x7f8] PrcbPad3 [Type: unsigned char [40]]
[+0x820] RequestSummary : 0x0 [Type: unsigned long]
[+0x824] SignalDone : 0x0 [Type: _KPRCB *]
[+0x828] PrcbPad4 [Type: unsigned char [56]]
[+0x860] DpcData [Type: _KDPC_DATA [2]]
[+0x888] DpcStack : 0xf789f000 [Type: void *]
[+0x88c] MaximumDpcQueueDepth : 0x4 [Type: unsigned long]
[+0x890] DpcRequestRate : 0x0 [Type: unsigned long]
[+0x894] MinimumDpcRate : 0x3 [Type: unsigned long]
[+0x898] DpcInterruptRequested : 0x0 [Type: unsigned char]
[+0x899] DpcThreadRequested : 0x0 [Type: unsigned char]
[+0x89a] DpcRoutineActive : 0x0 [Type: unsigned char]
[+0x89b] DpcThreadActive : 0x0 [Type: unsigned char]
[+0x89c] PrcbLock : 0x0 [Type: unsigned long]
[+0x8a0] DpcLastCount : 0x3 [Type: unsigned long]
[+0x8a4] TimerHand : 0x105ec9fc [Type: unsigned long]
[+0x8a8] TimerRequest : 0x0 [Type: unsigned long]
[+0x8ac] DpcThread : 0x0 [Type: void *]
[+0x8b0] DpcEvent [Type: _KEVENT]
[+0x8c0] ThreadDpcEnable : 0x0 [Type: unsigned char]
[+0x8c1] QuantumEnd : 0x0 [Type: unsigned char]
[+0x8c2] PrcbPad50 : 0x0 [Type: unsigned char]
[+0x8c3] IdleSchedule : 0x0 [Type: unsigned char]
[+0x8c4] DpcSetEventRequest : 0 [Type: long]
[+0x8c8] PrcbPad5 [Type: unsigned char [22]]
[+0x8e0] CallDpc [Type: _KDPC]
[+0x900] PrcbPad7 [Type: unsigned long [8]]
[+0x920] WaitListHead [Type: _LIST_ENTRY]
[+0x928] ReadySummary : 0x1102 [Type: unsigned long]
[+0x92c] SelectNextLast : 0x0 [Type: unsigned long]
[+0x930] DispatcherReadyListHead [Type: _LIST_ENTRY [32]]
[+0xa30] DeferredReadyListHead [Type: _SINGLE_LIST_ENTRY]
[+0xa34] PrcbPad72 [Type: unsigned long [11]]
[+0xa60] ChainedInterruptList : 0x0 [Type: void *]
[+0xa64] LookasideIrpFloat : 32768 [Type: long]
[+0xa68] SpareFields0 [Type: unsigned long [4]]
[+0xa78] VendorString [Type: unsigned char [13]]
[+0xa85] InitialApicId : 0x0 [Type: unsigned char]
[+0xa86] LogicalProcessorsPerPhysicalProcessor : 0x2 [Type: unsigned char]
[+0xa88] MHz : 0xe0f [Type: unsigned long]
[+0xa8c] FeatureBits : 0x33fff [Type: unsigned long]
[+0xa90] UpdateSignature : {876173328384} [Type: _LARGE_INTEGER]
[+0xa98] IsrTime : 0x0 [Type: unsigned __int64]
[+0xaa0] NpxSaveArea [Type: _FX_SAVE_AREA]
[+0xcb0] PowerState [Type: _PROCESSOR_POWER_STATE]

FORCEINLINE
PKDPC_DATA
KiSelectDpcData (
IN PKPRCB Prcb,
IN PKDPC Dpc
)
{

//
// If the DPC is a threaded DPC and thread DPCs are enabled, then set
// the address of the threaded DPC data. Otherwise, set the address of
// the normal DPC structure.
//

if ((Dpc->Type == (UCHAR)ThreadedDpcObject) &&
(Prcb->ThreadDpcEnable != FALSE)) {

return &Prcb->DpcData[DPC_THREADED];

} else {
return &Prcb->DpcData[DPC_NORMAL]; 这个：
}
}

//
// Define DPC type indicies.
//

#define DPC_NORMAL 0
#define DPC_THREADED 1

typedef enum _KOBJECTS {
EventNotificationObject = 0,
EventSynchronizationObject = 1,
MutantObject = 2,
ProcessObject = 3,
QueueObject = 4,
SemaphoreObject = 5,
ThreadObject = 6,
Spare1Object = 7,
TimerNotificationObject = 8,
TimerSynchronizationObject = 9,
Spare2Object = 10,
Spare3Object = 11,
Spare4Object = 12,
Spare5Object = 13,
Spare6Object = 14,
Spare7Object = 15,
Spare8Object = 16,
Spare9Object = 17,
ApcObject,
DpcObject,
DeviceQueueObject, 19
EventPairObject,
InterruptObject,
ProfileObject,
ThreadedDpcObject, 23
MaximumKernelObject
} KOBJECTS;

0: kd> dv
Dpc = 0xf743b840
SystemArgument1 = 0x00000000
SystemArgument2 = 0x00000000
OldIrql = 0x00 ''
Inserted = 0xf7 ''
0: kd> dx -r1 ((ntkrnlmp!_KDPC *)0xf743b840)
((ntkrnlmp!_KDPC *)0xf743b840) : 0xf743b840 [Type: _KDPC *]
[+0x000] Type : 19 [Type: short]
[+0x002] Number : 0x0 [Type: unsigned char]
[+0x003] Importance : 0x1 [Type: unsigned char]
[+0x004] DpcListEntry [Type: _LIST_ENTRY]
[+0x00c] DeferredRoutine : 0xf73fc5b2 [Type: void (*)(_KDPC *,void *,void *,void *)]
[+0x010] DeferredContext : 0x0 [Type: void *]
[+0x014] SystemArgument1 : 0x0 [Type: void *]
[+0x018] SystemArgument2 : 0x0 [Type: void *]
[+0x01c] DpcData : 0x0 [Type: void *]

0: kd> dx -id 0,0,899a2278 -r1 ((nt!_KPRCB *)0xffdff120)

[+0x860] DpcData [Type: _KDPC_DATA [2]]

0: kd> dx -id 0,0,899a2278 -r1 (*((ntkrnlmp!_KDPC_DATA (*)[2])0xffdff980))
(*((ntkrnlmp!_KDPC_DATA (*)[2])0xffdff980)) [Type: _KDPC_DATA [2]]
[0] [Type: _KDPC_DATA]
[1] [Type: _KDPC_DATA]
0: kd> dx -id 0,0,899a2278 -r1 (*((ntkrnlmp!_KDPC_DATA *)0xffdff980))
(*((ntkrnlmp!_KDPC_DATA *)0xffdff980)) [Type: _KDPC_DATA]
[+0x000] DpcListHead [Type: _LIST_ENTRY]
[+0x008] DpcLock : 0x0 [Type: unsigned long]
[+0x00c] DpcQueueDepth : 0x0 [Type: unsigned long]
[+0x010] DpcCount : 0x3 [Type: unsigned long]
0: kd> dx -id 0,0,899a2278 -r1 (*((ntkrnlmp!_LIST_ENTRY *)0xffdff980))
(*((ntkrnlmp!_LIST_ENTRY *)0xffdff980)) [Type: _LIST_ENTRY]
[+0x000] Flink : 0xffdff980 [Type: _LIST_ENTRY *]
[+0x004] Blink : 0xffdff980 [Type: _LIST_ENTRY *]

} else {
Prcb = KeGetCurrentPrcb();
}

0: kd> p
eax=00000000 ebx=ffdff120 ecx=000000ff edx=0000001f esi=f743b898 edi=f743b840
eip=80a364d9 esp=f789a180 ebp=f789a194 iopl=0 nv up ei ng nz na po cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000283
nt!KeInsertQueueDpc+0x55:
80a364d9 66833f18 cmp word ptr [edi],18h ds:0023:f743b840=0013

DpcData = KiSelectDpcData(Prcb, Dpc); esi=ffdff980

0: kd> p
eax=00000000 ebx=ffdff120 ecx=000000ff edx=0000001f esi=ffdff980 edi=f743b840
eip=80a364f4 esp=f789a180 ebp=f789a194 iopl=0 nv up ei ng nz ac po cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000293
nt!KeInsertQueueDpc+0x70:
80a364f4 8d4e08 lea ecx,[esi+8]

if (InterlockedCompareExchangePointer(&Dpc->DpcData,
DpcData,
NULL) == NULL) {

DpcData->DpcQueueDepth += 1;
DpcData->DpcCount += 1;
Dpc->SystemArgument1 = SystemArgument1;
Dpc->SystemArgument2 = SystemArgument2;

0: kd> dx -id 0,0,899a2278 -r1 (*((ntkrnlmp!_KDPC_DATA *)0xffdff980))
(*((ntkrnlmp!_KDPC_DATA *)0xffdff980)) [Type: _KDPC_DATA]
[+0x000] DpcListHead [Type: _LIST_ENTRY]
[+0x008] DpcLock : 0x899a1021 [Type: unsigned long]
[+0x00c] DpcQueueDepth : 0x1 [Type: unsigned long] 1个DPC
[+0x010] DpcCount : 0x4 [Type: unsigned long]

Inserted = TRUE;
if (Dpc->Importance == HighImportance) {
InsertHeadList(&DpcData->DpcListHead, &Dpc->DpcListEntry);

} else {
InsertTailList(&DpcData->DpcListHead, &Dpc->DpcListEntry);
}

0: kd> dt kdpc 0xf743b844-4
hal!KDPC
+0x000 Type : 0n19
+0x002 Number : 0 ''
+0x003 Importance : 0x1 ''
+0x004 DpcListEntry : _LIST_ENTRY [ 0xffdff980 - 0xffdff980 ]
+0x00c DeferredRoutine : 0xf73fc5b2 void ACPI!ACPIBuildDeviceDpc+0
+0x010 DeferredContext : (null)
+0x014 SystemArgument1 : (null)
+0x018 SystemArgument2 : (null)
+0x01c DpcData : 0xffdff980 Void
0: kd> u f73fc5b2
ACPI!ACPIBuildDeviceDpc [d:\srv03rtm\base\busdrv\acpi\driver\nt\buildsrc.c @ 478]:
f73fc5b2 53 push ebx
f73fc5b3 8b1d70b042f7 mov ebx,dword ptr [ACPI!_imp_KefAcquireSpinLockAtDpcLevel (f742b070)]
f73fc5b9 56 push esi
f73fc5ba be98b843f7 mov esi,offset ACPI!AcpiBuildQueueLock (f743b898)
f73fc5bf 8bce mov ecx,esi
f73fc5c1 ffd3 call ebx
f73fc5c3 803d9eb843f700 cmp byte ptr [ACPI!AcpiBuildDpcRunning (f743b89e)],0
f73fc5ca 740d je ACPI!ACPIBuildDeviceDpc+0x27 (f73fc5d9)

} else {

//
// If a DPC routine is not active on the target processor and
// an interrupt has not been requested, then request a dispatch
// interrupt on the target processor if appropriate.
//

if ((Prcb->DpcRoutineActive == FALSE) &&
(Prcb->DpcInterruptRequested == FALSE)) {

} else {

//
// Request a dispatch interrupt on the current processor
// if the DPC is not of low importance, the length of the
// DPC queue has exceeded the maximum threshold, or if the
// DPC request rate is below the minimum threshold.
//

if ((Dpc->Importance != LowImportance) ||
(DpcData->DpcQueueDepth >= Prcb->MaximumDpcQueueDepth) ||
(Prcb->DpcRequestRate < Prcb->MinimumDpcRate)) {

Prcb->DpcInterruptRequested = TRUE;
KiRequestSoftwareInterrupt(DISPATCH_LEVEL);
}
}

0: kd> p
Breakpoint 22 hit
eax=ffdff994 ebx=ffdff120 ecx=ffdff902 edx=00000002 esi=ffdff980 edi=f743b840
eip=804ee4f8 esp=f789a17c ebp=f789a194 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
hal!HalRequestSoftwareInterrupt:
804ee4f8 643a0d95000000 cmp cl,byte ptr fs:[95h] fs:0030:00000095=00
0: kd> gu
eax=00000002 ebx=ffdff120 ecx=00040041 edx=00000002 esi=ffdff980 edi=f743b840
eip=80a36611 esp=f789a180 ebp=f789a194 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000206
nt!KeInsertQueueDpc+0x18d:
80a36611 8b4df8 mov ecx,dword ptr [ebp-8] ss:0010:f789a18c=ffdff988
0: kd> gu
eax=00000001 ebx=00000000 ecx=00000041 edx=00000002 esi=f743b898 edi=804ee150
eip=f7410c75 esp=f789a1a8 ebp=f789a1c0 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!ACPITableLoad+0x14f:
f7410c75 8a55ff mov dl,byte ptr [ebp-1] ss:0010:f789a1bf=00
0: kd> gu
Breakpoint 19 hit
eax=00000000 ebx=ffdff120 ecx=ffdff988 edx=ffdff980 esi=f73fc5b2 edi=ffdff980
eip=f73fc5b2 esp=f789efa0 ebp=f789eff4 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!ACPIBuildDeviceDpc:
f73fc5b2 53 push ebx
0: kd> kc
#
00 ACPI!ACPIBuildDeviceDpc
01 nt!KiRetireDpcList
02 nt!KiDispatchInterrupt
WARNING: Frame IP not in any known module. Following frames may be wrong.
03 0x0