Unnamed unions and GetFieldOffset()...

Mayank_Ajmera · December 17, 2008, 6:32pm

Hi All,
I was wondering if anyone knows of a way to get the Offset of fields inside an unnamed union which is embedded in a structure.

This is how my data structures look like:

typedef struct _EMBEDDED_STRUCT1
{
ULONG Field1;
ULONG Field2;
ULONG Field3;
}EMBEDDED_STRUCT1

typedef struct _EMBEDDED_STRUCT2
{
ULONG Field4;
ULONG Field5;
ULONG Field6;
}EMBEDDED_STRUCT2

typedef struct _MY_STRUCT
{
ULONG FIELD7;
union
{
EMBEDDED_STRUCT1 St1;
EMBEDDED_STRUCT2 St2;
}
}

In my debug extensions when I try to use GetFieldOffset() to get the offset of either St1 or St2, it does not work. If try to GetFieldOffset() on St1.Field1 or any other member of St1 or St2 it does not work.

The only way I can get it to work is my doing a typedef of the union outside the structure definition and making it a named union.
I don’t like the idea of changing the driver to make the debug extension work better.

Anyone know of an easier way to do this?

Thanks
Mayank

OSR_Community_User · December 17, 2008, 7:39pm

“It does not work”

What does this statement mean? Please explain.
joe

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@yahoo.com
Sent: Wednesday, December 17, 2008 6:32 PM
To: Kernel Debugging Interest List
Subject: [windbg] Unnamed unions and GetFieldOffset()…

Hi All,
I was wondering if anyone knows of a way to get the Offset of fields inside
an unnamed union which is embedded in a structure.

This is how my data structures look like:

typedef struct _EMBEDDED_STRUCT1
{
ULONG Field1;
ULONG Field2;
ULONG Field3;
}EMBEDDED_STRUCT1

typedef struct _EMBEDDED_STRUCT2
{
ULONG Field4;
ULONG Field5;
ULONG Field6;
}EMBEDDED_STRUCT2

typedef struct _MY_STRUCT
{
ULONG FIELD7;
union
{
EMBEDDED_STRUCT1 St1;
EMBEDDED_STRUCT2 St2;
}
}

In my debug extensions when I try to use GetFieldOffset() to get the offset
of either St1 or St2, it does not work. If try to GetFieldOffset() on
St1.Field1 or any other member of St1 or St2 it does not work.

The only way I can get it to work is my doing a typedef of the union outside
the structure definition and making it a named union.
I don’t like the idea of changing the driver to make the debug extension
work better.

Anyone know of an easier way to do this?

Thanks
Mayank

You are currently subscribed to windbg as: xxxxx@flounder.com To
unsubscribe send a blank email to xxxxx@lists.osr.com

–
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

Mayank_Ajmera · December 17, 2008, 8:02pm

It returns success, but it always returns an offset of 0.

If I typedef the union outside the structure definition, the same debug extension code will return a correct offset.

raj_r · December 18, 2008, 2:27am

i have not understood your question
but see if what i post makes sense

in winnt.h
ldt_entry is defined thus

typedef struct _LDT_ENTRY {

WORD LimitLow;

WORD BaseLow;

union {

struct {

BYTE BaseMid;

BYTE Flags1; // Declare as bytes to avoid alignment

BYTE Flags2; // Problems.

BYTE BaseHi;

} Bytes;

struct {

DWORD BaseMid : 8;

DWORD Type : 5;

DWORD Dpl : 2;

DWORD Pres : 1;

DWORD LimitHi : 4;

DWORD Sys : 1;

DWORD Reserved_0 : 1;

DWORD Default_Big : 1;

DWORD Granularity : 1;

DWORD BaseHi : 8;

} Bits;

} HighWord;

} LDT_ENTRY, *PLDT_ENTRY;

the unions are unnamed

the dt in windbg will display this

lkd> dt testdll!_LDT_ENTRY
+0x000 LimitLow : Uint2B
+0x002 BaseLow : Uint2B
+0x004 HighWord : __unnamed

to open it up

lkd> dt -b testdll!_LDT_ENTRY
+0x000 LimitLow : Uint2B
+0x002 BaseLow : Uint2B
+0x004 HighWord : __unnamed
+0x000 Bytes : __unnamed
+0x000 BaseMid : UChar
+0x001 Flags1 : UChar
+0x002 Flags2 : UChar
+0x003 BaseHi : UChar
+0x000 Bits : __unnamed
+0x000 BaseMid : Pos 0, 8 Bits
+0x000 Type : Pos 8, 5 Bits
+0x000 Dpl : Pos 13, 2 Bits
+0x000 Pres : Pos 15, 1 Bit
+0x000 LimitHi : Pos 16, 4 Bits
+0x000 Sys : Pos 20, 1 Bit
+0x000 Reserved_0 : Pos 21, 1 Bit
+0x000 Default_Big : Pos 22, 1 Bit
+0x000 Granularity : Pos 23, 1 Bit
+0x000 BaseHi : Pos 24, 8 Bits

the lone unionmember and its expansion (notice there is a dot )

lkd> dt testdll!_LDT_ENTRY Highword
+0x004 HighWord : __unnamed
lkd> dt testdll!_LDT_ENTRY Highword.
+0x004 HighWord :
+0x000 Bytes : __unnamed
+0x000 Bits : __unnamed

expanding what you want

lkd> dt testdll!_LDT_ENTRY Highword.Bytes
+0x004 HighWord :
+0x000 Bytes : __unnamed
lkd> dt testdll!_LDT_ENTRY Highword.Bytes.
+0x004 HighWord :
+0x000 Bytes :
+0x000 BaseMid : UChar
+0x001 Flags1 : UChar
+0x002 Flags2 : UChar
+0x003 BaseHi : UChar

bits union member

lkd> dt testdll!_LDT_ENTRY Highword.bits
+0x004 HighWord :
+0x000 Bits : __unnamed
lkd> dt testdll!_LDT_ENTRY Highword.bits.
+0x004 HighWord :
+0x000 Bits :
+0x000 BaseMid : Pos 0, 8 Bits
+0x000 Type : Pos 8, 5 Bits
+0x000 Dpl : Pos 13, 2 Bits
+0x000 Pres : Pos 15, 1 Bit
+0x000 LimitHi : Pos 16, 4 Bits
+0x000 Sys : Pos 20, 1 Bit
+0x000 Reserved_0 : Pos 21, 1 Bit
+0x000 Default_Big : Pos 22, 1 Bit
+0x000 Granularity : Pos 23, 1 Bit
+0x000 BaseHi : Pos 24, 8 Bits

some wildcarding

lkd> dt testdll!_LDT_ENTRY Highword.bits.B*
+0x004 HighWord :
+0x000 Bits :
+0x000 BaseMid : Pos 0, 8 Bits
+0x000 BaseHi : Pos 24, 8 Bits

post either the debug output or code for a better and comprehensive answer
dont work statements dont really work

GetFieldOffset comments have something about dot sepearated things

// Given a type which can contain members

// this method returns the offset of a

// particular member within the type.

// TypeId should give the container type ID

// and Field gives the dot-separated path

// to the field of interest.

STDMETHOD(GetFieldOffset)(

THIS_

__in ULONG64 Module,

__in ULONG TypeId,

__in PCSTR Field,

__out PULONG Offset

) PURE;

On 12/18/08, xxxxx@yahoo.com wrote:
>
> It returns success, but it always returns an offset of 0.
>
> If I typedef the union outside the structure definition, the same debug
> extension code will return a correct offset.
>
> —
> You are currently subscribed to windbg as: xxxxx@gmail.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>

Mayank_Ajmera · December 18, 2008, 8:27am

dt works fine in looking at the various members. The trouble is with GetFieldOffset() call in the extension.

In the above (1st post) structures

GetFieldOffset(“myModule!MY_STRUCT”, “St1”, &Offset) and
GetFieldOffset(“myModule!MY_STRUCT”, “St1.Field1”, &Offset)

both succeed, but return an Offset of 0.

If I changed the structure definition of MY_STRUCT to typedef the union outside the structure, and then add that type as a member to MY_STRUCT, both the above calls (with appropriate modifications to allow for the new member) work correctly and get the correct Offset.