Statistics crashing updating resource allocation
Another way in which an errant driver may crash the system is when a driver frees pooled memory allocated thereto, but then later writes to it after the memory has been reallocated to another component, corrupting the other component's information.This may lead to a crash in which the other component appears responsible.Yet another type of error that a kernel component may make is failing to deallocate memory that the component no longer needs, often referred to as a “memory leak.” This can occur, for example, when a driver unloads but still has memory allocated thereto, or even when a driver is loaded but for some reason does not deallocate unneeded memory.Note that this can occur because of the many complex rules drivers need to follow in order to safely interact with other drivers and operating system components.Among other information, the header includes information that tracks the block size.Then, when the memory is deallocated, the kernel looks to see if this block may be coalesced with any adjacent deallocated blocks, so that larger blocks of memory become available for future requests.A method and system for verifying computer system drivers such as kernel mode drivers.
For example, if forty-four bytes of pooled memory are required by a driver, sixty-four are allocated by the kernel, eight for the header, forty-four for the driver, with the remaining twelve unused.For example, a driver may have a bug that does not arise unless memory is low, and then possibly only intermittently, whereby a test system will not reproduce the error because it does not reproduce the conditions.In sum, kernel components such as drivers need to be privileged, which makes even slight errors therein capable of crashing the system, yet such errors are often difficult to detect, difficult to match to the source of the problem and/or difficult to reproduce.Indeed, this post-deallocation writing can be a very subtle error, such as if the erroneous write occurs long after the initial deallocation, possibly after many other components have successfully used the same memory location.
Note that such a post-deallocation write may also overwrite a header of another block of pooled memory, e.g., when smaller blocks are later allocated from a deallocated larger block.
If so, the header information including the block size is used to coalesce the adjacent blocks.