2000/2/1 Phase 3
Service Release 0
2000/4/24 Phase 3 Service Release 1
2000/6/23 Phase 3 Service Release 2 (This release)
Welcome to the Phase 3 OEM Support Tools release. These
tools are provided as troubleshooting and development tools for those working
with Microsoft Windows NT 4.0 and Windows 2000. The tools extend the
functionality of existing debugging tools, provide new features upon which new
debugging methodologies can be based, and provide development support.
This document contains release notes for this release, as well as links
to the specs for the tools, which are provided as html in this release.
Following six tools are included in this release. The directory name indicates
where you can find each tool.
Kernel Debugger Extensions (\kdext)
Kernel Memory Space Analyzer (\kanalyze)
User Mode Process Dump (\userdump)
Kernel Mode to User Mode Process Dump Extraction Utility (\genedump)
NTFS File Sector Information Utility (\nfi)
Driver Verifier and System Information API Wrapper (\syswrap)
This release supports Windows NT versions 4.0 SP3, SP4, SP5, SP6a, and Windows 2000 on x86 platform. Windows NT 3.51 on x86 platform and Windows NT 4.0 on Alpha platform are no longer supported.
This release of Kernel Debugger Extensions has been tested
with i386kd 5.00.2184.1, which is available on the Windows 2000 Support
Tools CD.
This release of Userdump and Genedump have been tested with
Windbg 5.00.2184.1, which is available on the Windows 2000 Support Tools CD.
To configure Kanalyze Known Issues Database, SQL Server 7.0
is required. SQL Server 7.0 is supported on Windows NT 4.0 SP4 or later and
Windows 2000.
To access Kanalyze Known Issues Database, Windows NT 4.0
clients should be running Microsoft Data Access Components (MDAC) 2.1 or
later. MDAC 2.1 is available at http://www.microsoft.com/data/download.htm
(U.S. English) or http://www.microsoft.com/data/download_loc.htm
(International).
Windows 2000 clients do not require installation of any optional software to
access the database.
Specification documents provide functional
specification including architecture, programmer's references, and usage
information. No other user documents will be provided in this release.
End-User License Agreement (EULA.TXT) and
Redistributable Code (REDIST.TXT) information
can be found under \license directory.
Only Kernel Memory Space Analyzer and User Mode Process Dump have been updated in Phase 3 SR1 and SR2. There are no changes in the rest of the tools.
Following issues have been addressed:
Phase 3 SR1
In Phase 3 SR0, if multiple clients tried to update Known Issues Database at the same time, some updates failed due to a deadlock condition. Kadbprov.dll has been updated to correct the problem, and this deadlock condition should no longer occur.
There was an error in Phase 3 SR0 database.dll plug-in which listed match level in a wrong order for some cases. This error has been corrected.
Phase 3 SR0 Kanalyze was unable to add more than 32768 crash instances due to a data type mismatch bug in kadbprov.dll. This has been fixed and crash instances can be added up to the size of long integer now.
A problem with the KaKnown Issue Database Maintenance Tool ASP scripts (\samples\kanalyze\asp) that result in an error when entering solution, analysis, hintdata, or progress text which contains an embedded single quote has been fixed.
ASP scripts have been updated to display a warning message if you try to update either the Analysis record with Analysis ID = 1 or the Solution record with Solution ID =1. These two records are used by Kanalyze to indicate that there is no analysis or solution available. You should not attempt to update these records. Instead, you should add a new Analysis and/or Solution record for the crash you analyzed.
Based on the feedback we have received from OEM's, the words "Problem Description" under "Column Name" have been changed to "Analysis Details" on all of the ASP pages for Analysis.
Phase 3 SR2
There was a problem that DB_PASSWORD which was used to gain access to a Known Issues Database was not masked in kanalyze.log file. Kanalyze has been updated to mask a password in kanalyze.log file.
There were cases that database plug-in failed to update a known issues database randomly. This happens when kanalyze engine cannot retrieve processor type information when this information is missing from a minidump. Database plug-in has been fixed to avoid database update failure in this case. When kanalyze engine cannot retrieve processor spec information, database plug-in properly stores processor type field as 'unknown'.
Following new and changed features have been provided:
Phase 3 SR1
Hot-Key "Dump Win32 GUI applications that appear
hung" option has been implemented. Previous version supported this
option only from command line mode. This option can be configured by either
Control Panel applet or setup .ini file.
Hot-Key "magic key sequence" can be customized. It
can be overridden by placing scan codes in the registry key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\udmpdrvr\Parameters.
For more details, please refer to the revised spec document.
Exception Monitoring "Bugcheck after
dumping" option has been implemented. This option can be configured by
either Control Panel applet or setup .ini file.
Exception Monitoring "Ignore exceptions that occur
inside Kernel32.dll" option has been implemented. This option can be
configured by either Control Panel applet or setup .ini file.
Exception Monitoring has been changed so that a thread ID is
added to each dump file name to avoid userdump files generated by a same
process with different threads get overwritten each other.
Following issues have been addressed:
Phase 3 SR1
Phase 2 SR2 or Phase 3 SR0 userdump did not install on Windows 2000 if you have a USB keyboard attached to your PC. Phase 3 SR1 userdump supports USB keyboard with some limitations as shown below:
Phase 3 SR2
Key new and changed features introduced in Phase 3 are listed below. For more details, please refer to the specs.
!strct command (and other !strct-style dump commands)
improvement; more nicely formatted and precise output with bug fixes.
!s new command which provides expanded search capability.
!ip new command which interprets memory as an IP packet and
dumps the headers and data contained therein.
Known Issues Database support; the database of previously
seen crash data which can be used by kanalyze to determine whether a crash
appears to match a previously seen crash scenario, and/or update the
database to include new crash data. This is the main focus for phase 3.
kanalyze.exe; a new Wizard-based GUI program which guides
the user through the steps of dealing with the crash dump, signature id
files, and symbols; provides support for connecting to and utilizing a known
issues database; and allows limited interaction with the debugging-oriented
kanalyze features.
stopcode.dll; a new plug-in DLL to perform per-stopcode
analysis.
database.dll; a new plug-in DLL to manage database access
and perform hint processing.
Support of Windows 2000 small memory dump as well as support
of complete memory dump and kernel only dump.
SQL scripts for known issues database that can be used to
create and maintain a known issues database on a SQL server.
kadbg.exe; a console mode program renamed from phase 2
kanalyze.exe, which aids to an expert debugger to debug through an
interactive command line interface.
Miscellaneous bug fixes.
Multiple processes dump support which is available via
command line and Hot-Key with options of "dump and kill" (command
line and Hot-Key) or "dump and bugcheck" (Hot-Key and Exception
Monitoring only).
Dump of all Win32 processes including csrss.exe and
optionally bugcheck (Hot-Key only).
Easier management of dump file path for Hot-Key and
Exception Monitoring via Control Panel applet.
Dump of Win32 GUI applications that appear hang.
A new tool in phase 3 to extract information from a kernel
mode crash dump file about the processes that existed at the time of the
crash, and generate user mode process dump files for these processes.
A new tool in phase 3 to dump information about an NTFS
volume, and optionally determines which volume and file contains a
particular sector.
A new tool in phase 3 to provide wrapper APIs for various
functions that are only available via the NtQuerySystemInformation API, and
other miscellaneous system functionality.
Pool Enhancements tool which was included in the phase 1
and phase 2 release is no longer included in the phase 3. On Windows 2000,
the Driver Verifier should be used instead of Pool Enhancements. The Driver
Verifier is a more powerful tool which provides special pool, pool tracking,
etc. and included in Windows 2000 itself. In addition, as a replacement of
PoolExt APIs, phase 3 Syswrap provides a set of routines for
manipulating the settings of the Windows 2000 Driver Verifier. The Driver
Verifier is documented at http://www.microsoft.com/HWDEV/driver/driververify.htm.
Following Kanalyze and Syswrap related files are included under \samples directory.
\samples\kanalyze\asp directory contains .asp script files
for IIS to help developing a Web site to manage Kanalyze Known Issues
Database outside of Kanalyze. They are supposed to be run under IIS 4.0 or
5.0 on Windows NT 4.0 (Option Pack 4 required) or Windows 2000. To configure
a Web site, take the following steps:
\samples\kanalyze\usermode directory contains the user-mode
base plug-in DLLs to perform user-mode analysis. This plug-in is provided
"as is" basis and not formally tested or supported.
\samples\kanalyze\pltaglst directory contains PoolTagList
director plug-in to list pool tags found in a crash dump.
\samples\kanalyze\inc and \samples\kanalyze\lib directories
contain Kanalyze public header and library files for programmers.
\samples\syswrap\inc and \samples\syswrap\lib directories
contain Syswrap public header and library files for programmers.
Below lists known issues and restrictions in Phase 3 SR1.
If a pool block located at the beginning of a page is
broken, kanalyze (the pool plug-in) will not report an anomaly.
Phase 3 kanalyze does not support Windows NT authentication
to gain access to SQL Server. SQL Server should be running "SQL server
logon id & Windows NT authentication" mode and the database
administrator should create a SQL logon account for use with kanalyze.
If crashe instances which have the same HWProfile, OSProfile,
KernelModuleData, or KanalyzeModuleData are stored, records may be
duplicated. A SQL script called kadbcleanup.sql to clean up duplicate
records is provided for phase 3. It is recommended that this script be run
periodically.
If multiple clients try to update the same crash class at
the same time, incorrect values for InstanceCount, FirstOccurrence, and
LastOccurrence may be stored in the CrashClass table. A SQL script called
kadbcleanup.sql to clean up the CrashClass table is provided for phase 3. It
is recommended that this script be run periodically.
WriteMemoryRoutine and WritePhysicalMemoryRoutine
helper/callback routines do not work correctly due to a limitation of one of
the libraries underlying the kanalyze implementation.