Windows 8 : Managing drivers (part 7) - Discovering the Driver Verifier utility, Adding device drivers to the driver store

5. Discovering the Driver Verifier utility

Starting with Windows 2000, Windows has included a Driver Verifier utility intended for use by advanced users in troubleshooting particularly vexing driver-related issues. The Driver Verifier utility helps determine root cause for driver-related issues, including problems related to:

• Drivers that experience memory-based issues

• Poorly written drivers

• Drivers that cause the system to fail

Important

POTENTIAL PERFORMANCE ISSUES

The Driver Verifier utility can create system instability and performance issues. Use this tool with care and only after fully reviewing the documentation so that you are confident that you understand what is happening. The system is likely to fail more often while the Driver Verifier utility is collecting information and generating dump files that can be analyzed later.

Initializing a new Driver Verifier configuration requires you to restart your system for the configuration changes to take effect.

Table 2 lists the standard tests the Driver Verifier utility can perform.

Table 2. Standard tests

Test	Description
Special pool	When activated, selected driver memory is pulled from a special pool, which is monitored for memory overruns, memory underruns, and memory that is accessed after it is freed.
Pool tracking	A method for detecting memory leaks. Ensures that a driver returns all its memory after it is unloaded.
Force IRQL checking	Places a driver under pressure in an attempt to make the driver access paged memory at the wrong IRQL. (Interrupt Request Level is the priority of an interrupt request.)
I/O verification	Monitors the way a driver handles I/O to detect illegal or inconsistent use of I/O routines.
Deadlock detection	Detects whether the driver has the potential to cause a deadlock. A deadlock occurs when two or more threads conflict over a resource, thwarting execution.
DMA checking	Detects a driver’s improper use of Direct Memory Access (DMA) buffers, adapters, and map registers.
Security checks	Enables Driver Verifier to look for common situations that can result in driver-based security vulnerabilities.
Force pending I/O requests	Ensures that pending I/O requests are handled.
Low resources simulation	Tests a driver’s ability to cope with low-resource situations, which can create resource contention issues.
IRP logging	Monitors a driver’s use of IRPs (I/O request packets).
Miscellaneous checks	Many common items create driver instability. This category catches these common items.
Invariant MDL checking for stack	Monitors how the driver handles invariant MDL buffers across the driver stack.
Invariant MDL checking for driver	Monitors how the driver handles invariant MDL buffers per driver.
Power framework delay fuzzing	Helps identify driver errors for drivers that use the system’s power framework.
DDI compliance checking	Determines whether the driver interacts correctly with the Windows kernel.

You can use the Driver Verifier utility in one of two ways. If you want to use the tool from a command line, type verifier followed by a valid verifier command. If you want to use a GUI-based version of the tool, type verifier from a command line. In this section, you learn about the GUI-based tool.

1. At a command prompt, type verifier to open the Driver Verifier Manager (GUI-based tool), as shown in Figure 17.

   

   Figure 17. The Driver Verifier utility

   The available tasks are:

   • Create Standard Settings This task selects a standard set of options and then asks you to select the drivers that are to be verified.

   • Create Custom Settings With this task, you choose the Driver Verifier tests that should be run against the drivers you choose.

   • Delete Existing Settings This task deactivates any Driver Verifier settings that are in place. It’s important to remember that Driver Verifier settings remain in place until you actively delete them.

   • Display Existing Settings This task displays the settings that will be activated and the list of drivers that will be affected.

   • Display Information About The Currently Verified Drivers This task displays information about the actions Driver Verifier is performing.

2. Select the Create Standard Settings option and tap or click Next. The Driver Verifier Manager displays the page, shown in Figure 18, on which you identify which drivers you want to verify.

   

   Figure 18. Choosing the drivers that are to be verified

3. Select the Select Driver Names From A List option and tap or click Next. Driver Verifier Manager displays the page shown in Figure 19.

   

   Figure 19. Selecting the drivers that are to be verified

4. Select the drivers you want to verify and then tap or click Finish.

5. You will probably have to restart your system. After the computer restarts, load the Driver Verifier GUI again. Choose Display Information About The Currently Verified Drivers and click Next. Driver Verifier Manager presents the current settings and verified drivers, including the status of every driver, as shown in Figure 20.

   

   Figure 20. Driver Verifier Manager running and loading drivers

6. To view the global counter information for the verified drivers, click Next to see the global counter information, as shown in Figure 21.

   

   Figure 21. The Driver Verifier Manager global counters page

7. Click Next to move to the page, shown in Figure 22, on which you can select an individual driver to view its specific information. In Figure 22, the NDIS.SYS driver—which is linked to the networking component—is the selected driver, and its counter information is displayed.

   

   Figure 22. Driver Verifier Manager details for NDIS.SYS

8. Click Finish.

6. Adding device drivers to the driver store

In an enterprise environment, it can be important to preinstall drivers on a computer before deploying it in the organization. It’s not uncommon for desktop administrators to make sure that all the drivers that a user would need are preloaded on the system. By doing so, when a user plugs in a supported device, the drivers are available and the device works for the user without any difficulty.

Windows includes a command-line tool called Pnputil.exe which you use to manage the driver store with a number of parameters, listed in Table 3.

Table 3. Pnputil.exe parameters

Parameter	Description
pnputil -a	Adds a driver package to the driver store.
pnputil -i	(Used with -a) If the driver matches any existing hardware devices on the system, the driver software will be installed.
pnputil -e	Shows you a list of third-party drivers currently loaded in the driver store.
pnputil -d	Deletes a package from the driver store.
pnputil -f	(Used with -d) Forces the deletion of a package from the driver store. The parameter is required when a driver you want to delete is associated with a device that is still connected to the system.

Sample commands:

• pnputil -a c:\NewDriver.inf Loads the NewDriver.inf driver located in C drive into the driver store.

• pnputil -d oem3.inf On the sample system used for this chapter, removes the driver associated with the VMware ThinPrint service.

• pnputil -e Shows you a list of the third-party drivers currently loaded on the system (Figure 23).

Figure 23. A list of the third-party drivers loaded on the system