_KiComputeTimerTableIndex函数分析

第一部分：
cPublicProc _KiComputeTimerTableIndex ,5
        push    ebx
        mov     eax,Timer               ; get address of timer object
        mov     ebx,CurrentTime         ; get low current time
        mov     ecx,CurrentTime + 4     ; get high current time
        sub     ebx,Interval            ; subtract low parts
        sbb     ecx,Interval + 4        ; subtract high parts and borrow
        mov     [eax].TiDueTime.LiLowPart,ebx ; set low part of due time
        mov     [eax].TiDueTime.LiHighPart,ecx ; set high part of due time
;
; Subtract slot zero time to see if we can use a quicker route
;
        sub     ebx, [_KiSlotZeroTime]    
        sbb     ecx, [_KiSlotZeroTime+4]
        jne     slow
underflow_return:

;
; The upper 32 bits of the time are zero. Multiply by the 32 bit inverse
; to calculate the quotient.
;
upper_zero:
        mov     eax, [_KiMaximumIncrementReciprocal]
        mov     ecx, [_KiLog2MaximumIncrement]
        mul     ebx
        add     edx, ebx
        rcr     edx, cl
if TIMER_TABLE_SIZE EQ 256
        movzx   eax, dl
else
        and     edx, (TIMER_TABLE_SIZE-1); reduce to size of table
        mov     eax, edx
endif
        pop     ebx
        stdRET  _KiComputeTimerTableIndex

第二部分：

0: kd> x nt!_KiMaximumIncrementReciprocal
80b16f98          nt!_KiMaximumIncrementReciprocal = 0xad7f29ac

0: kd> x nt!KiLog2MaximumIncrement
80b16f9c          nt!KiLog2MaximumIncrement = 0x12

upper_zero:
        mov     eax, [_KiMaximumIncrementReciprocal]
        mov     ecx, [_KiLog2MaximumIncrement]
        mul     ebx
        add     edx, ebx
        rcr     edx, cl
if TIMER_TABLE_SIZE EQ 256
        movzx   eax, dl

第三部分：对应的汇编：

0: kd> p
nt!KiComputeTimerTableIndex+0x1b:
80b00caf 2b1d906fb180    sub     ebx,dword ptr [nt!_KiSlotZeroTime (80b16f90)]
0: kd> x _KiSlotZeroTime
0: kd> x nt!_KiSlotZeroTime
80b16f90          nt!_KiSlotZeroTime = 0xa36bb800
0: kd> dd 80b16f90
80b16f90  a36bb800 00002707 ad7f29ac 00000012
0: kd> p
nt!KiComputeTimerTableIndex+0x21:
80b00cb5 1b0d946fb180    sbb     ecx,dword ptr [nt!_KiSlotZeroTime+0x4 (80b16f94)]
0: kd> p
nt!KiComputeTimerTableIndex+0x27:
80b00cbb 7518            jne     nt!KiComputeTimerTableIndex+0x41 (80b00cd5)
0: kd> r
eax=ba8b4ca0 ebx=1881bf1a ecx=00000000 edx=bbe512aa esi=ba8b4ca0 edi=ba8b4ce0
eip=80b00cbb esp=f789ee40 ebp=f789ee64 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000246
nt!KiComputeTimerTableIndex+0x27:
80b00cbb 7518            jne     nt!KiComputeTimerTableIndex+0x41 (80b00cd5) [br=0]
0: kd> ? 1881bf1a
Evaluate expression: 411156250 = 1881bf1a
0: kd> p
nt!KiComputeTimerTableIndex+0x29:
80b00cbd a1986fb180      mov     eax,dword ptr [nt!KiMaximumIncrementReciprocal (80b16f98)]
0: kd> p
nt!KiComputeTimerTableIndex+0x2e:
80b00cc2 8b0d9c6fb180    mov     ecx,dword ptr [nt!KiLog2MaximumIncrement (80b16f9c)]
0: kd> p
nt!KiComputeTimerTableIndex+0x34:
80b00cc8 f7e3            mul     eax,ebx
0: kd> p
nt!KiComputeTimerTableIndex+0x36:
80b00cca 03d3            add     edx,ebx
0: kd> r
eax=9ead8f78 ebx=1881bf1a ecx=00000012 edx=109bda7f esi=ba8b4ca0 edi=ba8b4ce0        //109bda7f+1881bf1a=291d9999右移18位dl=47
eip=80b00cca esp=f789ee40 ebp=f789ee64 iopl=0         ov up ei ng nz na pe cy
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000a87
nt!KiComputeTimerTableIndex+0x36:
80b00cca 03d3            add     edx,ebx
0: kd> p
nt!KiComputeTimerTableIndex+0x38:
80b00ccc d3da            rcr     edx,cl
0: kd> p
nt!KiComputeTimerTableIndex+0x3a:
80b00cce 0fb6c2          movzx   eax,dl
0: kd> r
eax=9ead8f78 ebx=1881bf1a ecx=00000012 edx=cccc8a47 esi=ba8b4ca0 edi=ba8b4ce0
eip=80b00cce esp=f789ee40 ebp=f789ee64 iopl=0         nv up ei pl nz ac pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000216
nt!KiComputeTimerTableIndex+0x3a:
80b00cce 0fb6c2          movzx   eax,dl
0: kd> p
nt!KiComputeTimerTableIndex+0x3d:
80b00cd1 5b              pop     ebx
0: kd> p
nt!KiComputeTimerTableIndex+0x3e:
80b00cd2 c21400          ret     14h