When port drivers, such as ATAPORT/STORPORT, receive an SPTI IOCTL, they
internally create an SRB IRP and send it to the miniport driver. When an
overrun or underrun occurs, how the miniport handles it varies between
vendors. I have a specific question related to data overruns. Let’s use an
Inquiry CDB that returns 36 bytes but the DataTransferLenth in the SRB is
set to 20 (i.e. an overrun). This is purely to test error handling.
Various miniports handle this differently. The common consensus appears to
be that the SrbStatus gets returned with SRB_STATUS_DATA_OVERRUN and the SRB
IRP Status gets returned with STATUS_BUFFER_OVERFLOW.
In the above example, since SRB_STATUS_DATA_OVERRUN is used for both
underruns and overruns, one is supposed to look at the DataTransferLength to
determine if it’s an underrun or overrun (though a number of drivers do not
update this field, or update it incorrectly, but that’s a different
problem). In this example, 20 is returned thereby indicating (somewhat
indirectly) that this is an overrun condition.
When the underlying SRB completes, the port driver can then post completion
on the originating SPTI IOCTL. Mapping from an SRB to an SPTI is relatively
basic but there appears to be a hole related to overruns. The
STATUS_BUFFER_OVERFLOW is defined as:
#define STATUS_BUFFER_OVERFLOW ((NTSTATUS)0x80000005L)
That makes the “Sev” bits set to 10 which is defined as:
// Sev - is the severity code
//
// 00 - Success
// 01 - Informational
// 10 - Warning
// 11 - Error
That would indicate a “Warning.” I can see underruns getting a “warning”
but I think overruns are true errors and warrant a stronger error code.
What I am seeing with these port drivers is that when the SRB IRP completes
with SRB_STATUS_DATA_OVERRUN and STATUS_BUFFER_OVERFLOW, the initiating
SPTI IOCTL IRP status is returned with STATUS_SUCCESS with a
DataTransferLength of 20 (same as value going down the stack). While an SRB
allows you to know that an overrun has occurred, the SPTI IOCTL does not
give you a means to differentiate between a successful SPTI request and one
with an overrun (assuming the miniport driver returns the values cited
above).
My question is this. Should an overrun/overflow condition be given an
actual error status instead of a warning status? Do these port drivers
specifically filter out the STATUS_BUFFER_OVERFLOW when mapping from SRB
result to SPTI result or do they do it for *any* IRP status with a severity
code set to Warning?
Regards,
Mike