Not really new as it was previously called CtxBSOD v2.1 but was renamed to better show its purpose. In addition to renaming I added a command line option to dump a system remotely or from a command line locallywithout using its GUI interface. The main motivation for me to write this tool was the absence of similar tools for 64-bit Windows. SystemDumpcan dump a 64-bit server too!
You can download it form Citrix support web site (requires free registration):
http://support.citrix.com/article/CTX111072
Main features:
- The tool has both GUI and command line interfaces.
- Youcan type a message/text (or copy it from clipboard) before forcing a memory dump. This message is saved in a dump and a support engineer can read it after loading the dump in WinDbg.exe. This is implemented to encourage writing the symptoms and conditions explaining why the dump has to be forced.
- The tool can stay on top of any window (if you need this to quickly dump the server after a reproduction or during the process of an activity).
- It is supplied with Program Database (PDB) symbols for the driver (32-bit and 64-bit) which is useful when you want to have all symbols present on the bug check thread.
- The bug check clearly shows that the dump is manually generated.
- The tool can force a memory dump on both 32-bit and 64-bit platforms.
- Before forcing a fatal error on a server, the tool warns about potential damaging consequences: Users are disconnected and all the data which is not saved will be lost. It asks for a confirmation.
- You can specify a period of time (in minutes) when to force a memory dump.
The latter featureis implemented entirely in kernel. Additional commandthat not covered in the article is
>SystemDump.exe abort
allows you to abort the action if you ran the toolusing command line options.
I attached the UML component diagram showing the architecture of this tool.I recently developed apresentation about device drivers architectureand Citrix kernel drivers where I used this tool asone of examples.
- Dmitry Vostokov -
'Crash dump 불펌스페샬' 카테고리의 다른 글
| Using scripts to process hundreds of user dumps (0) | 2007.05.13 |
|---|---|
| Automated Crash Dump Analysis Part1 (0) | 2007.05.13 |
| UML and Device drivers (3) | 2007.05.13 |
| Reverse Engineering Citrix ThinWire (1) | 2007.05.13 |
| IRQL_NOT_LESS_OR_EQUAL (1) | 2007.05.13 |
