ACPI!ACPIDetectPdoDevices函数对Device (BAT1)的状态_STA的分析

ACPI!ACPIDetectPdoDevices函数对Device (BAT1)的状态_STA的分析

第二次循环：BAT1

Device (BAT1)

{

Name (_HID, EisaId ("PNP0C0A")) // _HID: Hardware ID

Name (_UID, 0x01) // _UID: Unique ID

Name (_PCL, Package (0x01) // _PCL: Power Consumer List

{

\_SB

})

Method (_STA, 0, NotSerialized) // _STA: Status

{

Return (VMPS (0x01))

}

0: kd> t

Breakpoint 8 hit

eax=00000000 ebx=f743b620 ecx=f789a22c edx=00806000 esi=899ae008 edi=899ae128

eip=f74076b8 esp=f789a1f8 ebp=f789a250 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIGet:

f74076b8 55 push ebp

0: kd> dv

Target = 0x899ae008

ObjectID = 0x4154535f

Flags = 0x20040802

SimpleArgument = 0x00000000

SimpleArgumentSize = 0

CallBackRoutine = 0x00000000

CallBackContext = 0x00000000

Buffer = 0xf789a22c

BufferSize = 0x00000000

completionRoutine = 0xf74076b8

0: kd> dt ACPI!_DEVICE_EXTENSION 0x899ae008

+0x000 Flags : 0x00806000`2000010a

+0x000 UFlags : __unnamed

+0x008 Signature : 0x5f534750

+0x00c DebugFlags : 0

+0x010 DispatchTable : (null)

+0x014 WorkContext : WORK_QUEUE_CONTEXT

+0x014 Fdo : _FDO_DEVICE_EXTENSION

+0x014 Filter : _FILTER_DEVICE_EXTENSION

+0x014 Pdo : _PDO_DEVICE_EXTENSION

+0x058 WorkQueue : EXTENSION_WORKER

+0x058 Button : BUTTON_EXTENSION

+0x058 Thermal : THERMAL_EXTENSION

+0x058 LinkNode : LINK_NODE_EXTENSION

+0x058 Dock : DOCK_EXTENSION

+0x058 Processor : _PROCESSOR_DEVICE_EXTENSION

+0x088 DeviceState : 0 ( Stopped )

+0x08c PreviousState : 0 ( Stopped )

+0x090 PowerInfo : _ACPI_POWER_INFO

+0x10c DeviceID : 0x89986138 "ACPI\PNP0C0A"

+0x10c Address : 0x89986138

+0x110 InstanceID : 0x898f3958 "1"

+0x114 ResourceList : (null)

+0x118 PnpResourceList : (null)

+0x11c OutstandingIrpCount : 0n1

+0x120 ReferenceCount : 0n4

+0x124 HibernatePathCount : 0n0

+0x128 RemoveEvent : (null)

+0x12c AcpiObject : 0x899b4518 _NSObj

+0x130 DeviceObject : (null)

+0x134 TargetDeviceObject : (null)

+0x138 PhysicalDeviceObject : (null)

+0x13c ParentExtension : 0x89981a18 _DEVICE_EXTENSION

+0x140 ChildDeviceList : _LIST_ENTRY [ 0x899ae148 - 0x899ae148 ]

+0x148 SiblingDeviceList : _LIST_ENTRY [ 0x899aefb8 - 0x899c0ea0 ]

+0x150 EjectDeviceHead : _LIST_ENTRY [ 0x899ae158 - 0x899ae158 ]

+0x158 EjectDeviceList : _LIST_ENTRY [ 0x899ae160 - 0x899ae160 ]

0: kd> db 0x899b4518

899b4518 70 44 9b 89 04 48 9b 89-f0 f0 9a 89 5c 45 9b 89 pD...H......\E..

899b4528 42 41 54 31 30 f3 9a 89-70 44 9b 89 00 00 06 00 BAT10...pD......

Device (BAT1)

{

Name (_HID, EisaId ("PNP0C0A")) // _HID: Hardware ID

Name (_UID, 0x01) // _UID: Unique ID

Name (_PCL, Package (0x01) // _PCL: Power Consumer List

{

\_SB

})

Method (_STA, 0, NotSerialized) // _STA: Status

{

Return (VMPS (0x01))

}

0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_NSObj *)0x899b4518)

((ACPI!_NSObj *)0x899b4518) : 0x899b4518 [Type: _NSObj *]

+0x000\] list \[Type: _List

+0x008\] pnsParent : 0x899af0f0 \[Type: _NSObj \*

+0x00c\] pnsFirstChild : 0x899b455c \[Type: _NSObj \*

+0x010\] dwNameSeg : 0x31544142 \[Type: unsigned long

+0x014\] hOwner : 0x899af330 \[Type: void \*

+0x018\] pnsOwnedNext : 0x899b4470 \[Type: _NSObj \*

+0x01c\] ObjData \[Type: _ObjData

+0x030\] Context : 0x899ae008 \[Type: void \*

+0x034\] dwRefCount : 0x0 \[Type: unsigned long

0: kd> db 0x899b455c

899b455c 84 47 9b 89 a0 45 9b 89-18 45 9b 89 00 00 00 00 .G...E...E......

899b456c 5f 48 49 44 30 f3 9a 89-18 45 9b 89 00 00 01 00 _HID0....E......

0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_List *)0x899b455c))

(*((ACPI!_List *)0x899b455c)) [Type: _List]

+0x000\] plistPrev : 0x899b4784 \[Type: _List \*

+0x004\] plistNext : 0x899b45a0 \[Type: _List \*

0: kd> db 0x899b45a0

899b45a0 5c 45 9b 89 08 46 9b 89-18 45 9b 89 00 00 00 00 \E...F...E......

899b45b0 5f 55 49 44 30 f3 9a 89-5c 45 9b 89 00 00 01 00 _UID0...\E......

0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_List *)0x899b45a0)

((ACPI!_List *)0x899b45a0) : 0x899b45a0 [Type: _List *]

+0x000\] plistPrev : 0x899b455c \[Type: _List \*

+0x004\] plistNext : 0x899b4608 \[Type: _List \*

0: kd> db 0x899b4608

899b4608 a0 45 9b 89 4c 46 9b 89-18 45 9b 89 00 00 00 00 .E..LF...E......

899b4618 5f 50 43 4c 30 f3 9a 89-a0 45 9b 89 00 00 04 00 _PCL0....E......

0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_List *)0x899b4608)

((ACPI!_List *)0x899b4608) : 0x899b4608 [Type: _List *]

+0x000\] plistPrev : 0x899b45a0 \[Type: _List \*

+0x004\] plistNext : 0x899b464c \[Type: _List \*

0: kd> db 0x899b464c

899b464c 08 46 9b 89 b4 46 9b 89-18 45 9b 89 00 00 00 00 .F...F...E......

899b465c 5f 53 54 41 30 f3 9a 89-08 46 9b 89 00 00 08 00 _STA0....F......

//

// Go out and see if the requested object is present

//

acpiObject = ACPIAmliGetNamedChild(

acpiObject,

ObjectID

);

if (!acpiObject) {

0: kd> g

Breakpoint 15 hit

eax=899b464c ebx=f743b938 ecx=4154535f edx=00000000 esi=899ae278 edi=899ae280

eip=f74078dd esp=f789a1b8 ebp=f789a1f4 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIGet+0x225:

f74078dd 85c0 test eax,eax

0: kd> dv async

async = 0x00 ''

0: kd> bp ACPI!PushCall

0: kd> bp ACPI!ParseCall

0: kd> kc

00 ACPI!AMLIEvalNameSpaceObject

01 ACPI!ACPIGet

02 ACPI!ACPIDetectPdoDevices

03 ACPI!ACPIRootIrpQueryBusRelations

04 ACPI!ACPIRootIrpQueryDeviceRelations

05 ACPI!ACPIDispatchIrp

06 nt!IofCallDriver

07 nt!IopSynchronousCall

08 nt!IopQueryDeviceRelations

09 nt!PipEnumerateDevice

0a nt!PipProcessDevNodeTree

0b nt!PipDeviceActionWorker

0c nt!PipRequestDeviceAction

0d nt!IopInitializeBootDrivers

0e nt!IoInitSystem

0f nt!Phase1Initialization

10 nt!PspSystemThreadStartup

11 nt!KiThreadStartup

0: kd> dv

pns = 0x899b464c

pdataResult = 0x899ae2a4

icArgs = 0n0

pdataArgs = 0x00000000

pHData = 0x00000008

0: kd> dx -r1 ((ACPI!_NSObj *)0x899b464c)

((ACPI!_NSObj *)0x899b464c) : 0x899b464c [Type: _NSObj *]

+0x000\] list \[Type: _List

+0x008\] pnsParent : 0x899b4518 \[Type: _NSObj \*

+0x00c\] pnsFirstChild : 0x0 \[Type: _NSObj \*

+0x010\] dwNameSeg : 0x4154535f \[Type: unsigned long

+0x014\] hOwner : 0x899af330 \[Type: void \*

+0x018\] pnsOwnedNext : 0x899b4608 \[Type: _NSObj \*

+0x01c\] ObjData \[Type: _ObjData

+0x030\] Context : 0x0 \[Type: void \*

+0x034\] dwRefCount : 0x0 \[Type: unsigned long

0: kd> dx -r1 (*((ACPI!_ObjData *)0x899b4668))

(*((ACPI!_ObjData *)0x899b4668)) [Type: _ObjData]

+0x000\] dwfData : 0x0 \[Type: unsigned short

+0x002\] dwDataType : 0x8 \[Type: unsigned short

+0x004\] dwRefCount : 0x0 \[Type: unsigned long

+0x004\] pdataBase : 0x0 \[Type: _ObjData \*

+0x008\] dwDataValue : 0x0 \[Type: unsigned long

+0x008\] uipDataValue : 0x0 \[Type: unsigned long

+0x008\] pnsAlias : 0x0 \[Type: _NSObj \*

+0x008\] pdataAlias : 0x0 \[Type: _ObjData \*

+0x008\] powner : 0x0 \[Type: void \*

+0x00c\] dwDataLen : 0x18 \[Type: unsigned long

+0x010\] pbDataBuff : 0x899b4690 : 0x0 \[Type: unsigned char \*

0: kd> dt _methodobj 899b4690

ACPI!_MethodObj

+0x000 Mutex : _MutexObj

+0x010 bMethodFlags : 0 ''

+0x011 abCodeBuff : [1] "???VMP"

0: kd> g

Breakpoint 20 hit

eax=899b464c ebx=00000000 ecx=899b464c edx=00000000 esi=899b464c edi=899ae2b8

eip=f741fe16 esp=f789a17c ebp=f789a1a0 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!SyncEvalObject:

f741fe16 55 push ebp

0: kd> dv

pns = 0x899b464c

pdataResult = 0x899ae2a4

icArgs = 0n0

pdataArgs = 0x00000000

seEvalObj = struct _syncevent

0: kd> kv

ChildEBP RetAddr Args to Child

00 f789a178 f74151ee 899b464c 899ae2a4 00000000 ACPI!SyncEvalObject (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\sync.c @ 127]

01 f789a1a0 f7407922 899b464c 899ae2a4 00000000 ACPI!AMLIEvalNameSpaceObject+0x14d (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\amliapi.c @ 762]

02 f789a1f4 f7400300 899b464c 4154535f 20040802 ACPI!ACPIGet+0x26a (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\get.c @ 295]

03 f789a250 f744e9d7 89981b98 f789a2a4 804edc6c ACPI!ACPIDetectPdoDevices+0x122 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\detect.c @ 2006]

04 f789a270 f744ee67 89981b98 899bf5b0 f789a2a4 ACPI!ACPIRootIrpQueryBusRelations+0xa1 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\root.c @ 238]

05 f789a2ac f740410e 89981b98 899bf507 89981b98 ACPI!ACPIRootIrpQueryDeviceRelations+0x9d (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\root.c @ 513]

06 f789a2e0 80a2675c 89981b98 899bf5b0 899bf668 ACPI!ACPIDispatchIrp+0x19e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\dispatch.c @ 690]

07 f789a2fc 80c95e00 00000000 899c1008 899c1008 nt!IofCallDriver+0x62 (FPO: [Non-Fpo]) (CONV: fastcall) [d:\srv03rtm\base\ntos\io\iomgr\iosubs.c @ 2237]

08 f789a32c 80a2e3f3 00000000 f789a348 899c10e8 nt!IopSynchronousCall+0x1aa (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 258]

09 f789a36c 80c8d810 00000000 899c1de0 00000000 nt!IopQueryDeviceRelations+0x39 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 1131]

0a f789a388 80c94e01 899c1008 00000000 00000000 nt!PipEnumerateDevice+0x56 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 980]

0b f789a5d4 80a2dde9 899c5bc8 00000000 89987300 nt!PipProcessDevNodeTree+0x273 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 4699]

0c f789a618 80a2e161 00000000 00000000 800836b0 nt!PipDeviceActionWorker+0xcd (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 710]

0d f789a630 80e69358 00000000 00000005 00000000 nt!PipRequestDeviceAction+0x139 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 598]

0e f789a694 80e655c7 80077000 f789a7dc 00034000 nt!IopInitializeBootDrivers+0x392 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpinit.c @ 1440]

0f f789a838 80e632fd 80077000 00000000 899a1020 nt!IoInitSystem+0x70b (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\iomgr\ioinit.c @ 665]

10 f789adac 80d391f0 80077000 00000000 00000000 nt!Phase1Initialization+0x9b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\init\init.c @ 2221]

11 f789addc 80b00d52 80e6294a 80077000 00000000 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ps\create.c @ 2213]

12 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 [d:\srv03rtm\base\ntos\ke\i386\threadbg.asm @ 81]

0: kd> bp f7407922

else

{

LOGSCHEDEVENT('SYNC', (ULONG_PTR)KeGetCurrentIrql(), (ULONG_PTR)pns, 0);

rc = AsyncEvalObject(pns, pdataResult, icArgs, pdataArgs,

(PFNACB)EvalMethodComplete, &seEvalObj, FALSE);

}

0: kd> t

eax=f789a160 ebx=00000000 ecx=8997e000 edx=00002707 esi=804edc6c edi=899ae2b8

eip=f741f8c9 esp=f789a124 ebp=f789a178 iopl=0 nv up ei ng nz ac pe cy

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000297

ACPI!AsyncEvalObject:

f741f8c9 55 push ebp

0: kd> dv

pns = 0x899b464c

pdataResult = 0x899ae2a4

icArgs = 0n0

pdataArgs = 0x00000000

pfnAsyncCallBack = 0xf741eeb5

pvContext = 0xf789a160

fAsync = 0x00 ''

pctxt = 0x00000008

if ((rc = NewContext(&pctxt)) == STATUS_SUCCESS)

{

BOOLEAN fQueueContext = FALSE;

pctxt->pnsObj = pns;

pctxt->pnsScope = pns;

pctxt->pfnAsyncCallBack = pfnAsyncCallBack;

pctxt->pdataCallBack = pdataResult;

pctxt->pvContext = pvContext;

if (pns->ObjData.dwDataType == OBJTYPE_METHOD)

{

if ((rc = PushCall(pctxt, pns, &pctxt->Result)) == STATUS_SUCCESS)

{

0: kd> t

Breakpoint 16 hit

eax=894ea000 ebx=899b464c ecx=894ea040 edx=f743a41e esi=f7438ca8 edi=f789a104

eip=f741d200 esp=f789a0fc ebp=f789a120 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!PushCall:

f741d200 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pnsMethod = 0x899b464c

pdataResult = 0x894ea040

rc = 0n-1986312628

pcall = 0x00000008

0: kd> dx -r1 ((ACPI!_ctxt *)0x894ea000)

((ACPI!_ctxt *)0x894ea000) : 0x894ea000 [Type: _ctxt *]

+0x000\] dwSig : 0x54585443 \[Type: unsigned long

+0x004\] pbCtxtEnd : 0x894ec000 : 0xc8 \[Type: unsigned char \*

+0x008\] listCtxt \[Type: _List

+0x010\] listQueue \[Type: _List

+0x018\] pplistCtxtQueue : 0x0 \[Type: _List \* \*

+0x01c\] plistResources : 0x0 \[Type: _List \*

+0x020\] dwfCtxt : 0x0 \[Type: unsigned long

+0x024\] pnsObj : 0x899b464c \[Type: _NSObj \*

+0x028\] pnsScope : 0x899b464c \[Type: _NSObj \*

+0x02c\] powner : 0x0 \[Type: _objowner \*

+0x030\] pcall : 0x0 \[Type: _call \*

+0x034\] pnctxt : 0x0 \[Type: _nestedctxt \*

+0x038\] dwSyncLevel : 0x0 \[Type: unsigned long

+0x03c\] pbOp : 0x0 \[Type: unsigned char \*

+0x040\] Result \[Type: _ObjData

+0x054\] pfnAsyncCallBack : 0xf741eeb5 \[Type: void (__cdecl\*)(_NSObj \*,long,_ObjData \*,void \*)

+0x058\] pdataCallBack : 0x899ae2a4 \[Type: _ObjData \*

+0x05c\] pvContext : 0xf789a160 \[Type: void \*

+0x060\] Timer \[Type: _KTIMER

+0x088\] Dpc \[Type: _KDPC

+0x0a8\] pheapCurrent : 0x894ea0bc \[Type: _heap \*

+0x0ac\] CtxtData \[Type: _ctxtdata

+0x0bc\] LocalHeap \[Type: _heap

ASSERT(((PFRAMEHDR)pctxt->LocalHeap.pbHeapEnd)->dwSig ==

SIG_CALL);

pcall = (PCALL)pctxt->LocalHeap.pbHeapEnd;

0: kd> dx -r1 (*((ACPI!_heap *)0x894ea0bc))

(*((ACPI!_heap *)0x894ea0bc)) [Type: _heap]

+0x000\] dwSig : 0x50414548 \[Type: unsigned long

+0x004\] pbHeapEnd : 0x894ebf34 : 0x43 \[Type: unsigned char \*

+0x008\] pheapHead : 0x894ea0bc \[Type: _heap \*

+0x00c\] pheapNext : 0x0 \[Type: _heap \*

+0x010\] pbHeapTop : 0x894ea0d4 : 0x0 \[Type: unsigned char \*

+0x014\] plistFreeHeap : 0x0 \[Type: _List \*

+0x018\] Heap \[Type: _heapobjhdr

0: kd> dt _CALL 0x894ebf34

ACPI!_call

+0x000 FrameHdr : _framehdr

+0x010 pcallPrev : (null)

+0x014 pownerPrev : (null)

+0x018 pnsMethod : 0x899b464c _NSObj

+0x01c iArg : 0n0

+0x020 icArgs : 0n0

+0x024 pdataArgs : (null)

+0x028 Locals : [8] _ObjData

+0x0c8 pdataResult : 0x894ea040 _ObjData

0: kd> db 0x899b464c

899b464c 08 46 9b 89 b4 46 9b 89-18 45 9b 89 00 00 00 00 .F...F...E......

899b465c 5f 53 54 41 30 f3 9a 89-08 46 9b 89 00 00 08 00 _STA0....F......

if (fQueueContext)

{

rc = RestartContext(pctxt, FALSE);

}

0: kd> kc

00 ACPI!RestartContext
01 ACPI!AsyncEvalObject
02 ACPI!SyncEvalObject
03 ACPI!AMLIEvalNameSpaceObject
04 ACPI!ACPIGet
05 ACPI!ACPIDetectPdoDevices

06 ACPI!ACPIRootIrpQueryBusRelations

07 ACPI!ACPIRootIrpQueryDeviceRelations

08 ACPI!ACPIDispatchIrp

09 nt!IofCallDriver

0a nt!IopSynchronousCall

0b nt!IopQueryDeviceRelations

0c nt!PipEnumerateDevice

0d nt!PipProcessDevNodeTree

0e nt!PipDeviceActionWorker

0f nt!PipRequestDeviceAction

10 nt!IopInitializeBootDrivers

11 nt!IoInitSystem

12 nt!Phase1Initialization

13 nt!PspSystemThreadStartup

14 nt!KiThreadStartup

0: kd> dv

pctxt = 0x894ea000

fDelayExecute = 0x00 ''

if (KeGetCurrentIrql() < DISPATCH_LEVEL)

{

AcquireMutex(&gReadyQueue.mutCtxtQ);

rc = InsertReadyQueue(pctxt, fDelayExecute);

ReleaseMutex(&gReadyQueue.mutCtxtQ);

}

0: kd> t

eax=00000001 ebx=00000000 ecx=f743a948 edx=00000000 esi=894ea000 edi=f743a948

eip=f742051c esp=f789a0e0 ebp=f789a0fc iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!InsertReadyQueue:

f742051c 55 push ebp

0: kd> dv

pctxt = 0x894ea000

fDelayExecute = 0x00 ''

else if ((gReadyQueue.pkthCurrent == NULL) &&

!(gReadyQueue.dwfCtxtQ & CQF_PAUSED))

//

// We only execute the method if we are not in paused state.

//

{

LOGSCHEDEVENT('EVAL', (ULONG_PTR)pctxt, (ULONG_PTR)

(pctxt->pnctxt? pctxt->pnctxt->pnsObj: pctxt->pnsObj),

(ULONG_PTR)pctxt->pbOp);

//

// There is no active context and we can execute it immediately.

//

rc = RunContext(pctxt);

0: kd> t

eax=00000026 ebx=00000000 ecx=8997e000 edx=00002707 esi=894ea000 edi=00000000

eip=f741d710 esp=f789a0b8 ebp=f789a0dc iopl=0 nv up ei ng nz ac pe cy

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000297

ACPI!RunContext:

f741d710 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pctxtSave = 0xf741d710

pkthSave = 0x00000008

rc = 0n-1991335936

0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_framehdr *)0x894ebf34))

(*((ACPI!_framehdr *)0x894ebf34)) [Type: _framehdr]

+0x000\] dwSig : 0x4c4c4143 \[Type: unsigned long

+0x004\] dwLen : 0xcc \[Type: unsigned long

+0x008\] dwfFrame : 0x2 \[Type: unsigned long

+0x00c\] pfnParse : 0xf7427709 \[Type: long (__cdecl\*)(_ctxt \*,void \*,long)

0: kd> u f7427709

ACPI!ParseCall [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\parser.c @ 217]:

f7427709 55 push ebp

f742770a 8bec mov ebp,esp

f742770c 83ec1c sub esp,1Ch

f742770f 837d1000 cmp dword ptr [ebp+10h],0

f7427713 53 push ebx

f7427714 56 push esi

f7427715 8b750c mov esi,dword ptr [ebp+0Ch]

f7427718 57 push edi

0: kd> t

Breakpoint 17 hit

eax=00000000 ebx=f743a948 ecx=f743a948 edx=00002700 esi=894ea000 edi=894ebf34

eip=f7427709 esp=f789a090 ebp=f789a0b4 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

ACPI!ParseCall:

f7427709 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pcall = 0x894ebf34

rc = 0n0

powner = 0xf7427709

0: kd> dx -r1 ((ACPI!_call *)0x894ebf34)

((ACPI!_call *)0x894ebf34) : 0x894ebf34 [Type: _call *]

+0x000\] FrameHdr \[Type: _framehdr

+0x010\] pcallPrev : 0x0 \[Type: _call \*

+0x014\] pownerPrev : 0x0 \[Type: _objowner \*

+0x018\] pnsMethod : 0x899b464c \[Type: _NSObj \*\] \[+0x018\] pnsMethod : 0x899b464c \[+0x01c\] iArg : 0 \[Type: int

+0x020\] icArgs : 0 \[Type: int

+0x024\] pdataArgs : 0x0 \[Type: _ObjData \*

+0x028\] Locals \[Type: _ObjData \[8\]

+0x0c8\] pdataResult : 0x894ea040 \[Type: _ObjData \*

0: kd> dx -r1 ((ACPI!_ObjData *)0x894ea040)

((ACPI!_ObjData *)0x894ea040) : 0x894ea040 [Type: _ObjData *]

+0x000\] dwfData : 0x0 \[Type: unsigned short

+0x002\] dwDataType : 0x0 \[Type: unsigned short

+0x004\] dwRefCount : 0x0 \[Type: unsigned long

+0x004\] pdataBase : 0x0 \[Type: _ObjData \*

+0x008\] dwDataValue : 0x0 \[Type: unsigned long

+0x008\] uipDataValue : 0x0 \[Type: unsigned long

+0x008\] pnsAlias : 0x0 \[Type: _NSObj \*

+0x008\] pdataAlias : 0x0 \[Type: _ObjData \*

+0x008\] powner : 0x0 \[Type: void \*

+0x00c\] dwDataLen : 0x0 \[Type: unsigned long

+0x010\] pbDataBuff : 0x0 \[Type: unsigned char \*

if ((rc = NewObjOwner(pctxt->pheapCurrent, &powner)) ==

STATUS_SUCCESS)

{

pcall->pownerPrev = pctxt->powner;

pctxt->powner = powner;

pcall->pcallPrev = pctxt->pcall;

pctxt->pcall = pcall; 关键代码：pctxt->pcall什么时候被赋值的

pcall->FrameHdr.dwfFrame |= CALLF_INVOKE_CALL;

rc = PushScope(pctxt, pm->abCodeBuff,

pcall->pnsMethod->ObjData.pbDataBuff +

pcall->pnsMethod->ObjData.dwDataLen,

pctxt->pbOp,

pcall->pnsMethod,

powner,

pctxt->pheapCurrent,

pcall->pdataResult);

break;

}

0: kd> t

eax=00000000 ebx=f743a948 ecx=894ea000 edx=894ebf0c esi=894ea000 edi=894ebf0c

eip=f74274fd esp=f789a090 ebp=f789a0b4 iopl=0 nv up ei ng nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000282

ACPI!ParseScope:

f74274fd 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pscope = 0x894ebf0c

rc = 0n0

0: kd> dx -r1 ((ACPI!_scope *)0x894ebf0c)

((ACPI!_scope *)0x894ebf0c) : 0x894ebf0c [Type: _scope *]

+0x000\] FrameHdr \[Type: _framehdr

+0x010\] pbOpEnd : 0x899b46a8 : 0x48 \[Type: unsigned char \*

+0x014\] pbOpRet : 0x0 \[Type: unsigned char \*

+0x018\] pnsPrevScope : 0x899b464c \[Type: _NSObj \*

+0x01c\] pownerPrev : 0x894ea0e0 \[Type: _objowner \*

+0x020\] pheapPrev : 0x894ea0bc \[Type: _heap \*

+0x024\] pdataResult : 0x894ea040 \[Type: _ObjData \*

0: kd> db 0x899b46a1

899b46a1 a4 56 4d 50 53 0a 01 48-4e 53 4f 44 00 00 00 00 .VMPS..HNSOD....

899b46b1 f0 9a 89 4c 46 9b 89 1c-47 9b 89 18 45 9b 89 00 ...LF...G...E...

899b46c1 00 00 00 5f 42 49 46 30-f3 9a 89 4c 46 9b 89 00 ..._BIF0...LF...

899b46d1 00 08 00 00 00 00 00 00-00 00 00 18 00 00 00 f8 ................

899b46e1 46 9b 89 00 00 00 00 00-00 00 00 48 4d 45 54 24 F..........HMET$

899b46f1 00 00 00 00 f0 9a 89 00-00 00 00 00 00 00 00 00 ................

899b4701 00 00 00 00 00 00 00 00-a4 56 4d 42 42 0a 01 48 .........VMBB..H

899b4711 4e 53 4f 44 00 00 00 00-f0 9a 89 b4 46 9b 89 84 NSOD........F...

0: kd> x acpi!opcodetable

f74396b0 ACPI!OpcodeTable = struct _amlterm *[256]

0: kd> ?a4

Evaluate expression: 164 = 000000a4

0: kd> dx -r1 (*((ACPI!_amlterm * (*)[256])0xf74396b0))

164\] : 0xf7439070 \[Type: _amlterm \*

0: kd> dx -r1 ((ACPI!_amlterm *)0xf7439070)

((ACPI!_amlterm *)0xf7439070) : 0xf7439070 [Type: _amlterm *]

+0x000\] pszTermName : 0xf742c610 : "Return" \[Type: char \*

+0x004\] dwOpcode : 0xa4 \[Type: unsigned long

+0x008\] pszArgTypes : 0xf742c64c : "C" \[Type: char \*

+0x00c\] dwTermClass : 0x3 \[Type: unsigned long

+0x010\] dwfOpcode : 0x0 \[Type: unsigned long

+0x014\] pfnCallBack : 0x0 \[Type: long (__cdecl\*)(unsigned long,unsigned long,_NSObj \*,unsigned long)

+0x018\] dwCBData : 0x0 \[Type: unsigned long

+0x01c\] pfnOpcode : 0xf74255ed \[Type: long (__cdecl\*)()

0: kd> u f74255ed

ACPI!Return [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\type1op.c @ 468]:

f74255ed 55 push ebp

f74255ee 8bec mov ebp,esp

f74255f0 53 push ebx

f74255f1 56 push esi

f74255f2 57 push edi

f74255f3 6a01 push 1

f74255f5 bf446143f7 mov edi,offset ACPI!`string' (f7436144)

f74255fa 57 push edi

0: kd> t

eax=00000000 ebx=f743a948 ecx=894ea000 edx=00000014 esi=894ea000 edi=894ebed8

eip=f7427a34 esp=f789a090 ebp=f789a0b4 iopl=0 nv up ei ng nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000282

ACPI!ParseTerm:

f7427a34 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pterm = 0x894ebed8

rc = 0n0

0: kd> dx -r1 ((ACPI!_term *)0x894ebed8)

((ACPI!_term *)0x894ebed8) : 0x894ebed8 [Type: _term *]

+0x000\] FrameHdr \[Type: _framehdr

+0x010\] pbOpTerm : 0x899b46a1 : 0xa4 \[Type: unsigned char \*

+0x014\] pbOpEnd : 0x0 \[Type: unsigned char \*

+0x018\] pbScopeEnd : 0x899b46a8 : 0x48 \[Type: unsigned char \*

+0x01c\] pamlterm : 0xf7439070 \[Type: _amlterm \*

+0x020\] pnsObj : 0x0 \[Type: _NSObj \*

+0x024\] iArg : 0 \[Type: int

+0x028\] icArgs : 1 \[Type: int

+0x02c\] pdataArgs : 0x894ea0fc \[Type: _ObjData \*

+0x030\] pdataResult : 0x894ea040 \[Type: _ObjData \*

while (pterm->iArg < pterm->icArgs)

{

i = pterm->iArg++;

dsdt.dsl部分内容：

Method (VMPS, 1, NotSerialized)

{

Acquire (OEML, 0xFFFF)

IVOC (0x81, Arg0)

Store (\_SB.PCI0.OEMR, Local0)

Release (OEML)

Return (Local0)

}

0: kd> t

eax=00000043 ebx=894ea000 ecx=894ea0fc edx=00000014 esi=894ebed8 edi=00000000

eip=f7427378 esp=f789a070 ebp=f789a08c iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ParseArg:

f7427378 55 push ebp

0: kd> dv

pctxt = 0x894ea000

chArgType = 0n67 'C'

pdataArg = 0x894ea0fc

#define ARGTYPE_OPCODE 'C' //opcode argument

Method (_STA, 0, NotSerialized) // _STA: Status

{

Return (VMPS (0x01))

}

0: kd> db 0x899b46a2

899b46a2 56 4d 50 53 0a 01 48 4e-53 4f 44 00 00 00 00 f0 VMPS..HNSOD.....

0: kd> t

Breakpoint 24 hit

eax=00000000 ebx=894ea0fc ecx=894ea0fc edx=00000014 esi=00000043 edi=894ea000

eip=f74271e8 esp=f789a050 ebp=f789a06c iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ParseOpcode:

f74271e8 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pbScopeEnd = 0x00000000 ""

pdataResult = 0x894ea0fc

pamlterm = 0x894ea000

#define OP_EXT_PREFIX 0x5b // '['

0: kd> p

eax=f74395f0 ebx=894ea000 ecx=899b46a2 edx=00000014 esi=894ea03c edi=899b46a2

eip=f742728c esp=f789a040 ebp=f789a04c iopl=0 nv up ei ng nz ac po cy

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000293

ACPI!ParseOpcode+0xa4:

f742728c 8bc8 mov ecx,eax

0: kd> dx -r1 ((ACPI!_amlterm *)0xf74395f0)

((ACPI!_amlterm *)0xf74395f0) : 0xf74395f0 [Type: _amlterm *]

+0x000\] pszTermName : 0x0 \[Type: char \*

+0x004\] dwOpcode : 0xffffffff \[Type: unsigned long

+0x008\] pszArgTypes : 0x0 \[Type: char \*

+0x00c\] dwTermClass : 0x5 \[Type: unsigned long

+0x010\] dwfOpcode : 0x20 \[Type: unsigned long

+0x014\] pfnCallBack : 0x0 \[Type: long (__cdecl\*)(unsigned long,unsigned long,_NSObj \*,unsigned long)

+0x018\] dwCBData : 0x0 \[Type: unsigned long

+0x01c\] pfnOpcode : 0x0 \[Type: long (__cdecl\*)()

0: kd> p

Breakpoint 16 hit

eax=899b4130 ebx=00000000 ecx=899b4130 edx=53504d56 esi=894ea000 edi=f7436e10

eip=f741d200 esp=f789a010 ebp=f789a030 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!PushCall:

f741d200 55 push ebp

0: kd> kc

00 ACPI!PushCall
01 ACPI!ParseNameObj
02 ACPI!ParseOpcode
03 ACPI!ParseArg
04 ACPI!ParseTerm
05 ACPI!RunContext
06 ACPI!InsertReadyQueue
07 ACPI!RestartContext

08 ACPI!AsyncEvalObject

09 ACPI!SyncEvalObject

0a ACPI!AMLIEvalNameSpaceObject

0b ACPI!ACPIGet

0c ACPI!ACPIDetectPdoDevices

0d ACPI!ACPIRootIrpQueryBusRelations

0e ACPI!ACPIRootIrpQueryDeviceRelations

0f ACPI!ACPIDispatchIrp

10 nt!IofCallDriver

11 nt!IopSynchronousCall

12 nt!IopQueryDeviceRelations

13 nt!PipEnumerateDevice

14 nt!PipProcessDevNodeTree

15 nt!PipDeviceActionWorker

16 nt!PipRequestDeviceAction

17 nt!IopInitializeBootDrivers

18 nt!IoInitSystem

19 nt!Phase1Initialization

1a nt!PspSystemThreadStartup

1b nt!KiThreadStartup

0: kd> kv

ChildEBP RetAddr Args to Child

00 f789a00c f74271ac 894ea000 899b4130 894ea0fc ACPI!PushCall (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\ctxt.c @ 408]

01 f789a030 f742730c 894ea000 894ea0fc 894ea000 ACPI!ParseNameObj+0x91 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\parser.c @ 955]

02 f789a04c f7427416 f74395f0 00000000 894ea0fc ACPI!ParseOpcode+0x124 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\parser.c @ 817]

03 f789a06c f7427b66 894ea000 00000043 894ea0fc ACPI!ParseArg+0x9e (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\parser.c @ 1077]

04 f789a08c f741d832 894ea000 894ebed8 00000000 ACPI!ParseTerm+0x132 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\parser.c @ 499]

05 f789a0b4 f7420671 00000000 4556414c 894ea000 ACPI!RunContext+0x122 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\ctxt.c @ 588]

06 f789a0dc f7420887 894ea000 00000000 f743a948 ACPI!InsertReadyQueue+0x155 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\sched.c @ 275]

07 f789a0fc f741fb55 894ea000 00000000 899ae2b8 ACPI!RestartContext+0xb3 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\sched.c @ 346]

08 f789a120 f741ff1d 899b464c 899ae2a4 00000000 ACPI!AsyncEvalObject+0x28c (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\sync.c @ 343]

09 f789a178 f74151ee 899b464c 899ae2a4 00000000 ACPI!SyncEvalObject+0x107 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\sync.c @ 165]

0a f789a1a0 f7407922 899b464c 899ae2a4 00000000 ACPI!AMLIEvalNameSpaceObject+0x14d (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\amliapi.c @ 762]

0b f789a1f4 f7400300 899b464c 4154535f 20040802 ACPI!ACPIGet+0x26a (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\get.c @ 295]

0c f789a250 f744e9d7 89981b98 f789a2a4 804edc6c ACPI!ACPIDetectPdoDevices+0x122 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\detect.c @ 2006]

0d f789a270 f744ee67 89981b98 899bf5b0 f789a2a4 ACPI!ACPIRootIrpQueryBusRelations+0xa1 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\root.c @ 238]

0e f789a2ac f740410e 89981b98 899bf507 89981b98 ACPI!ACPIRootIrpQueryDeviceRelations+0x9d (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\root.c @ 513]

0f f789a2e0 80a2675c 89981b98 899bf5b0 899bf668 ACPI!ACPIDispatchIrp+0x19e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\dispatch.c @ 690]

10 f789a2fc 80c95e00 00000000 899c1008 899c1008 nt!IofCallDriver+0x62 (FPO: [Non-Fpo]) (CONV: fastcall) [d:\srv03rtm\base\ntos\io\iomgr\iosubs.c @ 2237]

11 f789a32c 80a2e3f3 00000000 f789a348 899c10e8 nt!IopSynchronousCall+0x1aa (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 258]

12 f789a36c 80c8d810 00000000 899c1de0 00000000 nt!IopQueryDeviceRelations+0x39 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 1131]

13 f789a388 80c94e01 899c1008 00000000 00000000 nt!PipEnumerateDevice+0x56 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 980]

14 f789a5d4 80a2dde9 899c5bc8 00000000 89987300 nt!PipProcessDevNodeTree+0x273 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 4699]

15 f789a618 80a2e161 00000000 00000000 800836b0 nt!PipDeviceActionWorker+0xcd (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 710]

16 f789a630 80e69358 00000000 00000005 00000000 nt!PipRequestDeviceAction+0x139 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 598]

17 f789a694 80e655c7 80077000 f789a7dc 00034000 nt!IopInitializeBootDrivers+0x392 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpinit.c @ 1440]

18 f789a838 80e632fd 80077000 00000000 899a1020 nt!IoInitSystem+0x70b (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\iomgr\ioinit.c @ 665]

19 f789adac 80d391f0 80077000 00000000 00000000 nt!Phase1Initialization+0x9b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\init\init.c @ 2221]

1a f789addc 80b00d52 80e6294a 80077000 00000000 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ps\create.c @ 2213]

1b 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 [d:\srv03rtm\base\ntos\ke\i386\threadbg.asm @ 81]

windbg> .open -a fffffffff74271ac

0: kd> dv

pctxt = 0x894ea000

pnsMethod = 0x899b4130

pdataResult = 0x894ea0fc

rc = 0n-1986313936

pcall = 0x00000008

0: kd> dx -r1 ((ACPI!_NSObj *)0x899b4130)

((ACPI!_NSObj *)0x899b4130) : 0x899b4130 [Type: _NSObj *]

+0x000\] list \[Type: _List

+0x008\] pnsParent : 0x899af0f0 \[Type: _NSObj \*

+0x00c\] pnsFirstChild : 0x0 \[Type: _NSObj \*

+0x010\] dwNameSeg : 0x53504d56 \[Type: unsigned long

+0x014\] hOwner : 0x899af330 \[Type: void \*

+0x018\] pnsOwnedNext : 0x899b40ac \[Type: _NSObj \*

+0x01c\] ObjData \[Type: _ObjData

+0x030\] Context : 0x0 \[Type: void \*

+0x034\] dwRefCount : 0x0 \[Type: unsigned long

0: kd> db 0x899b4130

899b4130 ac 40 9b 89 bc 41 9b 89-f0 f0 9a 89 00 00 00 00 .@...A..........

899b4140 56 4d 50 53 30 f3 9a 89-ac 40 9b 89 00 00 08 00 VMPS0....@......

0: kd> dx -r1 ((ACPI!_NSObj *)0x899b4130)

((ACPI!_NSObj *)0x899b4130) : 0x899b4130 [Type: _NSObj *]

+0x000\] list \[Type: _List

+0x008\] pnsParent : 0x899af0f0 \[Type: _NSObj \*

+0x00c\] pnsFirstChild : 0x0 \[Type: _NSObj \*

+0x010\] dwNameSeg : 0x53504d56 \[Type: unsigned long

+0x014\] hOwner : 0x899af330 \[Type: void \*

+0x018\] pnsOwnedNext : 0x899b40ac \[Type: _NSObj \*

+0x01c\] ObjData \[Type: _ObjData

+0x030\] Context : 0x0 \[Type: void \*

+0x034\] dwRefCount : 0x0 \[Type: unsigned long

0: kd> dx -r1 (*((ACPI!_ObjData *)0x899b414c))

(*((ACPI!_ObjData *)0x899b414c)) [Type: _ObjData]

+0x000\] dwfData : 0x0 \[Type: unsigned short

+0x002\] dwDataType : 0x8 \[Type: unsigned short

+0x004\] dwRefCount : 0x0 \[Type: unsigned long

+0x004\] pdataBase : 0x0 \[Type: _ObjData \*

+0x008\] dwDataValue : 0x0 \[Type: unsigned long

+0x008\] uipDataValue : 0x0 \[Type: unsigned long

+0x008\] pnsAlias : 0x0 \[Type: _NSObj \*

+0x008\] pdataAlias : 0x0 \[Type: _ObjData \*

+0x008\] powner : 0x0 \[Type: void \*

+0x00c\] dwDataLen : 0x39 \[Type: unsigned long

+0x010\] pbDataBuff : 0x899b4174 : 0x0 \[Type: unsigned char \*

0: kd> db 0x899b4174

899b4174 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................

899b4184 01 5b 23 4f 45 4d 4c ff-ff 49 56 4f 43 0a 81 68 .[#OEML..IVOC..h

899b4194 70 5c 2f 03 5f 53 42 5f-50 43 49 30 4f 45 4d 52 p\/._SB_PCI0OEMR

899b41a4 60 5b 27 4f 45 4d 4c a4-60 00 00 00 48 4e 53 4f `['OEML.`...HNSO

else if (pamlterm->dwfOpcode & OF_NAME_OBJECT)

{

rc = ParseNameObj(pctxt, pdataResult);

}

0: kd> t

Breakpoint 17 hit

eax=00000000 ebx=f743a948 ecx=894ea000 edx=00000014 esi=894ea000 edi=894ebe0c

eip=f7427709 esp=f789a090 ebp=f789a0b4 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

ACPI!ParseCall:

f7427709 55 push ebp

0: kd> dv

pctxt = 0x894ea000

pcall = 0x894ebe0c

rc = 0n0

powner = 0xf7427709

0: kd> dv

pctxt = 0x894ea000

pcall = 0x894ebe0c

rc = 0n0

powner = 0xf7427709

pm = 0x894ebe0c

pacq = 0x00000008

data = struct _ObjData

0: kd> dx -r1 ((ACPI!_call *)0x894ebe0c)

((ACPI!_call *)0x894ebe0c) : 0x894ebe0c [Type: _call *]

+0x000\] FrameHdr \[Type: _framehdr

+0x010\] pcallPrev : 0x0 \[Type: _call \*

+0x014\] pownerPrev : 0x0 \[Type: _objowner \*

+0x018\] pnsMethod : 0x899b4130 \[Type: _NSObj \*

+0x01c\] iArg : 0 \[Type: int

+0x020\] icArgs : 1 \[Type: int

+0x024\] pdataArgs : 0x894ea11c \[Type: _ObjData \*

+0x028\] Locals \[Type: _ObjData \[8\]

+0x0c8\] pdataResult : 0x894ea0fc \[Type: _ObjData \*

0: kd> dx -r1 ((ACPI!_NSObj *)0x899b4130)

((ACPI!_NSObj *)0x899b4130) : 0x899b4130 [Type: _NSObj *]

+0x000\] list \[Type: _List

+0x008\] pnsParent : 0x899af0f0 \[Type: _NSObj \*

+0x00c\] pnsFirstChild : 0x0 \[Type: _NSObj \*

+0x010\] dwNameSeg : 0x53504d56 \[Type: unsigned long

+0x014\] hOwner : 0x899af330 \[Type: void \*

+0x018\] pnsOwnedNext : 0x899b40ac \[Type: _NSObj \*

+0x01c\] ObjData \[Type: _ObjData

+0x030\] Context : 0x0 \[Type: void \*

+0x034\] dwRefCount : 0x0 \[Type: unsigned long

0: kd> db 0x899b4130

899b4130 ac 40 9b 89 bc 41 9b 89-f0 f0 9a 89 00 00 00 00 .@...A..........

899b4140 56 4d 50 53 30 f3 9a 89-ac 40 9b 89 00 00 08 00 VMPS0....@......

899b4150 00 00 00 00 00 00 00 00-39 00 00 00 74 41 9b 89 ........9...tA..

899b4160 00 00 00 00 00 00 00 00-48 4d 45 54 48 00 00 00 ........HMETH...

899b4170 00 f0 9a 89 00 00 00 00-00 00 00 00 00 00 00 00 ................

899b4180 00 00 00 00 01 5b 23 4f-45 4d 4c ff ff 49 56 4f .....[#OEML..IVO

899b4190 43 0a 81 68 70 5c 2f 03-5f 53 42 5f 50 43 49 30 C..hp\/._SB_PCI0

899b41a0 4f 45 4d 52 60 5b 27 4f-45 4d 4c a4 60 00 00 00 OEMR`['OEML.`...

dsdt.dsl部分内容：

Method (VMPS, 1, NotSerialized)

{

Acquire (OEML, 0xFFFF)

IVOC (0x81, Arg0)

Store (\_SB.PCI0.OEMR, Local0)

Release (OEML)

Return (Local0)

}

Field (RE00, DWordAcc, NoLock, Preserve)

{

OEMR, 32

}

0: kd> g

Breakpoint 18 hit

eax=f7424305 ebx=894ea000 ecx=899b0bd8 edx=524d454f esi=894ebcbc edi=00000001

eip=f7424305 esp=f789a074 ebp=f789a08c iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

ACPI!Store:

f7424305 55 push ebp

0: kd> kc

00 ACPI!Store

01 ACPI!ParseTerm

02 ACPI!RunContext

03 ACPI!InsertReadyQueue

04 ACPI!RestartContext

05 ACPI!AsyncEvalObject

06 ACPI!SyncEvalObject

07 ACPI!AMLIEvalNameSpaceObject

08 ACPI!ACPIGet

09 ACPI!ACPIDetectPdoDevices

0a ACPI!ACPIRootIrpQueryBusRelations

0b ACPI!ACPIRootIrpQueryDeviceRelations

0c ACPI!ACPIDispatchIrp

0d nt!IofCallDriver

0e nt!IopSynchronousCall

0f nt!IopQueryDeviceRelations

10 nt!PipEnumerateDevice

11 nt!PipProcessDevNodeTree

12 nt!PipDeviceActionWorker

13 nt!PipRequestDeviceAction

14 nt!IopInitializeBootDrivers

15 nt!IoInitSystem

16 nt!Phase1Initialization

17 nt!PspSystemThreadStartup

18 nt!KiThreadStartup

0: kd> dv

pctxt = 0x894ea000

pterm = 0x894ebcbc

pdata = 0x00000008

0: kd> dx -r1 ((ACPI!_term *)0x894ebcbc)

((ACPI!_term *)0x894ebcbc) : 0x894ebcbc [Type: _term *]

+0x000\] FrameHdr \[Type: _framehdr

+0x010\] pbOpTerm : 0x899b4101 : 0x70 \[Type: unsigned char \*

+0x014\] pbOpEnd : 0x0 \[Type: unsigned char \*

+0x018\] pbScopeEnd : 0x899b4122 : 0x0 \[Type: unsigned char \*

+0x01c\] pamlterm : 0xf7439550 \[Type: _amlterm \*

+0x020\] pnsObj : 0x0 \[Type: _NSObj \*

+0x024\] iArg : 2 \[Type: int

+0x028\] icArgs : 2 \[Type: int

+0x02c\] pdataArgs : 0x894ea1c8 \[Type: _ObjData \*

+0x030\] pdataResult : 0x894ea0fc \[Type: _ObjData \*

0: kd> dx -r1 ((ACPI!_ObjData *)0x894ea1c8)

((ACPI!_ObjData *)0x894ea1c8) : 0x894ea1c8 [Type: _ObjData *]

+0x000\] dwfData : 0x0 \[Type: unsigned short

+0x002\] dwDataType : 0x1 \[Type: unsigned short

+0x004\] dwRefCount : 0x0 \[Type: unsigned long

+0x004\] pdataBase : 0x0 \[Type: _ObjData \*

+0x008\] dwDataValue : 0x40e98101 \[Type: unsigned long

+0x008\] uipDataValue : 0x40e98101 \[Type: unsigned long

+0x008\] pnsAlias : 0x40e98101 \[Type: _NSObj \*

+0x008\] pdataAlias : 0x40e98101 \[Type: _ObjData \*

+0x008\] powner : 0x40e98101 \[Type: void \*

+0x00c\] dwDataLen : 0x0 \[Type: unsigned long

+0x010\] pbDataBuff : 0x0 \[Type: unsigned char \*

0: kd> g

Breakpoint 21 hit

eax=00000000 ebx=f743b938 ecx=00000000 edx=00002700 esi=899ae278 edi=899ae280

eip=f7407922 esp=f789a1a8 ebp=f789a1f4 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIGet+0x26a:

f7407922 83c410 add esp,10h

0: kd> dv

Target = 0x899b464c

ObjectID = 0x4154535f

Flags = 0x20040802

SimpleArgument = 0x00000000

SimpleArgumentSize = 0

CallBackRoutine = 0x00000000

CallBackContext = 0x00000000

Buffer = 0xf789a22c

BufferSize = 0x00000000

completionRoutine = 0xf7407364

status = 0n537135106

argument = struct _ObjData

argumentPtr = 0x00000000

acpiObject = 0x899b464c

deviceExtension = 0x899ae008

async = 0x00 ''

argumentCount = 0

} else {

//

// Evaluate the request

//

status = AMLIEvalNameSpaceObject(

acpiObject,

&(request->ResultData),

argumentCount,

argumentPtr

);

0: kd> p

eax=00000000 ebx=f743b938 ecx=00000000 edx=00002700 esi=899ae278 edi=899ae280

eip=f7407925 esp=f789a1b8 ebp=f789a1f4 iopl=0 nv up ei ng nz na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286

ACPI!ACPIGet+0x26d:

f7407925 804e0320 or byte ptr [esi+3],20h ds:0023:899ae27b=20

0: kd> dt ACPI_GET_REQUEST 899ae278

+0x000 Flags : 0x20040802

+0x000 UFlags : __unnamed

+0x004 ObjectID : 0x4154535f

+0x008 ListEntry : _LIST_ENTRY [ 0xf743b940 - 0xf743b940 ]

+0x010 DeviceExtension : 0x899ae008 _DEVICE_EXTENSION

+0x014 AcpiObject : 0x899b4518 _NSObj

+0x018 CallBackRoutine : (null)

+0x01c CallBackContext : (null)

+0x020 Buffer : 0xf789a22c -> 0x0000000f Void

+0x024 BufferSize : (null)

+0x028 Status : 0n0

+0x02c ResultData : _ObjData

0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_ObjData *)0x899ae2a4))

(*((ACPI!_ObjData *)0x899ae2a4)) [Type: _ObjData]

+0x000\] dwfData : 0x0 \[Type: unsigned short

+0x002\] dwDataType : 0x1 \[Type: unsigned short

+0x004\] dwRefCount : 0x0 \[Type: unsigned long

+0x004\] pdataBase : 0x0 \[Type: _ObjData \*

+0x008\] dwDataValue : 0x0 \[Type: unsigned long

+0x008\] uipDataValue : 0x0 \[Type: unsigned long

+0x008\] pnsAlias : 0x0 \[Type: _NSObj \*

+0x008\] pdataAlias : 0x0 \[Type: _ObjData \*

+0x008\] powner : 0x0 \[Type: void \*

+0x00c\] dwDataLen : 0x0 \[Type: unsigned long

+0x010\] pbDataBuff : 0x0 \[Type: unsigned char \*

//

// Call the completion routine to actually do the post-processing

//

(completionRoutine)(

acpiObject,

status,

&(request->ResultData),

request

);

0: kd> t

eax=00000000 ebx=f743b938 ecx=899ae2a4 edx=00002700 esi=899ae278 edi=899ae280

eip=f7407364 esp=f789a1a4 ebp=f789a1f4 iopl=0 nv up ei pl nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202

ACPI!ACPIGetWorkerForInteger:

f7407364 55 push ebp

0: kd> dv

AcpiObject = 0x899b464c

Status = 0n0

Result = 0x899ae2a4

Context = 0x899ae278

freeData = 0x00 ''

#define GET_CONVERT_TO_DEVICE_PRESENCE 0x00000800

} else if (request->Flags & GET_CONVERT_TO_DEVICE_PRESENCE) {

status = ACPIGetConvertToDevicePresence(

request->DeviceExtension,

Status,

Result,

request->Flags,

request->Buffer,

request->BufferSize

);

0: kd> gu

eax=00000000 ebx=f743b938 ecx=00000001 edx=00000000 esi=899ae278 edi=899ae280

eip=f7407935 esp=f789a1a8 ebp=f789a1f4 iopl=0 nv up ei pl nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202

ACPI!ACPIGet+0x27d:

f7407935 8b4628 mov eax,dword ptr [esi+28h] ds:0023:899ae2a0=00000000

0: kd> dt ACPI_GET_REQUEST 0x899ae278

+0x000 Flags : 0x20040802

+0x000 UFlags : __unnamed

+0x004 ObjectID : 0x4154535f

+0x008 ListEntry : _LIST_ENTRY [ 0xf743b940 - 0xf743b940 ]

+0x010 DeviceExtension : 0x899ae008 _DEVICE_EXTENSION

+0x014 AcpiObject : 0x899b4518 _NSObj

+0x018 CallBackRoutine : (null)

+0x01c CallBackContext : (null)

+0x020 Buffer : 0xf789a22c -> (null)

+0x024 BufferSize : (null)

+0x028 Status : 0n0

+0x02c ResultData : _ObjData

//

// Update the current device status

//

status = ACPIGetDevicePresenceSync(

deviceExtension,

(PVOID *) &deviceStatus,

NULL

);

//

// If the device exists

//

if ( NT_SUCCESS(status) &&

!(deviceExtension->Flags & DEV_MASK_NOT_PRESENT) ) {

0: kd> gu

eax=00000000 ebx=f743b620 ecx=04bb0001 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f7400300 esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl zr na pe cy

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000247

ACPI!ACPIDetectPdoDevices+0x122:

f7400300 85c0 test eax,eax

0: kd> p

eax=00000000 ebx=f743b620 ecx=04bb0001 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f7400302 esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIDetectPdoDevices+0x124:

f7400302 0f8ca3000000 jl ACPI!ACPIDetectPdoDevices+0x1cd (f74003ab) [br=0]

0: kd> p

eax=00000000 ebx=f743b620 ecx=04bb0001 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f7400308 esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIDetectPdoDevices+0x12a:

f7400308 8b06 mov eax,dword ptr [esi] ds:0023:899ae008=2000010a

0: kd> dt ACPI!_DEVICE_EXTENSION 899ae008

+0x000 Flags : 0x00806000`2000010a

+0x000 UFlags : __unnamed

+0x008 Signature : 0x5f534750

+0x00c DebugFlags : 0

#define DEV_MASK_NOT_PRESENT (DEV_TYPE_NOT_PRESENT | DEV_PROP_FAILED_INIT)

#define DEV_TYPE_NOT_PRESENT 0x0000000000000002

#define DEV_PROP_FAILED_INIT 0x0002 0000 00000000

0: kd> p

eax=2000010a ebx=f743b620 ecx=04bb0001 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f740030a esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIDetectPdoDevices+0x12c:

f740030a 8b4e04 mov ecx,dword ptr [esi+4] ds:0023:899ae00c=00806000

0: kd> p

eax=2000010a ebx=f743b620 ecx=00806000 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f740030d esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIDetectPdoDevices+0x12f:

f740030d 83e002 and eax,2

0: kd> p

eax=00000002 ebx=f743b620 ecx=00806000 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f7400310 esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202

ACPI!ACPIDetectPdoDevices+0x132:

f7400310 81e100000200 and ecx,20000h

0: kd> p

eax=00000002 ebx=f743b620 ecx=00000000 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f7400316 esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl zr na pe nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246

ACPI!ACPIDetectPdoDevices+0x138:

f7400316 0bc1 or eax,ecx

0: kd> p

eax=00000002 ebx=f743b620 ecx=00000000 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f7400318 esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202

ACPI!ACPIDetectPdoDevices+0x13a:

f7400318 0f858d000000 jne ACPI!ACPIDetectPdoDevices+0x1cd (f74003ab) [br=1]

0: kd> p

eax=00000002 ebx=f743b620 ecx=00000000 edx=04ba0000 esi=899ae008 edi=899ae128

eip=f74003ab esp=f789a220 ebp=f789a250 iopl=0 nv up ei pl nz na po nc

cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202

ACPI!ACPIDetectPdoDevices+0x1cd:

f74003ab 8bcb mov ecx,ebx

//

// Reacquire the spin lock

//

KeAcquireSpinLock( &AcpiDeviceTreeLock, &oldIrql );

NTSTATUS

ACPIBuildDeviceExtension(

IN PNSOBJ CurrentObject OPTIONAL,

IN PDEVICE_EXTENSION ParentDeviceExtension OPTIONAL,

OUT PDEVICE_EXTENSION *ReturnExtension

)

{

deviceExtension->Flags = DEV_TYPE_NOT_FOUND | DEV_TYPE_NOT_PRESENT;