Vivado IP核实现SPI通信协议:深度剖析时序配置
2026/1/11 0:44:46
hal!HalGetBusDataByOffset函数分析之SlotNumber = 1和Device (AGP)和nt!IopStartDevice
第一部分:
Breakpoint 2 hit
eax=00000000 ebx=89986f88 ecx=e71d4554 edx=09940001 esi=00000000 edi=00000000
eip=804f25ee esp=f78f2c18 ebp=f78f2c84 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
hal!HalGetBusDataByOffset:
804f25ee 55 push ebp
1: kd> kc
#
00 hal!HalGetBusDataByOffset
01 ACPI!PciConfigSpaceHandlerWorker
02 ACPI!PciConfigInternal
03 ACPI!IsPciBusAsyncWorker
04 ACPI!IsPciBusAsync
05 ACPI!IsNsobjPciBus
06 ACPI!EnableDisableRegions
07 ACPI!ACPIBusIrpStartDeviceWorker
08 nt!ExpWorkerThread
09 nt!PspSystemThreadStartup
0a nt!KiThreadStartup
1: kd> kv
# ChildEBP RetAddr Args to Child
00 f78f2c14 f740d8c7 00000004 00000000 00000001 hal!HalGetBusDataByOffset+0x52 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\hals\halacpi\pmbus.c @ 192]
01 f78f2c84 f740da59 899b21bc 00000000 00000000 ACPI!PciConfigSpaceHandlerWorker+0x29b (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 708]
02 f78f2ca0 f740dc82 00000000 899b21bc 00000000 ACPI!PciConfigInternal+0x75 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 507]
03 f78f2cd0 f740dd52 899b21bc 00000000 00000000 ACPI!IsPciBusAsyncWorker+0x1d0 (FPO: [Non-Fpo]) (CONV: cdecl) [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 1780]
04 f78f2cec f744869a 899b21bc f73fa3e2 f78f2d0c ACPI!IsPciBusAsync+0x52 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 1593]
05 f78f2d24 f744882d 899b21bc 00000000 899bf5b0 ACPI!IsNsobjPciBus+0x6a (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 1976]
06 f78f2d60 f743ebd3 899affac 00000001 899c0d6c ACPI!EnableDisableRegions+0xbd (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 2227]
07 f78f2d80 80af2bb9 899c0d00 00000000 8999cda0 ACPI!ACPIBusIrpStartDeviceWorker+0x77 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\acpi\driver\nt\bus.c @ 3568]
08 f78f2dac 80d391f0 899c0d6c 00000000 00000000 nt!ExpWorkerThread+0x10f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ex\worker.c @ 1153]
09 f78f2ddc 80b00d52 80af2aaa 00000001 00000000 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ps\create.c @ 2213]
0a 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 [d:\srv03rtm\base\ntos\ke\i386\threadbg.asm @ 81]
windbg> .open -a fffffffff744882d
1: kd> dv
BusDataType = PCIConfiguration (0n4)
BusNumber = 0
SlotNumber = 1 SlotNumber = 1
Buffer = 0x89987510
Offset = 0
Length = 0x40
bus = struct _BUS_HANDLER
1: kd> db 0x89987510
89987510 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89987520 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89987530 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89987540 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89987550 0e 00 01 00 49 6f 20 20-01 00 03 0a 41 63 70 53 ....Io ....AcpS
89987560 33 00 00 00 00 00 00 00-00 00 00 00 43 00 6f 00 3...........C.o.
89987570 03 00 01 00 41 6d 6c 54-01 00 05 0a 41 63 70 41 ....AmlT....AcpA
89987580 1c 00 01 00 f8 8b 5d 89-20 f8 3d f7 20 f8 3d f7 ......]. .=. .=.
1: kd> be 10
1: kd> bl
0 e Disable Clear f74001de [d:\srv03rtm\base\busdrv\acpi\driver\nt\detect.c @ 1821] 0001 (0001) ACPI!ACPIDetectPdoDevices
1 d Enable Clear 804f18ec [d:\srv03rtm\base\hals\halx86\i386\ixpcibus.c @ 598] 0001 (0001) hal!HalpGetPCIData
2 e Disable Clear 804f25ee [d:\srv03rtm\base\hals\halacpi\pmbus.c @ 165] 0001 (0001) hal!HalGetBusDataByOffset
3 d Enable Clear 804f191d [d:\srv03rtm\base\hals\halx86\i386\ixpcibus.c @ 621] 0001 (0001) hal!HalpGetPCIData+0x31
4 d Enable Clear f740d62c [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 544] 0001 (0001) ACPI!PciConfigSpaceHandlerWorker
5 e Disable Clear f73faa3a [d:\srv03rtm\base\busdrv\acpi\driver\nt\buildsrc.c @ 2052] 0001 (0001) ACPI!ACPIBuildPdo
6 d Enable Clear f740d338 [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 951] 0001 (0001) ACPI!GetPciAddress
7 d Enable Clear f740d700 [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 654] 0001 (0001) ACPI!PciConfigSpaceHandlerWorker+0xd4
8 d Enable Clear f740ceea [d:\srv03rtm\base\busdrv\acpi\driver\nt\pciopregion.c @ 986] 0001 (0001) ACPI!GetPciAddressWorker
9 e Disable Clear 804f2676 [d:\srv03rtm\base\hals\halacpi\pmbus.c @ 248] 0001 (0001) hal!HalSetBusDataByOffset
10 e Disable Clear f7424305 [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\type2op.c @ 1295] 0001 (0001) ACPI!Store
11 d Enable Clear f7417f59 [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\object.c @ 1656] 0001 (0001) ACPI!WriteSystemMem
23 e Disable Clear u 0001 (0001) (authui!WluirRequestCredentials)
1: kd> be 1
gu
1: kd> dt PCI_COMMON_CONFIG 0x89987510
hal!PCI_COMMON_CONFIG
+0x000 VendorID : 0x8086
+0x002 DeviceID : 0x7191
+0x004 Command : 0x11f
+0x006 Status : 0x220
+0x008 RevisionID : 0x1 ''
+0x009 ProgIf : 0 ''
+0x00a SubClass : 0x4 ''
+0x00b BaseClass : 0x6 ''
+0x00c CacheLineSize : 0 ''
+0x00d LatencyTimer : 0 ''
+0x00e HeaderType : 0x1 ''
+0x00f BIST : 0 ''
+0x010 u : __unnamed
+0x040 DeviceSpecific : [192] "???"
THREAD 899a1020 Cid 0004.0008 Teb: 00000000 Win32Thread: 00000000 WAIT: (Executive) KernelMode Non-Alertable
f789a2ac SynchronizationEvent
IRP List:
899bf5b0: (0006,0190) Flags: 00000000 Mdl: 00000000
Not impersonating
DeviceMap e10003d8
Owning Process 899a2278 Image: System
Attached Process N/A Image: N/A
Wait Start TickCount 274647894 Ticks: 1 (0:00:00:00.015)
Context Switch Count 172 IdealProcessor: 0
UserTime 00:00:00.000
KernelTime 00:00:01.859
Stack Init f789b000 Current f789a200 Base f789b000 Limit f7898000 Call 00000000
Priority 31 BasePriority 8 PriorityDecrement 0 IoPriority 0 PagePriority 0
ChildEBP RetAddr
f789a218 80a440eb nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4]) [d:\srv03rtm\base\ntos\ke\i386\ctxswap.asm @ 139]
f789a250 80a35ea9 nt!KiSwapThread+0x627 (FPO: [Non-Fpo]) (CONV: fastcall) [d:\srv03rtm\base\ntos\ke\thredsup.c @ 2000]
f789a284 f73e05d6 nt!KeWaitForSingleObject+0x2d7 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ke\wait.c @ 1161]
f789a2bc f73d0e41 pci!PciCallDownIrpStack+0xf0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\pci\dispatch.c @ 460]
f789a2dc 80a2675c pci!PciDispatchIrp+0xc1 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\busdrv\pci\dispatch.c @ 183]
f789a2f8 80c95e00 nt!IofCallDriver+0x62 (FPO: [Non-Fpo]) (CONV: fastcall) [d:\srv03rtm\base\ntos\io\iomgr\iosubs.c @ 2237]
f789a328 80c95f56 nt!IopSynchronousCall+0x1aa (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 258]
f789a36c 80c8f415 nt!IopStartDevice+0x78 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpirp.c @ 334]
f789a388 80c94d55 nt!PipProcessStartPhase1+0x9d (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 5014]
f789a5d4 80a2dde9 nt!PipProcessDevNodeTree+0x1c7 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 4648]
f789a618 80a2e161 nt!PipDeviceActionWorker+0xcd (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 710]
f789a630 80e69358 nt!PipRequestDeviceAction+0x139 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpenum.c @ 598]
f789a694 80e655c7 nt!IopInitializeBootDrivers+0x392 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\pnpinit.c @ 1440]
f789a838 80e632fd nt!IoInitSystem+0x70b (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\iomgr\ioinit.c @ 665]
f789adac 80d391f0 nt!Phase1Initialization+0x9b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\init\init.c @ 2221]
f789addc 80b00d52 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ps\create.c @ 2213]
00000000 00000000 nt!KiThreadStartup+0x16 [d:\srv03rtm\base\ntos\ke\i386\threadbg.asm @ 81]
1: kd> gu
eax=00000040 ebx=89986f88 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=f740d8c7 esp=f78f2c34 ebp=f78f2c84 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!PciConfigSpaceHandlerWorker+0x29b:
f740d8c7 8bf0 mov esi,eax
1: kd> dv
AcpiObject = 0x899b21bc
CompletionStatus = 0n0
Result = 0x00000000
Context = 0x00986f88
bytesWritten = 0x103
status = 0n0
interface = 0x00000000
oldIrql = 0x00 ''
Complain = 0x00 ''
length = 0x899874e8
ErrorLogged = 0x00 ''
ACPIName = unsigned short [5]
IllegalPCIOpRegionAddress = unsigned short *[2]
addressBuffer = unsigned short [13]
parent = unsigned char [5] ""
opRegion = unsigned char [5] ""
1: kd> dx -r1 ((ACPI!_NSObj *)0x899b21bc)
((ACPI!_NSObj *)0x899b21bc) : 0x899b21bc [Type: _NSObj *]
[+0x000] list [Type: _List]
[+0x008] pnsParent : 0x899affac [Type: _NSObj *]
[+0x00c] pnsFirstChild : 0x899b2234 [Type: _NSObj *]
[+0x010] dwNameSeg : 0x5f504741 [Type: unsigned long]
[+0x014] hOwner : 0x899af330 [Type: void *]
[+0x018] pnsOwnedNext : 0x899b149c [Type: _NSObj *]
[+0x01c] ObjData [Type: _ObjData]
[+0x030] Context : 0x899c0bf0 [Type: void *]
[+0x034] dwRefCount : 0x0 [Type: unsigned long]
1: kd> dt acpi!_Device_Extension 0x899c0bf0
+0x000 Flags : 0x00401000`00000008
+0x000 UFlags : __unnamed
+0x008 Signature : 0x5f534750
+0x00c DebugFlags : 0
+0x010 DispatchTable : (null)
+0x014 WorkContext : WORK_QUEUE_CONTEXT
+0x014 Fdo : _FDO_DEVICE_EXTENSION
+0x014 Filter : _FILTER_DEVICE_EXTENSION
+0x014 Pdo : _PDO_DEVICE_EXTENSION
+0x058 WorkQueue : EXTENSION_WORKER
+0x058 Button : BUTTON_EXTENSION
+0x058 Thermal : THERMAL_EXTENSION
+0x058 LinkNode : LINK_NODE_EXTENSION
+0x058 Dock : DOCK_EXTENSION
+0x058 Processor : _PROCESSOR_DEVICE_EXTENSION
+0x088 DeviceState : 0 ( Stopped )
+0x08c PreviousState : 0 ( Stopped )
+0x090 PowerInfo : _ACPI_POWER_INFO
+0x10c DeviceID : 0x00010000 "."
+0x10c Address : 0x10000
+0x110 InstanceID : (null)
+0x114 ResourceList : (null)
+0x118 PnpResourceList : (null)
+0x11c OutstandingIrpCount : 0n1
+0x120 ReferenceCount : 0n3
+0x124 HibernatePathCount : 0n0
+0x128 RemoveEvent : (null)
+0x12c AcpiObject : 0x899b21bc _NSObj
+0x130 DeviceObject : (null)
+0x134 TargetDeviceObject : (null)
+0x138 PhysicalDeviceObject : (null)
+0x13c ParentExtension : 0x899c0d58 _DEVICE_EXTENSION
+0x140 ChildDeviceList : _LIST_ENTRY [ 0x899c0d30 - 0x899c0d30 ]
+0x148 SiblingDeviceList : _LIST_ENTRY [ 0x899c0bd0 - 0x899c0e98 ]
+0x150 EjectDeviceHead : _LIST_ENTRY [ 0x899c0d40 - 0x899c0d40 ]
+0x158 EjectDeviceList : _LIST_ENTRY [ 0x899c0d48 - 0x899c0d48 ]
1: kd> dt ACPI!_DEVICE_EXTENSION 0x899c0d58
+0x000 Flags : 0x05402000`02010020
+0x000 UFlags : __unnamed
+0x008 Signature : 0x5f534750
+0x00c DebugFlags : 0
+0x010 DispatchTable : 0xf743830c IRP_DISPATCH_TABLE
+0x014 WorkContext : WORK_QUEUE_CONTEXT
+0x014 Fdo : _FDO_DEVICE_EXTENSION
+0x014 Filter : _FILTER_DEVICE_EXTENSION
+0x014 Pdo : _PDO_DEVICE_EXTENSION
+0x058 WorkQueue : EXTENSION_WORKER
+0x058 Button : BUTTON_EXTENSION
+0x058 Thermal : THERMAL_EXTENSION
+0x058 LinkNode : LINK_NODE_EXTENSION
+0x058 Dock : DOCK_EXTENSION
+0x058 Processor : _PROCESSOR_DEVICE_EXTENSION
+0x088 DeviceState : 2 ( Started )
+0x08c PreviousState : 0 ( Stopped )
+0x090 PowerInfo : _ACPI_POWER_INFO
+0x10c DeviceID : 0x899c11d0 "ACPI\PNP0A03"
+0x10c Address : 0x899c11d0
+0x110 InstanceID : (null)
+0x114 ResourceList : (null)
+0x118 PnpResourceList : (null)
+0x11c OutstandingIrpCount : 0n1
+0x120 ReferenceCount : 0n83
+0x124 HibernatePathCount : 0n0
+0x128 RemoveEvent : (null)
+0x12c AcpiObject : 0x899affac _NSObj
+0x130 DeviceObject : 0x899c0f00 _DEVICE_OBJECT
+0x134 TargetDeviceObject : (null)
+0x138 PhysicalDeviceObject : 0x899c0f00 _DEVICE_OBJECT
+0x13c ParentExtension : 0x89981a18 _DEVICE_EXTENSION
+0x140 ChildDeviceList : _LIST_ENTRY [ 0x899c0d38 - 0x8990efe8 ]
+0x148 SiblingDeviceList : _LIST_ENTRY [ 0x899ae150 - 0x89981b58 ]
+0x150 EjectDeviceHead : _LIST_ENTRY [ 0x899c0ea8 - 0x899c0ea8 ]
+0x158 EjectDeviceList : _LIST_ENTRY [ 0x899c0eb0 - 0x899c0eb0 ]
1: kd> db 0x899affac
899affac 4c ff 9a 89 ac 40 9b 89-f0 f0 9a 89 24 00 9b 89 L....@......$...
899affbc 50 43 49 30 30 f3 9a 89-4c ff 9a 89 00 00 06 00 PCI00...L.......
899affcc 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899affdc 58 0d 9c 89 00 00 00 00-48 4f 52 47 34 00 00 00 X.......HORG4...
899affec 00 f0 9a 89 50 00 00 00-30 00 00 00 02 00 00 00 ....P...0.......
899afffc 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899b000c 00 00 00 00 00 00 00 00-00 00 00 00 48 4e 53 4f ............HNSO
899b001c 44 00 00 00 00 f0 9a 89-64 a0 91 89 68 00 9b 89 D.......d...h...
1: kd> db 0x899b21bc
899b21bc 9c 14 9b 89 78 22 9b 89-ac ff 9a 89 34 22 9b 89 ....x"......4"..
899b21cc 41 47 50 5f 30 f3 9a 89-9c 14 9b 89 00 00 06 00 AGP_0...........
899b21dc 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899b21ec f0 0b 9c 89 00 00 00 00-48 4f 52 47 34 00 00 00 ........HORG4...
899b21fc 00 f0 9a 89 60 00 00 00-04 00 00 00 02 00 00 00 ....`...........
899b220c 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899b221c 00 00 00 00 00 00 00 00-00 00 00 00 48 4e 53 4f ............HNSO
899b222c 44 00 00 00 00 f0 9a 89-34 22 9b 89 34 22 9b 89 D.......4"..4"..
1: kd> p
eax=00000040 ebx=89986f88 ecx=00000000 edx=00000000 esi=00000040 edi=00000000
eip=f740d8c9 esp=f78f2c34 ebp=f78f2c84 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!PciConfigSpaceHandlerWorker+0x29d:
f740d8c9 85f6 test esi,esi
1: kd> p
eax=00000040 ebx=89986f88 ecx=00000000 edx=00000000 esi=00000040 edi=00000000
eip=f740d8e4 esp=f78f2c34 ebp=f78f2c84 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
ACPI!PciConfigSpaceHandlerWorker+0x2b8:
f740d8e4 33f6 xor esi,esi
1: kd> dt PCI_CONFIG_STATE 89986f88
ACPI!PCI_CONFIG_STATE
+0x000 AccessType : 0
+0x004 OpRegion : 0x89986fc4 _NSObj
+0x008 Address : 0
+0x00c Size : 0x40
+0x010 Data : 0x89987510 -> 0x71918086
+0x014 Context : 0
+0x018 CompletionHandler : 0xf740dab2 Void
+0x01c CompletionContext : 0x899874e8 Void
+0x020 PciObj : 0x899b21bc _NSObj
+0x024 ParentObj : (null)
+0x028 CompletionHandlerType : 1
+0x02c Flags : 0x100
+0x030 RunCompletion : 0n0
+0x034 Slot : _PCI_SLOT_NUMBER
+0x038 Bus : 0 ''
+0x039 IsPciDeviceResult : 0 ''
1: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_NSObj *)0x89986fc4)
((ACPI!_NSObj *)0x89986fc4) : 0x89986fc4 [Type: _NSObj *]
[+0x000] list [Type: _List]
[+0x008] pnsParent : 0x0 [Type: _NSObj *]
[+0x00c] pnsFirstChild : 0x0 [Type: _NSObj *]
[+0x010] dwNameSeg : 0x0 [Type: unsigned long]
[+0x014] hOwner : 0x0 [Type: void *]
[+0x018] pnsOwnedNext : 0x0 [Type: _NSObj *]
[+0x01c] ObjData [Type: _ObjData]
[+0x030] Context : 0x899b21bc [Type: void *]
[+0x034] dwRefCount : 0x0 [Type: unsigned long]
1: kd> db 0x89986fc4
89986fc4 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89986fd4 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89986fe4 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
89986ff4 bc 21 9b 89 00 00 00 00-00 00 00 00 00 00 69 0a .!............i.
89987004 49 72 70 20 06 00 40 03-00 00 00 00 00 00 00 00 Irp ..@.........
89987014 00 00 00 00 18 70 98 89-18 70 98 89 00 00 00 00 .....p...p......
89987024 00 00 00 00 00 00 14 15-00 00 00 00 00 00 00 00 ................
89987034 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1: kd> p
eax=00000040 ebx=89986f88 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=f740d906 esp=f78f2c34 ebp=f78f2c84 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!PciConfigSpaceHandlerWorker+0x2da:
f740d906 39750c cmp dword ptr [ebp+0Ch],esi ss:0010:f78f2c90=00000000
1: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_NSObj *)0x899b21bc)
((ACPI!_NSObj *)0x899b21bc) : 0x899b21bc [Type: _NSObj *]
[+0x000] list [Type: _List]
[+0x008] pnsParent : 0x899affac [Type: _NSObj *]
[+0x00c] pnsFirstChild : 0x899b2234 [Type: _NSObj *]
[+0x010] dwNameSeg : 0x5f504741 [Type: unsigned long]
[+0x014] hOwner : 0x899af330 [Type: void *]
[+0x018] pnsOwnedNext : 0x899b149c [Type: _NSObj *]
[+0x01c] ObjData [Type: _ObjData]
[+0x030] Context : 0x899c0bf0 [Type: void *]
[+0x034] dwRefCount : 0x0 [Type: unsigned long]
1: kd> db 0x899b21bc
899b21bc 9c 14 9b 89 78 22 9b 89-ac ff 9a 89 34 22 9b 89 ....x"......4"..
899b21cc 41 47 50 5f 30 f3 9a 89-9c 14 9b 89 00 00 06 00 AGP_0...........
899b21dc 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899b21ec f0 0b 9c 89 00 00 00 00-48 4f 52 47 34 00 00 00 ........HORG4...
899b21fc 00 f0 9a 89 60 00 00 00-04 00 00 00 02 00 00 00 ....`...........
899b220c 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899b221c 00 00 00 00 00 00 00 00-00 00 00 00 48 4e 53 4f ............HNSO
899b222c 44 00 00 00 00 f0 9a 89-34 22 9b 89 34 22 9b 89 D.......4"..4"..
Device (AGP)
{
Name (_ADR, 0x00010000) // _ADR: Address
}
第二部分:
typedef struct {
KEVENT Event;
PIRP Irp;
} START_DEVICE_CONTEXT, *PSTART_DEVICE_CONTEXT;
NTSTATUS
ACPIBusIrpStartDevice(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
NTSTATUS status = STATUS_SUCCESS;
PDEVICE_EXTENSION deviceExtension;
PIO_STACK_LOCATION irpStack = IoGetCurrentIrpStackLocation( Irp );
UCHAR minorFunction = irpStack->MinorFunction;
PAGED_CODE();
//
// Get the device extension and acpi object
//
deviceExtension = ACPIInternalGetDeviceExtension( DeviceObject );
//
// If this is a PCI root bus (the only way that it can be here is if
// we enumerated this as a PNP0A03 device object) then we need to do
// a few extra things
//
if (deviceExtension->Flags & DEV_CAP_PCI) {
//
// The IRQ Arbiter needs to have the FDO of the PCI
// bus. So here is a PDO. From this, can be gotten
// the FDO. And only do it once.
//
if (!PciInterfacesInstantiated) {
AcpiArbInitializePciRouting( DeviceObject );
}
//
// We need to get the PME interface as well
//
if (!PciPmeInterfaceInstantiated) {
ACPIWakeInitializePmeRouting( DeviceObject );
}
}
//
// Pass the real work off to this function
//
status = ACPIInitStartDevice(
DeviceObject,
irpStack->Parameters.StartDevice.AllocatedResources,
ACPIBusIrpStartDeviceCompletion,
Irp,
Irp
);
if (NT_SUCCESS(status)) {
return STATUS_PENDING;
} else {
return status;
}
}
VOID
ACPIBusIrpStartDeviceCompletion(
IN PDEVICE_EXTENSION DeviceExtension,
IN PVOID Context,
IN NTSTATUS Status
)
/*++
Routine Description:
This is the call back routine that is invoked when we have finished
programming the resources
This routine completes the irp
Arguments:
DeviceExtension - Extension of the device that was started
Context - The Irp
Status - The result
Return Value:
None
--*/
{
PIRP irp = (PIRP) Context;
PWORK_QUEUE_CONTEXT workContext = &(DeviceExtension->Pdo.WorkContext);
irp->IoStatus.Status = Status;
if (NT_SUCCESS(Status)) {
DeviceExtension->DeviceState = Started;
} else {
PIO_STACK_LOCATION irpStack = IoGetCurrentIrpStackLocation( irp );
UCHAR minorFunction = irpStack->MinorFunction;
//
// Complete the irp --- we can do this at DPC level without problem
//
IoCompleteRequest( irp, IO_NO_INCREMENT );
//
// Let the world know
//
ACPIDevPrint( (
ACPI_PRINT_IRP,
DeviceExtension,
"(0x%08lx): %s = 0x%08lx\n",
irp,
ACPIDebugGetIrpText(IRP_MJ_PNP, minorFunction),
Status
) );
return;
}
//
// We can't run EnableDisableRegions at DPC level,
// so queue a worker item.
//
ExInitializeWorkItem(
&(workContext->Item),
ACPIBusIrpStartDeviceWorker,
workContext
);
workContext->DeviceObject = DeviceExtension->DeviceObject;
workContext->Irp = irp;
ExQueueWorkItem(
&(workContext->Item),
DelayedWorkQueue
);
}
VOID
ACPIBusIrpStartDeviceWorker(
IN PVOID Context
)
{
NTSTATUS status;
PDEVICE_EXTENSION deviceExtension;
PDEVICE_OBJECT deviceObject;
PIRP irp;
PIO_STACK_LOCATION irpStack;
PWORK_QUEUE_CONTEXT workContext = (PWORK_QUEUE_CONTEXT) Context;
UCHAR minorFunction;
PAGED_CODE();
//
// Grab the parameters that we need out of the Context
//
deviceObject = workContext->DeviceObject;
deviceExtension = ACPIInternalGetDeviceExtension( deviceObject );
irp = workContext->Irp;
irpStack = IoGetCurrentIrpStackLocation( irp );
minorFunction = irpStack->MinorFunction;
status = irp->IoStatus.Status;
//
// Update the status of the device
//
if (NT_SUCCESS(status)) {
if (IsNsobjPciBus(deviceExtension->AcpiObject)) {
//
// This may be a PCI bridge, so we
// may have _REG methods to evaluate.
// N.B. This work is done here, instead
// of in ACPIBusIrpStartDevice because we
// need to wait until after the resources
// have been programmed.
//
EnableDisableRegions(deviceExtension->AcpiObject, TRUE);
}
}
//
// Complete the request
//
irp->IoStatus.Status = status;
irp->IoStatus.Information = (ULONG_PTR) NULL;
IoCompleteRequest( irp, IO_NO_INCREMENT );
//
// Let the world know
//
ACPIDevPrint( (
ACPI_PRINT_IRP,
deviceExtension,
"(0x%08lx): %s = 0x%08lx\n",
irp,
ACPIDebugGetIrpText(IRP_MJ_PNP, minorFunction),
status
) );
}
IRP_DISPATCH_TABLE AcpiGenericBusIrpDispatch = {
ACPIDispatchIrpInvalid, // CreateClose
ACPIDispatchIrpInvalid, // DeviceControl
ACPIBusIrpStartDevice, // PnpStartDevice
ACPIDispatchBusFilterPnpTable, // PnpIrps
ACPIDispatchBusPowerTable, // Power irps
ACPIDispatchForwardIrp, // WMI irps
ACPIDispatchIrpInvalid, // Other
NULL // Worker thread handler
};
//
// Any device in this table is considered to be 'special'
//
INTERNAL_DEVICE_TABLE AcpiInternalDeviceTable[] = {
"ACPI0006", &AcpiGenericBusIrpDispatch,
"FixedButton", &AcpiFixedButtonIrpDispatch,
"PNP0000", &AcpiRawDeviceIrpDispatch,
"PNP0001", &AcpiRawDeviceIrpDispatch,
"PNP0002", &AcpiRawDeviceIrpDispatch,
"PNP0003", &AcpiRawDeviceIrpDispatch,
"PNP0004", &AcpiRawDeviceIrpDispatch,
"PNP0100", &AcpiRawDeviceIrpDispatch,
"PNP0101", &AcpiRawDeviceIrpDispatch,
"PNP0102", &AcpiRawDeviceIrpDispatch,
"PNP0200", &AcpiRawDeviceIrpDispatch,
"PNP0201", &AcpiRawDeviceIrpDispatch,
"PNP0202", &AcpiRawDeviceIrpDispatch,
"PNP0800", &AcpiRawDeviceIrpDispatch,
"PNP0A05", &AcpiGenericBusIrpDispatch,
Device (SIO)
{
Name (_HID, EisaId ("PNP0A05")) // _HID: Hardware ID
OperationRegion (SIOR, SystemIO, 0x2E, 0x02)
Field (SIOR, ByteAcc, NoLock, Preserve)
{
SIOI, 8,
SIOD, 8
}
第三部分:背景时机:
第二次调用ACPI!ACPIDetectPdoDevices时是遍历ACPI\PNP0C08的子设备,然后是启动设备
Breakpoint 0 hit
eax=00000000 ebx=89981a18 ecx=00000000 edx=00000000 esi=00000000 edi=80ae2bca
eip=f74001de esp=f789a238 ebp=f789a254 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
ACPI!ACPIDetectPdoDevices:
f74001de 55 push ebp
0: kd> dv
DeviceObject = 0x89981b98 Device for "\Driver\ACPI"
DeviceRelations = 0xf789a288
currentRelations = 0xf789a254
status = 0n0
parentExtension = 0x80ae2bca
deviceStatus = 0xf789adcc
oldIrql = 0x00 ''
newRelationSize = 0xf74001df
newRelations = 0x89981b98
index = 0
matchFound = 0x00 ''
1: kd> dx -r1 ((ACPI!_DEVICE_OBJECT *)0x89981b98)
((ACPI!_DEVICE_OBJECT *)0x89981b98) : 0x89981b98 : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT *]
[<Raw View>] [Type: _DEVICE_OBJECT]
Flags : None Set
UpperDevices : None
LowerDevices
Driver : 0x89981f38 : Driver "\Driver\ACPI" [Type: _DRIVER_OBJECT *]
1: kd> dx -r1 -nv (*((ACPI!_DEVICE_OBJECT *)0x89981b98))
(*((ACPI!_DEVICE_OBJECT *)0x89981b98)) : Device for "\Driver\ACPI" [Type: _DEVICE_OBJECT]
[+0x000] Type : 3 [Type: short]
[+0x002] Size : 0xb8 [Type: unsigned short]
[+0x004] ReferenceCount : 0 [Type: long]
[+0x008] DriverObject : 0x89981f38 : Driver "\Driver\ACPI" [Type: _DRIVER_OBJECT *]
[+0x00c] NextDevice : 0x0 [Type: _DEVICE_OBJECT *]
[+0x010] AttachedDevice : 0x0 [Type: _DEVICE_OBJECT *]
[+0x014] CurrentIrp : 0x0 [Type: _IRP *]
[+0x018] Timer : 0x0 [Type: _IO_TIMER *]
[+0x01c] Flags : 0x0 [Type: unsigned long]
[+0x020] Characteristics : 0x0 [Type: unsigned long]
[+0x024] Vpb : 0x0 [Type: _VPB *]
[+0x028] DeviceExtension : 0x89981a18 [Type: void *]
[+0x02c] DeviceType : 0x32 [Type: unsigned long]
[+0x030] StackSize : 2 [Type: char]
[+0x034] Queue [Type: __unnamed]
[+0x05c] AlignmentRequirement : 0x0 [Type: unsigned long]
[+0x060] DeviceQueue [Type: _KDEVICE_QUEUE]
[+0x074] Dpc [Type: _KDPC]
[+0x094] ActiveThreadCount : 0x0 [Type: unsigned long]
[+0x098] SecurityDescriptor : 0x0 [Type: void *]
[+0x09c] DeviceLock [Type: _KEVENT]
[+0x0ac] SectorSize : 0x0 [Type: unsigned short]
[+0x0ae] Spare1 : 0x0 [Type: unsigned short]
[+0x0b0] DeviceObjectExtension : 0x89981c50 [Type: _DEVOBJ_EXTENSION *]
[+0x0b4] Reserved : 0x0 [Type: void *]
1: kd> dt acpi!_Device_Extension 0x89981a18
+0x000 Flags : 0x4461e000`00200010
+0x000 UFlags : __unnamed
+0x008 Signature : 0x5f534750
+0x00c DebugFlags : 0
+0x010 DispatchTable : 0xf743826c IRP_DISPATCH_TABLE
+0x014 WorkContext : WORK_QUEUE_CONTEXT
+0x014 Fdo : _FDO_DEVICE_EXTENSION
+0x014 Filter : _FILTER_DEVICE_EXTENSION
+0x014 Pdo : _PDO_DEVICE_EXTENSION
+0x058 WorkQueue : EXTENSION_WORKER
+0x058 Button : BUTTON_EXTENSION
+0x058 Thermal : THERMAL_EXTENSION
+0x058 LinkNode : LINK_NODE_EXTENSION
+0x058 Dock : DOCK_EXTENSION
+0x058 Processor : _PROCESSOR_DEVICE_EXTENSION
+0x088 DeviceState : 2 ( Started )
+0x08c PreviousState : 0 ( Stopped )
+0x090 PowerInfo : _ACPI_POWER_INFO
+0x10c DeviceID : 0x899bfea0 "ACPI\PNP0C08"
+0x10c Address : 0x899bfea0
+0x110 InstanceID : 0x899c53e8 "0x5F534750"
+0x114 ResourceList : 0x899bfeb8 _CM_RESOURCE_LIST
+0x118 PnpResourceList : (null)
+0x11c OutstandingIrpCount : 0n1
+0x120 ReferenceCount : 0n12
+0x124 HibernatePathCount : 0n0
+0x128 RemoveEvent : (null)
+0x12c AcpiObject : 0x899af0f0 _NSObj
+0x130 DeviceObject : 0x89981b98 _DEVICE_OBJECT
+0x134 TargetDeviceObject : 0x899c1de0 _DEVICE_OBJECT
+0x138 PhysicalDeviceObject : 0x899c1de0 _DEVICE_OBJECT
+0x13c ParentExtension : (null)
+0x140 ChildDeviceList : _LIST_ENTRY [ 0x899c0ea0 - 0x89906fe8 ]
+0x148 SiblingDeviceList : _LIST_ENTRY [ 0x89981b60 - 0x89981b60 ]
+0x150 EjectDeviceHead : _LIST_ENTRY [ 0x89981b68 - 0x89981b68 ]
+0x158 EjectDeviceList : _LIST_ENTRY [ 0x89981b70 - 0x89981b70 ]
背景:
第四部分:0x00010000为什么对应SlotNumber = 1
BusNumber = 0
SlotNumber = 1 SlotNumber = 1
Device (AGP)
{
Name (_ADR, 0x00010000) // _ADR: Address
}
NTSTATUS
EXPORT
GetPciAddressWorker(
IN PNSOBJ AcpiObject,
IN NTSTATUS Status,
IN POBJDATA Result,
IN PVOID Context
)
{
if (!(state->Flags & PCISUPP_GOT_SLOT_INFO)) {
//
// Build a PCI_SLOT_NUMBER out of the integer returned
// from the interpretter.
//
state->Slot->u.bits.FunctionNumber = (state->Address) & 0x7;
state->Slot->u.bits.DeviceNumber = ( (state->Address) >> 16) & 0x1f;
state->Flags |= PCISUPP_GOT_SLOT_INFO;
}