Debugging Print And Imaging Drivers

Print driver team philosophy on driver quality There are tools to detect violations Wrongful development assumptions Types of source code problems Basic debugging tips Debugging and fixing the major types of problems - demoOutline

Driver robustness is goal #1 No unhandled exceptions of any kind No handled C-exceptions (SEH) No resource corruptions No resource leaks Driver Quality

Best Practices for Developing Driver Code Three attack vectors for having more robust and generally better driver code: Static analysis tools (PREfast) Extended runtime checks during testing Microsoft test tools

The Role of Microsoft Test Tools Aligned with robustness requirements in Windows ‘Longhorn’ Logo program Designed to assist vendors in meeting Logo program criteria

System Debug Aids There are powerful ways to detect violations Application Verifier Heap problems Handle problems First chance exceptions Loader lock issues Spooler built-in support for identifying crashing drivers

Most Common WRONG Development Assumptions Overactive exception handling: “it’s safe to __try/__except(1)” “it’s safe to try/catch(…)”

Most Common WRONG Development Assumptions (con’t) “It’s not a big deal to touch freed resources (memory, handles, etc.)” “It’s not a big deal to read/write few bytes past the length of a buffer – the odds the next page to be unreadable are too small” “It’s OK to use IsBadReadPtr/IsBadWritePtr APIs”

Most Common WRONG Development Assumptions (con’t) “It’s OK to skip checking the return values of resource allocation functions (malloc, new, CreateEvent, etc.)” “It’s OK to popup UI directly from within spooler process”

Types of Source Code Problems Heap corruptions: 70% contributor to print-related Microsoft Product Support calls Buffer overruns Use-after-free Double free Uninitialized variables Handle corruptions Use-after-free, double free Resource leaks

DEVMODE Issues General design issues Opaque binary format DEVMODE always comes from not trusted source Drivers can be susceptible to DEVMODE contents

DEVMODE issue types Buffer sizes Non zero-terminated strings File names Index values or loop counters Not portable (64-bit ready) data structures DevmodeCorruptor test tool for catching such problems DEVMODE Issues (con’t)

Setup Choosing a user mode debugger Symbols setup Checks for correct symbols Test Debug wizard Gflags.exe tool Application Verifier options

Basic Tips Use Microsoft debugger package Get familiar with debugger.chm kb command lists the stack trace of the break lmvl m MyDriver dumps all the driver file information.lines toggles showing source code lines.frame lets you navigate stack frames dv /V lets you examine local variables for each frame.cxr lets you switch processor contexts

Basic Tips (con’t) !analyze –v displays general information about the debug break !heap is a invaluable debugger extension !heap –p –a is great for identifying heap corruptions !htrace is great for OS handle corruptions/misuse If exception takes place “near” address 0x0, it’s probably a null pointer dereferencing If on x86 an access violation takes place above the user mode accessible memory (usually 0x ), it’s very probably uninitialized variable problem

Tips for Stack Overruns ebp is often useful for manually reconstructing the stack, especially useful for debugging stack overruns If possible, always cross-check your conclusions Search the stack for patterns like: 0:000> ebp l6 0007e e14c < something “near” EBP, but slightly bigger 0007e118 77f2f8c6 GDI32!bCreateDCW+0xb6 < a return address in code 0007e11c 0007e e

Call to Action Make sure you use Microsoft print driver test tools Familiarize yourself with the debugging basics Use the latest debugger and debug engines Enrich your arsenal of debugging techniques Explore debugging 64-bit processes

Additional Resources Web resources Latest debugging tools can be found at Latest available symbols can be downloaded from px px Windows DDK can be found at WS-Devices Profile lt.aspx?pull=/library/en-us/dnglobspec/html/devprof.asp WHDC Printing home page: WHDC Still Imaging / WIA home page:

Additional Resources For developer print questions: microsoft.com For developer scan questions: microsoft.com For developer color questions: microsoft.com Community Sites MSDN Developer Community Chats: Windows Printer Driver Development windows_ aspx windows_ aspx Windows Drivers: Printer Drivers Windows Drivers Printing and Networking

© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.