从nt!KiInterruptDispatch到i8042prt!I8042KeyboardInterruptService看键盘中断
;
; Check for an interrupt storm on this interrupt object
;
CHECK_INT_STORM kid
if DBG
mov ebx, _KeTickCount
endif
mov eax, InServiceContextedi ; set parameter value
push eax 第二个参数
push edi ; pointer to interrupt object 第一个参数
CAPSTART <_KiInterruptDispatch,InServiceRoutineedi>
call InServiceRoutineedi ; call specified routine
CAPEND <_KiInterruptDispatch>
0: kd> g
Breakpoint 18 hit
eax=898ac508 ebx=105ee5d4 ecx=ffdff000 edx=ffffffff esi=898ac5c8 edi=894fe978
eip=bafe5052 esp=f789ee08 ebp=f789ee28 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
i8042prt!I8042KeyboardInterruptService:
bafe5052 6a18 push 18h
0: kd> kc
00 i8042prt!I8042KeyboardInterruptService
01 nt!KiInterruptDispatch
02 nt!KeSetTimerEx
03 nt!KeSetTimer
04 USBPORT!USBPORT_DM_TimerDpc
05 nt!KiTimerExpiration
06 nt!KiRetireDpcList
07 nt!KiDispatchInterrupt
WARNING: Frame IP not in any known module. Following frames may be wrong.
08 0x0
0: kd> kv
ChildEBP RetAddr Args to Child
00 f789ee04 80b003ed 894fe978 898ac508 00010009 i8042prt!I8042KeyboardInterruptService (FPO: Non-Fpo) (CONV: stdcall) d:\\srv03rtm\\drivers\\input\\pnpi8042\\kbddep.c @ 82
01 f789ee04 80a33b04 894fe978 898ac508 00010009 nt!KiInterruptDispatch+0x8d (FPO: 0,2 TrapFrame @ f789ee28) d:\\srv03rtm\\base\\ntos\\ke\\i386\\intsup.asm @ 777
02 f789ee98 80a33ce8 898d46c8 ffb15267 ffffffff nt!KeSetTimerEx (FPO: Non-Fpo) (CONV: stdcall) d:\\srv03rtm\\base\\ntos\\ke\\timerobj.c @ 320
03 f789eeb4 bae8aa1e 898d46c8 ffb15267 ffffffff nt!KeSetTimer+0x16 (FPO: Non-Fpo) (CONV: stdcall) d:\\srv03rtm\\base\\ntos\\ke\\timerobj.c @ 282
04 f789eee8 80a40e6b 898d46a8 898d4030 c33df065 USBPORT!USBPORT_DM_TimerDpc+0x404 (FPO: Non-Fpo) (CONV: stdcall) d:\\srv03rtm\\drivers\\wdm\\usb\\hcd\\usbport\\dmtimer.c @ 157
05 f789ef9c 80a413bc 00000000 00000000 025ee59f nt!KiTimerExpiration+0x26d (FPO: Non-Fpo) (CONV: stdcall) d:\\srv03rtm\\base\\ntos\\ke\\dpcsup.c @ 705
06 f789eff4 80b00756 ba1b0bf8 00000000 00000000 nt!KiRetireDpcList+0x60 (FPO: Non-Fpo) (CONV: fastcall) d:\\srv03rtm\\base\\ntos\\ke\\dpcsup.c @ 1018
07 f789eff8 ba1b0bf8 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x36 (FPO: Uses EBP 0,0,1) d:\\srv03rtm\\base\\ntos\\ke\\i386\\ctxswap.asm @ 226
WARNING: Frame IP not in any known module. Following frames may be wrong.
08 80b00756 00000000 00000009 bb837775 00000128 0xba1b0bf8
0: kd> !idt
Dumping IDT: 8003f400
37: 804ed194 hal!PicSpuriousService37
3d: 804ee7d8 hal!HalpApcInterrupt
41: 804ee618 hal!HalpDispatchInterrupt
50: 804ed26c hal!HalpApicRebootService
62: 8949d58c atapi!IdePortInterrupt (KINTERRUPT 8949d550)
63: 895eb044 NDIS!ndisMIsr (KINTERRUPT 895eb008)
73: 896048d4 USBPORT!USBPORT_InterruptService (KINTERRUPT 89604898)
82: 894e9214 atapi!IdePortInterrupt (KINTERRUPT 894e91d8)
83: 89620bec USBPORT!USBPORT_InterruptService (KINTERRUPT 89620bb0)
93: 894fe9b4 i8042prt!I8042KeyboardInterruptService (KINTERRUPT 894fe978)
a3: 89564bbc i8042prt!I8042MouseInterruptService (KINTERRUPT 89564b80)
b1: 899069a4 ACPI!ACPIInterruptServiceRoutine (KINTERRUPT 89906968)
c1: 804ed408 hal!HalpBroadcastCallService
d1: 804ec714 hal!HalpClockInterrupt
e1: 804ed83c hal!HalpIpiHandler
e3: 804ed650 hal!HalpLocalApicErrorService
fd: 804edde8 hal!HalpProfileInterrupt
fe: 804edfa0 hal!HalpPerfInterrupt
0: kd> dt nt!_KINTERRUPT 894fe978
+0x000 Type : 0n22
+0x002 Size : 0n484
+0x004 InterruptListEntry : _LIST_ENTRY 0x894fe97c - 0x894fe97c
+0x00c ServiceRoutine : 0xbafe5052 unsigned char i8042prt!I8042KeyboardInterruptService+0
+0x010 ServiceContext : 0x898ac508 Void
+0x014 SpinLock : 0
+0x018 TickCount : 0x105ee5c0
+0x01c ActualLock : 0x898ac5c8 -> 0x895f2a79
+0x020 DispatchAddress : 0x80b00360 void nt!KiInterruptDispatch+0
+0x024 Vector : 0x193
+0x028 Irql : 0x8 ''
+0x029 SynchronizeIrql : 0x9 ''
+0x02a FloatingSave : 0 ''
+0x02b Connected : 0x1 ''
+0x02c Number : 0 ''
+0x02d ShareVector : 0 ''
+0x030 Mode : 1 ( Latched )
+0x034 ServiceCount : 0
+0x038 DispatchCount : 0x407529
+0x03c DispatchCode : 106 0x56535554