Software developers for Windows should understand the way Windows works, its mechanisms and algorithms, so they are able to write better software that can take advantage of Windows' strengths. This course deals with all the major terms in Windows, such as processes, threads, virtual memory and more. Whether you're a Win32 programmer, a .NET programmer or a device driver programmer, you should benefit from understanding Windows, which may help in troubleshooting difficult issues as well.
Object Management Hi, my name is Pavel. I'd like to welcome you to this Windows Internals 2 course on Pluralsight. This is a direct continuation of the Windows Internals course, also from Pluralsight. So if you haven't seen that, I strongly suggest you watch that first because we'll be using a lot of the terms we've learned in the first course in this second continuation course. In this first module, we'll talk about the Object Manager. The Object Manager is part of the kernel, and that part is responsible for managing objects in various ways. So we'll see what the Object Manager is, how objects are structured, how objects are accessed via handles. We'll see how to share objects between processes, which is a very common thing to do. We'll discuss some more about object names and how they are relevant to sessions. And finally, we'll say something about user and GDI objects, which are managed differently than kernel objects.
Memory Management (Part 1) Hi, welcome back to the second module of Windows Internals 2. In this module and the next, we'll discuss memory management. Memory is one of those important things that everyone thinks about when writing code or using an operating system. So we'll start in this module to discuss some of the basics in memory management for Windows. And then we'll talk about page states, what kind of states a page can be in when inside some process future address space or in the kernel address space. We'll discuss page sharing, which is a technique in which we can save physical memory, because RAM is one of the most precious resources on the system. We'll see how address space is laid out in 32 and 64-bit systems and discuss how virtual addresses translate to physical addresses by the CPU and other entities. So let's begin.
Memory Management (Part 2) Hi, and welcome to the third module of Windows Internals 2. In this module, we'll continue exploring the Memory Manager of the kernel. Specifically, we'll discuss the following topics. First, page files. What are page files, what would we do with those, and how can they help us use more memory than physically available. We'll discuss the concept of working sets, which is the amount of physical memory various entities in the system are using and how they're used in Windows. We'll discuss the page frame number database, which is a database containing all the information on physical pages in the system. We'll see that it's not as easy or as simple as it may sound at first. Then we'll discuss memory APIs in user mode first, which will show us the various ways we can allocate and otherwise manage memory. You'll see the differences and the advantages and disadvantages of the various APIs. Finally in this module we'll discuss the Heap Manager and see what that gives us over the more low level virtual APIs. So let's begin.
Memory Management (Part 3) Hi, welcome to module 4 of the Windows Internals 2 course. In this module, we'll talk a little more about memory management. This will be the last module where we'll discuss memory specifically. So in this module, we'll take a look at system pools and how the kernel allocates and uses memory. Then we'll take a look at memory-mapped files, which are a great way to share memory and access files with memory APIs. Then we'll discuss briefly about large pages and how they can help us use memory more efficiently. And finally, we'll take a look at several ways that we can find out what's going on with memory in our processes and in the system. So let's begin.
Interrupts Hi, and welcome to the fifth module of Windows Internals 2 course. This module is about interrupts. So the first thing we'll talk about is what a trap means. A trap is an interrupt or an exception, we'll see how the kernel handles dispatching such traps. Then we'll discuss hardware interrupts and see how they are handled with an interrupt service routine by the kernel. We'll discuss the very important concept of an interrupt request level and see how that relates to interrupt and processors. And finally, we'll see how to synchronize high IRQL level code, which is different than synchronizing low IRQL level code with mutexes and such, here we'll have to use some other object because of the limitations of high IRQL code. So let's begin with traps.
Exceptions Hi, and welcome to module 6 of the Windows Internals 2 course. This module is all about exceptions. Specifically we'll discuss what exceptions are and what are the differences between exceptions and interrupts. We'll see how exceptions are handled. We'll see a mechanism known as structured exception handling, which is used by developers to handle exceptions in user mode and kernel mode. And finally, we'll talk about the Blue Screen of Death, when the system crashes, and what that means. So let's begin with exceptions.