Dumping IDT:37: 817d0acc hal!HalpX86InterruptSpuriousService
c0: 817d0b78 hal!HalpX86InterruptStubService
d1: 817d1878 hal!HalpTimerClockInterrupt
d2: 817d1b54 hal!HalpTimerClockIpiRoutine
df: 817d1128 hal!HalpX86InterruptRebootService
e1: 817d1388 hal!HalpX86InterruptIpiService
e2: 817d0e50 hal!HalpX86InterruptLocalErrorService
fd: 817d210c hal!HalpTimerProfileInterrupt
fe: 817d23f0 hal!HalpPerfInterrupt!idt -a:
Dumping IDT:00: 8131b1dc nt!KiTrap00
01: 8131b38c nt!KiTrap01
02: Task Selector = 0x0058
03: 8131b890 nt!KiTrap03
04: 8131ba58 nt!KiTrap04
05: 8131bc00 nt!KiTrap05
06: 8131bdb4 nt!KiTrap06
07: 8131c4b4 nt!KiTrap07
08: Task Selector = 0x0050
09: 8131c6a8 nt!KiTrap09
0a: 8131c804 nt!KiTrap0A
0b: 8131c978 nt!KiTrap0B
0c: 8131cc38 nt!KiTrap0C
0d: 8131cf94 nt!KiTrap0D
0e: 8131d6fc nt!KiTrap0E
0f: 8131d9b0 nt!KiTrap0F
10: 8131db08 nt!KiTrap10
11: 8131dd58 nt!KiTrap11
12: Task Selector = 0x00A0
13: 8131df00 nt!KiTrap13
14: 8131d9b0 nt!KiTrap0F
15: 8131d9b0 nt!KiTrap0F
16: 8131d9b0 nt!KiTrap0F
17: 8131d9b0 nt!KiTrap0F
18: 8131d9b0 nt!KiTrap0F
19: 8131d9b0 nt!KiTrap0F
1a: 8131d9b0 nt!KiTrap0F
1b: 8131d9b0 nt!KiTrap0F
1c: 8131d9b0 nt!KiTrap0F
1d: 8131d9b0 nt!KiTrap0F
1e: 8131d9b0 nt!KiTrap0F
1f: 817d0acc hal!HalpX86InterruptSpuriousService
20: 00000000
21: 00000000
22: 00000000
23: 00000000
24: 00000000
25: 00000000
26: 00000000
27: 00000000
28: 00000000
29: 8131a614 nt!KiRaiseSecurityCheckFailure
2a: 8131a7ca nt!KiGetTickCount
2b: 8131a980 nt!KiCallbackReturn
2c: 8131aac8 nt!KiRaiseAssertion
2d: 8131b730 nt!KiDebugService
2e: 8131a10e nt!KiSystemService
2f: 8131d9b0 nt!KiTrap0F
30: 81319600 nt!KiUnexpectedInterrupt0
31: 8131960c nt!KiUnexpectedInterrupt1
32: 81319618 nt!KiUnexpectedInterrupt2
33: 81319624 nt!KiUnexpectedInterrupt3
34: 81319630 nt!KiUnexpectedInterrupt4
35: 8131963c nt!KiUnexpectedInterrupt5
36: 81319648 nt!KiUnexpectedInterrupt6
37: 817d0acc hal!HalpX86InterruptSpuriousService
38: 81319660 nt!KiUnexpectedInterrupt8
39: 8131966c nt!KiUnexpectedInterrupt9
3a: 81319678 nt!KiUnexpectedInterrupt10
3b: 81319684 nt!KiUnexpectedInterrupt11
3c: 81319690 nt!KiUnexpectedInterrupt12
3d: 8131969c nt!KiUnexpectedInterrupt13
3e: 813196a8 nt!KiUnexpectedInterrupt14
3f: 813196b4 nt!KiUnexpectedInterrupt15
40: 813196c0 nt!KiUnexpectedInterrupt16
41: 813196cc nt!KiUnexpectedInterrupt17
42: 813196d8 nt!KiUnexpectedInterrupt18
43: 813196e4 nt!KiUnexpectedInterrupt19
44: 813196f0 nt!KiUnexpectedInterrupt20
45: 813196fc nt!KiUnexpectedInterrupt21
46: 81319708 nt!KiUnexpectedInterrupt22
47: 81319714 nt!KiUnexpectedInterrupt23
48: 81319720 nt!KiUnexpectedInterrupt24
49: 8131972c nt!KiUnexpectedInterrupt25
4a: 81319738 nt!KiUnexpectedInterrupt26
4b: 81319744 nt!KiUnexpectedInterrupt27
4c: 81319750 nt!KiUnexpectedInterrupt28
4d: 8131975c nt!KiUnexpectedInterrupt29
4e: 81319768 nt!KiUnexpectedInterrupt30
4f: 81319774 nt!KiUnexpectedInterrupt31
50: 81319780 nt!KiUnexpectedInterrupt32
51: 8131978c nt!KiUnexpectedInterrupt33
52: 81319798 nt!KiUnexpectedInterrupt34
53: 813197a4 nt!KiUnexpectedInterrupt35
54: 813197b0 nt!KiUnexpectedInterrupt36
55: 813197bc nt!KiUnexpectedInterrupt37
56: 813197c8 nt!KiUnexpectedInterrupt38
57: 813197d4 nt!KiUnexpectedInterrupt39
58: 813197e0 nt!KiUnexpectedInterrupt40
59: 813197ec nt!KiUnexpectedInterrupt41
5a: 813197f8 nt!KiUnexpectedInterrupt42
5b: 81319804 nt!KiUnexpectedInterrupt43
5c: 81319810 nt!KiUnexpectedInterrupt44
5d: 8131981c nt!KiUnexpectedInterrupt45
5e: 81319828 nt!KiUnexpectedInterrupt46
5f: 81319834 nt!KiUnexpectedInterrupt47
60: 81319840 nt!KiUnexpectedInterrupt48
61: 8131984c nt!KiUnexpectedInterrupt49
62: 81319858 nt!KiUnexpectedInterrupt50
63: 81319864 nt!KiUnexpectedInterrupt51
64: 81319870 nt!KiUnexpectedInterrupt52
65: 8131987c nt!KiUnexpectedInterrupt53
66: 81319888 nt!KiUnexpectedInterrupt54
67: 81319894 nt!KiUnexpectedInterrupt55
68: 813198a0 nt!KiUnexpectedInterrupt56
69: 813198ac nt!KiUnexpectedInterrupt57
6a: 813198b8 nt!KiUnexpectedInterrupt58
6b: 813198c4 nt!KiUnexpectedInterrupt59
6c: 813198d0 nt!KiUnexpectedInterrupt60
6d: 813198dc nt!KiUnexpectedInterrupt61
6e: 813198e8 nt!KiUnexpectedInterrupt62
6f: 813198f4 nt!KiUnexpectedInterrupt63
70: 81319900 nt!KiUnexpectedInterrupt64
71: 8131990c nt!KiUnexpectedInterrupt65
72: 81319918 nt!KiUnexpectedInterrupt66
73: 81319924 nt!KiUnexpectedInterrupt67
74: 81319930 nt!KiUnexpectedInterrupt68
75: 8131993c nt!KiUnexpectedInterrupt69
76: 81319948 nt!KiUnexpectedInterrupt70
77: 81319954 nt!KiUnexpectedInterrupt71
78: 81319960 nt!KiUnexpectedInterrupt72
79: 8131996c nt!KiUnexpectedInterrupt73
7a: 81319978 nt!KiUnexpectedInterrupt74
7b: 81319984 nt!KiUnexpectedInterrupt75
7c: 81319990 nt!KiUnexpectedInterrupt76
7d: 8131999c nt!KiUnexpectedInterrupt77
7e: 813199a8 nt!KiUnexpectedInterrupt78
7f: 813199b4 nt!KiUnexpectedInterrupt79
80: 813199c0 nt!KiUnexpectedInterrupt80
81: 813199cc nt!KiUnexpectedInterrupt81
82: 813199d8 nt!KiUnexpectedInterrupt82
83: 813199e4 nt!KiUnexpectedInterrupt83
84: 813199f0 nt!KiUnexpectedInterrupt84
85: 813199fc nt!KiUnexpectedInterrupt85
86: 81319a08 nt!KiUnexpectedInterrupt86
87: 81319a14 nt!KiUnexpectedInterrupt87
88: 81319a20 nt!KiUnexpectedInterrupt88
89: 81319a2c nt!KiUnexpectedInterrupt89
8a: 81319a38 nt!KiUnexpectedInterrupt90
8b: 81319a44 nt!KiUnexpectedInterrupt91
8c: 81319a50 nt!KiUnexpectedInterrupt92
8d: 81319a5c nt!KiUnexpectedInterrupt93
8e: 81319a68 nt!KiUnexpectedInterrupt94
8f: 81319a74 nt!KiUnexpectedInterrupt95
90: 81319a80 nt!KiUnexpectedInterrupt96
91: 81319a8c nt!KiUnexpectedInterrupt97
92: 81319a98 nt!KiUnexpectedInterrupt98
93: 81319aa4 nt!KiUnexpectedInterrupt99
94: 81319ab0 nt!KiUnexpectedInterrupt100
95: 81319abc nt!KiUnexpectedInterrupt101
96: 81319ac8 nt!KiUnexpectedInterrupt102
97: 81319ad4 nt!KiUnexpectedInterrupt103
98: 81319ae0 nt!KiUnexpectedInterrupt104
99: 81319aec nt!KiUnexpectedInterrupt105
9a: 81319af8 nt!KiUnexpectedInterrupt106
9b: 81319b04 nt!KiUnexpectedInterrupt107
9c: 81319b10 nt!KiUnexpectedInterrupt108
9d: 81319b1c nt!KiUnexpectedInterrupt109
9e: 81319b28 nt!KiUnexpectedInterrupt110
9f: 81319b34 nt!KiUnexpectedInterrupt111
a0: 81319b40 nt!KiUnexpectedInterrupt112
a1: 81319b4c nt!KiUnexpectedInterrupt113
a2: 81319b58 nt!KiUnexpectedInterrupt114
a3: 81319b64 nt!KiUnexpectedInterrupt115
a4: 81319b70 nt!KiUnexpectedInterrupt116
a5: 81319b7c nt!KiUnexpectedInterrupt117
a6: 81319b88 nt!KiUnexpectedInterrupt118
a7: 81319b94 nt!KiUnexpectedInterrupt119
a8: 81319ba0 nt!KiUnexpectedInterrupt120
a9: 81319bac nt!KiUnexpectedInterrupt121
aa: 81319bb8 nt!KiUnexpectedInterrupt122
ab: 81319bc4 nt!KiUnexpectedInterrupt123
ac: 81319bd0 nt!KiUnexpectedInterrupt124
ad: 81319bdc nt!KiUnexpectedInterrupt125
ae: 81319be8 nt!KiUnexpectedInterrupt126
af: 81319bf4 nt!KiUnexpectedInterrupt127
b0: 81319c00 nt!KiUnexpectedInterrupt128
b1: 81319c0c nt!KiUnexpectedInterrupt129
b2: 81319c18 nt!KiUnexpectedInterrupt130
b3: 81319c24 nt!KiUnexpectedInterrupt131
b4: 81319c30 nt!KiUnexpectedInterrupt132
b5: 81319c3c nt!KiUnexpectedInterrupt133
b6: 81319c48 nt!KiUnexpectedInterrupt134
b7: 81319c54 nt!KiUnexpectedInterrupt135
b8: 81319c60 nt!KiUnexpectedInterrupt136
b9: 81319c6c nt!KiUnexpectedInterrupt137
ba: 81319c78 nt!KiUnexpectedInterrupt138
bb: 81319c84 nt!KiUnexpectedInterrupt139
bc: 81319c90 nt!KiUnexpectedInterrupt140
bd: 81319c9c nt!KiUnexpectedInterrupt141
be: 81319ca8 nt!KiUnexpectedInterrupt142
bf: 81319cb4 nt!KiUnexpectedInterrupt143
c0: 817d0b78 hal!HalpX86InterruptStubService
c1: 81319ccc nt!KiUnexpectedInterrupt145
c2: 81319cd8 nt!KiUnexpectedInterrupt146
c3: 81319ce4 nt!KiUnexpectedInterrupt147
c4: 81319cf0 nt!KiUnexpectedInterrupt148
c5: 81319cfc nt!KiUnexpectedInterrupt149
c6: 81319d08 nt!KiUnexpectedInterrupt150
c7: 81319d14 nt!KiUnexpectedInterrupt151
c8: 81319d20 nt!KiUnexpectedInterrupt152
c9: 81319d2c nt!KiUnexpectedInterrupt153
ca: 81319d38 nt!KiUnexpectedInterrupt154
cb: 81319d44 nt!KiUnexpectedInterrupt155
cc: 81319d50 nt!KiUnexpectedInterrupt156
cd: 81319d5c nt!KiUnexpectedInterrupt157
ce: 81319d68 nt!KiUnexpectedInterrupt158
cf: 81319d74 nt!KiUnexpectedInterrupt159
d0: 81319d80 nt!KiUnexpectedInterrupt160
d1: 817d1878 hal!HalpTimerClockInterrupt
d2: 817d1b54 hal!HalpTimerClockIpiRoutine
d3: 81319da4 nt!KiUnexpectedInterrupt163
d4: 81319db0 nt!KiUnexpectedInterrupt164
d5: 81319dbc nt!KiUnexpectedInterrupt165
d6: 81319dc8 nt!KiUnexpectedInterrupt166
d7: 81319dd4 nt!KiUnexpectedInterrupt167
d8: 81319de0 nt!KiUnexpectedInterrupt168
d9: 81319dec nt!KiUnexpectedInterrupt169
da: 81319df8 nt!KiUnexpectedInterrupt170
db: 81319e04 nt!KiUnexpectedInterrupt171
dc: 81319e10 nt!KiUnexpectedInterrupt172
dd: 81319e1c nt!KiUnexpectedInterrupt173
de: 81319e28 nt!KiUnexpectedInterrupt174
df: 817d1128 hal!HalpX86InterruptRebootService
e0: 81319e40 nt!KiUnexpectedInterrupt176
e1: 817d1388 hal!HalpX86InterruptIpiService
e2: 817d0e50 hal!HalpX86InterruptLocalErrorService
e3: 81319e64 nt!KiUnexpectedInterrupt179
e4: 81319e70 nt!KiUnexpectedInterrupt180
e5: 81319e7c nt!KiUnexpectedInterrupt181
e6: 81319e88 nt!KiUnexpectedInterrupt182
e7: 81319e94 nt!KiUnexpectedInterrupt183
e8: 81319ea0 nt!KiUnexpectedInterrupt184
e9: 81319eac nt!KiUnexpectedInterrupt185
ea: 81319eb8 nt!KiUnexpectedInterrupt186
eb: 81319ec4 nt!KiUnexpectedInterrupt187
ec: 81319ed0 nt!KiUnexpectedInterrupt188
ed: 81319edc nt!KiUnexpectedInterrupt189
ee: 81319ee8 nt!KiUnexpectedInterrupt190
ef: 81319ef4 nt!KiUnexpectedInterrupt191
f0: 81319f00 nt!KiUnexpectedInterrupt192
f1: 81319f0c nt!KiUnexpectedInterrupt193
f2: 81319f18 nt!KiUnexpectedInterrupt194
f3: 81319f24 nt!KiUnexpectedInterrupt195
f4: 81319f30 nt!KiUnexpectedInterrupt196
f5: 81319f3c nt!KiUnexpectedInterrupt197
f6: 81319f48 nt!KiUnexpectedInterrupt198
f7: 81319f54 nt!KiUnexpectedInterrupt199
f8: 81319f60 nt!KiUnexpectedInterrupt200
f9: 81319f6c nt!KiUnexpectedInterrupt201
fa: 81319f78 nt!KiUnexpectedInterrupt202
fb: 81319f84 nt!KiUnexpectedInterrupt203
fc: 81319f90 nt!KiUnexpectedInterrupt204
fd: 817d210c hal!HalpTimerProfileInterrupt
fe: 817d23f0 hal!HalpPerfInterrupt
ff: 81319fb4 nt!KiUnexpectedInterrupt207ok, lets see KPRCB:
!pcr
KPCR for Processor 0 at 81417000:
Major 1 Minor 1
NtTib.ExceptionList: a70fa964
NtTib.StackBase: 00000000
NtTib.StackLimit: 00001f80
NtTib.SubSystemTib: 811be000
NtTib.Version: 001548ed
NtTib.UserPointer: 00000001
NtTib.SelfTib: 7fc3e000 SelfPcr: 81417000
Prcb: 81417120
Irql: 00000002
IRR: 00000000
IDR: 00000000
InterruptMode: 00000000
IDT: 81dfa400
GDT: 81dfa000
TSS: 811be000 CurrentThread: 84948c00
NextThread: 00000000
IdleThread: 81426100 DpcQueue: Unable to read nt!_KDPC_DATA.DpcListHead.Flink @ 81419300
lkd> dt _KPRCB 81417000+120
ntdll!_KPRCB
+0x000 MinorVersion : 1
+0x002 MajorVersion : 1
+0x004 CurrentThread : 0x84948c00 _KTHREAD
+0x008 NextThread : (null)
+0x00c IdleThread : 0x81426100 _KTHREAD
+0x010 LegacyNumber : 0 ''
+0x011 NestingLevel : 0 ''
+0x012 BuildType : 0
+0x014 CpuType : 6 ''
+0x015 CpuID : 1 ''
+0x016 CpuStep : 0xf0b
+0x016 CpuStepping : 0xb ''
+0x017 CpuModel : 0xf ''
+0x018 ProcessorState : _KPROCESSOR_STATE
+0x338 ParentNode : 0x813f5fc0 _KNODE
+0x33c PriorityState : 0x8141b748 "???"
+0x340 KernelReserved : [14] 0
+0x378 HalReserved : [16] 0xb1b100
+0x3b8 CFlushSize : 0x40
+0x3bc CoresPerPhysicalProcessor : 0x1 ''
+0x3bd LogicalProcessorsPerCore : 0x1 ''
+0x3be CpuVendor : 0x1 ''
+0x3bf PrcbPad0 : [1] ""
+0x3c0 MHz : 0x8f0
+0x3c4 GroupIndex : 0 ''
+0x3c5 Group : 0 ''
+0x3c6 PrcbPad05 : [2] ""
+0x3c8 GroupSetMember : 1
+0x3cc Number : 0
+0x3d0 ClockOwner : 0x1 ''
+0x3d1 PendingTickFlags : 0x1 ''
+0x3d1 PendingTick : 0y1
+0x3d1 PendingBackupTick : 0y0
+0x3d2 PrcbPad10 : [70] ""
+0x418 LockQueue : [17] _KSPIN_LOCK_QUEUE
+0x4a0 InterruptCount : 0x41a84
+0x4a4 KernelTime : 0x149e6
+0x4a8 UserTime : 0x3ec1
+0x4ac DpcTime : 0x1c7
+0x4b0 DpcTimeCount : 0
+0x4b4 InterruptTime : 0x4e3
+0x4b8 AdjustDpcThreshold : 0x13
+0x4bc PageColor : 0x1d74
+0x4c0 DebuggerSavedIRQL : 0 ''
+0x4c1 NodeColor : 0 ''
+0x4c2 PrcbPad20 : [6] ""
+0x4c8 NodeShiftedColor : 0
+0x4cc SecondaryColorMask : 0x3f
+0x4d0 DpcTimeLimit : 0x500
+0x4d4 PrcbPad21 : [3] 0
+0x4e0 CcFastReadNoWait : 0
+0x4e4 CcFastReadWait : 0xca34
+0x4e8 CcFastReadNotPossible : 0x25
+0x4ec CcCopyReadNoWait : 0
+0x4f0 CcCopyReadWait : 0xe405
+0x4f4 CcCopyReadNoWaitMiss : 0
+0x4f8 MmSpinLockOrdering : 0
+0x4fc IoReadOperationCount : 63986
+0x500 IoWriteOperationCount : 42615
+0x504 IoOtherOperationCount : 937874
+0x508 IoReadTransferCount : _LARGE_INTEGER 0x2d7122f0
+0x510 IoWriteTransferCount : _LARGE_INTEGER 0x2921c69c
+0x518 IoOtherTransferCount : _LARGE_INTEGER 0x67faa5b
+0x520 CcFastMdlReadNoWait : 0
+0x524 CcFastMdlReadWait : 0
+0x528 CcFastMdlReadNotPossible : 0
+0x52c CcMapDataNoWait : 0
+0x530 CcMapDataWait : 0xa55ea
+0x534 CcPinMappedDataCount : 0xd5d2
+0x538 CcPinReadNoWait : 6
+0x53c CcPinReadWait : 0x5779
+0x540 CcMdlReadNoWait : 0
+0x544 CcMdlReadWait : 0x29
+0x548 CcLazyWriteHotSpots : 0x6d
+0x54c CcLazyWriteIos : 0xd98
+0x550 CcLazyWritePages : 0x15bfd
+0x554 CcDataFlushes : 0x1de4
+0x558 CcDataPages : 0x21362
+0x55c CcLostDelayedWrites : 0
+0x560 CcFastReadResourceMiss : 0
+0x564 CcCopyReadWaitMiss : 0xfcfe
+0x568 CcFastMdlReadResourceMiss : 0
+0x56c CcMapDataNoWaitMiss : 0
+0x570 CcMapDataWaitMiss : 0x53d8
+0x574 CcPinReadNoWaitMiss : 0
+0x578 CcPinReadWaitMiss : 0x212
+0x57c CcMdlReadNoWaitMiss : 0
+0x580 CcMdlReadWaitMiss : 0
+0x584 CcReadAheadIos : 0x55c3
+0x588 KeAlignmentFixupCount : 0
+0x58c KeExceptionDispatchCount : 0x8c7
+0x590 KeSystemCalls : 0x78dd07
+0x594 AvailableTime : 0x12d5
+0x598 PrcbPad22 : [2] 0
+0x5a0 PPLookasideList : [16] _PP_LOOKASIDE_LIST
+0x620 PPNxPagedLookasideList : [32] _GENERAL_LOOKASIDE_POOL
+0xf20 PPNPagedLookasideList : [32] _GENERAL_LOOKASIDE_POOL
+0x1820 PPPagedLookasideList : [32] _GENERAL_LOOKASIDE_POOL
+0x2120 PacketBarrier : 0
+0x2124 ReverseStall : 2
+0x2128 IpiFrame : (null)
+0x212c PrcbPad3 : [52] ""
+0x2160 CurrentPacket : [3] (null)
+0x216c TargetSet : 0
+0x2170 WorkerRoutine : (null)
+0x2174 IpiFrozen : 0
+0x2178 PrcbPad4 : [40] ""
+0x21a0 RequestSummary : 0
+0x21a4 SignalDone : (null)
+0x21a8 PrcbPad50 : [40] ""
+0x21d0 InterruptLastCount : 0x41a84
+0x21d4 InterruptRate : 0
+0x21d8 DeviceInterrupts : 0xa
+0x21dc IsrDpcStats : 0x00000001
+0x21e0 DpcData : [2] _KDPC_DATA
+0x2210 DpcStack : 0x826d9000
+0x2214 MaximumDpcQueueDepth : 4
+0x2218 DpcRequestRate : 1
+0x221c MinimumDpcRate : 3
+0x2220 DpcLastCount : 0x2a827
+0x2224 PrcbLock : 0
+0x2228 DpcGate : _KGATE
+0x2238 ThreadDpcEnable : 0x1 ''
+0x2239 QuantumEnd : 0 ''
+0x223a DpcRoutineActive : 0 ''
+0x223b IdleSchedule : 0 ''
+0x223c DpcRequestSummary : 0
+0x223c DpcRequestSlot : [2] 0
+0x223c NormalDpcState : 0
+0x223e ThreadDpcState : 0
+0x223c DpcNormalProcessingActive : 0y0
+0x223c DpcNormalProcessingRequested : 0y0
+0x223c DpcNormalThreadSignal : 0y0
+0x223c DpcNormalTimerExpiration : 0y0
+0x223c DpcNormalDpcPresent : 0y0
+0x223c DpcNormalLocalInterrupt : 0y0
+0x223c DpcNormalSpare : 0y0000000000 (0)
+0x223c DpcThreadActive : 0y0
+0x223c DpcThreadRequested : 0y0
+0x223c DpcThreadSpare : 0y00000000000000 (0)
+0x2240 LastTimerHand : 0xea0a
+0x2244 LastTick : 0x188a8
+0x2248 PeriodicCount : 0
+0x224c PeriodicBias : 0
+0x2250 ClockInterrupts : 0x1917e
+0x2254 ReadyScanTick : 0x188f1
+0x2258 GroupSchedulingOverQuota : 0 ''
+0x2259 PrcbPad41 : [3] ""
+0x2260 TimerTable : _KTIMER_TABLE
+0x3aa0 CallDpc : _KDPC
+0x3ac0 ClockKeepAlive : 1
+0x3ac4 PrcbPad6 : [4] ""
+0x3ac8 DpcWatchdogPeriod : 7680
+0x3acc DpcWatchdogCount : 7670
+0x3ad0 KeSpinLockOrdering : 0
+0x3ad4 PrcbPad70 : [1] 0
+0x3ad8 QueueIndex : 1
+0x3adc DeferredReadyListHead : _SINGLE_LIST_ENTRY
+0x3ae0 ReadySummary : 0x301
+0x3ae4 AffinitizedSelectionMask : 14155767
+0x3ae8 WaitLock : 0
+0x3aec WaitListHead : _LIST_ENTRY [ 0x8322c0dc - 0x8493979c ]
+0x3af4 ScbOffset : 0
+0x3af8 StartCycles : 0x348`2ce58a41
+0x3b00 GenerationTarget : 0
+0x3b08 CycleTime : 0x10`60c9fcd8
+0x3b10 AffinitizedCycles : 0
+0x3b18 HighCycleTime : 0x10
+0x3b1c PrcbPad71 : 0
+0x3b20 DispatcherReadyListHead : [32] _LIST_ENTRY [ 0x82e3b71c - 0x82e3b71c ]
+0x3c20 ChainedInterruptList : (null)
+0x3c24 LookasideIrpFloat : 2147483647
+0x3c28 ScbQueue : _RTL_RB_TREE
+0x3c30 ScbList : _LIST_ENTRY [ 0x0 - 0x0 ]
+0x3c38 MmPageFaultCount : 2055290
+0x3c3c MmCopyOnWriteCount : 32367
+0x3c40 MmTransitionCount : 707990
+0x3c44 MmCacheTransitionCount : 0
+0x3c48 MmDemandZeroCount : 1093679
+0x3c4c MmPageReadCount : 421142
+0x3c50 MmPageReadIoCount : 67282
+0x3c54 MmCacheReadCount : 0
+0x3c58 MmCacheIoCount : 0
+0x3c5c MmDirtyPagesWriteCount : 177008
+0x3c60 MmDirtyWriteIoCount : 6440
+0x3c64 MmMappedPagesWriteCount : 69
+0x3c68 MmMappedWriteIoCount : 29
+0x3c6c CachedCommit : 0x100
+0x3c70 CachedResidentAvailable : 0xbd
+0x3c74 HyperPte : 0x82810007
+0x3c78 PrcbPad8 : [4] ""
+0x3c7c VendorString : [13] "GenuineIntel"
+0x3c89 InitialApicId : 0 ''
+0x3c8a LogicalProcessorsPerPhysicalProcessor : 0x1 ''
+0x3c8b PrcbPad9 : [5] ""
+0x3c90 FeatureBits : 0xa08d3fff
+0x3c98 UpdateSignature : _LARGE_INTEGER 0x0
+0x3ca0 IsrTime : 0
+0x3ca8 PrcbPad90 : [2] 0
+0x3cb0 PowerState : _PROCESSOR_POWER_STATE
+0x3e40 PrcbPad91 : [13] 0
+0x3e74 DpcWatchdogDpc : _KDPC
+0x3e98 DpcWatchdogTimer : _KTIMER
+0x3ec0 HypercallPageList : _SLIST_HEADER
+0x3ec8 HypercallPageVirtual : (null)
+0x3ecc VirtualApicAssist : (null)
+0x3ed0 StatisticsPage : (null)
+0x3ed4 Cache : [5] _CACHE_DESCRIPTOR
+0x3f10 CacheCount : 3
+0x3f14 PackageProcessorSet : _KAFFINITY_EX
+0x3f20 SharedReadyQueueMask : 0
+0x3f24 SharedReadyQueue : 0x8141b640 _KSHARED_READY_QUEUE
+0x3f28 CoreProcessorSet : 1
+0x3f2c ScanSiblingMask : 0
+0x3f30 LLCMask : 1
+0x3f34 CacheProcessorMask : [5] 1
+0x3f48 ScanSiblingIndex : 0
+0x3f4c WheaInfo : 0x82f17170
+0x3f50 EtwSupport : 0x82e84008
+0x3f58 InterruptObjectPool : _SLIST_HEADER
+0x3f60 SharedReadyQueueOffset : 0x4520
+0x3f64 PrcbPad92 : [2] 0
+0x3f6c PteBitCache : 0x7803
+0x3f70 PteBitOffset : 0x211c0
+0x3f74 PrcbPad93 : 0
+0x3f78 ProcessorProfileControlArea : (null)
+0x3f7c ProfileEventIndexAddress : 0x8141b09c
+0x3f80 TimerExpirationDpc : _KDPC
+0x3fa0 SynchCounters : _SYNCH_COUNTERS
+0x4058 FsCounters : _FILESYSTEM_DISK_COUNTERS
+0x4068 Context : 0x81417138 _CONTEXT
+0x406c ContextFlagsInit : 0x1002f
+0x4070 ExtendedState : 0x82575000 _XSAVE_AREA
+0x4074 EntropyTimingState : _KENTROPY_TIMING_STATE
+0x419c IsrStack : 0x826dd000
+0x41a0 VectorToInterruptObject : [208] (null)
+0x44e0 AbSelfIoBoostsList : _SINGLE_LIST_ENTRY
+0x44e4 AbPropagateBoostsList : _SINGLE_LIST_ENTRY
+0x44e8 AbDpc : _KDPC
I see some very attractive field in KPRCB - VectorToInterruptObject. Lets dump this array:
lkd> dp 81417000+120+41a0 81417000+120+41a0+340
8141b2c0 00000000 00000000 00000000 00000000
8141b2d0 00000000 00000000 00000000 00000000
8141b2e0 00000000 00000000 00000000 00000000
8141b2f0 00000000 00000000 00000000 00000000
8141b300 00000000 00000000 00000000 00000000
8141b310 00000000 00000000 00000000 00000000
8141b320 00000000 00000000 00000000 00000000
8141b330 00000000 00000000 00000000 00000000
8141b340 00000000 00000000 00000000 00000000
8141b350 00000000 00000000 00000000 00000000
8141b360 00000000 00000000 00000000 00000000
8141b370 00000000 00000000 00000000 00000000
8141b380 88b43d80 00000000 00000000 00000000
8141b390 00000000 00000000 00000000 00000000
8141b3a0 00000000 00000000 00000000 00000000
8141b3b0 00000000 00000000 00000000 00000000
8141b3c0 88b43e40 88b43780 00000000 00000000
8141b3d0 00000000 00000000 00000000 00000000
8141b3e0 00000000 00000000 00000000 00000000
8141b3f0 00000000 00000000 00000000 00000000
8141b400 00000000 88b439c0 00000000 00000000
8141b410 00000000 00000000 00000000 00000000
8141b420 00000000 00000000 00000000 00000000
8141b430 00000000 00000000 00000000 00000000
8141b440 88b43a80 88b43840 00000000 00000000
8141b450 00000000 00000000 00000000 00000000
8141b460 00000000 00000000 00000000 00000000
8141b470 00000000 00000000 00000000 00000000
8141b480 88b43b40 88b43c00 00000000 00000000
8141b490 00000000 00000000 00000000 00000000
8141b4a0 00000000 00000000 00000000 00000000
8141b4b0 00000000 00000000 00000000 00000000
8141b4c0 88b43f00 88b43cc0 00000000 00000000
8141b4d0 00000000 00000000 00000000 00000000
8141b4e0 00000000 00000000 00000000 00000000
8141b4f0 00000000 00000000 00000000 00000000
8141b500 00000000 00000000 00000000 00000000
8141b510 00000000 00000000 00000000 00000000
8141b520 00000000 00000000 00000000 00000000
8141b530 00000000 00000000 00000000 00000000
8141b540 00000000 00000000 00000000 00000000
8141b550 00000000 00000000 00000000 00000000
8141b560 00000000 00000000 00000000 00000000
8141b570 00000000 00000000 00000000 00000000
8141b580 00000000 00000000 00000000 00000000
8141b590 00000000 00000000 00000000 00000000
8141b5a0 00000000 00000000 00000000 00000000
8141b5b0 00000000 00000000 00000000 00000000
8141b5c0 00000000 00000000 00000000 00000000
8141b5d0 00000000 00000000 00000000 00000000
8141b5e0 00000000 00000000 00000000 00000000
8141b5f0 00000000 00000000 00000000 00000000
8141b600 00000000
lkd> dt _KINTERRUPT 88b43d80
ntdll!_KINTERRUPT
+0x000 Type : 22
+0x002 Size : 168
+0x004 InterruptListEntry : _LIST_ENTRY [ 0x88b43d84 - 0x88b43d84 ]
+0x00c ServiceRoutine : 0x86719930 unsigned char ataport!IdePortInterrupt+0
+0x010 MessageServiceRoutine : (null)
+0x014 MessageIndex : 0
+0x018 ServiceContext : 0x82e57028
+0x01c SpinLock : 0
+0x020 TickCount : 0xffffffff
+0x024 ActualLock : 0x82e59610 -> 0
+0x028 DispatchAddress : 0x8131e3e0 void nt!KiInterruptDispatch+0
+0x02c Vector : 0x60
+0x030 Irql : 0x5 ''
+0x031 SynchronizeIrql : 0x5 ''
+0x032 FloatingSave : 0 ''
+0x033 Connected : 0x1 ''
+0x034 Number : 0
+0x038 ShareVector : 0 ''
+0x039 EmulateActiveBoth : 0 ''
+0x03a ActiveCount : 0
+0x03c InternalState : 0
+0x040 Mode : 1 ( Latched )
+0x044 Polarity : 0 ( InterruptPolarityUnknown )
+0x048 ServiceCount : 0
+0x04c DispatchCount : 0xffffffff
+0x050 PassiveEvent : (null)
+0x054 DisconnectData : (null)
+0x058 ServiceThread : (null)
+0x060 IsrDpcStats : _ISRDPCSTATS
+0x0a0 ConnectionData : 0x82e59618 _INTERRUPT_CONNECTION_DATA
Комментариев нет:
Отправить комментарий