The Kernel Memory Space Analyzer (Kanalyze) is a tool to aid in the analysis/debugging of Windows NT®/Windows® 2000 kernel crash dumps (memory.dmp).
Kanalyze parses kernel memory of these crash dumps into a useful hierarchical data model and then makes the results available for analysis and display. After the analysis of the dump file is complete, Kanalyze provides a debugger-like interface for interacting with the dump file.
Kanalyze is designed around plug-in modules, which provide a mechanism for extensibility, and includes some plug-ins to facilitate basic analysis, display kernel data, and support other plug-ins. Users can also use the supplied plug-ins to display various views of particular parts of kernel space or of related data items. Used in this fashion, Kanalyze can be a powerful supplement to the Windows debugger. Kanalyze provides the capability of extending both the analysis and the display of data through custom plug-ins. This can tailor the tool to suit very specific needs, improving its usefulness. Thus, organizations may maintain custom plug-ins to simplify and deepen the analysis and debugging functionality of Kanalyze.
For information on how to write plug-ins, see the file userdocs.doc. On a system with the Windows 2000 DDK/SDK installed, this document is available from the Start menu by selecting Programs / Debugging Tools / OEM Tool Help. Pages 25-66 and 82-132 of this document include the "Extending Kanalyze" and the "Programmer's Reference" sections for writing Kanalyze sample plug-ins.
In future versions of the Windows 2000 Debugging Tools, this documentation will be integrated with the rest of the debugger documentation.
© Microsoft Corporation 2000