Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

Must succeed pool allocations are forbidden

IanMIanM Member - All Emails Posts: 34
I have hit the bogus static analysis error Scott described in his article last year:

Has anyone from OSR/MS got any feedback? If not, any thoughts on a workaround?




  • MBondMBond Member - All Emails Posts: 846
    IMHO there are _many_ bogus errors in the latest versions of static analysis. I am still waiting for _any_ kind of help from Microsoft on these issues. I suspect that they have paired back the compiler team after making a big investment leading up to VS 2015.

    In my experience the compiler itself produces good binaries for x64 (probably others) but the SAL module only got to about 80%. Previously I made a like of the worst issues. There are others

    1. Static variables. These are never handled correctly by CA regardless of the scope of their declaration. If they are declared at function scope, then CA craps out on the remainder of the function. It may seem odd that this is even an issue, because just like goto many will say ?don?t do that? but static variables have some important usages especially in debug / trace code (I.e. call counts etc.) and I believe it is better to have the analysis on for every build to catch issues as early as possible ? which means running it with the trace code
    2. Flow of control based on multiple dependent variables. Where loop counters etc. are not independent variables are not independent, it is easy to observe many false positives for impossible array out of bounds conditions etc. Again it is easy to say, don?t do that, but for performance reasons it is often highly desirable to store a result from a previous loop or use a co-dependent set of counters. It seems clear that when evaluating the graph of every possible program state within a function, dependent variables are not considered concurrently but rather each variable is assumed to be independent ? a clear problem for false positives for codependent loop counters etc. but even worse a clear source of false negatives for aliased pointers.
    3. Reference tracking algorithms. Where in box from MS or home grown, the semantics are fundamentally not supported by SAL and so produce a long series of false positives and worse false negatives. The acquire routines work out okay, but the release routines are always a problem
    4. Locking annotations seem completely broken. I still annotate my functions because I want to understand the constraints, but I always get errors that I am completely unable to resolve

    Sent from Mail for Windows 10

    From: on behalf of
    Sent: Tuesday, December 12, 2017 11:34:29 AM
    To: Windows System Software Devs Interest List
    Subject: [ntdev] Must succeed pool allocations are forbidden

    I have hit the bogus static analysis error Scott described in his article last year:

    Has anyone from OSR/MS got any feedback? If not, any thoughts on a workaround?



    NTDEV is sponsored by OSR

    Visit the list online at:

    MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
    Details at

    To unsubscribe, visit the List Server section of OSR Online at
  • IanMIanM Member - All Emails Posts: 34
    Thanks very much. Not quite the answer I was hoping for, but at least I'm aware of some more pitfalls now!
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
Developing Minifilters 29 July 2019 OSR Seminar Space
Writing WDF Drivers 23 Sept 2019 OSR Seminar Space
Kernel Debugging 21 Oct 2019 OSR Seminar Space
Internals & Software Drivers 18 Nov 2019 Dulles, VA