Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTDEV
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Debugging storport using symbol storport!_RAID_UNIT_EXTENSION

Jan_BottorffJan_Bottorff Member - All Emails Posts: 471
I was debugging a storport miniport and following the directions at https://blogs.msdn.microsoft.com/ntdebugging/2012/06/21/what-did-storport-do-with-my-io/ was trying to look at the internal state of storport.

On the two different OS flavors I looked at (x64 Server 2012 R2 upd1, and x86 Win 8), what is supposed to be the storport device extension, symbol storport!_RAID_UNIT_EXTENSION did not seem to match up with what was really in memory at the device extension. The first few fields did seem to match (like a pointer to the driver object is correct), but later in the structure, windbg just displayed nonsense values. Windbg was using the Microsoft symbol server, and seemed to think the symbol files did match the executing binaries.

Has anybody recently debugged a storport driver and used storport!_RAID_UNIT_EXTENSION? I’m looking for a reality check of yes the public storport symbols are broken, and it’s not at my end, or else that other people have found these symbols do match up, and I should investigate why something is my windbg environment is causing the symbols to be interpreted incorrectly.

Thanks,
Jan

Comments

  • Jan_BottorffJan_Bottorff Member - All Emails Posts: 471
    Apparently, my brain was suffering from temporary data corruption when it suddenly context switched from network drivers to storage drivers.

    This issue was because I was applying the PDO device extension structure to the FDO device extension. It seemed like it matched up because some of the early fields do match up. The symbol storport!_RAID_UNIT_EXTENSION is for the per storage target PDO, as storport is a bus driver and creates a PDO for each target. The symbol storport!_RAID_ADAPTER_EXTENSION should be the structure for the FDO extension. I’ve written virtual bus drivers a bunch of times, so understand the FDO/PDO relationship well. The term UNIT did not connect as a synonym for PDO without a little more poking around.

    The windbg extension for storport also decodes a bunch of the useful data in the device extensions.

    Jan

    From: on behalf of Jan Bottorff
    Reply-To: Windows List
    Date: Sunday, January 29, 2017 at 11:37 PM
    To: Windows List
    Subject: [ntdev] Debugging storport using symbol storport!_RAID_UNIT_EXTENSION

    I was debugging a storport miniport and following the directions at https://blogs.msdn.microsoft.com/ntdebugging/2012/06/21/what-did-storport-do-with-my-io/ was trying to look at the internal state of storport.

    On the two different OS flavors I looked at (x64 Server 2012 R2 upd1, and x86 Win 8), what is supposed to be the storport device extension, symbol storport!_RAID_UNIT_EXTENSION did not seem to match up with what was really in memory at the device extension. The first few fields did seem to match (like a pointer to the driver object is correct), but later in the structure, windbg just displayed nonsense values. Windbg was using the Microsoft symbol server, and seemed to think the symbol files did match the executing binaries.

    Has anybody recently debugged a storport driver and used storport!_RAID_UNIT_EXTENSION? I’m looking for a reality check of yes the public storport symbols are broken, and it’s not at my end, or else that other people have found these symbols do match up, and I should investigate why something is my windbg environment is causing the symbols to be interpreted incorrectly.

    Thanks,
    Jan

    ---
    NTDEV is sponsored by OSR

    Visit the list online at:

    MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
    Details at

    To unsubscribe, visit the List Server section of OSR Online at
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA