What PREfast Can Detect
PREfast can detect several significant categories of potential errors in your code as soon as you can compile it, including the following:
· Memory
Potential memory leaks, dereferenced NULL pointers, access to uninitialized memory, excessive use of the kernel-mode stack, and improper use of pool tags.
· Resources
Failure to release resources such as locks, resources that a function holds when it should not, and resources that a function incorrectly fails to hold when it should.
· Function usage
Potentially incorrect usage of certain functions, function arguments that appear to be incorrect, possible argument type mismatches for functions that do not strictly check types, possible use of certain obsolete functions, and function calls at a potentially incorrect interrupt request (IRQL).
· Floating-point state
Failure to protect floating-point hardware state in a driver and attempting to restore floating-point state after saving it at a different IRQL.
· Precedence rules
Code that might not behave as the programmer intended because of the precedence rules of C.
· Kernel-mode coding practices
Coding practices that can cause errors, such as modifying an opaque memory descriptor list (MDL) structure, failing to examine the value of a variable set by a called function, using C runtime library string manipulation functions rather than the safe string functions that are defined in Ntstrsafe.h, and some misuses of pageable code segments.
· Driver-specific coding practices
Specific operations that are often a source of errors in kernel-mode drivers, such as copying a whole I/O request packet (IRP) without modifying members or saving a pointer to a string or structure argument instead of copying an argument in a DriverEntry routine.
Important PREfast is highly effective at detecting many errors that are difficult to find by other means, and it usually reports errors in a way that makes them easier to fix. This helps to free your test resources to concentrate on finding and fixing deeper, more significant bugs. However, PREfast does not find every possible error or even all possible instances of the errors it was designed to detect, so passing PREfast does not necessarily mean that your code is free of errors. Be sure to thoroughly test your code with all available tools, including Driver Verifier and Static Driver Verifier. For availability of these tools, see “Resources” at the end of this paper.
包子猜您可能还喜欢下列文章:
最近评论