none
Code analyzer fails a very simple sample with _IRQL_requires_max_! What is missing? RRS feed

  • Question

  • Hello,

    I have added _IRQL_requires_max_ and other _IRQL_ annotations to find IRQL 
    troubles. And of course I have found some problems and I have already fixed 
    them.

    Unfortunately, later while doing some tests with driver verifier turned on, I 
    found a further BUG within my driver. I was calling a function from 
    DISPATCH_LEVEL which needs to be called at PASSIVE_LEVEL. Ok, I fixed it. But 
    why was code analyzer not able to find my problem before?

    I have constructed a very simple use-case which shows my problem:

    _IRQL_requires_max_(PASSIVE_LEVEL)
    VOID SubPassive()
    {
    }

    _IRQL_requires_max_(DISPATCH_LEVEL)
    VOID SubDispatch()
    {
    }

    _IRQL_requires_max_(DISPATCH_LEVEL)
    VOID EntryDispatch1()
    {
    SubPassive();  //warning C28118: Wrong IRQL.... OK!
    }

    _IRQL_requires_max_(DISPATCH_LEVEL)
    VOID EntryDispatch2()
    {
    SubDispatch();
    SubPassive(); //NO WARNING!!!! NOT OK!!!
    }


    EntryDispatch1 is buggy: EntryDispatch1 is allowed to be called at 
    DISPATCH_LEVEL but calles SubPassive which needs PASSIVE_LEVEL. This problem is 
    found with code analyzer.

    EntryDispatch2 is also buggy: But here code analyser does not found any 
    problems. This is because SubDispatch is called before SubPassive. An now we do 
    not get any warnings.

    I have tried this with VS2013 and VS2015. 

    Has anyone an idea why this simple bug is not detected by code analyzer.

    Many thanks for your help!

    Regards,
    Thomas.
    • Edited by tle.ax Thursday, January 14, 2016 5:51 AM
    Thursday, January 14, 2016 5:50 AM