news 2026/4/16 14:10:39

win32k!RawInputThread线程分析之win32k!xxxRegisterForDeviceClassNotifications到win32k!RequestDeviceChange重要

张小明

前端开发工程师

1.2k 24

文章封面图 — win32k!RawInputThread线程分析之win32k!xxxRegisterForDeviceClassNotifications到win32k!RequestDeviceChange重要

win32k!RawInputThread线程分析之win32k!xxxRegisterForDeviceClassNotifications到win32k!OpenMultiplePortDevice到win32k!CreateDeviceInfo到win32k!RequestDeviceChange

win32k!RawInputThread线程分析之win32k!xxxRegisterForDeviceClassNotifications到win32k!RequestDeviceChange

Breakpoint 1 hit
win32k!RawInputThread:
bf8914ab 55 push ebp
0: kd> bd 1
0: kd> be 6
0: kd> g
Breakpoint 0 hit
win32k!xxxRegisterForDeviceClassNotifications:
bf8fd626 ?? ???
0: kd> kc
#
00 win32k!xxxRegisterForDeviceClassNotifications
01 win32k!RawInputThread
02 win32k!xxxCreateSystemThreads
03 win32k!NtUserCallOneParam
04 nt!_KiSystemService
05 SharedUserData!SystemCallStub
06 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 939]
01 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
02 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
03 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
04 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
05 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
06 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
0: kd> dv
Status = 0n8
DeviceType = 0xbf8fd626
ustrDriverName = ""
0: kd> g
Breakpoint 4 hit
win32k!OpenMultiplePortDevice:
bf8fd427 55 push ebp
0: kd> kc
#
00 win32k!OpenMultiplePortDevice
01 win32k!xxxRegisterForDeviceClassNotifications
02 win32k!RawInputThread
03 win32k!xxxCreateSystemThreads
04 win32k!NtUserCallOneParam
05 nt!_KiSystemService
06 SharedUserData!SystemCallStub
07 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabca90 bf8fd854 00000000 bfa03214 bfa01624 win32k!OpenMultiplePortDevice (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 826]
01 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
02 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
03 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
04 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
05 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
06 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
07 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
0: kd> dv
DeviceType = 0
DeviceName = "A"
uiConnectMultiplePorts = 0
awchDeviceName = unsigned short [260]
0: kd> bp nt!KeSetEvent
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc858 bf8fd4f0 00000000 baabc87c 00000001 win32k!CreateDeviceInfo (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 588]
01 baabca90 bf8fd854 00000000 bfa03214 bfa01624 win32k!OpenMultiplePortDevice+0xc9 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 896]
02 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
03 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
04 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
05 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
06 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
07 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
08 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
windbg> .open -a ffffffffbf8fd4f0

BOOL
OpenMultiplePortDevice(DWORD DeviceType)
{

} else {
DeviceName.Length = 0;
DeviceName.MaximumLength = sizeof(awchDeviceName);
DeviceName.Buffer = awchDeviceName;

RtlAppendUnicodeToString(&DeviceName, pDevTpl->pwszLegacyDevName);
pwchNameIndex = &DeviceName.Buffer[(DeviceName.Length / sizeof(WCHAR)) - 1];
for (*pwchNameIndex = L'0'; *pwchNameIndex <= L'9'; (*pwchNameIndex)++) {
CreateDeviceInfo(DeviceType, &DeviceName, GDIF_NOTPNP);
}
}
0: kd> ba e1 win32k!ProcessDeviceChanges
0: kd> bd 0
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc830 bf8fd1b2 e168f6c8 00000001 00000001 win32k!RequestDeviceChange (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 2521]
01 baabc858 bf8fd4f0 00000000 baabc87c 00000001 win32k!CreateDeviceInfo+0x2b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 708]
02 baabca90 bf8fd854 00000000 bfa03214 bfa01624 win32k!OpenMultiplePortDevice+0xc9 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 896]
03 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
04 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
05 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
06 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
07 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
08 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
09 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
0: kd> dv
pDeviceInfo = 0xe168f6c8
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe168f6c8
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe168f6c8)
((win32k!tagDEVICEINFO *)0xe168f6c8) : 0xe168f6c8 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0x0 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char] 0代表鼠标
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy0" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x8996b4c0 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]

0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc810 bf8fc870 8974a9e8 00000001 00000000 nt!KeSetEvent (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\ke\eventobj.c @ 378]
01 baabc830 bf8fd1b2 bfa54500 00000001 00000001 win32k!RequestDeviceChange+0x2ee (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 2617]
02 baabc858 bf8fd4f0 00000000 baabc87c 00000001 win32k!CreateDeviceInfo+0x2b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 708]
03 baabca90 bf8fd854 00000000 bfa03214 bfa01624 win32k!OpenMultiplePortDevice+0xc9 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 896]
04 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
05 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
06 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
07 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
08 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
09 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
0a 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc858 bf8fd4f0 00000000 baabc87c 00000001 win32k!CreateDeviceInfo (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 588]
01 baabca90 bf8fd854 00000000 bfa03214 bfa01624 win32k!OpenMultiplePortDevice+0xc9 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 896]
02 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
03 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
04 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
05 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
06 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
07 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
08 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy1"
bFlags = 0x01 ''
dwCritSecUseSave = 8

0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc830 bf8fd1b2 e167fd40 00000001 00000001 win32k!RequestDeviceChange (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 2521]
01 baabc858 bf8fd4f0 00000000 baabc87c 00000001 win32k!CreateDeviceInfo+0x2b3 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 708]
02 baabca90 bf8fd854 00000000 bfa03214 bfa01624 win32k!OpenMultiplePortDevice+0xc9 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 896]
03 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
04 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
05 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
06 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
07 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
08 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
09 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
0: kd> dv
pDeviceInfo = 0xe167fd40
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167fd40
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167fd40)
((win32k!tagDEVICEINFO *)0xe167fd40) : 0xe167fd40 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe168f6c8 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy1" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x896950c0 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]

0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((ntkrnlmp!_KEVENT *)0x8974a9e8)
((ntkrnlmp!_KEVENT *)0x8974a9e8) : 0x8974a9e8 [Type: _KEVENT *]
[+0x000] Header [Type: _DISPATCHER_HEADER]
0: kd> dx -id 0,0,ffffffff896a1248 -r1 (*((ntkrnlmp!_DISPATCHER_HEADER *)0x8974a9e8))
(*((ntkrnlmp!_DISPATCHER_HEADER *)0x8974a9e8)) [Type: _DISPATCHER_HEADER]
[+0x000] Type : 0x1 [Type: unsigned char]
[+0x001] Absolute : 0x0 [Type: unsigned char]
[+0x002] Size : 0x4 [Type: unsigned char]
[+0x003] Inserted : 0x0 [Type: unsigned char]
[+0x003] DebugActive : 0x0 [Type: unsigned char]
[+0x000] Lock : 262145 [Type: long]
[+0x004] SignalState : 1 [Type: long]
[+0x008] WaitListHead [Type: _LIST_ENTRY]

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy2"
bFlags = 0x01 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe167fbe0
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167fbe0
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167fbe0)
((win32k!tagDEVICEINFO *)0xe167fbe0) : 0xe167fbe0 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167fd40 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy2" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89695928 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]

0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy3"
bFlags = 0x01 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe167fa80
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167fa80
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167fa80)
((win32k!tagDEVICEINFO *)0xe167fa80) : 0xe167fa80 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167fbe0 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy3" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89699470 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((ntkrnlmp!_KEVENT *)0x8974a9e8)
((ntkrnlmp!_KEVENT *)0x8974a9e8) : 0x8974a9e8 [Type: _KEVENT *]
[+0x000] Header [Type: _DISPATCHER_HEADER]
0: kd> dx -id 0,0,ffffffff896a1248 -r1 (*((ntkrnlmp!_DISPATCHER_HEADER *)0x8974a9e8))
(*((ntkrnlmp!_DISPATCHER_HEADER *)0x8974a9e8)) [Type: _DISPATCHER_HEADER]
[+0x000] Type : 0x1 [Type: unsigned char]
[+0x001] Absolute : 0x0 [Type: unsigned char]
[+0x002] Size : 0x4 [Type: unsigned char]
[+0x003] Inserted : 0x0 [Type: unsigned char]
[+0x003] DebugActive : 0x0 [Type: unsigned char]
[+0x000] Lock : 262145 [Type: long]
[+0x004] SignalState : 1 [Type: long]
[+0x008] WaitListHead [Type: _LIST_ENTRY]

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe168f4f8
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe168f4f8
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe168f4f8)
((win32k!tagDEVICEINFO *)0xe168f4f8) : 0xe168f4f8 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167fa80 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy4" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89919c78 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]

0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy5"
bFlags = 0x01 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe168f398
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe168f398
fHasToLeaveUserCrit = 0x00 ''
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy6"
bFlags = 0x01 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe168f238
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe168f238
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe168f238)
((win32k!tagDEVICEINFO *)0xe168f238) : 0xe168f238 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe168f398 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy6" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89be0e10 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe168f0d8
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe168f0d8
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe168f0d8)
((win32k!tagDEVICEINFO *)0xe168f0d8) : 0xe168f0d8 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe168f238 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy7" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89a73e78 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

1: kd> g
Single step exception - code 80000004 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy8"
bFlags = 0x01 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe167f018
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167f018
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167f018)
((win32k!tagDEVICEINFO *)0xe167f018) : 0xe167f018 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe168f0d8 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy8" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89a73e50 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabc87c "\Device\PointerClassLegacy9"
bFlags = 0x01 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe167f6d0
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167f6d0
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167f6d0)
((win32k!tagDEVICEINFO *)0xe167f6d0) : 0xe167f6d0 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167f018 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\PointerClassLegacy9" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89a73e28 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!DeviceClassNotify
02 nt!PiNotifyDriverCallback
03 nt!IoRegisterPlugPlayNotification
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 0
pustrName = 0xbaabca6c "\??\ACPI#VMW0003#4&5289e18&0#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
bFlags = 0x00 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!DeviceClassNotify
03 nt!PiNotifyDriverCallback
04 nt!IoRegisterPlugPlayNotification
05 win32k!xxxRegisterForDeviceClassNotifications
06 win32k!RawInputThread
07 win32k!xxxCreateSystemThreads
08 win32k!NtUserCallOneParam
09 nt!_KiSystemService
0a SharedUserData!SystemCallStub
0b winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe167ceb8
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167ceb8
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167ceb8)
((win32k!tagDEVICEINFO *)0xe167ceb8) : 0xe167ceb8 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167f6d0 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x0 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\??\ACPI#VMW0003#4&5289e18&0#{378de44c-56ef-11d1-bc8c-00a0c91405dd}" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x89a73e00 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!DeviceClassNotify
04 nt!PiNotifyDriverCallback
05 nt!IoRegisterPlugPlayNotification
06 win32k!xxxRegisterForDeviceClassNotifications
07 win32k!RawInputThread
08 win32k!xxxCreateSystemThreads
09 win32k!NtUserCallOneParam
0a nt!_KiSystemService
0b SharedUserData!SystemCallStub
0c winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

1: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!DeviceClassNotify
02 nt!PiNotifyDriverCallback
03 nt!IoRegisterPlugPlayNotification
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!DeviceClassNotify
03 nt!PiNotifyDriverCallback
04 nt!IoRegisterPlugPlayNotification
05 win32k!xxxRegisterForDeviceClassNotifications
06 win32k!RawInputThread
07 win32k!xxxCreateSystemThreads
08 win32k!NtUserCallOneParam
09 nt!_KiSystemService
0a SharedUserData!SystemCallStub
0b winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe142f638
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe142f638
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe142f638)
((win32k!tagDEVICEINFO *)0xe142f638) : 0xe142f638 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167ceb8 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x0 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\??\HID#Vid_0e0f&Pid_0003&MI_00#8&28f6544d&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebe10 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!DeviceClassNotify
04 nt!PiNotifyDriverCallback
05 nt!IoRegisterPlugPlayNotification
06 win32k!xxxRegisterForDeviceClassNotifications
07 win32k!RawInputThread
08 win32k!xxxCreateSystemThreads
09 win32k!NtUserCallOneParam
0a nt!_KiSystemService
0b SharedUserData!SystemCallStub
0c winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!DeviceClassNotify
02 nt!PiNotifyDriverCallback
03 nt!IoRegisterPlugPlayNotification
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!DeviceClassNotify
03 nt!PiNotifyDriverCallback
04 nt!IoRegisterPlugPlayNotification
05 win32k!xxxRegisterForDeviceClassNotifications
06 win32k!RawInputThread
07 win32k!xxxCreateSystemThreads
08 win32k!NtUserCallOneParam
09 nt!_KiSystemService
0a SharedUserData!SystemCallStub
0b winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe142b5e0
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe142b5e0
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe142b5e0)
((win32k!tagDEVICEINFO *)0xe142b5e0) : 0xe142b5e0 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe142f638 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x0 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\??\HID#Vid_0e0f&Pid_0003&MI_01#8&51f168b&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebde8 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!DeviceClassNotify
04 nt!PiNotifyDriverCallback
05 nt!IoRegisterPlugPlayNotification
06 win32k!xxxRegisterForDeviceClassNotifications
07 win32k!RawInputThread
08 win32k!xxxCreateSystemThreads
09 win32k!NtUserCallOneParam
0a nt!_KiSystemService
0b SharedUserData!SystemCallStub
0c winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!DeviceClassNotify
02 nt!PiNotifyDriverCallback
03 nt!IoRegisterPlugPlayNotification
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc9c0 bf8fd3eb 00000000 baabca6c 00000000 win32k!CreateDeviceInfo (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 588]
01 baabc9e0 80c81dcd baabca44 00000000 00000000 win32k!DeviceClassNotify+0x1f1 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 802]
02 baabca18 80c85464 008fd1fa baabca44 00000000 nt!PiNotifyDriverCallback+0x161 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\notify.c @ 2655]
03 baabca78 bf8fd8b6 00000000 00000001 e1682aa8 nt!IoRegisterPlugPlayNotification+0x61e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\ntos\io\pnpmgr\notify.c @ 1982]
04 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x290 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1042]
05 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
06 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
07 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
08 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
09 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
0a 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
windbg> .open -a ffffffffbf8fd3eb
0: kd> dv
DeviceType = 0
pustrName = 0xbaabca6c "\??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
bFlags = 0x00 ''
dwCritSecUseSave = 8
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!DeviceClassNotify
03 nt!PiNotifyDriverCallback
04 nt!IoRegisterPlugPlayNotification
05 win32k!xxxRegisterForDeviceClassNotifications
06 win32k!RawInputThread
07 win32k!xxxCreateSystemThreads
08 win32k!NtUserCallOneParam
09 nt!_KiSystemService
0a SharedUserData!SystemCallStub
0b winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe167cd58
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe167cd58
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe167cd58)
((win32k!tagDEVICEINFO *)0xe167cd58) : 0xe167cd58 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe142b5e0 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x0 [Type: unsigned char]
[+0x00d] bFlags : 0x0 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebdc0 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!DeviceClassNotify
04 nt!PiNotifyDriverCallback
05 nt!IoRegisterPlugPlayNotification
06 win32k!xxxRegisterForDeviceClassNotifications
07 win32k!RawInputThread
08 win32k!xxxCreateSystemThreads
09 win32k!NtUserCallOneParam
0a nt!_KiSystemService
0b SharedUserData!SystemCallStub
0c winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x8974a9e8
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 4 hit
win32k!OpenMultiplePortDevice:
bf8fd427 55 push ebp
0: kd> kc
#
00 win32k!OpenMultiplePortDevice
01 win32k!xxxRegisterForDeviceClassNotifications
02 win32k!RawInputThread
03 win32k!xxxCreateSystemThreads
04 win32k!NtUserCallOneParam
05 nt!_KiSystemService
06 SharedUserData!SystemCallStub
07 winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe1647f18
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe1647f18
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe1647f18)
((win32k!tagDEVICEINFO *)0xe1647f18) : 0xe1647f18 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe167cd58 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x1 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\KeyboardClassLegacy0" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebd98 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x89bdf258
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> kc
#
00 win32k!CreateDeviceInfo
01 win32k!OpenMultiplePortDevice
02 win32k!xxxRegisterForDeviceClassNotifications
03 win32k!RawInputThread
04 win32k!xxxCreateSystemThreads
05 win32k!NtUserCallOneParam
06 nt!_KiSystemService
07 SharedUserData!SystemCallStub
08 winsrv!NtUserCallOneParam
0: kd> kv
# ChildEBP RetAddr Args to Child
00 baabc858 bf8fd4f0 00000001 baabc87c 00000001 win32k!CreateDeviceInfo (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 588]
01 baabca90 bf8fd854 00000001 bfa03214 bfa01624 win32k!OpenMultiplePortDevice+0xc9 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 896]
02 baabcac0 bf89191a bf9dd6a0 bf9dab54 00000088 win32k!xxxRegisterForDeviceClassNotifications+0x22e (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1027]
03 baabcd1c bf8b21b0 baacc4a0 00000002 baabcd48 win32k!RawInputThread+0x46f (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntinput.c @ 6200]
04 baabcd2c bf806d52 baacc4a0 baabcd58 0088fff4 win32k!xxxCreateSystemThreads+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 338]
05 baabcd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
06 baabcd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baabcd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
07 0088ffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
08 0088ffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
windbg> .open -a ffffffffbf8fd4f0
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> kc
#
00 win32k!RequestDeviceChange
01 win32k!CreateDeviceInfo
02 win32k!OpenMultiplePortDevice
03 win32k!xxxRegisterForDeviceClassNotifications
04 win32k!RawInputThread
05 win32k!xxxCreateSystemThreads
06 win32k!NtUserCallOneParam
07 nt!_KiSystemService
08 SharedUserData!SystemCallStub
09 winsrv!NtUserCallOneParam
0: kd> dv
pDeviceInfo = 0xe1687c28
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe1687c28
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe1687c28)
((win32k!tagDEVICEINFO *)0xe1687c28) : 0xe1687c28 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe1647f18 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x1 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\KeyboardClassLegacy1" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebd70 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 win32k!RequestDeviceChange
02 win32k!CreateDeviceInfo
03 win32k!OpenMultiplePortDevice
04 win32k!xxxRegisterForDeviceClassNotifications
05 win32k!RawInputThread
06 win32k!xxxCreateSystemThreads
07 win32k!NtUserCallOneParam
08 nt!_KiSystemService
09 SharedUserData!SystemCallStub
0a winsrv!NtUserCallOneParam
0: kd> dv
Event = 0x89bdf258
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''

0: kd> x win32k!apobjects
bfa6ed8c win32k!apObjects = 0x89692618
0: kd> dd 0x89692618
89692618 00000000 89bb0db8 89699498 89bdf258
89692628 00000000 89a2f948 89be0e60 00000000

0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> dv
pDeviceInfo = 0xe1679990
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe1679990
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe1679990)
((win32k!tagDEVICEINFO *)0xe1679990) : 0xe1679990 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe1425c10 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x1 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\KeyboardClassLegacy5" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebcd0 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> dv
pDeviceInfo = 0xe1432750
usAction = 1
fInDeviceInfoListCrit = 0n1
pDevTpl = 0xe1432750
fHasToLeaveUserCrit = 0x00 ''
0: kd> dx -id 0,0,ffffffff896a1248 -r1 ((win32k!tagDEVICEINFO *)0xe1432750)
((win32k!tagDEVICEINFO *)0xe1432750) : 0xe1432750 [Type: tagDEVICEINFO *]
[+0x000] head [Type: _HEAD]
[+0x008] pNext : 0xe1679990 [Type: tagDEVICEINFO *]
[+0x00c] type : 0x1 [Type: unsigned char]
[+0x00d] bFlags : 0x1 [Type: unsigned char]
[+0x00e] usActions : 0x0 [Type: unsigned short]
[+0x010] nRetryRead : 0x0 [Type: unsigned char]
[+0x014] ustrName : "\Device\KeyboardClassLegacy6" [Type: _UNICODE_STRING]
[+0x01c] handle : 0x0 [Type: void *]
[+0x020] NotificationEntry : 0x0 [Type: void *]
[+0x024] pkeHidChangeCompleted : 0x898ebca8 [Type: _KEVENT *]
[+0x028] iosb [Type: _IO_STATUS_BLOCK]
[+0x030] ReadStatus : 0 [Type: long]
[+0x034] OpenerProcess : 0x0 [Type: void *]
[+0x038] OpenStatus : 0 [Type: long]
[+0x03c] AttrStatus : 0 [Type: long]
[+0x040] timeStartRead : 0x0 [Type: unsigned long]
[+0x044] timeEndRead : 0x0 [Type: unsigned long]
[+0x048] nReadsOutstanding : 0 [Type: int]
[+0x04c] mouse [Type: tagMOUSE_DEVICE_INFO]
[+0x04c] keyboard [Type: tagKEYBOARD_DEVICE_INFO]
[+0x04c] hid [Type: tagHID_DEVICE_INFO]
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> g
Breakpoint 5 hit
win32k!CreateDeviceInfo:
bf8fceff 55 push ebp
0: kd> g
Breakpoint 6 hit
win32k!RequestDeviceChange:
bf8fc582 55 push ebp
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> dv
Event = 0x89bdf258
Increment = 0n1
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''
0: kd> g
Breakpoint 4 hit
win32k!OpenMultiplePortDevice:
bf8fd427 55 push ebp
0: kd> kc
#
00 win32k!OpenMultiplePortDevice
01 win32k!xxxRegisterForDeviceClassNotifications
02 win32k!RawInputThread
03 win32k!xxxCreateSystemThreads
04 win32k!NtUserCallOneParam
05 nt!_KiSystemService
06 SharedUserData!SystemCallStub
07 winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 CLASSPNP!ClassSignalCompletion
02 nt!IopfCompleteRequest
03 atapi!IdePortAlwaysStatusSuccessIrp
04 nt!IofCallDriver
05 imapi!ImapiDefaultIrpHandler
06 nt!IofCallDriver
07 CLASSPNP!ClasspCreateClose
08 CLASSPNP!ClassCreateClose
09 nt!IofCallDriver
0a redbook!RedBookSendToNextDriver
0b nt!IofCallDriver
0c nt!IopParseDevice
0d nt!ObpLookupObjectName
0e nt!ObOpenObjectByName
0f nt!IopCreateFile
10 nt!IoCreateFile
11 nt!NtOpenFile
12 nt!_KiSystemService
13 nt!ZwOpenFile
14 nt!IoGetDeviceObjectPointer
15 win32k!DeviceClassCDROMNotify
16 nt!PiNotifyDriverCallback
17 nt!IoRegisterPlugPlayNotification
18 win32k!RegisterCDROMNotify
19 win32k!xxxRegisterForDeviceClassNotifications
1a win32k!RawInputThread
1b win32k!xxxCreateSystemThreads
1c win32k!NtUserCallOneParam
1d nt!_KiSystemService
1e SharedUserData!SystemCallStub
1f winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 nt!IopfCompleteRequest
02 nt!IopInvalidDeviceRequest
03 nt!IofCallDriver
04 redbook!RedBookSendToNextDriver
05 nt!IofCallDriver
06 nt!IopCloseFile
07 nt!ObpDecrementHandleCount
08 nt!ObpCloseHandleTableEntry
09 nt!ObpCloseHandle
0a nt!NtClose
0b nt!_KiSystemService
0c nt!ZwClose
0d nt!IoGetDeviceObjectPointer
0e win32k!DeviceClassCDROMNotify
0f nt!PiNotifyDriverCallback
10 nt!IoRegisterPlugPlayNotification
11 win32k!RegisterCDROMNotify
12 win32k!`string'
13 win32k!RawInputThread
14 win32k!xxxCreateSystemThreads
15 win32k!NtUserCallOneParam
16 nt!_KiSystemService
17 SharedUserData!SystemCallStub
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> kc
#
00 nt!KeSetEvent
01 nt!IopCompleteRequest
02 nt!KiDeliverApc
03 hal!HalpApcInterrupt
04 hal!KfLowerIrql
05 nt!KiExitDispatcher
06 nt!KeInsertQueueApc
07 nt!IopfCompleteRequest
08 atapi!DeviceQueryDeviceRelations
09 atapi!IdePortDispatchPnp
0a nt!IofCallDriver
0b imapi!ImapiPnp
0c nt!IofCallDriver
0d CLASSPNP!ClassDispatchPnp
0e nt!IofCallDriver
0f redbook!RedBookSendToNextDriver
10 redbook!RedBookPnp
11 nt!IofCallDriver
12 nt!IopSynchronousCall
13 nt!IopGetRelatedTargetDevice
14 nt!IoRegisterPlugPlayNotification
15 win32k!DeviceClassCDROMNotify
16 nt!PiNotifyDriverCallback
17 nt!IoRegisterPlugPlayNotification
18 win32k!RegisterCDROMNotify
19 win32k!xxxRegisterForDeviceClassNotifications
1a win32k!RawInputThread
1b win32k!xxxCreateSystemThreads
1c win32k!NtUserCallOneParam
1d nt!_KiSystemService
1e SharedUserData!SystemCallStub
1f winsrv!NtUserCallOneParam
0: kd> g
Breakpoint 8 hit
nt!KeSetEvent:
80a34206 55 push ebp
0: kd> dv
Event = 0x8988da50
Increment = 0n0
Wait = 0x00 ''
OldState = 0n8
OldIrql = 0x89 ''
0: kd> bd 8
0: kd> g
Breakpoint 9 hit
win32k!ProcessDeviceChanges:
bf8fe215 0000 add byte ptr [eax],al
0: kd> kc
#
00 win32k!ProcessDeviceChanges
01 win32k!xxxDesktopThread
02 win32k!xxxCreateSystemThreads
03 win32k!NtUserCallOneParam
04 nt!_KiSystemService
05 SharedUserData!SystemCallStub
06 winsrv!NtUserCallOneParam
0: kd> dv
DeviceType = 2
nMice = 0xbf9cbe30
nMaxButtons = 0xbaa7c9dc
usOriginalActions = 0xeb6c
nChanges = 0n-1080139064
nWheels = 0xbf9ec3b8
nKeyboards = 0n-1
fKeyboardIdSet = 0xff ''
nHid = 0n-1080246736
dwCritSecUseSave = 0
dwDeviceInfoListCritSecUseSave = 0xbf9ec3b8

0: kd> kv
# ChildEBP RetAddr Args to Child
00 baa7ca04 bf8b123e 00000002 8969a168 bf8fe215 win32k!ProcessDeviceChanges (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\pnp.c @ 1973]
01 baa7cd1c bf8b21ba bfa70aa0 00000001 baa7cd48 win32k!xxxDesktopThread+0x437 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 594]
02 baa7cd2c bf806d52 bfa70aa0 baa7cd58 008cfff4 win32k!xxxCreateSystemThreads+0x9c (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\desktop.c @ 347]
03 baa7cd48 80afbcb2 00000000 00000022 80afb956 win32k!NtUserCallOneParam+0xa0 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 4789]
04 baa7cd48 7ffe0304 00000000 00000022 80afb956 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ baa7cd64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
05 008cffe0 75340774 75318a89 00000000 00000022 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
06 008cffe8 00000000 00000022 00000004 00000000 winsrv!NtUserCallOneParam+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 2683]
windbg> .open -a ffffffffbf8b123e

} else if (Status == ID_HIDCHANGE) {
TAGMSG0(DBGTAG_PNP | RIP_THERESMORE, "RIT wakes for HID Change");
EnterCrit();
ProcessDeviceChanges(DEVICE_TYPE_KEYBOARD);
LeaveCrit();
}
#ifdef GENERIC_INPUT
else if (Status == ID_TRUEHIDCHANGE) {
TAGMSG0(DBGTAG_PNP | RIP_THERESMORE, "RIT wakes for True HID Change");
EnterCrit();
ProcessDeviceChanges(DEVICE_TYPE_HID);
LeaveCrit();
}
#endif

VOID ProcessDeviceChanges(
DWORD DeviceType)
{

D:\srv03rtm\windows>grep "ID_HIDCHANGE" -nr D:\srv03rtm\windows\core\ntuser |grep -v "inary"|grep "define"
D:\srv03rtm\windows\core\ntuser/kernel/ntinput.c:112:#define ID_HIDCHANGE 3

#define ID_INPUT 0
#define ID_MOUSE 1

#define ID_TIMER 2
#define ID_HIDCHANGE 3
#define ID_SHUTDOWN 4

0: kd> r
eax=00000005 ebx=00000000 ecx=80ae2d98 edx=bfa6fd2c esi=e168aea8 edi=00000000
eip=bf8fe215 esp=baa7c9d4 ebp=baa7ca04 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000282
win32k!ProcessDeviceChanges:
bf8fe215 0000 add byte ptr [eax],al ds:0023:00000005=ff
0: kd> dd baa7c9d4
baa7c9d4 bf8a46ce 00000000 bf9ec3b8 bfa70aa0

版权声明: 本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若内容造成侵权/违法违规/事实不符，请联系邮箱：809451989@qq.com进行投诉反馈，一经查实，立即删除！

网站建设 2026/4/15 13:10:25

8 个自考文献综述工具，AI 写作降重推荐

8 个自考文献综述工具，AI 写作降重推荐论文写作的“三重门”：自考人不得不面对的现实对于正在备战自考的你来说，论文写作无疑是一道难以跨越的门槛。尤其是在撰写文献综述的过程中，不仅要查阅大量资料，还要对已有研究…

作者头像

李华

网站建设 2026/4/16 12:14:35

Cesium中实现动态扩散圆

概要 Cesium中实现动态扩散圆，关键函数仍然是czm_frameNumber。具体的方法参照上一篇流光线的实现方法，主要的思路就是控制片元的透明度即可。 DiffusionCircleMaterial.SOURCE czm_material czm_getMaterial(czm_materialInput materialInput) { cz…

作者头像

李华

网站建设 2026/4/16 13:31:17

PyTorch-CUDA基础镜像安装指南：Ubuntu下GPU环境一键部署教程

PyTorch-CUDA基础镜像安装指南：Ubuntu下GPU环境一键部署教程在深度学习项目开发中，最让人头疼的往往不是模型设计或调参，而是环境配置——“为什么代码在他机器上跑得好好的，在我这却报CUDA错误？”这种问题几乎每个A…

作者头像

李华

网站建设 2026/4/15 23:21:40

轻量化多模态模型Qwen3-VL-8B在内容审核中的应用探索

轻量化多模态模型Qwen3-VL-8B在内容审核中的应用探索在社交媒体日均产生数十亿条图文内容的今天，传统基于关键词和单一模态的审核方式早已捉襟见肘。一张看似普通的风景照配上“内部渠道，速来领取”的文案，可能暗藏诈骗诱导；一段…

作者头像

李华

网站建设 2026/4/14 2:27:29

LeetCode hot 100 —— 双指针（面试纯背版）（二）

双指针 1、移动零给定一个数组 nums，编写一个函数将所有 0 移动到数组的末尾，同时保持非零元素的相对顺序。请注意，必须在不复制数组的情况下原地对数组进行操作。示例 1: 输入: nums = [0,1,0,3,12] 输出: [1,3,12,0,0] 示例 2: 输入: nums = [0] 输出: [0] 提…

作者头像

李华

网站建设 2026/4/9 11:26:04

入门进阶必看：漏洞挖掘从任意文件读取到获取账户，完整利用步骤 + 原理科普一文掌握

一、任意文件读取开局我们通过扫描器获得一个任意文件读取漏洞，并且可列目。我们来看下代码当中的漏洞点： 这里对传入的参数filename未做任何过滤，可直接进行文件读取。 1.1思考那么通过任意文件读取漏洞我们都可以做什么？ …

作者头像

李华