nt!PipAddDevicesToBootDriver函数分析之PCIIDEX!ControllerAddDevice什么时候被调用

nt!PipAddDevicesToBootDriver函数分析之PCIIDEX!ControllerAddDevice什么时候被调用

0: kd> g

GetContextState failed, 0xD0000001

GetContextState failed, 0xD0000001

KD: write to 0xF73AE34A ok

Breakpoint 17 hit

eax=f73ae34a ebx=00000000 ecx=8999ec38 edx=899ff170 esi=899ff170 edi=8999ec38

eip=f73ae34a esp=f789a488 ebp=f789a49c iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

PCIIDEX!ControllerAddDevice:

f73ae34a 55 push ebp

0: kd> kc

00 PCIIDEX!ControllerAddDevice

01 nt!PpvUtilCallAddDevice

02 nt!PipCallDriverAddDevice

03 nt!PiProcessAddBootDevices

04 nt!PipDeviceActionWorker

05 nt!PipRequestDeviceAction

06 nt!PipAddDevicesToBootDriverWorker

07 nt!PipApplyFunctionToServiceInstances
08 nt!PipAddDevicesToBootDriver
09 nt!IopInitializeBootDrivers

0a nt!IoInitSystem

0b nt!Phase1Initialization

0c nt!PspSystemThreadStartup

0d nt!KiThreadStartup

0: kd> kv

ChildEBP RetAddr Args to Child

00 f789a484 80a2f6c9 899ff170 8999ec38 e1315960 PCIIDEX!ControllerAddDevice (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\drivers\storage\ide\pciidex\ctlrfdo.c @ 58]

01 f789a49c 80c91f5c f73ae34a 00000004 00000000 nt!PpvUtilCallAddDevice+0x17 (FPO: [Non-Fpo]) (CONV: fastcall) [d:\srv03rtm\base\ntos\io\pnpmgr\ppvutil.c @ 74]

02 f789a560 80c9292c 00000000 02000000 8999e270 nt!PipCallDriverAddDevice+0x64a (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 2579]

03 f789a580 80a2de4e 89cb4588 80b1f6f8 00000000 nt!PiProcessAddBootDevices+0x98 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 5849]

04 f789a5a8 80a2e161 00000000 00000000 00000000 nt!PipDeviceActionWorker+0x132 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 739]

05 f789a5c0 80e671d7 8999ec38 00000000 00000000 nt!PipRequestDeviceAction+0x139 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 598]

06 f789a5e4 80c8af7b 80000460 f789a604 899ff170 nt!PipAddDevicesToBootDriverWorker+0x1f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpinit.c @ 1758]

07 f789a620 80e68789 e13605e8 00000000 000f003f nt!PipApplyFunctionToServiceInstances+0x18f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpsubs.c @ 2378]

08 f789a644 80e6934a 899ff170 00000000 80077000 nt!PipAddDevicesToBootDriver+0x23 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpinit.c @ 1700]

09 f789a694 80e655c7 80077000 f789a7dc 00034000 nt!IopInitializeBootDrivers+0x384 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpinit.c @ 1440]

0a f789a838 80e632fd 80077000 00000000 89dd4020 nt!IoInitSystem+0x70b (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\iomgr\ioinit.c @ 665]

0b f789adac 80d391f0 80077000 00000000 00000000 nt!Phase1Initialization+0x9b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\init\init.c @ 2221]

0c f789addc 80b00d52 80e6294a 80077000 00000000 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ps\create.c @ 2213]

0d 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 [d:\srv03rtm\base\ntos\ke\i386\threadbg.asm @ 81]

0: kd> dv

DriverObject = 0x899ff170 Driver "\Driver\IntelIde"

PhysicalDeviceObject = 0x8999ec38 Device for "\Driver\PCI"

deviceNameBuffer = unsigned short [64]

deviceName = struct _UNICODE_STRING "--- memory read error at address 0x000000c4 ---"

deviceObject = 0x00000000

0: kd> dx -id 0,0,ffffffff89dd5240 -r1 ((PCIIDEX!_DRIVER_OBJECT *)0x899ff170)

((PCIIDEX!_DRIVER_OBJECT *)0x899ff170) : 0x899ff170 : Driver "\Driver\IntelIde" [Type: _DRIVER_OBJECT *]

\\] \[Type: _DRIVER_OBJECT

HardwareDatabase : 0x80e3c260 : "\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM" [Type: _UNICODE_STRING *]

DeviceObject : 0x0 [Type: _DEVICE_OBJECT *]

Flags : 0x12

Devices

0: kd> dx -id 0,0,ffffffff89dd5240 -r1 -n (*((PCIIDEX!_DRIVER_OBJECT *)0x899ff170))

(*((PCIIDEX!_DRIVER_OBJECT *)0x899ff170)) : Driver "\Driver\IntelIde" [Type: _DRIVER_OBJECT]

+0x000\] Type : 4 \[Type: short

+0x002\] Size : 168 \[Type: short

[+0x004] DeviceObject : 0x0 [Type: _DEVICE_OBJECT *]

+0x008\] Flags : 0x12 \[Type: unsigned long

+0x00c\] DriverStart : 0xf7727000 \[Type: void \*

+0x010\] DriverSize : 0x8000 \[Type: unsigned long

+0x014\] DriverSection : 0x89dfbd78 \[Type: void \*

+0x018\] DriverExtension : 0x899ff218 \[Type: _DRIVER_EXTENSION \*

+0x01c\] DriverName \[Type: _UNICODE_STRING

+0x024\] HardwareDatabase : 0x80e3c260 : "\\REGISTRY\\MACHINE\\HARDWARE\\DESCRIPTION\\SYSTEM" \[Type: _UNICODE_STRING \*

+0x028\] FastIoDispatch : 0x0 \[Type: _FAST_IO_DISPATCH \*

+0x02c\] DriverInit : 0xf772c000 \[Type: long (\*)(_DRIVER_OBJECT \*,_UNICODE_STRING \*)

+0x030\] DriverStartIo : 0x0 \[Type: void (\*)(_DEVICE_OBJECT \*,_IRP \*)

+0x034\] DriverUnload : 0xf73b2a0c \[Type: void (\*)(_DRIVER_OBJECT \*)

+0x038\] MajorFunction \[Type: long (\* \[28\])(_DEVICE_OBJECT \*,_IRP \*)

0: kd> dx -id 0,0,ffffffff89dd5240 -r1 ((PCIIDEX!_DRIVER_EXTENSION *)0x899ff218)

((PCIIDEX!_DRIVER_EXTENSION *)0x899ff218) : 0x899ff218 [Type: _DRIVER_EXTENSION *]

+0x000\] DriverObject : 0x899ff170 : Driver "\\Driver\\IntelIde" \[Type: _DRIVER_OBJECT \*

+0x004\] AddDevice : 0xf73ae34a \[Type: long (\*)(_DRIVER_OBJECT \*,_DEVICE_OBJECT \*)

+0x008\] Count : 0x0 \[Type: unsigned long

+0x00c\] ServiceKeyName : "IntelIde" \[Type: _UNICODE_STRING

0: kd> u f73ae34a

PCIIDEX!ControllerAddDevice [d:\srv03rtm\drivers\storage\ide\pciidex\ctlrfdo.c @ 58]:

f73ae34a 55 push ebp

f73ae34b 8bec mov ebp,esp

f73ae34d 81ec90000000 sub esp,90h

f73ae353 a114c43af7 mov eax,dword ptr [PCIIDEX!__security_cookie (f73ac414)]

f73ae358 53 push ebx

f73ae359 56 push esi

f73ae35a 8b3520b03af7 mov esi,dword ptr [PCIIDEX!_imp__KeGetCurrentIrql (f73ab020)]

f73ae360 57 push edi

0: kd> dt nt!_DRIVER_EXTENSION 0x899ff218

+0x000 DriverObject : 0x899ff170 _DRIVER_OBJECT

+0x004 AddDevice : 0xf73ae34a long PCIIDEX!ControllerAddDevice+0

+0x008 Count : 0

+0x00c ServiceKeyName : _UNICODE_STRING "IntelIde"

+0x014 ClientDriverExtension : 0x89d421a0 _IO_CLIENT_EXTENSION

+0x018 FsFilterCallbacks : (null)

0: kd> !drvobj 0x899ff170

Driver object (899ff170) is for:

\Driver\IntelIde

Driver Extension List: (id , addr)

(f73b205e 89d421a8)

Device Object list:

0: kd> gu

eax=00000000 ebx=00000000 ecx=bb40e64e edx=00000cf8 esi=899ff170 edi=8999ec38

eip=80a2f6c9 esp=f789a494 ebp=f789a49c iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

nt!PpvUtilCallAddDevice+0x17:

80a2f6c9 eb26 jmp nt!PpvUtilCallAddDevice+0x3f (80a2f6f1)

0: kd> dt nt!_DRIVER_OBJECT 0x899ff170

+0x000 Type : 0n4

+0x002 Size : 0n168
+0x004 DeviceObject : 0x8988b038 _DEVICE_OBJECT

+0x008 Flags : 0x12

+0x00c DriverStart : 0xf7727000 Void

+0x010 DriverSize : 0x8000

+0x014 DriverSection : 0x89dfbd78 Void

+0x018 DriverExtension : 0x899ff218 _DRIVER_EXTENSION

+0x01c DriverName : _UNICODE_STRING "\Driver\IntelIde"

+0x024 HardwareDatabase : 0x80e3c260 _UNICODE_STRING "\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM"

+0x028 FastIoDispatch : (null)

+0x02c DriverInit : 0xf772c000 long intelide!GsDriverEntry+0

+0x030 DriverStartIo : (null)

+0x034 DriverUnload : 0xf73b2a0c void PCIIDEX!PciIdeUnload+0

+0x038 MajorFunction : [28] 0x80a2b404 long nt!IopInvalidDeviceRequest+0

0: kd> !drvobj 0x899ff170

Driver object (899ff170) is for:

\Driver\IntelIde

Driver Extension List: (id , addr)

(f73b205e 89d421a8)
Device Object list:
8988b038

0: kd> !devobj 8988b038

Device object (8988b038) is for:

PciIde0 \Driver\IntelIde DriverObject 899ff170

Current Irp 00000000 RefCount 0 Type 0000002a Flags 00000040

SecurityDescriptor e12a6f70 DevExt 8988b0f0 DevObjExt 8988b718

ExtensionFlags (0x00000010) DOE_START_PENDING

Characteristics (0x00000100) FILE_DEVICE_SECURE_OPEN

AttachedTo (Lower) 8999e270 \Driver\ACPI

Device queue is not busy.

0: kd> dt _device_object 8988b038

CSRSRV!_DEVICE_OBJECT

+0x000 Type : 0n3

+0x002 Size : 0x6dc

+0x004 ReferenceCount : 0n0
+0x008 DriverObject : 0x899ff170 _DRIVER_OBJECT

+0x00c NextDevice : (null)

+0x010 AttachedDevice : (null)

+0x014 CurrentIrp : (null)

+0x018 Timer : (null)

+0x01c Flags : 0x40

+0x020 Characteristics : 0x100

+0x024 Vpb : (null)

+0x028 DeviceExtension : 0x8988b0f0 Void

+0x02c DeviceType : 0x2a

+0x030 StackSize : 3 ''

+0x034 Queue : __unnamed

+0x05c AlignmentRequirement : 1

+0x060 DeviceQueue : _KDEVICE_QUEUE

+0x074 Dpc : _KDPC

+0x094 ActiveThreadCount : 0

+0x098 SecurityDescriptor : 0xe12a6f70 Void

+0x09c DeviceLock : _KEVENT

+0x0ac SectorSize : 0

+0x0ae Spare1 : 0

+0x0b0 DeviceObjectExtension : 0x8988b718 _DEVOBJ_EXTENSION

+0x0b4 Reserved : (null)

0: kd> dx -id 0,0,ffffffff89dd5240 -r1 ((CSRSRV!_DEVOBJ_EXTENSION *)0x8988b718)

((CSRSRV!_DEVOBJ_EXTENSION *)0x8988b718) : 0x8988b718 [Type: _DEVOBJ_EXTENSION *]

+0x000\] Type : 13 \[Type: short

+0x002\] Size : 0x0 \[Type: unsigned short

+0x004\] DeviceObject : 0x8988b038 : Device for "\\Driver\\IntelIde" \[Type: _DEVICE_OBJECT \*

+0x008\] PowerFlags : 0x0 \[Type: unsigned long

+0x00c\] Dope : 0x0 \[Type: _DEVICE_OBJECT_POWER_EXTENSION \*

+0x010\] ExtensionFlags : 0x10 \[Type: unsigned long

+0x014\] DeviceNode : 0x0 \[Type: void \*

+0x018\] AttachedTo : 0x8999e270 : Device for "\\Driver\\ACPI" \[Type: _DEVICE_OBJECT \*

+0x01c\] StartIoCount : 0 \[Type: long

+0x020\] StartIoKey : 0 \[Type: long

+0x024\] StartIoFlags : 0x0 \[Type: unsigned long

+0x028\] Vpb : 0x0 \[Type: _VPB \*