Windbg
windbg !drvobj命令
2023-09-05
17
0
drvobj 扩展显示有关DRIVER_OBJECT的详细信息。
详见:https://learn.microsoft.com/zh-cn/windows-hardware/drivers/debugger/-drvobj?view=vs-2017
!drvobj DriverObject [Flags]
- bit0:使显示器包含驱动程序拥有的设备对象
- bit1:显示IRP相关的入口
- bit2:显示驱动对象
2: kd> !drvobj ffffe309ba904aa0 7
Driver object (ffffe309ba904aa0) is for:
\Driver\USBXHCI
Driver Extension List: (id , addr)
(fffff80df285b290 ffffe309caac4f30)
Device Object list:
ffffe309c9f08560 ffffe309c9f54a40
DriverEntry: fffff80dfc4cfa90
DriverStartIo: 00000000
DriverUnload: fffff80df2fe28d0
AddDevice: fffff80df2816240
Dispatch routines:
[00] IRP_MJ_CREATE fffff80df2fe27f8 +0xfffff80df2fe27f8
[01] IRP_MJ_CREATE_NAMED_PIPE fffff80df2fe27f8 +0xfffff80df2fe27f8
[02] IRP_MJ_CLOSE fffff80df2fe27f8 +0xfffff80df2fe27f8
[03] IRP_MJ_READ fffff80df2fe27f8 +0xfffff80df2fe27f8
[04] IRP_MJ_WRITE fffff80df2fe27f8 +0xfffff80df2fe27f8
[05] IRP_MJ_QUERY_INFORMATION fffff80df2fe27f8 +0xfffff80df2fe27f8
[06] IRP_MJ_SET_INFORMATION fffff80df2fe27f8 +0xfffff80df2fe27f8
[07] IRP_MJ_QUERY_EA fffff80df2fe27f8 +0xfffff80df2fe27f8
[08] IRP_MJ_SET_EA fffff80df2fe27f8 +0xfffff80df2fe27f8
[09] IRP_MJ_FLUSH_BUFFERS fffff80df2fe27f8 +0xfffff80df2fe27f8
[0a] IRP_MJ_QUERY_VOLUME_INFORMATION fffff80df2fe27f8 +0xfffff80df2fe27f8
[0b] IRP_MJ_SET_VOLUME_INFORMATION fffff80df2fe27f8 +0xfffff80df2fe27f8
[0c] IRP_MJ_DIRECTORY_CONTROL fffff80df2fe27f8 +0xfffff80df2fe27f8
[0d] IRP_MJ_FILE_SYSTEM_CONTROL fffff80df2fe27f8 +0xfffff80df2fe27f8
[0e] IRP_MJ_DEVICE_CONTROL fffff80df2fe27f8 +0xfffff80df2fe27f8
[0f] IRP_MJ_INTERNAL_DEVICE_CONTROL fffff80df2fe28c0 +0xfffff80df2fe28c0
[10] IRP_MJ_SHUTDOWN fffff80df2fe27f8 +0xfffff80df2fe27f8
[11] IRP_MJ_LOCK_CONTROL fffff80df2fe27f8 +0xfffff80df2fe27f8
[12] IRP_MJ_CLEANUP fffff80df2fe27f8 +0xfffff80df2fe27f8
[13] IRP_MJ_CREATE_MAILSLOT fffff80df2fe27f8 +0xfffff80df2fe27f8
[14] IRP_MJ_QUERY_SECURITY fffff80df2fe27f8 +0xfffff80df2fe27f8
[15] IRP_MJ_SET_SECURITY fffff80df2fe27f8 +0xfffff80df2fe27f8
[16] IRP_MJ_POWER fffff80df2fe27f8 +0xfffff80df2fe27f8
[17] IRP_MJ_SYSTEM_CONTROL fffff80df2fe27f8 +0xfffff80df2fe27f8
[18] IRP_MJ_DEVICE_CHANGE fffff80df2fe27f8 +0xfffff80df2fe27f8
[19] IRP_MJ_QUERY_QUOTA fffff80df2fe27f8 +0xfffff80df2fe27f8
[1a] IRP_MJ_SET_QUOTA fffff80df2fe27f8 +0xfffff80df2fe27f8
[1b] IRP_MJ_PNP fffff80df2fe27f8 +0xfffff80df2fe27f8
Device Object stacks:
!devstack ffffe309c9f08560 :
!DevObj !DrvObj !DevExt ObjectName
ffffe309ceb71660 \Driver\USBHUB3 ffffe309ced55600
ffffe309ceb65830 \Driver\ACPI ffffe3097c989c60
> ffffe309c9f08560 \Driver\USBXHCI ffffe309c9f079c0 USBPDO-0
!DevNode ffffe309ceb66720 :
DeviceInst is "USB\ROOT_HUB30\4&31789dfb&0&0"
ServiceName is "USBHUB3"
!devstack ffffe309c9f54a40 :
!DevObj !DrvObj !DevExt ObjectName
> ffffe309c9f54a40 \Driver\USBXHCI ffffe309c9f1e310 USBFDO-0
ffffe3097c9e0c40 \Driver\ACPI ffffe3097c98a8b0
ffffe3097c9ec840 \Driver\pci ffffe3097c9ec990 NTPNP_PCI0003
!DevNode ffffe3097c9d8d30 :
DeviceInst is "PCI\VEN_8086&DEV_A12F&SUBSYS_72708086&REV_31\3&11583659&0&A0"
ServiceName is "USBXHCI"
