调试笔记:模拟执行实模式代码的栈回溯
以下是Vista的VGA驱动程序发起调用BIOS的显示服务(INT 10)时系统模拟执行实模式代码的过程(栈回溯)。以Xm开头的那些函数是HAL中专门用来实现模拟功能的。
kd> kPL 100
ChildEBP RetAddr
803d0a1c 828c250c nt!RtlpBreakWithStatusInstruction
803d0a24 828c24be nt!KdCheckForDebugBreak+0x22
803d0a44 828c202d nt!KeUpdateRunTime+0x271
803d0a44 82bd4c0c nt!KeUpdateSystemTime+0xed
803d0ad8 82bd4e40 hal!XmAddOperands+0x31
803d0ae8 82bd47d1 hal!XmAddOp+0xf
803d0af8 82bd4895 hal!XmEmulateStream+0xb9
803d0b14 82bd3f1d hal!XmEmulateInterrupt+0x80
803d0b28 82bd0116 hal!x86BiosExecuteInterruptShadowed+0x43
803d0b44 8a2a54ab hal!x86BiosCall+0x22
803d0b78 8a2a9670 VIDEOPRT!VpInt10CallBiosEmulated+0x75
803d0bac 91504e36 VIDEOPRT!VideoPortInt10Emulated+0x4b
803d0be0 8a2b08cc vgapnp!VgaSetPowerState+0x70
803d0c64 8280f827 VIDEOPRT!pVideoPortPowerDispatch+0x880
803d0c7c 828c6045 nt!IopPoHandleIrp+0x28
803d0c8c 8281055e nt!IofCallDriver+0x55
803d0c94 82e57c61 nt!PoCallDriver+0x10
803d0cb4 82e57d28 Wdf01000!FxPkgFdo::RaiseDevicePower+0x50
803d0cc8 82e57d5d Wdf01000!FxPkgFdo::DispatchDeviceSetPower+0xb6
803d0cd4 82e4abcf Wdf01000!FxPkgFdo::_DispatchSetPower+0x23
803d0cf8 82e34665 Wdf01000!FxPkgPnp::Dispatch+0x2a6
803d0d04 82e34888 Wdf01000!FxDevice::Dispatch+0x7f
803d0d20 8280f294 Wdf01000!FxDevice::DispatchWithLock+0x7b
803d0d7c 829dfa1c nt!PopIrpWorker+0x40f
803d0dc0 82838a3e nt!PspSystemThreadStartup+0x9d
00000000 00000000 nt!KiThreadStartup+0x16
AFAIK,这种做法在微软的公开文档中从未提及。 因此,对于大多数微软之外的人来说,只有通过调试来了解它了。