1 / 16

Advanced driver code analysis techniques Tips and tricks to develop more secure & reliable drivers

HW-889P. Advanced driver code analysis techniques Tips and tricks to develop more secure & reliable drivers. Dave Sielaff Principal Software Development Engineer Microsoft Corporation. Motivation. Customers want reliable products Some bugs are tough to find by debugging

cera
Download Presentation

Advanced driver code analysis techniques Tips and tricks to develop more secure & reliable drivers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HW-889P Advanced driver code analysis techniquesTips and tricks to develop more secure & reliable drivers Dave Sielaff Principal Software Development Engineer Microsoft Corporation

  2. Motivation • Customers want reliable products • Some bugs are tough to find by debugging • Finding potential crashes earlier is always good

  3. Agenda • Introducing the Source Code Annotation Language (SAL) • Understanding Visual Studio Code Analysis warnings • Adding SAL to existing driver Afterwards, you will have examples of how to • Fix bugs using Code Analysis warnings • Annotate parameters and shared variable access

  4. Introducing SAL • Microsoft Source Code Annotation Language • Describes important aspects of code intent • Like using ASSERT on function declarations • Readable by humans and tools • Declaring locking behavior • Finding potential race conditions, deadlocks • Describing parameter behavior • Finding potential null dereferences, uninitialized memory use

  5. Describing locking behavior • Which functions acquire/release locks? • _Acquires_lock_(lock) • _Releases_lock_(lock) • Does a function depend on a lock being held prior to call? • _Requires_lock_held_(lock) • Which variables are guarded by which lock? • _Guarded_by_(lock)

  6. demo Concurrency Annotation Usage

  7. Basic SAL parameter concepts • Input • Data is passed to called function, treated as read-only • Input/Output • Data is passed into function and potentially modified • Output • Caller only provides space for called function to write to • Called function writes data into that space • Output Pointers • Like Output, where value returned by called function is pointer

  8. Basic SAL parameter concepts (continued) • Required • Pointer parameter that must be non-NULL • Optional • Pointer parameter that can be NULL

  9. Basic SAL parameter table

  10. demo Parameter Annotation Usage

  11. Recap

  12. Using Code Analysis and SAL • Code Analysis can find valuable bugs right out of the box • Adding SAL to your code makes Code Analysis even more effective • Think of SAL as compile-time ASSERT system • No need to annotate your code all at once • Annotating incrementally gets you incremental value, immediately and over time as your code evolves

  13. For more information RELATED SESSIONS DOCUMENTATION & ARTICLES • TOOL-100T: Improving software quality using Visual Studio 11 C++ Code Analysis • Driver Development Tools • Windows Hardware DevCenter • Windows DevCenter • Visual Studio Code Analysis and SAL

  14. thank you Feedback and questions http://forums.dev.windows.com Session feedbackhttp://bldw.in/SessionFeedback

  15. © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related