Every Windows NT device driver writer, and every engineer who supports products that include device drivers, uses the Windows NT kernel debugger to detect and correct flaws in their programs. Surprisingly, for such a popular and indispensable tool, there is little correct documentation available. Until now, there were no comprehensive books on the debugger, and there are extensions that many people don't use because they simply have no way to learn how. Yet for those who must look into a running kernel or analyze a crash dump, there is little choice but to use the tool.""Windows NT Kernel Debugging"" fills the void and solves these problems by completely documenting the operation of the NT kernel debugger and explaining how to use it. Sample code and sample debugging scripts drive the discussion of debugger features. In addition to a description of the tool, the book presents an in-depth look at how to analyze system crash dumps.
Chapters in the book describe:
The philosophy of kernel debugging, basic and advanced
The Windows NT Architecture and the interactions between NT kernel objects and user-written device and file driver objects
What a kernel debugging environment should look like and how to set it up
The anatomy of the NT Stop Screen, the Blue Screen of Death
An overview of WinDbg that includes topics like how to configure options, symbol paths and DLLs, different pieces of the Interface, and how to extend the power of the WinDbg tool
Remote debugging
Crash dump analysis
""Windows NT Kernel Debugging is your indispensable guide to using this vital tool.
- ISBN10 1565925467
- ISBN13 9781565925465
- Publish Date 13 August 1999
- Publish Status Cancelled
- Out of Print 21 May 2004
- Publish Country US
- Imprint O'Reilly Media, Inc, USA
- Format Hardcover
- Pages 300
- Language English