For more information contact us      Phone: +1-425-748-5018   Fax: +1-425-644-2185   TrainingUSA@selagroup.com Coming courses Register/More info

50154 - Version: 2 Windows Internals for Developers 5 days course Description This five-day instructor-led course provides students with the knowledge and skills to develop, debug and troubleshoot low-level Windows applications. The course provides a detailed view of the Windows operating system architecture, its key components, undocumented interfaces and core interactions through the use of debugging utilities, inspection tools and exercises. Intended audience This course is intended for systems programmers, device driver developers and other Win32 developers with at least 1 year of experience programming native applications for Windows. Prerequisites Thorough understanding of Win32 programming (this is not a Win32 programming course). Working knowledge of the C programming language. Familiarity with the Windows operating system on a power-user level. Familiarity with operating systems concepts (multiprocessing, thread scheduling, virtual memory) is preferable but not a must. Familiarity with object-oriented programming paradigms is preferable but not a must. Objectives Use debugging tools to troubleshoot user-mode and kernel-mode issues. Develop applications with a proper understanding of the Windows architecture. Appreciate the relationships between system components and their interactions with each other. Improve application performance by understanding how the system behaves internally. Topics Windows History and Characteristics The Evolution of Windows: Windows 1.0 through Windows 8 Back to 1989: Windows NT Design Goals Windows Versions and Editions Windows Programming Interfaces: Win32, WinRT, COM, .NET WinRT Architecture Lab: Basic Win32 Concepts [OPTIONAL] Open questions on Win32 programming concepts System Architecture Kernel-Mode vs. User-Mode Execution Primary System Components Types of User-Mode Processes Hard-Wired System Processes Tools Sysinternals Tools – Process Explorer, Process Monitor Resource Kit and Support Kit Tools Windows Performance Toolkit Windows Troubleshooting Platform Debugging Tools for Windows Understanding Debugging Symbols Kernel Debuggers Lab: Symbols, Process Explorer and WinDbg Setting up debugging symbols using environment variables Configuring symbols in Process Explorer and inspecting thread stacks First steps with WinDbg local kernel debugging Debugging service startup with GFlags Lab: Virtual Kernel Debugging [OPTIONAL] Setting up kernel debugging with a virtual machine as the target System Mechanisms Trap and Interrupt Dispatching Interrupt Request Levels (IRQL) Exception Handling in User-Mode and Kernel-Mode Deferred Procedure Calls (DPC) Asynchronous Procedure Calls (APC) in User-Mode and Kernel-Mode The LPC Facility Windows 8 Capabilities and Process Broker System Worker Threads Lab: Understanding System Mechanisms [OPTIONAL] Using the Performance Monitor system performance data collector set to obtain statistics on DPCs, interrupts, network activity, file system access and memory usage Using the Reliability Monitor to analyze system stability, driver installations, application failures and Windows failures Lab: Using User-Mode APCs [OPTIONAL] Implementing a simple user-mode thread-pool using user-mode APCs to schedule work to idle threads Startup and Shutdown Windows Startup – from Setup to Shell Windows Shutdown – Applications, Services and Drivers Startup Changes in Windows Vista Understanding Windows 8 Connected Standby SecureBoot and HyperBoot Process and Thread Internals Process Data Structures: Kernel, Executive, Environment Subsystem Process Creation Flow Thread Data Structures: Kernel, Executive, Environment Subsystem Thread Creation Flow Lab: Examining Processes and Threads Determining whether a thread is a UI thread or not using the system service table pointer in the thread's kernel data structure Thread Scheduling oThread Scheduling in a Preemptive Multitasking Operating System Thread Execution States and Transitions Dispatcher Database Quantum Length, Tuning and Boosts Thread Priority and Priority Boosts Thread Scheduling on a Multi-Processor System Thread CPU Affinity and Non-Uniform Memory Access (NUMA) NUMA-Aware Scheduling and Processor Groups Multimedia Class Scheduler Service and Thread Ordering Groups Fair Quantum Accounting and Dynamic Fair Share Scheduling Lab: Demonstrating Thread Priority Boosts Implementing an application that enjoys the foreground quantum boost Lab: Custom Thread Pooling Implementing a thread pool using APCs, Windows messages, I/O completion port, or a custom queue Synchronization Mechanisms Concurrency and the Need for Synchronization Compare-And-Swap: Hardware Non-Blocking Synchronization Kernel Synchronization: IRQL, Spinlocks and Queued Spinlocks Executive Synchronization: Dispatcher Objects and Wait Blocks Waiting for and Signaling Dispatcher Objects Tracing Dispatcher Objects and Wait Chain Traversal Lab: Designing Synchronization Mechanisms Implementing a Barrier Implementing a reader-writer lock Lab: Using Wait Chain Traversal Implementing a simple deadlock diagnostic application using Wait Chain Traversal Debugging a deadlock using WCT The Object Manager Resource Management in the Operating System Handles and Handle Tables Creating, Naming, Sharing and Duplicating Kernel Objects Executive Object Types Lab: Inspecting Objects Using "object reference tracing" (GFlags) to inspect object creation Using "maintain a list of objects for each type" (GFlags) to inspect live objects of a specific type Lab: Listing Objects using NTDLL [OPTIONAL] Implementing a utility for listing open handles in a specified process using undocumented NTDLL APIs The Memory Manager Virtual Memory and Paging Allocating Memory: Reserve, Commit, Heap Address Space Layout: User-Mode and Kernel-Mode, 32-bit and 64-bit Virtual Address Translation, Translation Look-Aside Buffer (TLB) Protecting Memory Locking Pages into Memory, Address Windowing Extensions (AWE) System Memory Pools and Look-Aside Lists Working Set Management: Fetch, Placement and Replacement Policies Page Frame Number (PFN) Database Lab: Using Memory Manager APIs Using Address Windowing Extensions Allocating memory in a remote process The Cache Manager Operating System File Caching vs. CPU Caching Cache Structure: Cache Control Blocks, Private Control Blocks Cache Operation: Read and Write, Fast I/O Controlling the Cache Manager: Hints to CreateFile The I/O System The I/O Manager, Power Manager and Plug-and-Play Manager Device Driver Structure I/O Data Structures: File Objects, Driver Object, Device Object I/O Flow: I/O Request Packets Synchronous and Asynchronous I/O, I/O Priorities Building and Deploying a Simple Windows Driver Power Management Fundamentals A Glimpse Towards Windows Driver Foundation (WDF) Lab: Basic Device Driver Development Compiling and deploying a simple driver Communicating with the driver from user mode Experimenting with real kernel debugging User-Mode Crash Analysis Application Restart and Recovery Generating Dump Files: Crash and Hang Scenarios Debugging Application Crashes Debugging Application Hangs and Deadlocks Lab: User-Mode Dumps and Debugging Analyzing a simple crash in an application by generating and opening a crash dump Detecting a deadlock condition between critical sections in the debugger Pinpointing a problem with file system and registry access by an application Predicting compatibility issues with future versions of Windows (Application Compatibility Toolkit) Tracing through a handle misuse scenario Kernel-Mode Debugging Blue Screen of Death: When Does the Operating System Crash? Manually Obtaining a Dump of the System Debugging Crashes Using Driver Verifier to Pinpoint Faulting Drivers Lab: Kernel-Mode Dumps Opening a minidump and finding the faulty driver Crashing the system and finding the faulty driver using Driver Verifier to reproduce the problem What's Different in 64-Bit Windows? 64-Bit Processor Architecture (AMD64) Windows on Windows 64 (WOW64) Architecture File System and Registry Redirection and Virtualization Performance Improvements on 64-Bit Windows From Windows 7 to Windows 8 Windows Store app model Windows Runtime and WinRT Objects Language Projections Background Tasks

50154 Course
	I would like a representative to contact me regarding this activity
	*	*
	* *	*