Suggestions for advanced use of Driver Verifier and WinDbg kernel debugging of crashes

Hi everyone:

I need to be able to debug kernel crashes in a couple of drivers (that were written by someone else, but we have the source code.) Something crashes there at the system’s high memory usage at sporadic times. So I enabled Driver Verifier on a test machine and also attached to it with a kernel debugger using WinDbg Next. And I get occasional crashes, but I need to better understand what to do after WinDbg catches it. And also how to better configure Driver Verifier.

Any suggestions where to get that info/tutorial?

Well you have a big clue that it is some form of memory allocation that is related to your problem, or more precisely allocation failures.

What are the bugchecks associated with the crashes?
Do any of the active stacks include your driver?

I would first review every code path that can have resource allocation failures and verify that they handle those failures correctly. I would also make sure that my driver has run time logging enabled (using IFR for example) so that when it does fail I can have some clues about what it is doing.
For verifier you can try using low resource simulation to provoke problems.

@Mark_Roddy said:
Well you have a big clue that it is some form of memory allocation that is related to your problem

The bugcheck is unrelated to the cause - it is a result of the cascade of failures.

I ran the !wdfdriverinfo drvr_name.sys 0x41 for that driver and got an unusually high number of WDFMEMORY object count - almost 20k. There’s definitely a leak there.

How would you proceed in finding where those WDFMEMORY objects are leaked?

PS. Again, I am not the author of the driver, but I have access to the source code.