setupldr!BiosConsoleWrite函数中的setupldr!TextCharOut函数分析
VOID
SlWriteStatusText(
IN PTCHAR Text
)
{
ArcWrite(ARC_CONSOLE_OUTPUT,TEXT(" "),2*sizeof(TCHAR),&Count);
kd> kc 6
00 setupldr!AEWrite
01 setupldr!SlWriteStatusText
02 setupldr!BlOutputLoadMessage
03 setupldr!SlInit
04 setupldr!BlStartup
05 setupldr!NtProcessStartup
kd> kv 6
ChildEBP RetAddr Args to Child
00 00060a74 00329ea1 00000001 00329df6 00000002 setupldr!AEWrite (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\lib\i386\arcemul.c @ 1751]
01 00060aa0 00323287 00060aac 75746553 73692070 setupldr!SlWriteStatusText+0xa7 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\arcdisp.c @ 1180]
02 00060bac 00327f75 8021cb28 00348318 003842e4 setupldr!BlOutputLoadMessage+0x41 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\setup.c @ 4598]
03 00060df4 00322a21 01060e2c 0000000b 00000000 setupldr!SlInit+0x1f2f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\setup.c @ 2858]
04 00060ed0 003015aa 00379400 0038164f 00061d68 setupldr!BlStartup+0x1bd (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\i386\initx86.c @ 208]
05 00061ff0 10101010 00000002 00810081 00810081 setupldr!NtProcessStartup+0x208 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\lib\i386\entry.c @ 348]
kd> dv
FileId = 1
Buffer = 0x00329df6
Length = 2
Count = 0x00060a9c
Status = 0x146
TmpBuffer = unsigned char [64] "???"
BytesWrote = 0x305998
i = 8
NumCharsToWrite = 1
kd> db 329df6
00329df6 20 20
kd> dv
FileId = 1
Buffer = 0x00329df6
Length = 2
Count = 0x00060a9c
Status = 0
TmpBuffer = unsigned char [64] " "
BytesWrote = 0
i = 2
NumCharsToWrite = 1
kd> dx -r1 (*((setupldr!unsigned char (*)[64])0x60a28))
(*((setupldr!unsigned char (*)[64])0x60a28)) [Type: unsigned char [64]]
0\] : 0x20 \[Type: unsigned char
1\] : 0x20 \[Type: unsigned char
2\] : 0x0 \[Type: unsigned char
3\] : 0x0 \[Type: unsigned char
kd> kc 8
00 setupldr!AEWriteEx
01 setupldr!AEWrite
02 setupldr!SlWriteStatusText
03 setupldr!BlOutputLoadMessage
04 setupldr!SlInit
05 setupldr!BlStartup
06 setupldr!NtProcessStartup
WARNING: Frame IP not in any known module. Following frames may be wrong.
07 0x0
kd> kv 7
ChildEBP RetAddr Args to Child
00 00060a04 00305a8b 00000001 00060a28 00000002 setupldr!AEWriteEx (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\lib\i386\arcemul.c @ 1897]
01 00060a74 00329ea1 00000001 00329df6 00000002 setupldr!AEWrite+0xf6 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\lib\i386\arcemul.c @ 1852]
02 00060aa0 00323287 00060aac 75746553 73692070 setupldr!SlWriteStatusText+0xa7 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\arcdisp.c @ 1180]
03 00060bac 00327f75 8021cb28 00348318 003842e4 setupldr!BlOutputLoadMessage+0x41 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\setup.c @ 4598]
04 00060df4 00322a21 01060e2c 0000000b 00000000 setupldr!SlInit+0x1f2f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\setup.c @ 2858]
05 00060ed0 003015aa 00379400 0038164f 00061d68 setupldr!BlStartup+0x1bd (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\setup\i386\initx86.c @ 208]
06 00061ff0 10101010 00000002 00810081 00810081 setupldr!NtProcessStartup+0x208 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\boot\lib\i386\entry.c @ 348]
kd> dv
FileId = 1
Buffer = 0x00060a28
Length = 2
Count = 0x00060a68
Status = 0x60a68
PartCount = 0
Limit = 0x60a74
kd> db 0x00060a28
00060a28 20 20 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ..............
kd> kc 8
00 setupldr!BiosConsoleWrite
01 setupldr!AEWriteEx
02 setupldr!AEWrite
03 setupldr!SlWriteStatusText
04 setupldr!BlOutputLoadMessage
05 setupldr!SlInit
06 setupldr!BlStartup
07 setupldr!NtProcessStartup
kd> dv
FileId = 1
Buffer = 0x00060a28 " "
Length = 2
Count = 0x00060a68
String = 0x00000001 "--- memory read error at address 0x00000001 ---"
a = 0x28 '('
for ( *Count = 0 ;
*Count < Length ;
(*Count)++, String++ ) {
kd> x setupldr!ControlSequence
00343888 setupldr!ControlSequence = 0x00 ''
kd> x setupldr!EscapeSequence
00343889 setupldr!EscapeSequence = 0x00 ''
//
// This is not a control or escape sequence, process single character.
//
} else {
switch (*String) {
//
// Check for escape sequence.
//
case ASCI_ESC:
EscapeSequence = TRUE;
break;
default:
p = TextCharOut(String);
//
// Each pass through the loop increments String by 1.
// If we output a dbcs char we need to increment by
// one more.
//
(*Count) += (p - String) - 1;
String += (p - String) - 1;
break;
}
PUCHAR
TextCharOut(
IN PUCHAR pc
)
{
if(DbcsLangId) {
return(TextGrCharOut(pc));
} else {
return(TextTmCharOut(pc));
}
}
kd> kc 9
00 setupldr!TextCharOut
01 setupldr!BiosConsoleWrite
02 setupldr!AEWriteEx
03 setupldr!AEWrite
04 setupldr!SlWriteStatusText
05 setupldr!BlOutputLoadMessage
06 setupldr!SlInit
07 setupldr!BlStartup
08 setupldr!NtProcessStartup
kd> dv
pc = 0x00060a28 " "
kd> kc a
00 setupldr!TextTmCharOut
01 setupldr!BiosConsoleWrite
02 setupldr!AEWriteEx
03 setupldr!AEWrite
04 setupldr!SlWriteStatusText
05 setupldr!BlOutputLoadMessage
06 setupldr!SlInit
07 setupldr!BlStartup
08 setupldr!NtProcessStartup
WARNING: Frame IP not in any known module. Following frames may be wrong.
09 0x0
kd> dv
pc = 0x00060a28 " "
temp = 0x00 ''
kd> x setupldr!TextCurrentAttribute
00342044 setupldr!TextCurrentAttribute = 0x70 'p'
PUCHAR
TextTmCharOut(
PUCHAR pc
)
/*++
Routine Description:
Writes a character on the display at the current position.
Newlines and tabs are interpreted and acted upon.
Arguments:
c - pointer to character to write
Returns:
Pointer to next char in string
--*/
{
unsigned u;
UCHAR c;
UCHAR temp;
c = *pc;
switch (c) {
case '\n':
if(TextRow == (VIDEO_ROWS-1)) {
TextTmScrollDisplay();
TextSetCursorPosition(0,TextRow);
} else {
TextSetCursorPosition(0,TextRow+1);
}
break;
case '\r':
//
// ignore
//
break;
case '\t':
temp = ' ';
u = 8 - (TextColumn % 8);
while(u--) {
TextTmCharOut(&temp);
}
TextSetCursorPosition(TextColumn+u,TextRow);
break;
default :
*Vp++ = c;
*Vp++ = TextCurrentAttribute;
TextSetCursorPosition(TextColumn+1,TextRow);
}
return(pc+1);
}
default :
*Vp++ = c;
*Vp++ = TextCurrentAttribute;
TextSetCursorPosition(TextColumn+1,TextRow);
}
return(pc+1);
}
kd> x setupldr!Vp
003422b8 setupldr!Vp = 0x000b8f00
kd> db 0x000b8f00
000b8f00 20 70 20 70 53 70 65 70-74 70 75 70 70 70 20 70 p pSpeptpuppp p
000b8f10 69 70 73 70 20 70 6c 70-6f 70 61 70 64 70 69 70 ipsp plpopapdpip
20是字符ACSII码,70是属性。
p pSpeptpuppp pipsp plpopapdpip
Setup is loadi
0111 0000
0-2位前景色 字体颜色
4-6位背景色
3位 高亮 通常为0
背景蓝
10
前景白07
蓝底白字0x17
kd> db 0x000b8f00-80
000b8e80 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8e90 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8ea0 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8eb0 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8ec0 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8ed0 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8ee0 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
000b8ef0 20 17 20 17 20 17 20 17-20 17 20 17 20 17 20 17 . . . . . . . .
背景红
40
前景白
07
kd> db 0x000b8f00
000b8f00 20 70 20 70 53 70 65 70-74 70 75 70 70 70 20 70 p pSpeptpuppp p
000b8f10 69 70 73 70 20 70 6c 70-6f 70 61 70 64 70 69 70 ipsp plpopapdpip
000b8f20 6e 70 67 70 20 70 66 70-69 70 6c 70 65 70 73 70 npgp pfpiplpepsp
000b8f30 20 70 28 70 48 70 61 70-72 70 64 70 77 70 61 70 p(pHpaprpdpwpap
000b8f40 72 70 65 70 20 70 41 70-62 70 73 70 74 70 72 70 rpep pApbpsptprp
000b8f50 61 70 63 70 74 70 69 70-6f 70 6e 70 20 70 4c 70 apcptpipopnp pLp
000b8f60 61 70 79 70 65 70 72 70-29 70 2e 70 2e 70 2e 70 apypeprp)p.p.p.p
000b8f70 20 70 20 70 20 70 20 70-20 70 20 70 20 70 20 70 p p p p p p p p
kd> eb 0x000b8f00+1 47
kd> db 0x000b8f00
000b8f00 20 47
kd> t
eax=00000001 ebx=00060a28 ecx=000b8f01 edx=00000048 esi=00060a68 edi=00060a28
eip=0030d4b8 esp=000609ac ebp=000609b8 iopl=0 nv up di pl nz na po nc
cs=0008 ss=0010 ds=0010 es=0010 fs=0030 gs=0000 efl=00000002
setupldr!TextTmCharOut+0x6c:
0030d4b8 e8b663ffff call setupldr!TextSetCursorPosition (00303873)
kd> t
eax=00000001 ebx=00060a28 ecx=000b8f01 edx=00000048 esi=00060a68 edi=00060a28
eip=00303873 esp=000609a8 ebp=000609b8 iopl=0 nv up di pl nz na po nc
cs=0008 ss=0010 ds=0010 es=0010 fs=0030 gs=0000 efl=00000002
setupldr!TextSetCursorPosition:
00303873 55 push ebp
kd> kc a
00 setupldr!TextSetCursorPosition
01 setupldr!TextTmCharOut
02 setupldr!BiosConsoleWrite
03 setupldr!AEWriteEx
04 setupldr!AEWrite
05 setupldr!SlWriteStatusText
06 setupldr!BlOutputLoadMessage
07 setupldr!SlInit
08 setupldr!BlStartup
09 setupldr!NtProcessStartup
kd> dv
X = 1
Y = 0x18
kd> x setupldr!Vp
003422b8 setupldr!Vp = 0x000b8f02 "
} else {
switch (*String) {
//
// Check for escape sequence.
//
case ASCI_ESC:
EscapeSequence = TRUE;
break;
default:
p = TextCharOut(String);
//
// Each pass through the loop increments String by 1.
// If we output a dbcs char we need to increment by
// one more.
//
(*Count) += (p - String) - 1;
String += (p - String) - 1;
break;
}
处理第二个字符,也是空格。
for ( *Count = 0 ;
*Count < Length ;
(*Count)++, String++ ) {
PUCHAR
TextCharOut(
IN PUCHAR pc
)
{
if(DbcsLangId) {
return(TextGrCharOut(pc));
} else {
return(TextTmCharOut(pc));
}
}
kd> kc 9
00 setupldr!TextCharOut
01 setupldr!BiosConsoleWrite
02 setupldr!AEWriteEx
03 setupldr!AEWrite
04 setupldr!SlWriteStatusText
05 setupldr!BlOutputLoadMessage
06 setupldr!SlInit
07 setupldr!BlStartup
08 setupldr!NtProcessStartup
kd> dv
pc = 0x00060a29 " "
kd> kc a
00 setupldr!TextTmCharOut
01 setupldr!BiosConsoleWrite
02 setupldr!AEWriteEx
03 setupldr!AEWrite
04 setupldr!SlWriteStatusText
05 setupldr!BlOutputLoadMessage
06 setupldr!SlInit
07 setupldr!BlStartup
08 setupldr!NtProcessStartup
WARNING: Frame IP not in any known module. Following frames may be wrong.
09 0x0
kd> dv
pc = 0x00060a29 " "
temp = 0x00 ''
default :
*Vp++ = c;
*Vp++ = TextCurrentAttribute;
TextSetCursorPosition(TextColumn+1,TextRow);
}
kd> x setupldr!TextColumn
003437fc setupldr!TextColumn = 1
kd> x setupldr!TextRow
00343800 setupldr!TextRow = 0x18
kd> db 0x000b8f02
000b8f02 20 70 53 70 65 70 74 70-75 70 70 70 20 70 69 70 pSpeptpuppp pip
000b8f12 73 70 20 70 6c 70 6f 70-61 70 64 70 69 70 6e 70 sp plpopapdpipnp
000b8f22 67 70 20 70 66 70 69 70-6c 70 65 70 73 70 20 70 gp pfpiplpepsp p
000b8f32 28 70 48 70 61 70 72 70-64 70 77 70 61 70 72 70 (pHpaprpdpwpaprp
000b8f42 65 70 20 70 41 70 62 70-73 70 74 70 72 70 61 70 ep pApbpsptprpap
000b8f52 63 70 74 70 69 70 6f 70-6e 70 20 70 4c 70 61 70 cptpipopnp pLpap
000b8f62 79 70 65 70 72 70 29 70-2e 70 2e 70 2e 70 20 70 ypeprp)p.p.p.p p
000b8f72 20 70 20 70 20 70 20 70-20 70 20 70 20 70 20 70 p p p p p p p p
kd> eb 0x000b8f03 47
