Professional Documents
Culture Documents
November 5, 2008
Abstract
Driver Verifier monitors kernel-mode drivers to detect incorrect
function calls or actions that might corrupt the system. In Windows®
7, Driver Verifier has several features that did not exist in earlier
Windows versions, that detect new classes of driver defects, and that
provide information for debugging these driver defects. This paper
provides a preview of the Windows Driver Kit (WDK) documentation
for these enhancements. Exposing these additional classes of
common driver bugs assists driver developers in producing higher
quality device drivers.
This information applies for the Windows 7 operating system.
References and resources discussed here are listed at the end of this
paper.
For the latest information, see:
http://www.microsoft.com/whdc/devtools/tools/Win7SDV.mspx
Driver Verifier in Windows 7 - 2
Disclaimer: This is a preliminary document and may be changed substantially prior to final commercial
release of the software described herein.
The information contained in this document represents the current view of Microsoft Corporation on the
issues discussed as of the date of publication. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot
guarantee the accuracy of any information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under
copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or
for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights
covering subject matter in this document. Except as expressly provided in any written license agreement
from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail
addresses, logos, people, places and events depicted herein are fictitious, and no association with any real
company, organization, product, domain name, email address, logo, person, place or event is intended or
should be inferred.
© 2008 Microsoft Corporation. All rights reserved.
Microsoft, MSDN, and Windows are either registered trademarks or trademarks of Microsoft Corporation in
the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective
owners.
Document History
Date Change
November 5, First publication
2008
Contents
Introduction........................................................................................4
Incorrect References to User Handles from Kernel Drivers.................4
I/O Verification Improvements............................................................6
Special Pool, Pool Tracking, and Low Resources Simulation
Improvements....................................................................................7
Incorrect Usage of Synchronization Mechanisms..............................10
UserMode Wait for Synchronization Objects Allocated on the Kernel
Stack.............................................................................................10
Synchronization Object Allocation from NonPagedPoolSession
Memory.........................................................................................11
KeEnterCriticalRegion or KeLeaveCriticalRegion Calls at
DISPATCH_LEVEL or Above.......................................................11
Incorrect Usage of InStackQueuedSpinlock APIs...........................12
Incorrect Object References..............................................................13
Object Reference Counter Changes from 0 to 1............................13
Incorrect Kernel Handle References..............................................13
Pool Quota Charges from DPC Routine.............................................14
System Shutdown Blocks or Delays..................................................15
Improved Force Pending I/O Requests..............................................15
Additional Debugging Information....................................................16
Resources.........................................................................................17
Introduction
Driver Verifier monitors kernel-mode drivers to detect incorrect
function calls or actions that might corrupt the system. It can subject
the drivers to many different stresses and tests to find incorrect
behavior.
We strongly encourage hardware manufacturers to test their drivers
by using Driver Verifier to ensure that drivers are not making
incorrect function calls or causing system corruption. Driver Verifier
is included in Windows® 2000 and all later versions of Windows.
Driver Verifier works on both free and checked builds of Windows.
For Windows 7, Driver Verifier has several new tests and features
that allow it to expose more classes of typical driver bugs. Also,
Driver Verifier provides more information that is useful for debugging
these driver defects. This paper provides a preview of Windows
Driver Kit (WDK) documentation for the Driver Verifier enhancements
in Windows 7.
Debugging Tools for Windows are typically used to investigate issues
that Driver Verifier exposes, as mentioned in this preview. For
availability of Windows 7 and Debugging Tools for Windows, see
“Resources” at the end of this paper.
runs under the local system account. Because these processes hold
powerful privileges, they are less likely to pose a security risk.
Driver Verifier Security Checks must be enabled to expose these
driver defects. You can activate the Security Checks option for one or
more drivers by using Driver Verifier manager or the Verifier.exe
command line. At the command line, the Security Checks option is
represented by bit 8 (0x100).
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Security Checks option is also included in the /standard
settings, as shown in the following example:
verifier /standard /driver MyDriver.sys
• Use a flag value of 0x10 or add 0x10 to the flag value, as shown
in the following example:
verifier /flags 0x10 /driver MyDriver.sys
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The I/O Verification option is also included in the /standard settings,
as shown in the following example:
verifier /standard /driver MyDriver.sys
• Use a flag value of 0x1 or add 0x1 to the flag value, as shown in
the following example:
verifier /flags 0x1 /driver MyDriver.sys
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Special Pool option is also included in the /standard settings, as
shown in the following example:
verifier /standard /driver MyDriver.sys
• Use a flag value of 0x8 or add 0x8 to the flag value, as shown in
the following example:
verifier /flags 0x8 /driver MyDriver.sys
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Pool Tracking option is also included in the /standard settings,
as shown in the following example:
verifier /standard /driver MyDriver.sys
• Use a flag value of 0x4 or add 0x4 to the flag value as shown in
the following example:
verifier /flags 0x4 /driver MyDriver.sys
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Pool Tracking option is not included in the /standard settings.
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Miscellaneous Checks option is also included in the /standard
settings, as shown in the following example:
verifier /standard /driver MyDriver.sys
• Use a flag value of 0x2 or add 0x2 to the flag value, as shown in
the following example:
verifier /flags 0x2 /driver MyDriver.sys
You can also activate and deactivate Force IRQL Checking without
rebooting by adding the /volatile parameter to the command, as
shown in the following example:
verifier /volatile /flags 0x2 /driver MyDriver.sys
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Force IRQL Checking option is also included in the /standard
settings, as shown in the following example:
verifier /standard /driver MyDriver.sys
You can activate the Miscellaneous Checks option for one or more
drivers by using Driver Verifier manager or the Verifier.exe command
line. At the command line, the Miscellaneous Checks option is
represented by bit 11 (0x800).
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Miscellaneous Checks option is also included in the /standard
settings, as shown in the following example:
verifier /standard /driver MyDriver.sys
• Use a flag value of 0x8 or add 0x8 to the flag value, as shown in
the following example:
Pool Quota Charges from DPC Routine
© 2008 Microsoft Corporation. All rights reserved.
Driver Verifier in Windows 7 - 16
This setting is effective immediately but is lost when you shut down
or reboot the computer.
The Pool Tracking option is also included in the /standard settings,
as shown in the following example:
verifier /standard /driver MyDriver.sys
This Driver Verifier break occurs regardless of the options that are
currently enabled. Enabling any Driver Verifier option enables this
breakpoint.
To activate the Force Pending I/O Requests option at the command line
This setting is effective immediately but is lost when you shut down
or reboot the computer.
To activate the Force Pending I/O Requests option by using Driver Verifier
manager
1. Select Create custom settings (for code developers), and then
click Next.
2. Select Select individual settings from a full list.
3. Select I/O Verification and Force Pending I/O Requests.
If you select only Force Pending I/O Requests, Driver Verifier
manager reminds you that I/O Verification is required and offers to
enable it for you.
Resources
WHDC Web site:
Driver Verifier
http://www.microsoft.com/whdc/DevTools/tools/DrvVerifier.mspx
Debugging Tools for Windows
http://www.microsoft.com/whdc/DevTools/Debugging/default.msp
x
Windows Driver Foundation
http://www.microsoft.com/whdc/driver/wdf/default.mspx
Resources
© 2008 Microsoft Corporation. All rights reserved.
Driver Verifier in Windows 7 - 20
White Papers:
Driver Verifier in Windows Vista
http://www.microsoft.com/whdc/devtools/tools/vistaverifier.mspx
I/O Completion/Cancellation Guidelines
http://www.microsoft.com/whdc/driver/kernel/Iocancel.mspx
Cancel Logic in Windows Drivers
http://www.microsoft.com/whdc/driver/kernel/cancel_logic.mspx
Resources
© 2008 Microsoft Corporation. All rights reserved.