Static Driver Verifier: Finding Bugs In Device Drivers At Compile-Time PowerPoint PPT Presentation

presentation player overlay
1 / 139
About This Presentation
Transcript and Presenter's Notes

Title: Static Driver Verifier: Finding Bugs In Device Drivers At Compile-Time


1
Automatic Formal Verification for Operating
Systems Code
Byron Cook Microsoft Research Cambridge
bycook_at_microsoft.com
2
Windows OS and device drivers
HW
Operating System Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
DD
HW
HW
DD
DD
HW
HW
3
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
4
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
5
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
  • Examples
  • Outlook mail system
  • HTTP web server
  • Performance monitoring tools
  • VM tools
  • New networking technologies
  • Firewalls
  • Virus protection
  • Drawing tools

DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
6
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
7
Windows OS device drivers
Nvidia
Symantec
Fujitsu
HW
DD
Nvidia
Kernel
Adaptec
DD
HW
Microsoft
Microsoft
DD
HW
DD
DD
DD
DD
DD
Adaptec
Intel
Microsoft
AOL
DD
HW
Epson
DD
Logitech
??????????
DD
??????????
DD
DD
Sony
DD
HW
HW
Techsoft
McAfee
DD
Sony
??????????
Logitech
DD
DD
Creative
DD
DD
HW
HW
ADI
University student
??????????
Creative
8
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
9
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
10
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
11
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
12
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
13
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
14
Windows OS and device drivers
HW
DD
  • Example While running at raised interrupt
    request level (IRQL), calling KeWaitForSingleObje
    ct or KeWaitForMultipleObjects with
    Kernel-defined dispatcher object(s) to wait for a
    nonzero interval causes a fatal error. Only
    driver routines that run in a nonarbitrary thread
    context at IRQL PASSIVE_LEVEL, such as
    driver-created threads, the DriverEntry and
    Reinitialize routines, or Dispatch routines for
    inherently synchronous I/O operations, such as
    most device I/O control requests, can safely wait
    on events, semaphores, mutexes, or timers for a
    nonzero interval.

Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
  • Example If the driver is passed a PNP request
    packet with minor function IRP_MN_REMOVE_DEVICE,
    a driver must call IoDeleteDevice for any device
    that was previously allocated with IoCreateDevice

DD
DD
DD
DD
DD
HW
HW
15
Windows OS and device drivers
HW
DD
Kernel
DD
HW
DD
HW
DD
DD
DD
DD
DD
DD
HW
DD
DD
DD
DD
DD
HW
HW
DD
DD
DD
DD
DD
HW
HW
16
Todays subject
17
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

18
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

19
Static Driver Verifier
  • Static Driver Verifier (SDV) is a tool for
    proving correctness and finding bugs in Windows
    device drivers
  • SDV operates on the drivers source code
  • SDV is completely automatic
  • SDV checks that drivers do not violate a set of
    kernel API usage rules
  • Attempts to prove the correctness of the driver
    with the SLAM software model checker

20
Static Driver Verifier
ü
Driver sources
SDV
other.h
driver.h
ü
driver.c
ü
ü
21
Static Driver Verifier
22
Static Driver Verifier
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
(No Transcript)
28
(No Transcript)
29
(No Transcript)
30
(No Transcript)
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
(No Transcript)
36
(No Transcript)
37
(No Transcript)
38
(No Transcript)
39
(No Transcript)
40
(No Transcript)
41
(No Transcript)
42
(No Transcript)
43
(No Transcript)
44
Static Driver Verifier
45
Static Driver Verifier
ü
Driver sources
SDV
other.h
driver.h
ü
driver.c
ü
ü
46
Static Driver Verifier
ü
SDV
Driver sources
Rules
other.h
driver.h
ü
SLAM
driver.c
OS model
ü
ü
47
Static Driver Verifier Rules
  • Expressed in an event-based language
  • Possible events
  • Function entry
  • Function exit
  • The code associated with events call the function
    error() to indicate a violation
  • IoCallDriver.entry
  • if (2-gtTail.Overlay.CurrentStackLocation-
    gtMajorFunction
  • IRP_MJ_POWER)
  • error()

48
Static Driver Verifier Rules
  • Expressed in an event-based language
  • Possible events
  • Function entry
  • Function exit
  • The code associated with events call the function
    error() to indicate a violation
  • IoCallDriver.entry
  • if (2-gtTail.Overlay.CurrentStackLocation-
    gtMajorFunction
  • IRP_MJ_POWER)
  • error()

49
Static Driver Verifier
ü
SDV
Rules
other.h
driver.h
ü
SLAM
driver.c
OS model
ü
ü
50
Static Driver Verifier OS model
  • Provides the main function
  • Abstract implementations of kernel APIs (like
    IoCallDriver)
  • Models some aspects of the OS state, like the
    interrupt request level (IRQL)
  • Uses non-deterministic choice

51
Static Driver Verifier OS model
NTSTATUS IoCreateDevice( IN PDRIVER_OBJECT
DriverObject, IN ULONG DeviceExtensionSize,
IN PUNICODE_STRING DeviceName OPTIONAL, IN
DEVICE_TYPE DeviceType, IN ULONG
DeviceCharacterisitcs, IN BOOLEAN Exclusive,
OUT PDEVICE_OBJECT DeviceObject )
ULONG Choice nondet() switch (Choice)
case 0 (DeviceObject) SDV_devobj2
return STATUS_SUCCESS case
1 return STATUS_INSUFFICIENT_RESOURCES
case 2 return STATUS_OBJECT_NAME_EXISTS
default return STATUS_OBJECT_NAME_COLLISION

52
Static Driver Verifier OS model
NTSTATUS IoCreateDevice( IN PDRIVER_OBJECT
DriverObject, IN ULONG DeviceExtensionSize,
IN PUNICODE_STRING DeviceName OPTIONAL, IN
DEVICE_TYPE DeviceType, IN ULONG
DeviceCharacterisitcs, IN BOOLEAN Exclusive,
OUT PDEVICE_OBJECT DeviceObject )
ULONG Choice nondet() switch (Choice)
case 0 (DeviceObject) SDV_devobj2
return STATUS_SUCCESS case
1 return STATUS_INSUFFICIENT_RESOURCES
case 2 return STATUS_OBJECT_NAME_EXISTS
default return STATUS_OBJECT_NAME_COLLISION

53
Static Driver Verifier
ü
SDV
Rules
other.h
driver.h
ü
SLAM
driver.c
OS model
ü
ü
54
Static Driver Verifier SLAM
  • Automatic formal verification engine for safety
    properties
  • Strategy throw away as much irrelevant detail
    from the driver as possible through abstraction
    search
  • Algorithm counterexample-guided abstraction
    refinement
  • Find smaller (but less accurate) abstraction of
    original program
  • Try to prove it bug-free
  • Refine abstraction on-demand
  • Works well when properties are somewhat shallow
    in nature, and programs are 30,000 LOC or less

55
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
Assume that f1, f2, f3 and g do not call
AcquireLock or ReleaseLock
56
Static Driver Verifier SLAM
int locked 0 AcquireLock.entry if
(locked1) error() else
locked1 ReleaseLock.entry if
(locked0) error() else
locked0
57
Static Driver Verifier SLAM
SLAM
58
Static Driver Verifier SLAM
Driver passes rule
Rule
SLAM
Abstract Step
Driver sources
Check Step
Instrument Step
Refine Step
Rule violation found
OS model
59
Static Driver Verifier SLAM
void AcquireLock()
void ReleaseLock()
void main()
int locked 0 if (locked1)
error() else locked1
if (locked0) error()
else locked0
int locked 0 AcquireLock.entry if
(locked1) error() else
locked1 ReleaseLock.entry
if (locked0) error() else
locked0
void AcquireLock()
void ReleaseLock()
void main()
Are these reachable?
60
Static Driver Verifier SLAM
Driver passes rule
Rule
SLAM
Abstract Step
Driver sources
Check Step
Instrument Step
Refine Step
Rule violation found
OS model
61
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1()
f2() f3() if (
)
ReleaseLock()
g()
int a,b,c,rst,cnt cnt 0
rst0 !rst
a b c
altb bltc rst1



62
Static Driver Verifier SLAM
void AcquireLock() if ( )
error() else
void ReleaseLock() if ( )
error() else

bool g0 1 // locked0 bool g1 0 //
locked1
int locked 0
locked1
locked1 locked0
locked0
g1 g1 1
g0 0 g0
g0 1 g1 0
State space 2(2 bits(pc)) stack
63
Static Driver Verifier SLAM
Driver passes rule
Rule
SLAM
Abstract Step
Driver sources
Instrument Step
Check Step
Refine Step
Rule violation found
OS model
64
Static Driver Verifier SLAM
Reachable state-space for steps lt1
65
Static Driver Verifier SLAM
Reachable state-space for steps lt1
Reachable state-space for steps lt2
Reachable state-space for steps lt3
66
Static Driver Verifier SLAM
Reachable state-space for steps lt1
Reachable state-space for steps lt2
Reachable state-space for steps lt3
Reachable state-space for steps lt4
Reachable state-space for steps lt5
Reachable state-space for steps lt6
67
Static Driver Verifier SLAM
Reachable state-space for steps lt8
Reachable state-space for steps lt1
Reachable state-space for steps lt2
Reachable state-space for steps lt3
Reachable state-space for steps lt4
Reachable state-space for steps lt5
Reachable state-space for steps lt7
Reachable state-space for steps lt6
68
Static Driver Verifier SLAM
Reachable state-space for steps lt8
Reachable state-space for steps lt9
Reachable state-space for steps lt1
Reachable state-space for steps lt2
Reachable state-space for steps lt3
Reachable state-space for steps lt4
Reachable state-space for steps lt5
Reachable state-space for steps lt7
Reachable state-space for steps lt6
State where PC is at a call to error()
69
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
70
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
71
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
72
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
73
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
74
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
75
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
76
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
77
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
78
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1() f2()
f3() if (
)
ReleaseLock()
g()
79
Static Driver Verifier SLAM
Driver passes rule
Rule
SLAM
Abstract Step
Driver sources
Check Step
Instrument Step
Refine Step
Rule violation found
OS model
80
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
81
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
82
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
83
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
84
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
85
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
86
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
87
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
rst0
88
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
rst0
89
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
rst0
90
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
rst0
!(rst0)
91
Static Driver Verifier SLAM
void main() int a,b,c,rst,cnt cnt
0 for() AcquireLock()
rst0 while(!rst) a
f1() b f2() c
f3() if (altb bltc)
rst1 ReleaseLock()
g()
cnt0
rst0
!(rst0)
New predicate to track main rst0
92
Static Driver Verifier SLAM
Driver passes rule
Rule
SLAM
Abstract Step
Driver sources
Check Step
Instrument Step
Refine Step
Rule violation found
OS model
93
Static Driver Verifier SLAM
void main() for()
AcquireLock() while(
) f1()
f2() f3() if (
)
ReleaseLock()
g()
int a,b,c,rst,cnt cnt 0
rst0 !rst
a b c
altb bltc rst1
bool v0 // represents rst0
v01 v0

v00
State space 2(3 bits(pc)) stack
94
Static Driver Verifier SLAM
Driver passes rule
Rule
SLAM
Abstract Step
Driver sources
Instrument Step
Check Step
Refine Step
Rule violation found
OS model
95
Static Driver Verifier SLAM
Reachable state-space for steps ltn
96
Static Driver Verifier SLAM
Reachable state-space for steps ltn
Reachable state-space for steps ltn1
Reachable state-space for steps ltn2
97
Static Driver Verifier SLAM
Reachable state-space for steps ltn
Reachable state-space for steps ltn1
Reachable state-space for steps ltn2
Reachable state-space for steps ltn3
Reachable state-space for steps ltn4
Reachable state-space for steps ltn5 and ltn4
98
Static Driver Verifier SLAM
Reachable state-space for steps ltn
Reachable state-space for steps ltn1
Reachable state-space for steps ltn2
Reachable state-space for steps ltn3
Reachable state-space for steps ltn4
Reachable state-space for steps ltn5 and ltn4
99
Static Driver Verifier SLAM
  • The abstraction contains only the PC and these
    three state bits
  • locked1
  • locked0
  • rst0
  • Abstracted away
  • Much of f1(), f2(), f3(), g(),
  • cnt,
  • a, b, c
  • Potential values from rst
  • From this abstraction we can reasons that the
    original C program is also correct

100
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

101
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

102
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

103
Static Driver Verifier
104
Static Driver Verifier
105
Static Driver Verifier
106
Static Driver Verifier
107
SLAyer
  • Abstract interpreter using a domain expressed in
    separation logic
  • Searches for uses of lists and other
    data-structures commonly found in OS code
  • Joint work with the East London Massive
    (including many Queen Mary people)

108
SLAyer
  • Abstract interpreter using a domain expressed in
    separation logic
  • Searches for uses of lists and other
    data-structures commonly found in OS code
  • Joint work with the East London Massive
    (including many Queen Mary people)

109
SLAyer
  • Abstract interpreter using a domain expressed in
    separation logic
  • Searches for uses of lists and other
    data-structures commonly found in OS code
  • Joint work with the East London Massive
    (including many Queen Mary people)

110
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

111
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

112
Properties of interest
  • Examples of properties of interest to the kernel
    team
  • Calls to KeSetEvent(a,b,c) within dispatch
    routines should only occur at below
    DISPATCH_LEVEL when c0, and at PASSIVE_LEVEL
    when c1.
  • When creating devices, AddDevice dispatch
    routines should hold onto to the device stack
    pointer that was passed to it such that future
    requests are correctly forwarded down the device
    stack.
  • Each call to KeRaiseIrql should eventually be
    followed by a call to KeLowerIrql.
  • Device driver dispatch routines implement the
    correct functionality.

113
Properties of interest
  • Examples of properties of interest to the kernel
    team
  • Calls to KeSetEvent(a,b,c) within dispatch
    routines should only occur at below
    DISPATCH_LEVEL when c0, and at PASSIVE_LEVEL
    when c1.
  • When creating devices, AddDevice dispatch
    routines should hold onto to the device stack
    pointer that was passed to it such that future
    requests are correctly forwarded down the device
    stack.
  • Each call to KeRaiseIrql should eventually be
    followed by a call to KeLowerIrql.
  • Device driver dispatch routines implement the
    correct functionality.

114
TERMINATOR
  • Automatic liveness property prover (via fair
    termination)
  • Finds candidate termination arguments and proves
    their validity
  • Uses new method of expressing termination
    arguments that allows for refinement based on
    failed proof attempts
  • Also Joint work with East London Massive (and
    others)

115
TERMINATOR
116
TERMINATOR
117
Proving
118
Proving
119
Proving
120
Proving
121
Proving
122
Proving
123
Proving
124
Proving
125
Proving
126
Proving
127
Proving
128
Proving
129
Proving
130
Proving
131
Proving
132
Proving
133
Proving
134
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

135
Outline
  • Introduction to Windows device drivers
  • Static Driver Verifier
  • Automatic formal verification properties for
    device drivers
  • Recent plug-ins for Static Driver Verifier
  • SLAyer
  • TERMINATOR
  • Conclusion Discussion

136
Conclusion
  • Windows OS and device drivers
  • Device drivers OS plug-ins actual
    functionality
  • OS kernel small and usually correct
  • 100,000 device drivers? 250,000 device drivers?
    Many incorrect!
  • 85 of crashes in OS (both Windows and Linux)
    due to drivers
  • Correctness problem interface between OS and
    device driver

137
Conclusion
  • Static Driver Verifier
  • A compile-time tool that finds bugs in device
    drivers
  • Kernel API usage rules the automatic formal
    verification engines
  • Released on the current DDK beta
  • SLAM
  • Automatic formal verification engine for safety
    properties
  • Uses abstractions and counterexample-guided
    refinement

138
Conclusion
  • SLAyer
  • Automatic formal verification engine supporting
    more accurate model of heap-based data-structures
  • Uses abstract interpretation with domain
    expressed in separation logic
  • TERMINATOR
  • Automatic formal verification engine supporting
    liveness (and termination)
  • Uses new-style of termination arguments that
    allows for counterexample-guided refinement

139
Discussion
  • Questions?
  • More information available at
  • http//www.microsoft.com/whdc/devtools/tools/SDV.m
    spx
  • More information about Static Driver Verifier
  • http//research.microsoft.com/slam
  • Pointers to information about SLAM
  • http//research.microsoft.com/TERMINATOR
  • Pointers to information about TERMINATOR
  • http//research.microsoft.com/bycook
  • Pointers to information about me
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Static Driver Verifier: Finding Bugs In Device Drivers At Compile-Time" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!