K

k command, Advanced Crash Dump Analysis
Kd debugger (Kd.exe), The BIOS Boot Sector and Bootmgr, Basic Crash Dump Analysis, Hung or Unresponsive Systems, Hung or Unresponsive Systems, Hung or Unresponsive Systems, When There Is No Crash Dump
KdDebuggerInitialize1 routine, Initializing the Kernel and Executive Subsystems
KeAcquireInterruptSpinLock routine, Synchronization
KeBalanceSetManager routine, Memory Manager Components
KeBugCheck2 function, 0xC5 - DRIVER_CORRUPTED_EXPOOL
KeBugCheckEx function, The Blue Screen
KeExpandKernelStackAndCallout function, Kernel Stacks
Kei386EoiHelper function, Stack Trashes
KeInitializeQueue function, I/O Completion Port Operation
KeInsertByKeyDeviceQueue function, Disk Class, Port, and Miniport Drivers
KeInsertQueue function, I/O Completion Port Operation
KeLoaderBlock variable, Initializing the Kernel and Executive Subsystems
KeRegisterBugCheckCallback function, The Blue Screen
KeRegisterBugCheckReasonCallback function, The Blue Screen, Crash Dump Files
KeRemoveByKeyDeviceQueue function, Disk Class, Port, and Miniport Drivers
KeRemoveQueueEx function, I/O Completion Port Operation
kernel (Ntoskrnl.exe, Ntkrnlpa.exe), Layered Drivers, Opening Devices, Synchronization, I/O Completion Port Operation, User-Mode Driver Framework (UMDF), Winload, Memory Manager ComponentsInternal Synchronization, Internal Synchronization, Internal Synchronization, Heap Manager, Page Fault Handling, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Smss, Csrss, and Wininit, Driver Loading in Safe Mode, Why Does Windows Crash?, Verbose Analysis, Code Overwrite and System Code Write Protection
boot process, Winload
DLLs, Layered Drivers
file objects, Opening Devices
heap manager, Heap Manager
initializing, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Smss, Csrss, and Wininit
listing modules, Verbose Analysis
memory manager components, Memory Manager ComponentsInternal Synchronization, Internal Synchronization, Internal Synchronization
phase 1 initialization, Initializing the Kernel and Executive Subsystems
queues, I/O Completion Port Operation
safe mode switch scanning, Driver Loading in Safe Mode
stack trace database, Initializing the Kernel and Executive Subsystems
subsystem crashes, Why Does Windows Crash?
synchronization routines, Synchronization
system code write protection, Code Overwrite and System Code Write Protection
trap handler, Page Fault Handling
UMDF interaction, User-Mode Driver Framework (UMDF)
kernel address space, x64 Virtual Addressing Limitations, ASLR in Kernel Address Space, IA64 Virtual Address Translation
kernel bumps, I/O Priority Boosts and BumpsBandwidth Reservation (Scheduled File I/O), I/O Priority Boosts and Bumps, Bandwidth Reservation (Scheduled File I/O)
kernel code, Large and Small Pages, IA64 Virtual Address Translation
kernel debugger, Opening DevicesOpening Devices, Opening Devices, Opening Devices, The BIOS Boot Sector and Bootmgr, The BIOS Boot Sector and Bootmgr, Hung or Unresponsive Systems, When There Is No Crash DumpWhen There Is No Crash Dump, When There Is No Crash Dump, When There Is No Crash Dump
attaching, When There Is No Crash DumpWhen There Is No Crash Dump, When There Is No Crash Dump
BCD elements, The BIOS Boot Sector and Bootmgr
breaking into systems, Hung or Unresponsive Systems
transports, The BIOS Boot Sector and Bootmgr
troubleshooting without crash dumps, When There Is No Crash Dump
viewing file objects, Opening DevicesOpening Devices, Opening Devices, Opening Devices
kernel driver stack, User-Mode Driver Framework (UMDF)
kernel element, The BIOS Boot Sector and Bootmgr
kernel extensions, Types of Device Drivers
kernel image file name, The BIOS Boot Sector and Bootmgr
kernel memory, Driver Verifier, Internal Synchronization, Examining Memory Usage, No Execute Page Protection, No Execute Page Protection, Driver Verifier
displaying information, Examining Memory Usage
low resources simulation, Driver Verifier
memory manager, Internal Synchronization
paged pool execution protection, No Execute Page Protection
pool functions, Driver Verifier
session pool execution protection, No Execute Page Protection
kernel memory dumps, Crash Dump Files, Crash Dump Files, Crash Dump Files
kernel mode, Types of Device Drivers, Layered Drivers, Layered Drivers, Services Provided by the Memory Manager, Kernel-Mode Heaps (System Memory Pools)Look-Aside Lists, Look-Aside Lists, x86 Virtual Address Translation, Page Fault Handling, Memory Notification Events, Initializing the Kernel and Executive Subsystems, The Blue Screen, Causes of Windows Crashes
access violations, Causes of Windows Crashes
DLLs, Layered Drivers
drivers, Types of Device Drivers, Layered Drivers, Memory Notification Events, The Blue Screen
heaps, Kernel-Mode Heaps (System Memory Pools)Look-Aside Lists, Look-Aside Lists
memory manager services in, Services Provided by the Memory Manager
page faults and, Page Fault Handling
paging, Initializing the Kernel and Executive Subsystems
virtual addresses, x86 Virtual Address Translation
Kernel Mode Code Signing (KMCS), Driver Installation, The BIOS Boot Sector and Bootmgr, The BIOS Boot Sector and Bootmgr
kernel process block (KPROCESS), Page Directories
kernel queues, I/O Completion Port Operation
kernel stack, Kernel StacksVirtual Address Descriptors, Kernel Stacks, Kernel Stacks, Virtual Address Descriptors, Initializing the Kernel and Executive Subsystems
memory management, Kernel StacksVirtual Address Descriptors, Kernel Stacks, Virtual Address Descriptors
stack trace database, Initializing the Kernel and Executive Subsystems
usage, Kernel Stacks
Kernel Transaction Manager (KTM), Master File Table, Transaction Support, Resource Managers, On-Disk Implementation, Recovery Implementation
kernel-mode drivers, Types of Device Drivers, Layered Drivers, Layered Drivers, User-Mode Driver Framework (UMDF), Memory Notification Events, Why Does Windows Crash?, The Blue Screen
kernel-mode heaps (system memory pools), Kernel-Mode Heaps (System Memory Pools)Look-Aside Lists, Look-Aside Lists
kernel-mode pages, Crash Dump Files
kernel-mode thread exceptions, 0x8E - KERNEL_MODE_EXCEPTION_NOT_HANDLED0x7F - UNEXPECTED_KERNEL_MODE_TRAP, 0x8E - KERNEL_MODE_EXCEPTION_NOT_HANDLED, 0x7F - UNEXPECTED_KERNEL_MODE_TRAP
KERNEL_DATA_INPAGE_ERROR stop code, Causes of Windows Crashes
KERNEL_MODE_EXCEPTION_NOT_HANDLED stop code, Stack Trashes, 0x8E - KERNEL_MODE_EXCEPTION_NOT_HANDLED, 0x7F - UNEXPECTED_KERNEL_MODE_TRAP
KERNEL_MODE_EXCEPTION_NOT_HANDLED with P1… stop code, Causes of Windows Crashes
KeStartAllProcessors routine, Initializing the Kernel and Executive Subsystems
KeSwapProcessOrStack routine, Memory Manager Components
KeSynchronizeExecution routine, Synchronization
KEVENT structure, Driver Verifier
key entries (encryption), Encrypting a File for the First Time
key escrow services, BitLocker Management
key number generation, Trusted Platform Module (TPM)
key recovery mode (TPM), Trusted Platform Module (TPM)
key rings, Encrypting a File for the First Time, The BIOS Boot Sector and Bootmgr
keyboard buffers, The BIOS Boot Sector and Bootmgr
keyboard drivers, Hung or Unresponsive SystemsHung or Unresponsive Systems, Hung or Unresponsive Systems, Hung or Unresponsive Systems
keyboard ISRs, Hung or Unresponsive Systems
keyboard sequences, The BIOS Boot Sector and Bootmgr
keyringaddress element, The BIOS Boot Sector and Bootmgr
KiActivateWaiterQueue function, I/O Completion Port Operation
KiDispatchException function, When There Is No Crash Dump
KiInitializeKernel function, Initializing the Kernel and Executive Subsystems
KiPreBugcheckStackSaveArea function, Stack Trashes
KiSystemStartup function, Initializing the Kernel and Executive Subsystems
KiUnwaitThread function, I/O Completion Port Operation
KMDF (Kernel-Mode Driver Framework), Structure and Operation of a KMDF DriverKMDF Data Model, Structure and Operation of a KMDF Driver, Structure and Operation of a KMDF DriverKMDF Data Model, KMDF Data Model, KMDF Data ModelKMDF I/O Model, KMDF Data Model, KMDF Data Model, KMDF Data ModelKMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data ModelKMDF I/O Model, KMDF Data Model, KMDF I/O ModelKMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model
data model, KMDF Data ModelKMDF I/O Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF I/O Model, KMDF I/O Model
driver structure and operation, Structure and Operation of a KMDF DriverKMDF Data Model, Structure and Operation of a KMDF Driver, KMDF Data Model
I/O model and processes, KMDF I/O ModelKMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model
KMDF objects, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF I/O Model
object attributes, KMDF Data ModelKMDF I/O Model, KMDF Data Model, KMDF I/O Model
object context, KMDF Data Model
object hierarchy, KMDF Data Model
object types, KMDF Data ModelKMDF Data Model, KMDF Data Model, KMDF Data Model
viewing drivers, Structure and Operation of a KMDF DriverKMDF Data Model, KMDF Data Model, KMDF Data Model
KMODE_EXCEPTION_NOT_HANDLED stop code, Causes of Windows Crashes, Stack Trashes
KMUTEX structure, Driver Verifier
Knowledge Base, The Blue Screen
KPRCB structure, Utility Function, Utility Function, Performance Check
KPROCESS block, Page Directories
KSEG0 mapping, The BIOS Boot Sector and Bootmgr
Kseg3 and 4 addresses, IA64 Virtual Address Translation
KSEMAPHORE structure, Driver Verifier
KSPIN_LOCK structure, Driver Verifier
KTHREAD structure, I/O Completion Port Operation
KTIMER structure, Driver Verifier
KTM (Kernel Transaction Manager), Resource Managers, Logging Implementation, Logging Implementation
KtmLog stream, Resource Managers, Recovery Implementation
Ktmutil.exe utility, Isolation
KUSER_SHARED_DATA structure, Software Data Execution Prevention