mouclass!MousePnP调试记录被调用了好多次

sitelist2025-12-27 11:03

mouclass!MousePnP调试记录被调用了好多次

1: kd> g

13:51:29.828+89dd5240:0000+RDPDYN_Dispatch +0680+Unhandled PnP IRP with minor 00000018

Breakpoint 1 hit

eax=0000001b ebx=00000000 ecx=89936428 edx=89be08d0 esi=89be08d0 edi=89c60530

eip=f756b59c esp=f78ee97c ebp=f78ee994 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

mouclass!MousePnP:

f756b59c 55 push ebp

1: kd> kc

00 mouclass!MousePnP

01 nt!IofCallDriver

02 nt!IopSynchronousCall

03 nt!IopQueryLegacyBusInformation

04 nt!PipCallDriverAddDevice

05 nt!PipProcessDevNodeTree

06 nt!PiProcessStartSystemDevices

07 nt!PipDeviceActionWorker

08 nt!ExpWorkerThread

09 nt!PspSystemThreadStartup

0a nt!KiThreadStartup

1: kd> kv

ChildEBP RetAddr Args to Child

00 f78ee978 80a2675c 89c60530 89be08d0 89be09ac mouclass!MousePnP (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\drivers\input\mouclass\mouclass.c @ 4172]

01 f78ee994 80c95e00 f78eea04 89df5948 89df589c nt!IofCallDriver+0x62 (FPO: [Non-Fpo]) (CONV: fastcall) [d:\srv03rtm\base\ntos\io\iomgr\iosubs.c @ 2237]

02 f78ee9c4 80c96fd5 00000000 f78ee9e0 f78eea10 nt!IopSynchronousCall+0x1aa (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 258]

03 f78eea08 80c920ad 89df5948 00000000 89df589c nt!IopQueryLegacyBusInformation+0x5f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 1825]

04 f78eead4 80c94d1e 89d20ec0 05000000 89df5948 nt!PipCallDriverAddDevice+0x79b (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 2689]

05 f78eed24 80c955c0 89db9ac0 00000001 00000000 nt!PipProcessDevNodeTree+0x190 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 4623]

06 f78eed58 80a2deb5 8994ad58 89dcfda0 80bf5cbc nt!PiProcessStartSystemDevices+0x6e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 6436]

07 f78eed80 80af2bb9 00000000 00000000 89dcfda0 nt!PipDeviceActionWorker+0x199 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 821]

08 f78eedac 80d391f0 00000000 00000000 00000000 nt!ExpWorkerThread+0x10f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ex\worker.c @ 1153]

09 f78eeddc 80b00d52 80af2aaa 00000001 00000000 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ps\create.c @ 2213]

0a 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 [d:\srv03rtm\base\ntos\ke\i386\threadbg.asm @ 81]

windbg> .open -a ffffffff80c96fd5

1: kd> bp 80c96fd5

1: kd> g

Breakpoint 2 hit

eax=c00000bb ebx=89df589c ecx=00000000 edx=034e0000 esi=89df5948 edi=f78eea04

eip=80c96fd5 esp=f78ee9d8 ebp=f78eea08 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

nt!IopQueryLegacyBusInformation+0x5f:

80c96fd5 85c0 test eax,eax

1: kd> g

Breakpoint 2 hit

eax=c00000bb ebx=89df564c ecx=00000000 edx=00000000 esi=89df56f8 edi=f78eea04

eip=80c96fd5 esp=f78ee9d8 ebp=f78eea08 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

nt!IopQueryLegacyBusInformation+0x5f:

80c96fd5 85c0 test eax,eax

1: kd> dv

DeviceObject = 0x00000000

InterfaceGuid = 0x00000000

InterfaceType = 0x89df564c

BusNumber = 0x89df5650

irpSp = IRP_MJ_PNP / 0x18 for {...}

status = 0n-2136014848

busInfo = 0x00000000

1: kd> g

Breakpoint 2 hit

eax=c00000bb ebx=89df53fc ecx=00000000 edx=00000000 esi=89df54a8 edi=f78eea04

eip=80c96fd5 esp=f78ee9d8 ebp=f78eea08 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

nt!IopQueryLegacyBusInformation+0x5f:

80c96fd5 85c0 test eax,eax

1: kd> dv

DeviceObject = 0x00000000

InterfaceGuid = 0x00000000

InterfaceType = 0x89df53fc

BusNumber = 0x89df5400

irpSp = IRP_MJ_PNP / 0x18 for {...}

status = 0n-2136014848

busInfo = 0x00000000

1: kd> g

Breakpoint 1 hit

eax=0000001b ebx=00000000 ecx=89936428 edx=89be08d0 esi=89be08d0 edi=898f7590

eip=f756b59c esp=f78ee90c ebp=f78ee924 iopl=0 nv up ei ng nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000282

mouclass!MousePnP:

f756b59c 55 push ebp

1: kd> kc

00 mouclass!MousePnP

01 nt!IofCallDriver

02 nt!IopFilterResourceRequirementsCall

03 nt!IopQueryDeviceResources

04 nt!IopGetResourceRequirementsForAssignTable

05 nt!IopAllocateResources

06 nt!IopAssignResourcesToDevices

07 nt!IopProcessAssignResources

08 nt!PipProcessDevNodeTree

09 nt!PiProcessStartSystemDevices

0a nt!PipDeviceActionWorker

0b nt!ExpWorkerThread

0c nt!PspSystemThreadStartup

0d nt!KiThreadStartup

1: kd> g

Breakpoint 1 hit

eax=0000001b ebx=00000000 ecx=89936428 edx=89be08d0 esi=89be08d0 edi=89c60530

eip=f756b59c esp=f78ee90c ebp=f78ee924 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

mouclass!MousePnP:

f756b59c 55 push ebp

1: kd> kc

00 mouclass!MousePnP

01 nt!IofCallDriver

02 nt!IopFilterResourceRequirementsCall

03 nt!IopQueryDeviceResources

04 nt!IopGetResourceRequirementsForAssignTable

05 nt!IopAllocateResources

06 nt!IopAssignResourcesToDevices

07 nt!IopProcessAssignResources

08 nt!PipProcessDevNodeTree

09 nt!PiProcessStartSystemDevices

0a nt!PipDeviceActionWorker

0b nt!ExpWorkerThread

0c nt!PspSystemThreadStartup

0d nt!KiThreadStartup

1: kd> g

Breakpoint 1 hit

eax=0000001b ebx=00000000 ecx=89936428 edx=899e88a8 esi=899e88a8 edi=89c60530

eip=f756b59c esp=f78eea30 ebp=f78eea48 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

mouclass!MousePnP:

f756b59c 55 push ebp

0: kd> kc

00 mouclass!MousePnP

01 nt!IofCallDriver

02 nt!IopSynchronousCall

03 nt!IopStartDevice

04 nt!PipProcessStartPhase1

05 nt!PipProcessDevNodeTree

06 nt!PiProcessStartSystemDevices

07 nt!PipDeviceActionWorker

08 nt!ExpWorkerThread

09 nt!PspSystemThreadStartup

0a nt!KiThreadStartup

0: kd> g

Breakpoint 1 hit

eax=0000001b ebx=00000000 ecx=89936428 edx=899e88a8 esi=899e88a8 edi=89c60530

eip=f756b59c esp=f78ee9c4 ebp=f78ee9dc iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

mouclass!MousePnP:

f756b59c 55 push ebp

0: kd> kc

00 mouclass!MousePnP

01 nt!IofCallDriver

02 nt!IopSynchronousCall

03 nt!PpIrpQueryID

04 nt!PpQueryID

05 nt!PipProcessStartPhase3

06 nt!PipProcessDevNodeTree

07 nt!PiProcessStartSystemDevices

08 nt!PipDeviceActionWorker

09 nt!ExpWorkerThread

0a nt!PspSystemThreadStartup

0b nt!KiThreadStartup

相关推荐
sitelist3 天前
MOUCLASS-MouseClassServiceCallback调试记录之两种情况
callback·mouseclassservi·mouclass
sitelist4 天前
mouclass!MouseClassReadCopyData函数的两种情况
mouseclassread·mouclass
热门推荐
01GitHub 镜像站点02从快手“12·22”直播攻击事件看:一次教科书式的业务层饱和攻击033D 圣诞树网页代码04Linux下V2Ray安装配置指南05电脑检测软件—图吧工具箱06UV安装并设置国内源07在VSCode配置Java开发环境的保姆级教程(适配各类AI编程IDE)08Gemini3 生成的基于手势控制3D粒子圣诞树09jdk21下载、安装(Windows、Linux、macOS)10Claude Code Skills 实用使用手册