Windows Debugging & Crash Dump Analysis

Duration: 5 days.
Contact us for pricing and details.

This 5-day course gives developers and support engineers the knowledge to effectively troubleshoot Windows crashes, hangs, and kernel mode software. Using a variety of system-level tools including Windbg and IDA Pro. It presents knowledge to locate and isolate Windows kernel and windows device driver bugs as well as user-mode application bugs. Both “live”, remote debugging, and post-mortem techniques for troubleshooting are presented.

Windows Architecture

  • History of Windows OS
  • Design Goals
  • Features of the OS
  • Threads
  • Processes
  • Client/Server Architecture

Debuggers & Environment

  • The Windows Debuggers
  • The Portable Executable (PE) File Format
  • Symbol Files
  • Map Files
  • Debug & Release Builds

Visual Studio Debugging

  • Source File Debugging
  • Setting Breakpoints
  • The Debug Windows
  • Thread Management
  • Exception Management
  • Remote Debugging

Memory Management

  • Virtual Address Translation
  • Page Faults
  • Working Set Management
  • Physical Memory Management

DLL Architecture & Debugging

  • DLL Architecture
  • DLL Linkage
  • Imports & Exports
  • Utilities for DLL management
  • DLL Load Order
  • Binding & Basing
  • DllMain

NTSD

  • NT Symbolic Debugger Features
  • NTSD Command Line
  • Working with Symbols
  • Debugging Multiple Processors
  • Using NTSD with Remote

Stack Debugging

  • Structure of the Intel Stack
  • Stack Optimizations
  • Stack Traces
  • Stack Corruption
  • Stack Recovery

WinDbg

  • Features of WinDbg
  • WinDbg Interface
  • Debug windows
  • Symbol file specification
  • Source file specification
  • Setting breakpoints
  • Controlling code execution

Windows 7 Driver Architecture

  • The Windows 7 I/O Model
  • I/O Processing
  • The Cache Manager
  • Types of Supported Device Drivers
  • Driver Operation
  • Plug-and-Play Manager
  • Power Manager

Kernel-mode Debugging

  • Overview of kernel debuggers
  • Kernel mode debugging environment
  • Host configuration
  • Target configuration
  • Symbol files
  • Using WinDbg on the Host

Dump File Analysis

  • Why Windows crashes
  • Memory Dump Options
  • Analyzing a Crash Dump with WinDbg
  • User mode dump files
  • An Overview of Dr. Watson
  • Building an application for use with Dr. Watson
  • Using ADPlus
  • Capturing and analyzing a user mode crash

Hardware Debugging

  • Probing the Hardware
  • Accessing IO ports
  • Reading & Writing Device Memory
  • Viewing the Busses
  • Examining Device Memory
  • MP Information
  • Interrupt Information
  • Power Management Information

Extended Crash Dump Analysis

  • Kinds of Dump Files
  • Kinds of Crashes
  • What Can & Can’t Be Learned
  • Using DumpChk
  • When You Have & Don’t Have Source
  • Checked Builds
  • Online Crash Analysis

Symbol Server

  • The Problem of Symbol Files
  • Symbol Server
  • Symbol Store
  • How Symbols are Located
  • Multiple Symbol Servers
  • Symbol Storage Organization
  • SymStore Command Line Syntax

Driver Stress Testing

  • Driver Verifier
  • Buffer Boundary Conditions
  • DIO Problems
  • Multithread Usage Problems
  • Canceled IRP Problems
  • Timing Windows

Our Services

  • What our customers say about us?

© 2011-2018 All Rights Reserved. Joya Systems. 4425 South Mopac Building II Suite 101 Austin, TX 78735 Tel: 800-DEV-KERNEL

Privacy Policy. Terms of use. Valid XHTML & CSS