Reading Notebook: 28-July-09
Comments in italics are mine and express my own views, thoughts and opinions
Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:
APIC implies SMP (p. 65)
Use of drivers to access DDK functions not having Windows API counterpart (p. 69)
WDM vs. Legacy (p. 69) - I think that for non-hardware drivers to do some software function in kernel mode / space legacy model is sufficient
Use of filter drivers to fix hardware problems (p. 69)
UMDF driver as a service that communicates via ALPC to a kernel hardware wrapper (p. 70) - I’m still reading this book about KMDF and UMDF: Developing Drivers with the Windows Driver Foundation
Zw (no parameter validation) vs. Nt (p. 73) - here is another look at their difference: http://www.dumpanalysis.org/blog/index.php/2007/04/10/yet-another-look-at-zw-and-nt-functions/
Idle pseudo-process threads do CPU accounting (p. 74)
Process Monitor boot trace (p. 74)
- Dmitry Vostokov @ SoftwareGeneralist.com -
_1125.png)
Coming Soon:
Management Bits: An Anthology from Reductionist Manager
Debugging Notebook: Essential Concepts, WinDbg Commands and Tools
Crash Dump Analysis for System Administrators and Support Engineers
New Magazines:
Debugged! MZ/PE: MagaZine for/from Practicing Engineers
New Books:
Memory Dump Analysis Anthology: Color Supplement for Volumes 1-3
Memory Dump Analysis Anthology, Volume 3
First Fault Software Problem Solving: A Guide for Engineers, Managers and Users
x64 Windows Debugging: Practical Foundations
Also available:
Windows Debugging: Practical Foundations
DLL List Landscape: The Art from Computer Memory Space
Dumps, Bugs and Debugging Forensics: The Adventures of Dr. Debugalov
WinDbg: A Reference Poster and Learning Cards
Memory Dump Analysis Anthology, Volume 2
Memory Dump Analysis Anthology, Volume 1
New Children's Book:
