windbg学习24(!idt)
!idt显示指定的中断分配表(interrupt dispatch table (IDT))中的中断服务例程(interrupt service routine (ISR))
最典型的自陷int 2e,其中断表使用的是:
lkd> !idt 2e
Dumping IDT:
2e: 82c8369e nt!KiSystemService如不指定IDT,会简短的显示目标机中所有处理器的IDT:
lkd> !idt
Dumping IDT:
37: 82c29104 hal!PicSpuriousService37
51: 85e672d8 ataport!IdePortInterrupt (KINTERRUPT 85e67280)
ataport!IdePortInterrupt (KINTERRUPT 85e67000)
80: 869412d8 ndis!ndisMiniportMessageIsr (KINTERRUPT 86941280)
82: 86941cd8 9517ef00 (KINTERRUPT 86941c80)
90: 85e67558 pci!ExpressRootPortMessageRoutine (KINTERRUPT 85e67500)
91: 86fc4cd8 9460749a (KINTERRUPT 86fc4c80)
92: 86941a58 9519b486 (KINTERRUPT 86941a00)
951b67ab (KINTERRUPT 86941780)
9509dd47 (KINTERRUPT 86fc4a00)
a0: 85e677d8 pci!ExpressRootPortMessageRoutine (KINTERRUPT 85e67780)
a2: 86941558 9517ef00 (KINTERRUPT 86941500)
b0: 85e67a58 pci!ExpressRootPortMessageRoutine (KINTERRUPT 85e67a00)
b1: 85e67cd8 ACPI!ACPIInterruptServiceRoutine (KINTERRUPT 85e67c80)
b2: 86941058 951b67ab (KINTERRUPT 86941000)
c1: 82c293f4 hal!HalpBroadcastCallService
d1: 82c11634 hal!HalpHpetClockInterrupt
d2: 82c11898 hal!HalpHpetRolloverInterrupt
df: 82c291dc hal!HalpApicRebootService
e1: 82c29958 hal!HalpIpiHandler
e3: 82c296f8 hal!HalpLocalApicErrorService
fd: 82c29f2c hal!HalpProfileInterrupt
fe: 82c2a1a8 hal!HalpPerfInterrupt如果指定了-a,则显示所有IDT的ISR
lkd> !idt -a
Dumping IDT:
00: 82c84670 nt!KiTrap00
01: 82c84800 nt!KiTrap01
02: Task Selector = 0x0058
03: 82c46ffb nt!_imp__VidBitBlt <PERF> (nt+0xffb)
04: 82c84df8 nt!KiTrap04
05: 82c84f58 nt!KiTrap05
06: 82c850cc nt!KiTrap06
07: 82c856c8 nt!KiTrap07
08: Task Selector = 0x0050
09: 82c85b28 nt!KiTrap09
0a: 82c85c4c nt!KiTrap0A
0b: 82c85d8c nt!KiTrap0B
0c: 82c85fec nt!KiTrap0C
0d: 82c862dc nt!KiTrap0D
0e: 82c869ac nt!KiTrap0E
0f: 82c86d60 nt!KiTrap0F
10: 82c86e84 nt!KiTrap10
11: 82c86fc4 nt!KiTrap11
12: Task Selector = 0x00A0转载于:https://www.cnblogs.com/hgy413/archive/2013/02/18/3693428.html
手机扫一扫
移动阅读更方便
你可能感兴趣的文章