Home | FAQ | Contact
Private Seminars
Public Seminars
Course Descriptions
Course Map
Instructors
Resources

INT150
INT151
INT201
INT211
INT221
INT250
INT255
DRV101
DRV150
DRV201
DRV205
DRV211
DRV221
DRV222
DRV231
DRV232
DRV241
DRV251
DRV264
DRV274
DRV301
DRV321
OFF101
OFF201
SEC230
SEC250
WSC102
WSC110
WSC201

DRV211: Windows Driver Debugging and Memory Dump Analysis

An intensive guide to debugging device drivers, via “live” debugging and analysis of memory dumps.

Level

Intermediate

Audience

Developers of all types of Windows device drivers

Description

This seminar presents kernel debugging and crash dump analysis tools and methods for Windows, with emphasis on their use to support driver development and debugging. We teach you to set up and use the various available debugging tools, and then show you how the tools are best applied in analyzing and correcting many common driver problems. We review key operating system and driver principles, along with typical driver problems associated with those principles. Finally, we give you coding hints to help make your driver easier to debug, and better yet, to make it less prone to errors in the first place. 

Topics

  • Setting up the debugging environment

  • Analyzing memory dumps

  • Typical and atypical stop codes

  • Understanding assembly language and call frames

  • Common driver problems and live debugging scenarios

  • Driver coding for reliability and debugging

  • Using the checked build and driver verifier

  • Writing and using kernel debugger extensions

Prerequisites

Attendees must have attended one of our device driver seminars (DRV201 or equivalent), or have equivalent experience writing Windows kernel mode drivers. Familiarity with the material of DRV150, Windows Internals for Driver Developers, is also extremely important.

Windows versions

Windows Server 2003, Windows XP, Windows 2000

Duration and formats

4 days with labs
2 days lecture only
1 day lecture "short course" (DRV212)

Labs

We strongly recommend the hands-on labs version of this seminar. As with all of our seminars, we have carefully designed our lab sessions to allow you to immediately apply the material learned. In this seminar we challenge you with both debugging of buggy driver source files and analysis of memory dumps from “unknown” causes. All example source files, memory dump files, etc., together with detailed walkthroughs of the crash dump analyses, will be provided to the attendees on CD-R.

Short formats

DRV211-1, Windows Driver Debugging Essentials, lecture only, 1 day

The one day version of this seminar covers the most important material from the above outline, with almost all emphasis on “live” debugging rather than on memory dump analysis. Suggested reading and exercises are provided so that the attendees can pursue further study on their own schedule. This format is not recommended if this will be the attendees’ first exposure to debugging!
 

Related Seminars
If you are primarily interested in debugging device driver source code that you, or others in your organization, write and maintain, this seminar is for you!

If on the other hand you are a system administrator, application developer, hardware integrator, etc., whose primary interest is in “which component is causing problems" rather than “how can I fix the  driver code,” we encourage you to consider our INT211: Windows Troubleshooting, Performance Optimization, and Crash Dump Analysis seminar instead of this one.
 
Copyright © 2007 - Azius Developer Training