K
- k command, Advanced Crash Dump Analysis
- Kd debugger (Kd.exe), The BIOS Boot Sector and Bootmgr, Basic Crash Dump Analysis, Hung or Unresponsive Systems, Hung or Unresponsive Systems, Hung or Unresponsive Systems, When There Is No Crash Dump
- KdDebuggerInitialize1 routine, Initializing the Kernel and Executive Subsystems
- KeAcquireInterruptSpinLock routine, Synchronization
- KeBalanceSetManager routine, Memory Manager Components
- KeBugCheck2 function, 0xC5 - DRIVER_CORRUPTED_EXPOOL
- KeBugCheckEx function, The Blue Screen
- KeExpandKernelStackAndCallout function, Kernel Stacks
- Kei386EoiHelper function, Stack Trashes
- KeInitializeQueue function, I/O Completion Port Operation
- KeInsertByKeyDeviceQueue function, Disk Class, Port, and Miniport Drivers
- KeInsertQueue function, I/O Completion Port Operation
- KeLoaderBlock variable, Initializing the Kernel and Executive Subsystems
- KeRegisterBugCheckCallback function, The Blue Screen
- KeRegisterBugCheckReasonCallback function, The Blue Screen, Crash Dump Files
- KeRemoveByKeyDeviceQueue function, Disk Class, Port, and Miniport Drivers
- KeRemoveQueueEx function, I/O Completion Port Operation
- kernel (Ntoskrnl.exe, Ntkrnlpa.exe), Layered Drivers, Opening Devices, Synchronization, I/O Completion Port Operation, User-Mode Driver Framework (UMDF), Winload, Memory Manager Components–Internal Synchronization, Internal Synchronization, Internal Synchronization, Heap Manager, Page Fault Handling, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Smss, Csrss, and Wininit, Driver Loading in Safe Mode, Why Does Windows Crash?, Verbose Analysis, Code Overwrite and System Code Write Protection
- boot process, Winload
- DLLs, Layered Drivers
- file objects, Opening Devices
- heap manager, Heap Manager
- initializing, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Initializing the Kernel and Executive Subsystems, Smss, Csrss, and Wininit
- listing modules, Verbose Analysis
- memory manager components, Memory Manager Components–Internal Synchronization, Internal Synchronization, Internal Synchronization
- phase 1 initialization, Initializing the Kernel and Executive Subsystems
- queues, I/O Completion Port Operation
- safe mode switch scanning, Driver Loading in Safe Mode
- stack trace database, Initializing the Kernel and Executive Subsystems
- subsystem crashes, Why Does Windows Crash?
- synchronization routines, Synchronization
- system code write protection, Code Overwrite and System Code Write Protection
- trap handler, Page Fault Handling
- UMDF interaction, User-Mode Driver Framework (UMDF)
- kernel address space, x64 Virtual Addressing Limitations, ASLR in Kernel Address Space, IA64 Virtual Address Translation
- kernel bumps, I/O Priority Boosts and Bumps–Bandwidth Reservation (Scheduled File I/O), I/O Priority Boosts and Bumps, Bandwidth Reservation (Scheduled File I/O)
- kernel code, Large and Small Pages, IA64 Virtual Address Translation
- kernel debugger, Opening Devices–Opening Devices, Opening Devices, Opening Devices, The BIOS Boot Sector and Bootmgr, The BIOS Boot Sector and Bootmgr, Hung or Unresponsive Systems, When There Is No Crash Dump–When There Is No Crash Dump, When There Is No Crash Dump, When There Is No Crash Dump
- attaching, When There Is No Crash Dump–When There Is No Crash Dump, When There Is No Crash Dump
- BCD elements, The BIOS Boot Sector and Bootmgr
- breaking into systems, Hung or Unresponsive Systems
- transports, The BIOS Boot Sector and Bootmgr
- troubleshooting without crash dumps, When There Is No Crash Dump
- viewing file objects, Opening Devices–Opening Devices, Opening Devices, Opening Devices
- kernel driver stack, User-Mode Driver Framework (UMDF)
- kernel element, The BIOS Boot Sector and Bootmgr
- kernel extensions, Types of Device Drivers
- kernel image file name, The BIOS Boot Sector and Bootmgr
- kernel memory, Driver Verifier, Internal Synchronization, Examining Memory Usage, No Execute Page Protection, No Execute Page Protection, Driver Verifier
- displaying information, Examining Memory Usage
- low resources simulation, Driver Verifier
- memory manager, Internal Synchronization
- paged pool execution protection, No Execute Page Protection
- pool functions, Driver Verifier
- session pool execution protection, No Execute Page Protection
- kernel memory dumps, Crash Dump Files, Crash Dump Files, Crash Dump Files
- kernel mode, Types of Device Drivers, Layered Drivers, Layered Drivers, Services Provided by the Memory Manager, Kernel-Mode Heaps (System Memory Pools)–Look-Aside Lists, Look-Aside Lists, x86 Virtual Address Translation, Page Fault Handling, Memory Notification Events, Initializing the Kernel and Executive Subsystems, The Blue Screen, Causes of Windows Crashes
- access violations, Causes of Windows Crashes
- DLLs, Layered Drivers
- drivers, Types of Device Drivers, Layered Drivers, Memory Notification Events, The Blue Screen
- heaps, Kernel-Mode Heaps (System Memory Pools)–Look-Aside Lists, Look-Aside Lists
- memory manager services in, Services Provided by the Memory Manager
- page faults and, Page Fault Handling
- paging, Initializing the Kernel and Executive Subsystems
- virtual addresses, x86 Virtual Address Translation
- Kernel Mode Code Signing (KMCS), Driver Installation, The BIOS Boot Sector and Bootmgr, The BIOS Boot Sector and Bootmgr
- kernel process block (KPROCESS), Page Directories
- kernel queues, I/O Completion Port Operation
- kernel stack, Kernel Stacks–Virtual Address Descriptors, Kernel Stacks, Kernel Stacks, Virtual Address Descriptors, Initializing the Kernel and Executive Subsystems
- memory management, Kernel Stacks–Virtual Address Descriptors, Kernel Stacks, Virtual Address Descriptors
- stack trace database, Initializing the Kernel and Executive Subsystems
- usage, Kernel Stacks
- Kernel Transaction Manager (KTM), Master File Table, Transaction Support, Resource Managers, On-Disk Implementation, Recovery Implementation
- kernel-mode drivers, Types of Device Drivers, Layered Drivers, Layered Drivers, User-Mode Driver Framework (UMDF), Memory Notification Events, Why Does Windows Crash?, The Blue Screen
- kernel-mode heaps (system memory pools), Kernel-Mode Heaps (System Memory Pools)–Look-Aside Lists, Look-Aside Lists
- kernel-mode pages, Crash Dump Files
- kernel-mode thread exceptions, 0x8E - KERNEL_MODE_EXCEPTION_NOT_HANDLED–0x7F - UNEXPECTED_KERNEL_MODE_TRAP, 0x8E - KERNEL_MODE_EXCEPTION_NOT_HANDLED, 0x7F - UNEXPECTED_KERNEL_MODE_TRAP
- KERNEL_DATA_INPAGE_ERROR stop code, Causes of Windows Crashes
- KERNEL_MODE_EXCEPTION_NOT_HANDLED stop code, Stack Trashes, 0x8E - KERNEL_MODE_EXCEPTION_NOT_HANDLED, 0x7F - UNEXPECTED_KERNEL_MODE_TRAP
- KERNEL_MODE_EXCEPTION_NOT_HANDLED with P1… stop code, Causes of Windows Crashes
- KeStartAllProcessors routine, Initializing the Kernel and Executive Subsystems
- KeSwapProcessOrStack routine, Memory Manager Components
- KeSynchronizeExecution routine, Synchronization
- KEVENT structure, Driver Verifier
- key entries (encryption), Encrypting a File for the First Time
- key escrow services, BitLocker Management
- key number generation, Trusted Platform Module (TPM)
- key recovery mode (TPM), Trusted Platform Module (TPM)
- key rings, Encrypting a File for the First Time, The BIOS Boot Sector and Bootmgr
- keyboard buffers, The BIOS Boot Sector and Bootmgr
- keyboard drivers, Hung or Unresponsive Systems–Hung or Unresponsive Systems, Hung or Unresponsive Systems, Hung or Unresponsive Systems
- keyboard ISRs, Hung or Unresponsive Systems
- keyboard sequences, The BIOS Boot Sector and Bootmgr
- keyringaddress element, The BIOS Boot Sector and Bootmgr
- KiActivateWaiterQueue function, I/O Completion Port Operation
- KiDispatchException function, When There Is No Crash Dump
- KiInitializeKernel function, Initializing the Kernel and Executive Subsystems
- KiPreBugcheckStackSaveArea function, Stack Trashes
- KiSystemStartup function, Initializing the Kernel and Executive Subsystems
- KiUnwaitThread function, I/O Completion Port Operation
- KMDF (Kernel-Mode Driver Framework), Structure and Operation of a KMDF Driver–KMDF Data Model, Structure and Operation of a KMDF Driver, Structure and Operation of a KMDF Driver–KMDF Data Model, KMDF Data Model, KMDF Data Model–KMDF I/O Model, KMDF Data Model, KMDF Data Model, KMDF Data Model–KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF Data Model–KMDF I/O Model, KMDF Data Model, KMDF I/O Model–KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model
- data model, KMDF Data Model–KMDF I/O Model, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF I/O Model, KMDF I/O Model
- driver structure and operation, Structure and Operation of a KMDF Driver–KMDF Data Model, Structure and Operation of a KMDF Driver, KMDF Data Model
- I/O model and processes, KMDF I/O Model–KMDF I/O Model, KMDF I/O Model, KMDF I/O Model, KMDF I/O Model
- KMDF objects, KMDF Data Model, KMDF Data Model, KMDF Data Model, KMDF I/O Model
- object attributes, KMDF Data Model–KMDF I/O Model, KMDF Data Model, KMDF I/O Model
- object context, KMDF Data Model
- object hierarchy, KMDF Data Model
- object types, KMDF Data Model–KMDF Data Model, KMDF Data Model, KMDF Data Model
- viewing drivers, Structure and Operation of a KMDF Driver–KMDF Data Model, KMDF Data Model, KMDF Data Model
- KMODE_EXCEPTION_NOT_HANDLED stop code, Causes of Windows Crashes, Stack Trashes
- KMUTEX structure, Driver Verifier
- Knowledge Base, The Blue Screen
- KPRCB structure, Utility Function, Utility Function, Performance Check
- KPROCESS block, Page Directories
- KSEG0 mapping, The BIOS Boot Sector and Bootmgr
- Kseg3 and 4 addresses, IA64 Virtual Address Translation
- KSEMAPHORE structure, Driver Verifier
- KSPIN_LOCK structure, Driver Verifier
- KTHREAD structure, I/O Completion Port Operation
- KTIMER structure, Driver Verifier
- KTM (Kernel Transaction Manager), Resource Managers, Logging Implementation, Logging Implementation
- KtmLog stream, Resource Managers, Recovery Implementation
- Ktmutil.exe utility, Isolation
- KUSER_SHARED_DATA structure, Software Data Execution Prevention