Fusion_lora:AI图像融合新工具,轻松优化产品溶图效果
2026/1/8 4:04:03
从ACPI!ParseArg函数中的ACPI!Buffer和ACPI!ParseOpcode到ACPI!Name中的ACPI!MoveObjData
0: kd> t
Breakpoint 9 hit
eax=00000000 ebx=899b23cc ecx=899b23cc edx=00000000 esi=00000043 edi=8997c000
eip=f74271e8 esp=f789a0f4 ebp=f789a110 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!ParseOpcode:
f74271e8 55 push ebp
0: kd> kc
#
00 ACPI!ParseOpcode
01 ACPI!ParseArg
02 ACPI!ParseTerm
03 ACPI!RunContext
04 ACPI!InsertReadyQueue
05 ACPI!RestartContext
06 ACPI!SyncLoadDDB
07 ACPI!AMLILoadDDB
08 ACPI!ACPIInitializeDDB
0: kd> dd 0x8997c03c
8997c03c f74c8cee 00000000 00000000 00000000
8997c04c 00000000 00000000 f741eeb5 00000000
8997c05c f789a1bc 000a0008 00000000 8997c068
8997c06c 8997c068 00000000 00000000 00000000
8997c07c 00000000 00000000 00000000 01000013
8997c08c 00000000 00000000 f741eff5 8997c000
8997c09c 00000000 00000000 00000000 899af000
8997c0ac 00000000 00000000 00000000 00000000
0: kd> db f74c8cee
f74c8cee 0a b2 47 01 10 00 10 00-01 10 47 01 24 00 24 00 ..G.......G.$.$.
f74c8cfe 01 02 47 01 28 00 28 00-01 02 47 01 2c 00 2c 00 ..G.(.(...G.,.,.
f74c8d0e 01 02 47 01 2e 00 2e 00-01 02 47 01 30 00 30 00 ..G.......G.0.0.
f74c8d1e 01 02 47 01 34 00 34 00-01 02 47 01 38 00 38 00 ..G.4.4...G.8.8.
f74c8d2e 01 02 47 01 3c 00 3c 00-01 02 47 01 50 00 50 00 ..G.<.<...G.P.P.
f74c8d3e 01 04 47 01 72 00 72 00-01 06 47 01 80 00 80 00 ..G.r.r...G.....
f74c8d4e 01 01 47 01 90 00 90 00-01 10 47 01 a4 00 a4 00 ..G.......G.....
f74c8d5e 01 02 47 01 a8 00 a8 00-01 02 47 01 ac 00 ac 00 ..G.......G.....
0: kd> db f74c8cee-10
f74c8cde 02 08 5f 55 49 44 0a 1f-08 52 53 52 43 11 46 0b .._UID...RSRC.F.
f74c8cee 0a b2 47 01 10 00 10 00-01 10 47 01 24 00 24 00 ..G.......G.$.$.
f74c8cfe 01 02 47 01 28 00 28 00-01 02 47 01 2c 00 2c 00 ..G.(.(...G.,.,.
f74c8d0e 01 02 47 01 2e 00 2e 00-01 02 47 01 30 00 30 00 ..G.......G.0.0.
opcode先是11后是0a
0a获得ACPI!_amlterm。b2是缓冲区的长度。
0: kd> x acpi!OpcodeTable
f74396b0 ACPI!OpcodeTable = struct _amlterm *[256]
0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_amlterm * (*)[256])0xf74396b0))
(*((ACPI!_amlterm * (*)[256])0xf74396b0)) [Type: _amlterm * [256]]
[0] : 0xf7439610 [Type: _amlterm *]
[10] : 0xf7439610 [Type: _amlterm *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_amlterm *)0xf7439610)
((ACPI!_amlterm *)0xf7439610) : 0xf7439610 [Type: _amlterm *]
[+0x000] pszTermName : 0x0 [Type: char *]
[+0x004] dwOpcode : 0xffffffff [Type: unsigned long]
[+0x008] pszArgTypes : 0x0 [Type: char *]
[+0x00c] dwTermClass : 0x5 [Type: unsigned long]
[+0x010] dwfOpcode : 0x8 [Type: unsigned long]
[+0x014] pfnCallBack : 0x0 [Type: long (__cdecl*)(unsigned long,unsigned long,_NSObj *,unsigned long)]
[+0x018] dwCBData : 0x0 [Type: unsigned long]
[+0x01c] pfnOpcode : 0x0 [Type: long (__cdecl*)()]
#define OF_DATA_OBJECT 0x00000008
回顾:
if (pterm->pdataArgs != NULL)
{
FreeDataBuffs(pterm->pdataArgs, pterm->icArgs);
FREEODOBJ(pterm->pdataArgs);
}
PopFrame(pctxt);
}
EXIT(2, ("ParseTerm=%x\n", rc));
return rc;
} //ParseTerm
0: kd> t
eax=899b23cc ebx=8997c000 ecx=00000000 edx=000000b2 esi=8997dd34 edi=00000000
eip=f741bda6 esp=f789a118 ebp=f789a130 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
ACPI!FreeDataBuffs:
f741bda6 55 push ebp
0: kd> dv
adata = 0x899b23cc
icData = 0n1
i = 0n8
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ObjData *)0x899b23cc)
((ACPI!_ObjData *)0x899b23cc) : 0x899b23cc [Type: _ObjData *]
[+0x000] dwfData : 0x0 [Type: unsigned short]
[+0x002] dwDataType : 0x1 [Type: unsigned short]
[+0x004] dwRefCount : 0x0 [Type: unsigned long]
[+0x004] pdataBase : 0x0 [Type: _ObjData *]
[+0x008] dwDataValue : 0xb2 [Type: unsigned long]
[+0x008] uipDataValue : 0xb2 [Type: unsigned long]
[+0x008] pnsAlias : 0xb2 [Type: _NSObj *]
[+0x008] pdataAlias : 0xb2 [Type: _ObjData *]
[+0x008] powner : 0xb2 [Type: void *]
[+0x00c] dwDataLen : 0x0 [Type: unsigned long]
[+0x010] pbDataBuff : 0x0 [Type: unsigned char *]
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd34
rc = 0n0
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_term *)0x8997dd34)
((ACPI!_term *)0x8997dd34) : 0x8997dd34 [Type: _term *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpTerm : 0xf74c8ceb : 0x11 [Type: unsigned char *]
[+0x014] pbOpEnd : 0xf74c8da2 : 0x14 [Type: unsigned char *]
[+0x018] pbScopeEnd : 0x0 [Type: unsigned char *]
[+0x01c] pamlterm : 0xf7439190 [Type: _amlterm *]
[+0x020] pnsObj : 0x0 [Type: _NSObj *]
[+0x024] iArg : 1 [Type: int]
[+0x028] icArgs : 1 [Type: int]
[+0x02c] pdataArgs : 0x899b23cc [Type: _ObjData *]
[+0x030] pdataResult : 0x899b2214 [Type: _ObjData *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ObjData *)0x899b23cc)
((ACPI!_ObjData *)0x899b23cc) : 0x899b23cc [Type: _ObjData *]
[+0x000] dwfData : 0x0 [Type: unsigned short]
[+0x002] dwDataType : 0x0 [Type: unsigned short]
[+0x004] dwRefCount : 0x0 [Type: unsigned long]
[+0x004] pdataBase : 0x0 [Type: _ObjData *]
[+0x008] dwDataValue : 0x0 [Type: unsigned long]
[+0x008] uipDataValue : 0x0 [Type: unsigned long]
[+0x008] pnsAlias : 0x0 [Type: _NSObj *]
[+0x008] pdataAlias : 0x0 [Type: _ObjData *]
[+0x008] powner : 0x0 [Type: void *]
[+0x00c] dwDataLen : 0x0 [Type: unsigned long]
[+0x010] pbDataBuff : 0x0 [Type: unsigned char *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ObjData *)0x899b2214)
((ACPI!_ObjData *)0x899b2214) : 0x899b2214 [Type: _ObjData *]
[+0x000] dwfData : 0x0 [Type: unsigned short]
[+0x002] dwDataType : 0x3 [Type: unsigned short]
[+0x004] dwRefCount : 0x0 [Type: unsigned long]
[+0x004] pdataBase : 0x0 [Type: _ObjData *]
[+0x008] dwDataValue : 0x0 [Type: unsigned long]
[+0x008] uipDataValue : 0x0 [Type: unsigned long]
[+0x008] pnsAlias : 0x0 [Type: _NSObj *]
[+0x008] pdataAlias : 0x0 [Type: _ObjData *]
[+0x008] powner : 0x0 [Type: void *]
[+0x00c] dwDataLen : 0xb2 [Type: unsigned long]
[+0x010] pbDataBuff : 0x899b23ec : 0x47 [Type: unsigned char *]
FREEODOBJ(pterm->pdataArgs);
VOID LOCAL PopFrame(PCTXT pctxt)
{
TRACENAME("POPFRAME")
ENTER(2, ("PopFrame(pctxt=%p)\n", pctxt));
ASSERT(!IsStackEmpty(pctxt));
ASSERT(((PFRAMEHDR)pctxt->LocalHeap.pbHeapEnd)->dwSig != 0);
pctxt->LocalHeap.pbHeapEnd +=
((PFRAMEHDR)pctxt->LocalHeap.pbHeapEnd)->dwLen;
EXIT(2, ("PopFrame! (StackTop=%p)\n", pctxt->LocalHeap.pbHeapEnd));
} //PopFrame
记住:pterm = 0x8997dd34
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd34
rc = 0n0
记住:
while (!IsStackEmpty(pctxt))
{
CHKDEBUGGERREQ();
pfh = (PFRAMEHDR)pctxt->LocalHeap.pbHeapEnd;
ASSERT(pfh->pfnParse != NULL);
rc = pfh->pfnParse(pctxt, pfh, rc);
if ((rc == AMLISTA_PENDING) || (rc == AMLISTA_DONE))
{
break;
}
}
0: kd> kc
#
00 ACPI!ParseTerm
01 ACPI!RunContext
02 ACPI!InsertReadyQueue
03 ACPI!RestartContext
04 ACPI!SyncLoadDDB
05 ACPI!AMLILoadDDB
06 ACPI!ACPIInitializeDDB
07 ACPI!ACPIInitializeDDBs
08 ACPI!ACPIInitialize
09 ACPI!ACPIInitStartACPI
0a ACPI!ACPIRootIrpStartDevice
0b ACPI!ACPIDispatchIrp
0c nt!IofCallDriver
0d nt!IopSynchronousCall
0e nt!IopStartDevice
0f nt!PipProcessStartPhase1
10 nt!PipProcessDevNodeTree
11 nt!PipDeviceActionWorker
12 nt!PipRequestDeviceAction
13 nt!IopInitializeBootDrivers
14 nt!IoInitSystem
15 nt!Phase1Initialization
16 nt!PspSystemThreadStartup
17 nt!KiThreadStartup
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd68
rc = 0n0
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_term *)0x8997dd68)
((ACPI!_term *)0x8997dd68) : 0x8997dd68 [Type: _term *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpTerm : 0xf74c8ce6 : 0x8 [Type: unsigned char *]
[+0x014] pbOpEnd : 0x0 [Type: unsigned char *]
[+0x018] pbScopeEnd : 0xf74c8e19 : 0x5b [Type: unsigned char *]
[+0x01c] pamlterm : 0xf7438cf0 [Type: _amlterm *]
[+0x020] pnsObj : 0x0 [Type: _NSObj *]
[+0x024] iArg : 2 [Type: int]
[+0x028] icArgs : 2 [Type: int] 返回中。。。
[+0x02c] pdataArgs : 0x899b2200 [Type: _ObjData *]
[+0x030] pdataResult : 0x8997c040 [Type: _ObjData *]
没有:
if (pterm->pamlterm->dwfOpcode & OF_VARIABLE_LIST)
{
ParsePackageLen(&pctxt->pbOp, &pterm->pbOpEnd);
}
没有:
rc = ParseArg(pctxt, pterm->pamlterm->pszArgTypes[i],
&pterm->pdataArgs[i]);
if (pterm->pamlterm->pfnOpcode != NULL)
{
if (((rc = pterm->pamlterm->pfnOpcode(pctxt, pterm)) !=
STATUS_SUCCESS) ||
(&pterm->FrameHdr != (PFRAMEHDR)pctxt->LocalHeap.pbHeapEnd))
{
break;
}
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd68
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ctxt *)0x8997c000)
((ACPI!_ctxt *)0x8997c000) : 0x8997c000 [Type: _ctxt *]
[+0x000] dwSig : 0x54585443 [Type: unsigned long]
[+0x004] pbCtxtEnd : 0x8997e000 : 0x54 [Type: unsigned char *]
[+0x008] listCtxt [Type: _List]
[+0x010] listQueue [Type: _List]
[+0x018] pplistCtxtQueue : 0x0 [Type: _List * *]
[+0x01c] plistResources : 0x0 [Type: _List *]
[+0x020] dwfCtxt : 0x10 [Type: unsigned long]
[+0x024] pnsObj : 0x0 [Type: _NSObj *]
[+0x028] pnsScope : 0x899b2300 [Type: _NSObj *]
[+0x02c] powner : 0x899af330 [Type: _objowner *]
[+0x030] pcall : 0x8997df34 [Type: _call *]
[+0x034] pnctxt : 0x0 [Type: _nestedctxt *]
[+0x038] dwSyncLevel : 0x0 [Type: unsigned long]
[+0x03c] pbOp : 0xf74c8da2 : 0x14 [Type: unsigned char *]
[+0x040] Result [Type: _ObjData]
[+0x054] pfnAsyncCallBack : 0xf741eeb5 [Type: void (__cdecl*)(_NSObj *,long,_ObjData *,void *)]
[+0x058] pdataCallBack : 0x0 [Type: _ObjData *]
[+0x05c] pvContext : 0xf789a1bc [Type: void *]
[+0x060] Timer [Type: _KTIMER]
[+0x088] Dpc [Type: _KDPC]
[+0x0a8] pheapCurrent : 0x899af000 [Type: _heap *]
[+0x0ac] CtxtData [Type: _ctxtdata]
[+0x0bc] LocalHeap [Type: _heap]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_NSObj *)0x899b2300)
((ACPI!_NSObj *)0x899b2300) : 0x899b2300 [Type: _NSObj *]
[+0x000] list [Type: _List]
[+0x008] pnsParent : 0x899b2278 [Type: _NSObj *]
[+0x00c] pnsFirstChild : 0x899b2344 [Type: _NSObj *]
[+0x010] dwNameSeg : 0x4452424d [Type: unsigned long]
[+0x014] hOwner : 0x899af330 [Type: void *]
[+0x018] pnsOwnedNext : 0x899b22bc [Type: _NSObj *]
[+0x01c] ObjData [Type: _ObjData]
[+0x030] Context : 0x899c0920 [Type: void *]
[+0x034] dwRefCount : 0x0 [Type: unsigned long]
0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_ObjData *)0x899b231c))
(*((ACPI!_ObjData *)0x899b231c)) [Type: _ObjData]
[+0x000] dwfData : 0x0 [Type: unsigned short]
[+0x002] dwDataType : 0x6 [Type: unsigned short]
[+0x004] dwRefCount : 0x0 [Type: unsigned long]
[+0x004] pdataBase : 0x0 [Type: _ObjData *]
[+0x008] dwDataValue : 0x0 [Type: unsigned long]
[+0x008] uipDataValue : 0x0 [Type: unsigned long]
[+0x008] pnsAlias : 0x0 [Type: _NSObj *]
[+0x008] pdataAlias : 0x0 [Type: _ObjData *]
[+0x008] powner : 0x0 [Type: void *]
[+0x00c] dwDataLen : 0x0 [Type: unsigned long]
[+0x010] pbDataBuff : 0x0 [Type: unsigned char *]
0: kd> db 0x899b2300
899b2300 bc 22 9b 89 bc 22 9b 89-78 22 9b 89 44 23 9b 89 ."..."..x"..D#..
899b2310 4d 42 52 44 30 f3 9a 89-bc 22 9b 89 00 00 06 00 MBRD0...."......
899b2320 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
899b2330 20 09 9c 89 00 00 00 00-48 4e 53 4f 44 00 00 00 .......HNSOD...
899b2340 00 f0 9a 89 88 23 9b 89-88 23 9b 89 00 23 9b 89 .....#...#...#..
899b2350 00 00 00 00 5f 48 49 44-30 f3 9a 89 00 23 9b 89 ...._HID0....#..
899b2360 00 00 01 00 00 00 00 00-41 d0 0c 02 00 00 00 00 ........A.......
899b2370 00 00 00 00 00 00 00 00-00 00 00 00 48 4e 53 4f ............HNSO
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_NSObj *)0x899b2344)
((ACPI!_NSObj *)0x899b2344) : 0x899b2344 [Type: _NSObj *]
[+0x000] list [Type: _List]
[+0x008] pnsParent : 0x899b2300 [Type: _NSObj *]
[+0x00c] pnsFirstChild : 0x0 [Type: _NSObj *]
[+0x010] dwNameSeg : 0x4449485f [Type: unsigned long]
[+0x014] hOwner : 0x899af330 [Type: void *]
[+0x018] pnsOwnedNext : 0x899b2300 [Type: _NSObj *]
[+0x01c] ObjData [Type: _ObjData]
[+0x030] Context : 0x0 [Type: void *]
[+0x034] dwRefCount : 0x0 [Type: unsigned long]
0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_List *)0x899b2344))
(*((ACPI!_List *)0x899b2344)) [Type: _List]
[+0x000] plistPrev : 0x899b2388 [Type: _List *]
[+0x004] plistNext : 0x899b2388 [Type: _List *]
0: kd> db 0x899b2344
899b2344 88 23 9b 89 88 23 9b 89-00 23 9b 89 00 00 00 00 .#...#...#......
899b2354 5f 48 49 44 30 f3 9a 89-00 23 9b 89 00 00 01 00 _HID0....#......
899b2364 00 00 00 00 41 d0 0c 02-00 00 00 00 00 00 00 00 ....A...........
899b2374 00 00 00 00 00 00 00 00-48 4e 53 4f 44 00 00 00 ........HNSOD...
899b2384 00 f0 9a 89 44 23 9b 89-44 23 9b 89 00 23 9b 89 ....D#..D#...#..
899b2394 00 00 00 00 5f 55 49 44-30 f3 9a 89 44 23 9b 89 ...._UID0...D#..
899b23a4 00 00 01 00 00 00 00 00-1f 00 00 00 00 00 00 00 ................
899b23b4 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
0: kd> dt ACPI!_NSObj 0x899b2388
+0x000 list : _List
+0x008 pnsParent : 0x899b2300 _NSObj
+0x00c pnsFirstChild : (null)
+0x010 dwNameSeg : 0x4449555f
+0x014 hOwner : 0x899af330 Void
+0x018 pnsOwnedNext : 0x899b2344 _NSObj
+0x01c ObjData : _ObjData
+0x030 Context : (null)
+0x034 dwRefCount : 0
0: kd> db 0x899b2388
899b2388 44 23 9b 89 44 23 9b 89-00 23 9b 89 00 00 00 00 D#..D#...#......
899b2398 5f 55 49 44 30 f3 9a 89-44 23 9b 89 00 00 01 00 _UID0...D#......
899b23a8 00 00 00 00 1f 00 00 00-00 00 00 00 00 00 00 00 ................
899b23b8 00 00 00 00 00 00 00 00-00 00 00 00 20 00 00 00 ............ ...
899b23c8 00 f0 9a 89 cc 23 9b 89-cc 23 9b 89 00 00 00 00 .....#...#......
899b23d8 00 00 00 00 00 00 00 00-48 42 55 46 c0 00 00 00 ........HBUF....
899b23e8 00 f0 9a 89 47 01 10 00-10 00 01 10 47 01 24 00 ....G.......G.$.
899b23f8 24 00 01 02 47 01 28 00-28 00 01 02 47 01 2c 00 $...G.(.(...G.,.
0: kd> p
Breakpoint 5 hit
eax=899b2200 ebx=8997dd88 ecx=8997c000 edx=899af000 esi=8997dd68 edi=8997c000
eip=f741dc18 esp=f789a0ec ebp=f789a114 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!CreateNameSpaceObject:
f741dc18 55 push ebp
0: kd> dv
pheap = 0x899af000
pszName = 0x899b0b3c "RSRC"
pnsScope = 0x899b2300
powner = 0x899af330
0: kd> gu
eax=00000000 ebx=8997dd88 ecx=899b24ac edx=00000000 esi=8997dd68 edi=8997c000
eip=f7425a57 esp=f789a0f0 ebp=f789a114 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000246
ACPI!Name+0x74:
f7425a57 8bf8 mov edi,eax
{
MoveObjData(&pterm->pnsObj->ObjData, &pterm->pdataArgs[1]);
}
VOID LOCAL MoveObjData(POBJDATA pdataDst, POBJDATA pdataSrc)
{
TRACENAME("MOVEOBJDATA")
ENTER(3, ("MoveObjData(Dest=%x,Src=%x)\n", pdataDst, pdataSrc));
ASSERT(pdataDst != NULL);
ASSERT(pdataSrc != NULL);
if (pdataDst != pdataSrc)
{
//
// We can only move an alias object or a base object with zero
// reference count or a base object with no data buffer.
//
ASSERT((pdataSrc->dwfData & DATAF_BUFF_ALIAS) ||
(pdataSrc->pbDataBuff == NULL) ||
(pdataSrc->dwRefCount == 0));
MEMCPY(pdataDst, pdataSrc, sizeof(OBJDATA));
MEMZERO(pdataSrc, sizeof(OBJDATA)); 把源数据清零。
}
EXIT(3, ("MoveObjData!\n"));
} //MoveObjData
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd68
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_term *)0x8997dd68)
((ACPI!_term *)0x8997dd68) : 0x8997dd68 [Type: _term *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpTerm : 0xf74c8ce6 : 0x8 [Type: unsigned char *]
[+0x014] pbOpEnd : 0x0 [Type: unsigned char *]
[+0x018] pbScopeEnd : 0xf74c8e19 : 0x5b [Type: unsigned char *]
[+0x01c] pamlterm : 0xf7438cf0 [Type: _amlterm *]
[+0x020] pnsObj : 0x899b24ac [Type: _NSObj *]
[+0x024] iArg : 2 [Type: int]
[+0x028] icArgs : 2 [Type: int]
[+0x02c] pdataArgs : 0x899b2200 [Type: _ObjData *]
[+0x030] pdataResult : 0x8997c040 [Type: _ObjData *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ObjData *)0x899b2200)
((ACPI!_ObjData *)0x899b2200) : 0x899b2200 [Type: _ObjData *]
[+0x000] dwfData : 0x0 [Type: unsigned short]
[+0x002] dwDataType : 0x2 [Type: unsigned short]
[+0x004] dwRefCount : 0x0 [Type: unsigned long]
[+0x004] pdataBase : 0x0 [Type: _ObjData *]
[+0x008] dwDataValue : 0x0 [Type: unsigned long]
[+0x008] uipDataValue : 0x0 [Type: unsigned long]
[+0x008] pnsAlias : 0x0 [Type: _NSObj *]
[+0x008] pdataAlias : 0x0 [Type: _ObjData *]
[+0x008] powner : 0x0 [Type: void *]
[+0x00c] dwDataLen : 0x5 [Type: unsigned long]
[+0x010] pbDataBuff : 0x899b0b3c : 0x52 [Type: unsigned char *]
0: kd> db 0x899b0b3c
899b0b3c 52 53 52 43 00 00 00 00-48 4e 53 4f 44 00 00 00 RSRC....HNSOD...
899b0b4c 00 f0 9a 89 90 0a 9b 89-94 0b 9b 89 ac ff 9a 89 ................
899b0b5c 00 00 00 00 52 45 30 30-30 f3 9a 89 90 0a 9b 89 ....RE000.......
899b0b6c 00 00 0a 00 00 00 00 00-00 00 00 00 18 00 00 00 ................
899b0b7c 34 01 9b 89 00 00 00 00-00 00 00 00 48 4e 53 4f 4...........HNSO
899b0b8c 44 00 00 00 00 f0 9a 89-50 0b 9b 89 d8 0b 9b 89 D.......P.......
899b0b9c ac ff 9a 89 00 00 00 00-00 00 00 00 30 f3 9a 89 ............0...
899b0bac 50 0b 9b 89 00 00 83 00-00 00 00 00 00 00 00 00 P...............
0: kd> dt ACPI!_ObjData 0x899b2200+14
+0x000 dwfData : 0
+0x002 dwDataType : 3
+0x004 dwRefCount : 0
+0x004 pdataBase : (null)
+0x008 dwDataValue : 0
+0x008 uipDataValue : 0
+0x008 pnsAlias : (null)
+0x008 pdataAlias : (null)
+0x008 powner : (null)
+0x00c dwDataLen : 0xb2
+0x010 pbDataBuff : 0x899b23ec "G???"
参考:
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ctxt *)0x8997c000)
((ACPI!_ctxt *)0x8997c000) : 0x8997c000 [Type: _ctxt *]
[+0x000] dwSig : 0x54585443 [Type: unsigned long]
[+0x004] pbCtxtEnd : 0x8997e000 : 0x54 [Type: unsigned char *]
[+0x008] listCtxt [Type: _List]
[+0x010] listQueue [Type: _List]
[+0x018] pplistCtxtQueue : 0x0 [Type: _List * *]
[+0x01c] plistResources : 0x0 [Type: _List *]
[+0x020] dwfCtxt : 0x10 [Type: unsigned long]
[+0x024] pnsObj : 0x0 [Type: _NSObj *]
[+0x028] pnsScope : 0x899b2300 [Type: _NSObj *]
[+0x02c] powner : 0x899af330 [Type: _objowner *]
[+0x030] pcall : 0x8997df34 [Type: _call *]
[+0x034] pnctxt : 0x0 [Type: _nestedctxt *]
[+0x038] dwSyncLevel : 0x0 [Type: unsigned long]
[+0x03c] pbOp : 0xf74c8da2 : 0x14 [Type: unsigned char *]
0: kd> db 0xf74c8da2-80
f74c8d22 34 00 34 00 01 02 47 01-38 00 38 00 01 02 47 01 4.4...G.8.8...G.
f74c8d32 3c 00 3c 00 01 02 47 01-50 00 50 00 01 04 47 01 <.<...G.P.P...G.
f74c8d42 72 00 72 00 01 06 47 01-80 00 80 00 01 01 47 01 r.r...G.......G.
f74c8d52 90 00 90 00 01 10 47 01-a4 00 a4 00 01 02 47 01 ......G.......G.
f74c8d62 a8 00 a8 00 01 02 47 01-ac 00 ac 00 01 02 47 01 ......G.......G.
f74c8d72 b0 00 b0 00 01 06 47 01-b8 00 b8 00 01 02 47 01 ......G.......G.
f74c8d82 bc 00 bc 00 01 02 47 01-00 01 00 01 01 40 47 01 ......G......@G.
f74c8d92 40 01 40 01 01 10 47 01-f0 0c f0 0c 01 02 79 00 @.@...G.......y.
0: kd> db 0xf74c8da2
f74c8da2 14 46 07 5f 43 52 53 08-8b 52 53 52 43 0a 9a 50 .F._CRS..RSRC..P
f74c8db2 4d 4d 4e 8b 52 53 52 43-0a 9c 50 4d 4d 58 7b 5e MMN.RSRC..PMMX{^
f74c8dc2 5e 5e 2e 50 57 52 5f 50-4d 42 41 0c fe ff ff ff ^^.PWR_PMBA.....
f74c8dd2 50 4d 4d 4e 70 50 4d 4d-4e 50 4d 4d 58 8b 52 53 PMMNpPMMNPMMX.RS
f74c8de2 52 43 0a a2 53 4d 4d 4e-8b 52 53 52 43 0a a4 53 RC..SMMN.RSRC..S
f74c8df2 4d 4d 58 7b 5e 5e 5e 2e-50 57 52 5f 53 42 42 41 MMX{^^^.PWR_SBBA
f74c8e02 0c fe ff ff ff 53 4d 4d-4e 70 53 4d 4d 4e 53 4d .....SMMNpSMMNSM
f74c8e12 4d 58 a4 52 53 52 43 5b-82 35 44 4d 41 43 08 5f MX.RSRC[.5DMAC._
参考:
最后结果:
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd68
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_term *)0x8997dd68)
((ACPI!_term *)0x8997dd68) : 0x8997dd68 [Type: _term *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpTerm : 0xf74c8ce6 : 0x8 [Type: unsigned char *]
[+0x014] pbOpEnd : 0x0 [Type: unsigned char *]
[+0x018] pbScopeEnd : 0xf74c8e19 : 0x5b [Type: unsigned char *]
[+0x01c] pamlterm : 0xf7438cf0 [Type: _amlterm *]
[+0x020] pnsObj : 0x899b24ac [Type: _NSObj *]
[+0x024] iArg : 2 [Type: int]
[+0x028] icArgs : 2 [Type: int]
[+0x02c] pdataArgs : 0x899b2200 [Type: _ObjData *]
[+0x030] pdataResult : 0x8997c040 [Type: _ObjData *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_NSObj *)0x899b24ac)
((ACPI!_NSObj *)0x899b24ac) : 0x899b24ac [Type: _NSObj *]
[+0x000] list [Type: _List]
[+0x008] pnsParent : 0x899b2300 [Type: _NSObj *]
[+0x00c] pnsFirstChild : 0x0 [Type: _NSObj *]
[+0x010] dwNameSeg : 0x43525352 [Type: unsigned long]
[+0x014] hOwner : 0x899af330 [Type: void *]
[+0x018] pnsOwnedNext : 0x899b2388 [Type: _NSObj *]
[+0x01c] ObjData [Type: _ObjData]
[+0x030] Context : 0x0 [Type: void *]
[+0x034] dwRefCount : 0x0 [Type: unsigned long]
0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_ObjData *)0x899b24c8))
(*((ACPI!_ObjData *)0x899b24c8)) [Type: _ObjData]
[+0x000] dwfData : 0x0 [Type: unsigned short]
[+0x002] dwDataType : 0x3 [Type: unsigned short]
[+0x004] dwRefCount : 0x0 [Type: unsigned long]
[+0x004] pdataBase : 0x0 [Type: _ObjData *]
[+0x008] dwDataValue : 0x0 [Type: unsigned long]
[+0x008] uipDataValue : 0x0 [Type: unsigned long]
[+0x008] pnsAlias : 0x0 [Type: _NSObj *]
[+0x008] pdataAlias : 0x0 [Type: _ObjData *]
[+0x008] powner : 0x0 [Type: void *]
[+0x00c] dwDataLen : 0xb2 [Type: unsigned long]
[+0x010] pbDataBuff : 0x899b23ec : 0x47 [Type: unsigned char *]
参考:
第一部分:
0: kd> kc
#
00 ACPI!ParseOpcode
01 ACPI!ParseArg
02 ACPI!ParseTerm
03 ACPI!RunContext
04 ACPI!InsertReadyQueue
第二部分:
0: kd> kc
#
00 ACPI!Buffer 里面把范围内的参数处理到pdataResult
01 ACPI!ParseTerm
02 ACPI!RunContext
03 ACPI!InsertReadyQueue
04 ACPI!RestartContext
第三部分:
0: kd> kc
#
00 ACPI!ParseTerm acpi!name 里面把参数里的复制过去。
01 ACPI!RunContext
先把参数处理好再调用acpi!name
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_term *)0x8997dd68)
((ACPI!_term *)0x8997dd68) : 0x8997dd68 [Type: _term *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpTerm : 0xf74c8ce6 : 0x8 [Type: unsigned char *]
[+0x014] pbOpEnd : 0x0 [Type: unsigned char *]
[+0x018] pbScopeEnd : 0xf74c8e19 : 0x5b [Type: unsigned char *]
[+0x01c] pamlterm : 0xf7438cf0 [Type: _amlterm *]
[+0x020] pnsObj : 0x899b24ac [Type: _NSObj *]
[+0x024] iArg : 2 [Type: int]
[+0x028] icArgs : 2 [Type: int]
[+0x02c] pdataArgs : 0x899b2200 [Type: _ObjData *]
[+0x030] pdataResult : 0x8997c040 [Type: _ObjData *] pdataResult : 0x8997c040
参考:
if (pterm->pdataArgs != NULL)
{
FreeDataBuffs(pterm->pdataArgs, pterm->icArgs);
FREEODOBJ(pterm->pdataArgs);
}
PopFrame(pctxt);
}
EXIT(2, ("ParseTerm=%x\n", rc));
return rc;
} //ParseTerm
参考2:
NTSTATUS LOCAL ParseOpcode(PCTXT pctxt, PUCHAR pbScopeEnd, POBJDATA pdataResult)
{
//
// Must be an ASL Term.
//
pctxt->pbOp++;
rc = PushTerm(pctxt, pbOpTerm, pbScopeEnd, pamlterm, pdataResult);
}
NTSTATUS LOCAL PushTerm(PCTXT pctxt, PUCHAR pbOpTerm, PUCHAR pbScopeEnd,
PAMLTERM pamlterm, POBJDATA pdataResult)
{
TRACENAME("PUSHTERM")
NTSTATUS rc = STATUS_SUCCESS;
PTERM pterm;
ENTER(2, ("PushTerm(pctxt=%x,pbOpTerm=%x,pbScopeEnd=%x,pamlterm=%x,pdataResult=%x)\n",
pctxt, pbOpTerm, pbScopeEnd, pamlterm, pdataResult));
if ((rc = PushFrame(pctxt, SIG_TERM, sizeof(TERM), ParseTerm, &pterm)) ==
STATUS_SUCCESS)
{
pterm->pbOpTerm = pbOpTerm;
pterm->pbScopeEnd = pbScopeEnd;
pterm->pamlterm = pamlterm;
pterm->pdataResult = pdataResult; 关键代码:pdataResult赋值到新的pterm->pdataResult中!!!