Example 6: Incorrect Enumerated Type

  • Article

PREfast for Drivers detects enumerated type mismatches in driver code and issues a warning about each mismatch. The type mismatch warnings vary somewhat according to the function being analyzed, but they all identify potential problems that should be investigated and fixed.

The following example demonstrates how PREfast for Drivers responds to a type mismatch. A common error when calling the KeWaitXxx routines (KeWaitForSingleObject, KeWaitForMultipleObjects, and KeWaitForMutexObject) is to transpose the WaitReason parameter, which is of type KWAIT_REASON, and the WaitMode parameter, which is of type KPROCESSOR_MODE. In this example, the driver calls KeWaitForSingleObject, but specifies the WaitMode ("KernelMode") parameter before the WaitReason ("Executive") parameter.

In response, PREfast for Drivers issues two instances of Warning 28139, one when it recognizes that KernelMode is not of type KWAIT_REASON and another when it discovers that Executive is not of type KPROCESSOR_MODE. The following output shows the content of the annotated source window for the first warning.

 2784    status = KeWaitForSingleObject(&event,

kewait.c(2784) : warning 28139: The argument 'KernelMode' should exactly match the type 'enum _KWAIT_REASON': Some functions permit limited arithmetic on the argument type, others do not. This usually indicates that an enum formal was not passed a member of the enum, but may be used for other types as well.problem occurs in function 'PciDrvSendIrpSynchronously'

2785 KernelMode,
2786 Executive,
2787 FALSE,
2788 NULL
2789 );

Notice that although the first line of the call statement (2784) appears in red, the warning is triggered by code in subsequent lines of the statement (2785 and 2786), which appear below the PREfast for Drivers warning.

Without strict type checking, the C compiler does not detect this error, and because Executive and KernelMode both evaluate to 0, the mismatch is also invisible to the system. However, when these parameters have values that are not numerically interchangeable, such as Executive (0) and UserMode (1), the driver waits in a mode that the programmer did not intend.

 

 

Send comments about this topic to Microsoft

Build date: 5/3/2011