Who should attend: This tutorial is aimed at both Windows NT developers and those who support the operating system. Participants should be familiar with the basic operation and concepts of Windows NT and software development. Though no specific programming knowledge is required, examples will be shown in C. Background will be provided before delving into architectural or hardware-specific areas.

This course emphasizes the power and extensibility of the Microsoft Windows NT and Windows 2000 kernel debugging and crash dump analysis tools. It explains how to use these indispensable utilities to solve real-world support and development problems. It focuses on the methods available to exploit the tools to quickly resolve and understand system failures. The Microsoft documentation is sparse, has holes, and only tells part of the story. This tutorial fills in those gaps and presents a coherent examination of exactly what is available, where to find it, and how to use it.

The topics examined in this tutorial include:

	Kernel debugging concepts
	Understanding the NT stop screen
	In-depth examination of the available debugging and analysis tools
	Using the kernel-mode extensions for basic and advanced debugging
	Debugging at the hardware level
	Remote debugging and analysis
	Understanding and working with the various crash dump tools
	Extending the debugger and dump analysis tools
	System configuration practices to ease failure analysis
	Tips for writing debug-friendly code
	What's new and different in debugging Windows 2000?
	Where does Microsoft hide the really good stuff?

 Participants will walk away from this tutorial with a thorough understanding of the tools available for debugging kernel mode code and diagnosing system failures.