Home | FAQ | Contact
Private Seminars
Public Seminars
Course Descriptions
Instructors
Resources

APP210
CMB221
DBG211
DBG214
DBG311
DRV101
DRV150
DRV201
DRV202
DRV203
DRV204
DRV205
DRV211
DRV221
DRV222
DRV231
DRV232
DRV233
DRV251
DRV264
DRV274
DRV301
DRV350
DRV360
INT150
INT151
INT201
INT205
INT250
INT410
OFF201
SEC230
SEC240
WSC150
WSC250

DBG211: Windows Troubleshooting and Memory Dump Analysis

Learn to use the Windows debugging tools, event logs, and other tools to isolate the causes of operating system crashes, system hangs, and application failures. Both x86 and x64 are covered.

Level

Intermediate

Audience

Applications developers; systems software developers; system administrators; system integrators; hardware OEMs; I.T. support personnel

Description

This seminar presents the Windows operating system from the point of view of problem analysis. We review key operating system principles, and then present a number of problem scenarios, and show how to use the various monitoring and debugging tools to isolate and solve the problems. Crash dump (“blue screen”) analysis is included but is by no means our only topic!  

Topics

  • Key Windows internals principles

  • Windows debugging tools

  • Types of system failures

  • Detecting and analyzing "leaks"

  • Analysis of typical and other stop codes

  • Understanding stack backtraces and disassembly code

  • Analyzing memory dumps and system "hangs"

  • Understanding GUI "hangs"

  • Interpreting call sequences

  • Using the live kernel debugger

Prerequisites

Attendees must have attended one of our Windows Internals seminars, or have equivalent experience.

Windows versions

Windows 7, Server 2008, Windows Vista, Windows Server 2003, Windows XP, Windows 2000

Duration and formats

3 days with labs
2 days lecture only
1 days lecture only "short course" (DBG211-1)

Labs

Labs for this seminar involve a number of problem scenarios – some involving deliberately created failures; others from real systems with actual bugs in real, shipping drivers; and some “true unknowns” – each designed or selected to illustrate the use and applicability of a particular analysis technique. After each lab period, we will lead a walkthrough and discussion of at least one approach to the problem given. After the seminar, we will also provide you with a document that gives a detailed walkthrough of the analysis procedures for each problem scenario, and copies of the corresponding example memory dump files and other materials for your further study.  

Short formats

1 day lecture only (DBG211-1, Windows Debugging and Troubleshooting Essentials)

This short version focuses solely on memory dump analysis. We cover only the material that is the most difficult to learn on one's own and which has the greatest reward for the time spent in the seminar. Suggested reading and exercises are provided so that the attendees can pursue further study on their own schedule.

Related Seminars
If you are a system administrator, application developer, hardware integrator, etc., this seminar was designed for you. Our focus here is “which component is causing problems" rather than “how can I fix the code." 

On the other hand, if you are primarily interested in debugging device driver source code that you, or others in your organization, write and maintain, please instead consider DRV211: Windows Driver Debugging and Memory  Dump Analysis.
 
Copyright © 2012 by Azius LLC