Static Driver Verifier commands (MSBuild)
You can run Static Driver Verifier (SDV) in a Visual Studio Command Prompt window, either through installing the Windows Driver Kit (WDK) or by running the Enterprise Windows Driver Kit (EWDK). Navigate to the directory where the driver's project file or the library's project file is stored. The parameters can appear in any order on the command line.
Important
SDV is no longer supported and SDV is not available in Windows 24H2 WDK or EWDK releases. It is not available in WDKs newer than build 26017, and is not included in the Windows 24H2 RTM WDK.
SDV can still be used by downloading the Windows 11, version 22H2 EWDK (released October 24, 2023) with Visual Studio build tools 17.1.5 from Download the Windows Driver Kit (WDK). Only the use of the Enterprise WDK to run SDV is recommended. Using older versions of the standard WDK in conjunction with recent releases of Visual Studio is not recommended, as this will likely result in analysis failures.
Going forward, CodeQL will be the primary static analysis tool for drivers. CodeQL provides a powerful query language that treats code as a database to be queried, making it simple to write queries for specific behaviors, patterns, and more.
For more information about using CodeQL, see CodeQL and the Static Tools Logo Test.
msbuild /t:sdv /p:Inputs="Parameters" ProjectFile /p:Configuration=configuration /p:Platform=platform
You must select a Release configuration (for example, /p:Configuration="Windows 7 Release"). For the list of supported Release Configurations, see Building a Driver. The Platform can be Win32 (for x86) or x64 (for example, /p:Platform=Win32).
Note
Be sure to check your computer's power management plan to ensure the computer will not go into a sleep state during the analysis.
Parameters
/scan
Scans the driver's source code for function role type declarations. For information about how to declare the driver supplied callback functions and dispatch routines, see Using Function Role Type Declarations. During this scan, SDV tries to detect the driver entry points that it needs to verify the driver. It records the results of the scan in Sdv-map.h, a file that it creates in the driver's project directory.
For more information, see Preparing your source code.
/check:Rule | Rule,...
Starts a verification with the specified rule(s). You can specify more than one rule by separating each rule with a comma. Run the /check: command and specify the driver's Visual Studio project file (*.vcxproj).
Rule is the name of one rule or a rule name pattern that includes wildcard characters (*) to represent one or more characters. When used alone, the wildcard character (*) represents all rules.
/check:RuleList.sdv
Starts a verification with the rules in the specified rule list file. You can list only one file with this parameter. In the rule list file, each line can be the name of one rule or it can be a wildcard character (*), which represents all SDV rules. Run /check:RuleList.sdv command and specify the driver's Visual Studio project file (*.vcxproj).
RuleList.sdv is the fully qualified path and file name of a rule list file. The file must have the .sdv file name extension. Unless the file is in the local directory, the path is required. If the path or file name includes spaces, you must enclose RuleList.sdv in quotation marks.
If you specify the /check: option without specifying a rule, SDV runs with the default rule set for the driver model.
/lib
Processes the library in the current directory. SDV calls MSBuild.exe to compile and build the library for external use, and it generates the files that it needs to include the library in the driver verification.
Use this parameter before verifying drivers that require the library. Run the msbuild /t:sdv /p:Inputs="/lib" command and specify the Visual Studio project file (*.vcxproj) for the library.
For more information about the use and effect of the /lib parameter, see Library Processing in Static Driver Verifier.
/view
Opens Static Driver Verifier. Run /view commands and specify the driver's Visual Studio project file (*.vcxproj).
The results are available as soon as a verification is complete, and remain available until you use a /clean command to delete the SDV files from the driver's project directory.
/clean
Deletes SDV files from the directory. Because these files are used to generate the Static Driver Verifier Report display, the /clean command also deletes the report of the verification.
Run a /clean command and specify the Visual Studio project file (*.vcxproj) for the driver or library. The command deletes SDV files only for the project specified.
Run a /clean command for a driver project before each verification.
Run a /clean command for a library when the library files are outdated, such as when the library code changes.
A /clean command does not remove the Sdv-map.h file, if the approved flag is set to true in the Sdv-map.h file (Approved=true). SDV can then use this file for future verifications.
/?
Displays usage for SDV commands. Commands that use this parameter do not have to be run in a build environment window.
Comments
Running msbuild /t:/sdv p:/Inputs= /? without parameters displays usage for the SDV commands.
A /clean command deletes the files that SDV uses to create the Static Driver Verifier Report display for a verification. After running this command, the Static Driver Verifier Report display for the verification is no longer available.
Examples
To run SDV using all rules on the driver files in the local directory for the mydriver project:
msbuild /t:sdv /p:Inputs="/check:*" mydriver.VcxProj /p:Configuration="Windows 7 Release"/p:Platform=Win32
To run SDV using the CancelSpinLock rule on the driver files in the local directory:
msbuild /t:sdv /p:Inputs="/check:CancelSpinLock" mydriver.VcxProj /p:Configuration="Windows 7 Release" /p:Platform=Win32
To run SDV using the rule that is specified in the Rules1.sdv rule list file in the D:\SDV directory:
msbuild /t:sdv /p:Inputs="/check:D:\SDV\Rules1.sdv" mydriver.VcxProj /p:Configuration="Windows 7 Release" /p:Platform=Win32
To run SDV again, this time using the /clean option:
msbuild /t:sdv /p:Inputs="/clean" mydriver.VcxProj /p:Configuration="Windows 7 Release"/p:Platform=Win32
To display Static Driver Verifier so that you can view the results for the most recent verification of the driver in the local directory:
msbuild /t:sdv /p:Inputs="/view" mydriver.VcxProj /p:Configuration="Windows 7 Release" /p:Platform=Win32
Related topics
Using Static Driver Verifier to Find Defects in Windows Drivers
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for