Hi all,
Anyone knows what is a basic difference between these two static analyze
tool and when is better use one or other?
TIA,
–
Fernando Roberto da Silva
DriverEntry Kernel Development
http://www.driverentry.com.br http:</http:>
“Fernando Roberto” wrote in message
news:xxxxx@ntdev…
>> Anyone knows what is a basic difference between these two static analyze
>>tool and when is better use one or other?
PREfast is a per function analyzer, that will do code flow analysis within
a function. It catches many common problems, and is lightweight. You can
help PREfast catch many more bugs if you annotate the code and use the
latest version. For annotations, se the WDF book for a good description.
PREfast works on all driver types, and works with C++.
SDV is a whole driver analyzer, it simulates code paths through the driver
(understanding the driver model) and can catch complex errors that may not
be found by normal use and testing. SDV is far from lightweight and can
take hours to run over a driver, even on a modern MP system. SDV right
now understands generic WDM drivers and with the Longhorn beta KMDF
drivers. SDV cannot be used on things like NDIS, StorPort, mini-filters,
etc at present since they do not have the models defined. Also, SDV IIRC
is still only C.
For completeness, one should mention /WALL on the compiler and PC-Lint.
/WALL can catch bugs that are missed by the above tools, though PREfast is
catching most of them. There is no additional overhead for /WALL but the
WDK includes can have problems (they are up to /W4 with some hacks, i.e.
turning off checks) but not all the way to /WALL.
PC-Lint can find things that the other tools miss. In particular, PC-Lint
can find unused structure elements, functions and global data. While this
may not seem critical, asking why you created something that you did not
use can in many cases lead to a bug where you should have used the item.
Also, PC-Lint is harsh on type compatibility, which can point out errors.
Personally, I use /W4 (/WALL is still too painful in the WDK) and build
with PREfast for all compiles. I cleanup all warnings by the compiler and
PREfast before ever running the code. I will commonly (i.e. many times a
day) use PC-Lint on the code and clean up all those warnings. I would
probably use PC-Lint all the time, but I haven’t spent the effort to keep
modifying Mark Roddy’s DDKBUILD to support lint.
On SDV if I am doing a project that supports it, I commonly run SDV every
night assuming the code is stable at the end of the day (if there are big
errors or changes comming this is not worth it).
Personally, I use all the tools. I have also tried using compiler switches
invoke the compiler as C++ even though the code is C, but have found no
bugs to speak of that were not caught by one of the other tools.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply