That dreaded PC or program crash can be frustrating, to say the least. A small consolation is that you’re not alone, as every PC owner has faced it at some point. Here is a statistic of program crashes at UC Berkeley, just to give you an idea that computer crashes are more common than you think.
While this may look bleak, the good news is you can recover the PC or program from most crashes, thanks to built-in files like dump files that give information about the crash to help you troubleshoot.
As the name suggests, dump files contain the information “dumped” from a program’s memory when it crashes. That means you get information such as the processes that were running at the time of the crash, date and time stamp, associated programs and drivers, and more.
These files end with a DMP extension and follow a specific naming pattern, so you can find them easily. For example, minidump files are named in this format — MINI000000-00.dmp. Here the first six digits are replaced by the date while the last two digits are the sequence. For example, MINI170820-01.dmp means this is the first dump file on 17th August 2020. You can find these files in the%SystemRoot%\Minidump folder in your PC.
The information you need to understand the cause of a crash is recorded in different dump file formats. The four types of dump files are:
Let’s briefly look at each kind of dump file.
This option records the contents of the system memory and could also include processes that were running at the time of the crash. When you choose this option, you have to ensure that the boot volume has enough space to hold this data.
As the name suggests, this option dumps only the kernel memory and hence, speeds up the process of recording information in a log file. This also requires considerable space for storing, typically about 2GB for 32-bit systems.
This type of file records a small amount of information that would be useful to identify the cause of a crash. This dump includes pertinent information such as:
This is similar to the kernel dump, except that the size of the paging file is less than the size of the RAM. This is ideal when a computer crashes and the paging file is not big enough to hold the entire kernel memory.
Thus, these are the four types of dump files, and you can choose the one that best fits your needs, though mini or small dump memory files are a popular choice as it gives precise information without taking too much space.
You can configure the location and type of dump files to suit your preference, and here’s how you can do it.
Here, you’ll find many options. In the “Write Debugging Information,” choose the right memory dump option. You can change the location of the dump files as well.
Most times, a program crash is caused by a malfunctioning device driver or kernel module, and in the case of the latter, systems and programs reboot automatically without displaying the error. The good news though, is these reboots are recorded in dump files, so by analyzing minidump files, you can fix the root cause to prevent it from happening again.
But you need the right tools to read and analyze these dump files.
Microsoft offers a built-in tool called Dump Check Utility to verify if a dump file has been created correctly. You can find out more about this tool here.
This tool verifies if the dump file has been created and validates its physical and virtual address. It reports in case of errors.
Here is an example of what this tool checks for you.
Many times, this sparse information is not enough to understand the root cause, and hence, you need third-party tools to glean the error information from these dump files.
Some popular tools that can open and analyze dump files are explained below.
BlueScreenView is a popular tool to analyze the minidump files on your system. It is free, so download it, unzip the file, and run it in your system.
When you open this tool, it will automatically analyze all the dump files in the default folder and will display,
You can get more information when you double-click the name of the file on the BlueScreenView interface. To know how to fix the problem, you can even do a Google search by right-clicking that file name. Based on the search results, you can follow the instructions to fix the root cause.
Windows Debugger (WinDbg) preview is another handy tool for analyzing the minidump files. This tool has a modern interface and comes with advanced scripting tools.
You can download this tool here.
WinDbg comes with many advanced features such as:
Overall, this tool is comprehensive and comes with extensive features and menu options to make it easy to detect and fix the root cause of a crash.
WhoCrashed is a useful application for analyzing dump files and for identifying the drivers that caused the crash.
This tool has a free version, and you can buy the professional edition for more advanced features and use it on more than one computer. But the free version should be enough for home computers.
Some features of this tool are:
In all, memory dump files are a great way to know the cause of a crash, so you can fix the problem right away. You can choose the type of memory dump, depending on your needs and computer specifications.
To read and analyze these files, you need additional tools, and some of the popular choices are explained above. Do let us know if you’ve used other tools for analyzing these files.
Featured image: Shutterstock
Low-code/no-code provides a modular approach for developers — and even non-developers — to produce apps…
Google hasn’t had a lot of success with its past smartphones, but the Pixel 6…
Palo Alto Networks uncovered a cross-account container takeover exploit that could threaten users of the…
Software maker IgniteTech has added 12 products to its enterprise portfolio, including several focused on…
Medical systems maker Olympus Global, out of an abundance of caution, is warning the public…