ACPI!ParseScope函数分析中的ACPI!ParseOpcode到ACPI!ParseTerm中的ACPI!ParsePackageLen

ACPI!ParseScope函数分析中的ACPI!ParseOpcode到ACPI!ParseTerm中的ACPI!ParsePackageLen

Method (_CRS, 0, Serialized) // _CRS: Current Resource Settings
{
CreateWordField (RSRC, \_SB.PCI0.ISA.MBRD._Y0E._MIN, PMMN) // _MIN: Minimum Base Address
CreateWordField (RSRC, \_SB.PCI0.ISA.MBRD._Y0E._MAX, PMMX) // _MAX: Maximum Base Address
And (^^^PWR.PMBA, 0xFFFFFFFE, PMMN)
Store (PMMN, PMMX)
CreateWordField (RSRC, \_SB.PCI0.ISA.MBRD._Y0F._MIN, SMMN) // _MIN: Minimum Base Address
CreateWordField (RSRC, \_SB.PCI0.ISA.MBRD._Y0F._MAX, SMMX) // _MAX: Maximum Base Address
And (^^^PWR.SBBA, 0xFFFFFFFE, SMMN)
Store (SMMN, SMMX)
Return (RSRC)
}
}

0: kd> t
eax=8997dd00 ebx=f743a948 ecx=8997c000 edx=899af000 esi=8997c000 edi=8997dd9c
eip=f74274fd esp=f789a134 ebp=f789a158 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000282
ACPI!ParseScope:
f74274fd 55 push ebp
0: kd> kc
#
00 ACPI!ParseOpcode
01 ACPI!ParseScope
02 ACPI!RunContext
03 ACPI!InsertReadyQueue
04 ACPI!RestartContext
05 ACPI!SyncLoadDDB
06 ACPI!AMLILoadDDB
07 ACPI!ACPIInitializeDDB
08 ACPI!ACPIInitializeDDBs
09 ACPI!ACPIInitialize
0a ACPI!ACPIInitStartACPI
0b ACPI!ACPIRootIrpStartDevice
0c ACPI!ACPIDispatchIrp
0d nt!IofCallDriver
0e nt!IopSynchronousCall
0f nt!IopStartDevice
10 nt!PipProcessStartPhase1
11 nt!PipProcessDevNodeTree
12 nt!PipDeviceActionWorker
13 nt!PipRequestDeviceAction
14 nt!IopInitializeBootDrivers
15 nt!IoInitSystem
16 nt!Phase1Initialization
17 nt!PspSystemThreadStartup
18 nt!KiThreadStartup

0: kd> dv
pctxt = 0x8997c000
pscope = 0x8997dd9c
rc = 0n0
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_scope *)0x8997dd9c)
((ACPI!_scope *)0x8997dd9c) : 0x8997dd9c [Type: _scope *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpEnd : 0xf74c8e19 : 0x5b [Type: unsigned char *]
[+0x014] pbOpRet : 0x0 [Type: unsigned char *]
[+0x018] pnsPrevScope : 0x899b2278 [Type: _NSObj *]
[+0x01c] pownerPrev : 0x899af330 [Type: _objowner *]
[+0x020] pheapPrev : 0x899af000 [Type: _heap *]
[+0x024] pdataResult : 0x8997c040 [Type: _ObjData *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ctxt *)0x8997c000)
((ACPI!_ctxt *)0x8997c000) : 0x8997c000 [Type: _ctxt *]
[+0x000] dwSig : 0x54585443 [Type: unsigned long]
[+0x004] pbCtxtEnd : 0x8997e000 : 0x54 [Type: unsigned char *]
[+0x008] listCtxt [Type: _List]
[+0x010] listQueue [Type: _List]
[+0x018] pplistCtxtQueue : 0x0 [Type: _List * *]
[+0x01c] plistResources : 0x0 [Type: _List *]
[+0x020] dwfCtxt : 0x10 [Type: unsigned long]
[+0x024] pnsObj : 0x0 [Type: _NSObj *]
[+0x028] pnsScope : 0x899b2300 [Type: _NSObj *]
[+0x02c] powner : 0x899af330 [Type: _objowner *]
[+0x030] pcall : 0x8997df34 [Type: _call *]
[+0x034] pnctxt : 0x0 [Type: _nestedctxt *]
[+0x038] dwSyncLevel : 0x0 [Type: unsigned long]
[+0x03c] pbOp : 0xf74c8da2 : 0x14 [Type: unsigned char *]

0: kd> db 0xf74c8da2
f74c8da21446 075f 43 52 53 08-8b 52 53 52 43 0a 9a 50 .F._CRS..RSRC..P
f74c8db2 4d 4d 4e 8b 52 53 52 43-0a 9c 50 4d 4d 58 7b 5e MMN.RSRC..PMMX{^
f74c8dc2 5e 5e 2e 50 57 52 5f 50-4d 42 41 0c fe ff ff ff ^^.PWR_PMBA.....
f74c8dd2 50 4d 4d 4e 70 50 4d 4d-4e 50 4d 4d 58 8b 52 53 PMMNpPMMNPMMX.RS
f74c8de2 52 43 0a a2 53 4d 4d 4e-8b 52 53 52 43 0a a4 53 RC..SMMN.RSRC..S
f74c8df2 4d 4d 58 7b 5e 5e 5e 2e-50 57 52 5f 53 42 42 41 MMX{^^^.PWR_SBBA
f74c8e02 0c fe ff ff ff 53 4d 4d-4e 70 53 4d 4d 4e 53 4d .....SMMNpSMMNSM
f74c8e12 4d 58 a4 52 53 52 43 5b-82 35 44 4d 41 43 08 5f MX.RSRC[.5DMAC._

0: kd> ?0xf74c8e19-0xf74c8da2
Evaluate expression: 119 = 00000077

case 1:
Stage1:
//
// Stage 1: Parse next opcode.
//
if (rc == AMLISTA_BREAK)
{
pctxt->pbOp = pscope->pbOpEnd;
rc = STATUS_SUCCESS;
}
else
{
while (pctxt->pbOp < pscope->pbOpEnd)
{

//
// Discard result of previous term if any.
//
FreeDataBuffs(pscope->pdataResult, 1);
if (((rc = ParseOpcode(pctxt, pscope->pbOpEnd,
pscope->pdataResult)) !=
STATUS_SUCCESS) ||
(&pscope->FrameHdr !=
(PFRAMEHDR)pctxt->LocalHeap.pbHeapEnd))
{
break;
}
}

0: kd> db 0xf74c8da2
f74c8da2 14 46 07 5f 43 52 53 08-8b 52 53 52 43 0a 9a 50 .F._CRS..RSRC..P
f74c8db2 4d 4d 4e 8b 52 53 52 43-0a 9c 50 4d 4d 58 7b 5e MMN.RSRC..PMMX{^
f74c8dc2 5e 5e 2e 50 57 52 5f 50-4d 42 41 0c fe ff ff ff ^^.PWR_PMBA.....
f74c8dd2 50 4d 4d 4e 70 50 4d 4d-4e 50 4d 4d 58 8b 52 53 PMMNpPMMNPMMX.RS
f74c8de2 52 43 0a a2 53 4d 4d 4e-8b 52 53 52 43 0a a4 53 RC..SMMN.RSRC..S
f74c8df2 4d 4d 58 7b 5e 5e 5e 2e-50 57 52 5f 53 42 42 41 MMX{^^^.PWR_SBBA
f74c8e02 0c fe ff ff ff 53 4d 4d-4e 70 53 4d 4d 4e 53 4d .....SMMNpSMMNSM
f74c8e12 4d 58 a4 52 53 52 43 5b-82 35 44 4d 41 43 08 5f MX.RSRC[.5DMAC._

0: kd> x ACPI!OpcodeTable
f74396b0 ACPI!OpcodeTable = struct _amlterm *[256]
0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_amlterm * (*)[256])0xf74396b0))
(*((ACPI!_amlterm * (*)[256])0xf74396b0)) [Type: _amlterm * [256]]

[20] : 0xf7438e70 [Type: _amlterm *]

0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_amlterm *)0xf7438e70)
((ACPI!_amlterm *)0xf7438e70) : 0xf7438e70 [Type: _amlterm *]
[+0x000] pszTermName : 0xf742c6b8 : "Method" [Type: char *]
[+0x004] dwOpcode : 0x14 [Type: unsigned long]
[+0x008] pszArgTypes : 0xf742c6d0 : "NB" [Type: char *]
[+0x00c] dwTermClass : 0x2 [Type: unsigned long]
[+0x010] dwfOpcode : 0x1 [Type: unsigned long]
[+0x014] pfnCallBack : 0x0 [Type: long (__cdecl*)(unsigned long,unsigned long,_NSObj *,unsigned long)]
[+0x018] dwCBData : 0x0 [Type: unsigned long]
[+0x01c] pfnOpcode : 0xf742162e [Type: long (__cdecl*)()]
0: kd> u f742162e
ACPI!Method [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\namedobj.c @ 589]:
f742162e 55 push ebp
f742162f 8bec mov ebp,esp
f7421631 83ec0c sub esp,0Ch
f7421634 53 push ebx
f7421635 56 push esi
f7421636 57 push edi
f7421637 6a01 push 1
f7421639 68184643f7 push offset ACPI!`string' (f7434618)

else
{
//
// Must be an ASL Term.
//
pctxt->pbOp++;
rc = PushTerm(pctxt, pbOpTerm, pbScopeEnd, pamlterm, pdataResult);
}

0: kd> dx -id 0,0,899a2278 -r1 (*((ACPI!_heap *)0xf7438f2c))
(*((ACPI!_heap *)0xf7438f2c)) [Type: _heap]
[+0x000] dwSig : 0xf7421d37 [Type: unsigned long]
[+0x004] pbHeapEnd : 0xf742c674 : 0x42 [Type: unsigned char *]
[+0x008] pheapHead : 0xa5 [Type: _heap *]
[+0x00c] pheapNext : 0x0 [Type: _heap *]
[+0x010] pbHeapTop : 0x3 : Unable to read memory at Address 0x3 [Type: unsigned char *]
[+0x014] plistFreeHeap : 0x0 [Type: _List *]
[+0x018] Heap [Type: _heapobjhdr]

0: kd> t
eax=8997dd00 ebx=f743a948 ecx=8997c000 edx=00000028 esi=8997c000 edi=8997dd68
eip=f7427a34 esp=f789a134 ebp=f789a158 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000282
ACPI!ParseTerm:
f7427a34 55 push ebp
0: kd> kc
#
00 ACPI!ParseTerm
01 ACPI!RunContext
02 ACPI!InsertReadyQueue
03 ACPI!RestartContext
04 ACPI!SyncLoadDDB
05 ACPI!AMLILoadDDB
06 ACPI!ACPIInitializeDDB
07 ACPI!ACPIInitializeDDBs
08 ACPI!ACPIInitialize
09 ACPI!ACPIInitStartACPI
0a ACPI!ACPIRootIrpStartDevice
0b ACPI!ACPIDispatchIrp
0c nt!IofCallDriver
0d nt!IopSynchronousCall
0e nt!IopStartDevice
0f nt!PipProcessStartPhase1
10 nt!PipProcessDevNodeTree
11 nt!PipDeviceActionWorker
12 nt!PipRequestDeviceAction
13 nt!IopInitializeBootDrivers
14 nt!IoInitSystem
15 nt!Phase1Initialization
16 nt!PspSystemThreadStartup
17 nt!KiThreadStartup
0: kd> dv
pctxt = 0x8997c000
pterm = 0x8997dd68
rc = 0n0
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_term *)0x8997dd68)
((ACPI!_term *)0x8997dd68) : 0x8997dd68 [Type: _term *]
[+0x000] FrameHdr [Type: _framehdr]
[+0x010] pbOpTerm : 0xf74c8da2 : 0x14 [Type: unsigned char *]
[+0x014] pbOpEnd : 0x0 [Type: unsigned char *]
[+0x018] pbScopeEnd : 0xf74c8e19 : 0x5b [Type: unsigned char *]
[+0x01c] pamlterm : 0xf7438e70 [Type: _amlterm *]
[+0x020] pnsObj : 0x0 [Type: _NSObj *]
[+0x024] iArg : 0 [Type: int]
[+0x028] icArgs : 2 [Type: int]
[+0x02c] pdataArgs : 0x899b2200 [Type: _ObjData *]
[+0x030] pdataResult : 0x8997c040 [Type: _ObjData *]
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_amlterm *)0xf7438e70)
((ACPI!_amlterm *)0xf7438e70) : 0xf7438e70 [Type: _amlterm *]
[+0x000] pszTermName : 0xf742c6b8 : "Method" [Type: char *]
[+0x004] dwOpcode : 0x14 [Type: unsigned long]
[+0x008] pszArgTypes : 0xf742c6d0 : "NB" [Type: char *]
[+0x00c] dwTermClass : 0x2 [Type: unsigned long]
[+0x010] dwfOpcode : 0x1 [Type: unsigned long]
[+0x014] pfnCallBack : 0x0 [Type: long (__cdecl*)(unsigned long,unsigned long,_NSObj *,unsigned long)]
[+0x018] dwCBData : 0x0 [Type: unsigned long]
[+0x01c] pfnOpcode : 0xf742162e [Type: long (__cdecl*)()]
0: kd> u f742162e
ACPI!Method [d:\srv03rtm\base\busdrv\acpi\driver\amlinew\namedobj.c @ 589]:
f742162e 55 push ebp
f742162f 8bec mov ebp,esp
f7421631 83ec0c sub esp,0Ch
f7421634 53 push ebx
f7421635 56 push esi
f7421636 57 push edi
f7421637 6a01 push 1
f7421639 68184643f7 push offset ACPI!`string' (f7434618)

0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!_ctxt *)0x8997c000)
((ACPI!_ctxt *)0x8997c000) : 0x8997c000 [Type: _ctxt *]
[+0x000] dwSig : 0x54585443 [Type: unsigned long]
[+0x004] pbCtxtEnd : 0x8997e000 : 0x54 [Type: unsigned char *]
[+0x008] listCtxt [Type: _List]
[+0x010] listQueue [Type: _List]
[+0x018] pplistCtxtQueue : 0x0 [Type: _List * *]
[+0x01c] plistResources : 0x0 [Type: _List *]
[+0x020] dwfCtxt : 0x10 [Type: unsigned long]
[+0x024] pnsObj : 0x0 [Type: _NSObj *]
[+0x028] pnsScope : 0x899b2300 [Type: _NSObj *]
[+0x02c] powner : 0x899af330 [Type: _objowner *]
[+0x030] pcall : 0x8997df34 [Type: _call *]
[+0x034] pnctxt : 0x0 [Type: _nestedctxt *]
[+0x038] dwSyncLevel : 0x0 [Type: unsigned long]
[+0x03c] pbOp : 0xf74c8da3 : 0x46 [Type: unsigned char *]

0: kd> db 0xf74c8da3
f74c8da3 46 07 5f 43 52 53 08 8b-52 53 52 43 0a 9a 50 4d F._CRS..RSRC..PM
f74c8db3 4d 4e 8b 52 53 52 43 0a-9c 50 4d 4d 58 7b 5e 5e MN.RSRC..PMMX{^^
f74c8dc3 5e 2e 50 57 52 5f 50 4d-42 41 0c fe ff ff ff 50 ^.PWR_PMBA.....P
f74c8dd3 4d 4d 4e 70 50 4d 4d 4e-50 4d 4d 58 8b 52 53 52 MMNpPMMNPMMX.RSR
f74c8de3 43 0a a2 53 4d 4d 4e 8b-52 53 52 43 0a a4 53 4d C..SMMN.RSRC..SM
f74c8df3 4d 58 7b 5e 5e 5e 2e 50-57 52 5f 53 42 42 41 0c MX{^^^.PWR_SBBA.
f74c8e03 fe ff ff ff 53 4d 4d 4e-70 53 4d 4d 4e 53 4d 4d ....SMMNpSMMNSMM
f74c8e13 58 a4 52 53 52 43 5b 82-35 44 4d 41 43 08 5f 48 X.RSRC[.5DMAC._H

if (pterm->pamlterm->dwfOpcode & OF_VARIABLE_LIST)
{
ParsePackageLen(&pctxt->pbOp, &pterm->pbOpEnd);
}

0: kd> t
eax=8997c03c ebx=8997c000 ecx=8997c000 edx=00000028 esi=8997dd68 edi=00000000
eip=f74266a0 esp=f789a118 ebp=f789a130 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
ACPI!ParsePackageLen:
f74266a0 55 push ebp
0: kd> dv
ppbOp = 0x8997c03c
ppbOpNext = 0x8997dd7c

dwLen = (ULONG)(**ppbOp); edi=00000046

0: kd> p
eax=f74c8da4 ebx=8997dd7c ecx=8997c000 edx=00000001 esi=8997c03c edi=00000046
eip=f74266f1 esp=f789a108 ebp=f789a114 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
ACPI!ParsePackageLen+0x51:
f74266f1 83e70f and edi,0Fh

dwLen &= 0x0000000f; edi=00000006
0: kd> p
eax=f74c8da4 ebx=8997dd7c ecx=8997c000 edx=00000001 esi=8997c03c edi=00000006
eip=f7426702 esp=f789a108 ebp=f789a114 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
ACPI!ParsePackageLen+0x62:
f7426702 0fb618 movzx ebx,byte ptr [eax] ds:0023:f74c8da4=07

dwLen |= (ULONG)(**ppbOp) << (i*8 + 4); edi=00000076
0: kd> p
eax=f74c8da4 ebx=00000070 ecx=00000004 edx=00000001 esi=8997c03c edi=00000076
eip=f7426710 esp=f789a108 ebp=f789a114 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
ACPI!ParsePackageLen+0x70:
f7426710 40 inc eax

0: kd> dv
ppbOp = 0x0000000c
ppbOpNext = 0x8997dd7c
0: kd> dx -id 0,0,899a2278 -r1 ((ACPI!unsigned char * *)0x8997dd7c)
((ACPI!unsigned char * *)0x8997dd7c) : 0x8997dd7c [Type: unsigned char * *]
0xf74c8e19 : 0x5b [Type: unsigned char *]

ppbOpNext 表示需要解析的下一个字节。