转储(Dump)文件是一种特殊类型的文件,用于存储有关您的计算机、计算机上的软件以及发生坏事时加载到内存中的数据的信息。它们通常由Windows或崩溃的应用程序自动生成,但您也可以手动生成它们。之后出现的问题是:“我如何读取转储文件的内容?” ("How do I read the contents of a dump file?"). 在本指南中,我们将向您展示如何做到这一点:
注意:(NOTE:)如果您在寻找在Windows中生成(Windows)转储文件(dump file)的方法时到达此网页,您可能需要阅读:如何为应用程序、后台或 Windows 进程创建(background or Windows process)转储文件(dump file)。读取转储文件(dump file)内容的方法不止一种,使用来自不同开发人员的各种应用程序,但我们所知道的最简单和最用户友好的方法是使用由微软(Microsoft)创建的应用程序,称为WinDbg Preview。
步骤 1(Step 1)。下载并安装WinDbg 预览版(WinDbg Preview)
第一步是下载并安装WinDbg Preview。在您的 Windows 10计算机或设备(computer or device)上,打开Microsoft Store,搜索“windbg preview”,然后单击或点击来自应用(Apps)部门的WinDbg Preview结果。或者,使用此链接可立即从(use this link)Microsoft Store转到WinDbg 预览(WinDbg Preview)页面。
在来自Store的 WinDbg Preview(WinDbg Preview's)页面上,单击或点击Install。
现在,等到应用程序下载并安装在您的 Windows 10 PC 上。
步骤 2(Step 2)。打开WinDbg Preview并加载转储文件(dump file)
WinDbg Preview安装后,您可以在开始菜单(Start Menu)中找到它的快捷方式。单击或点击它以将其打开。
注意:(NOTE:)您可以使用WinDbg Preview打开任何转储文件(dump file),但如果要打开由Windows 10在BSOD(蓝屏(Blue Screen)死机)期间创建的(Death)转储文件(dump file),您必须以管理员身份运行WinDbg Preview 。
在下面的屏幕截图中,您可以看到WinDbg Preview的样子。单击或点击窗口左上角的文件按钮。(File)
确保选择了“开始调试”("Start debugging")部分,然后单击或点击“打开转储文件”。("Open dump file.")
使用“打开(Open)”窗口浏览您的 Windows 10 PC 并选择要分析的转储文件。(dump file)然后单击或点击(click or tap)Open,如下面的屏幕截图所示。
提示:(TIP:)如果要查看Windows 10上次崩溃时生成的转储文件(dump file)的内容,可以在"C:Windowsminidump"中找到它,其中C:是安装(C:)Windows 10的驱动器的驱动器号。
根据您选择打开的转储文件的大小,以及(dump file)WinDbg Preview需要下载哪些附加软件包才能读取它,您可能需要等待一段时间,直到一切准备就绪。完成后,下面屏幕截图中显示的忙碌(Busy)消息应该会消失。
步骤 3(Step 3)。跑过 !分析(analyze command)转储文件(dump file)上的命令
WinDbg Preview现在已完成加载您选择的转储文件。(dump file)要分析其内容,请在命令(Command)面板底部的文本字段中,键入!analyze -v并按键盘上的Enter 。
WinDbg Preview开始读取和分析转储文件(dump file)。就像(Just)前面一样,这一步可能需要一段时间,具体取决于转储文件(dump file)的大小以及应用程序需要多少额外的调试包来解释它。
步骤 4. 解释转储文件
转储文件(dump file)分析完成后,您可以阅读结果以找出导致崩溃的原因。在Command面板中,滚动直到找到Bugcheck Analysis。它应该显示有关已识别问题的有用信息。
进一步向下滚动(Scroll)并查找名为BUGCHECK_CODE的字段。此错误代码(bug code)非常重要,因为它可以帮助您找出 Windows 10 PC 上到底发生了什么。记下某处并使用谷歌(Google)搜索它:你得到的结果应该是有帮助的。
例如,如果您要在Google 上搜索(Google search)您可以在下面的屏幕截图中看到的e2 错误代码(bug code),您会发现我们在测试计算机(test computer)上手动生成了BSOD。
在同一个命令(Command)面板中,您可能还会发现一些名为SYMBOL_NAME、MODULE_NAME和IMAGE_NAME的文本行。这些在解释转储文件时也很重要,因为它们通常可以指出是什么驱动程序破坏了您的 Windows 10 PC。
如果MODULE_NAME为您提供链接,请单击或点击(click or tap)它。这会向您显示更多细节,您甚至可以了解给您带来麻烦的确切驱动程序或文件(driver or file)。例如,在下面的屏幕截图中,查看Image path和FileDescription行就足够了,我们的转储文件(dump file)是由键盘驱动程序(keyboard driver)在我们使用Right Control + Scroll Lock + Scroll Lock手动触发BSOD(蓝屏(Blue Screen)死机(Death))时生成的+我们键盘上的Scroll Lock组合键。
WinDbg Preview为您提供有关转储文件(dump file)内容的更多详细信息,但其中大部分内容非常技术性,因此普通用户不容易消化。但是,我们强调的信息应该让您了解问题所在。
您知道查看转储文件(dump file)内容的更简单方法吗?
我们希望您发现这种读取转储文件内容的方法相当容易。如果您知道其他更加用户友好的方式,或者您有什么要添加到我们的指南中,请不要犹豫,在评论部分告诉我们。
How to view the contents of a dump file in Windows 10
Dump files are a special type of files that store informаtion аbout your cоmputer, the software on it, and the data loadеd in the memory when something bad happens. They are υsually automatically generated by Windowѕ or by the apps that crash, but yoυ cаn alsо manually generate them. The question that arises afterwards is: "How do I read the contents of a dump file?". In this guide, we're going to show you how that is done:
NOTE: If you've arrived on this web page while looking for ways to generate dump files in Windows, you might want to read: How to create a dump file for an app, background or Windows process. There is more than one way to read the contents of dump files, using various apps from different developers, but the easiest and most user-friendly method we know of is to use an app created by Microsoft, called WinDbg Preview.
Step 1. Download and install WinDbg Preview
The first step is to download and install WinDbg Preview. On your Windows 10 computer or device, open the Microsoft Store, search for "windbg preview," and click or tap on the WinDbg Preview result from the Apps department. Alternatively, use this link to instantly go to the WinDbg Preview page from the Microsoft Store.
On WinDbg Preview's page from the Store, click or tap on Install.
Now, wait until the app is downloaded and installed on your Windows 10 PC.
Step 2. Open WinDbg Preview and load the dump file
After WinDbg Preview installs, you can find its shortcut in the Start Menu. Click or tap on it to open it.
NOTE: You can use WinDbg Preview to open any dump file but, if you want to open a dump file that was created by Windows 10 during a BSOD (Blue Screen of Death), you must run WinDbg Preview as an administrator.
In the screenshot below, you can see what WinDbg Preview looks like. Click or tap on the File button from the top-left corner of the window.
Make sure that the "Start debugging" section is selected and then click or tap on "Open dump file."
Use the Open window to navigate through your Windows 10 PC and select the dump file that you want to analyze. Then click or tap on Open, as seen in the screenshot below.
TIP: If you want to view the contents of the dump file generated by Windows 10 during its last crash, you can find it in "C:Windowsminidump", where C: is the drive letter of the drive on which Windows 10 is installed.
Depending on how large the dump file you chose to open is, and based also on what additional software packages WinDbg Preview needs to download in order to be able to read it, you might have to wait for a while until everything is ready. When it's done, the Busy message shown in the screenshot below should go away.
Step 3. Run the !analyze command on the dump file
WinDbg Preview has now finished loading the dump file you selected. To analyze its contents, in the text field from the bottom of the Command panel, type !analyze -v and press Enter on your keyboard.
WinDbg Preview starts reading and analyzing the dump file. Just like earlier, this step might take a while, depending on how large the dump file is and how many additional debugging packages the app needs to interpret it.
Step 4. Interpret the dump file
When the analysis of the dump file is finished, you can read the results to find out what caused the crash. In the Command panel, scroll until you find the Bugcheck Analysis. It should display useful information about the issues identified.
Scroll further down and look for a field called BUGCHECK_CODE. This bug code is quite important because it can help you find out what exactly happened on your Windows 10 PC. Note it down somewhere and use Google to search for it: the results you get should be helpful.
For instance, if you're going to do a Google search for the e2 bug code that you can see in the screenshot below, you're going to find that we manually generated a BSOD on our test computer.
In the same Command panel, you might also find some text lines called SYMBOL_NAME, MODULE_NAME, and IMAGE_NAME. These are also important when interpreting dump files, as they can often point to what drivers broke and crashed your Windows 10 PC.
If the MODULE_NAME gives you a link, click or tap on it. That shows you even more details, and you can even learn the exact driver or file that caused you troubles. For example, in the screenshot below, it's enough to look at the Image path and FileDescription lines to see that our dump file was generated by the keyboard driver when we manually triggered a BSOD (Blue Screen of Death) using the Right Control + Scroll Lock + Scroll Lock key combination on our keyboard.
WinDbg Preview gives you more details about the contents of your dump file, but most of it is quite technical and therefore not easily digested by regular users. However, the information that we highlighted should give you an idea of what's wrong.
Do you know an easier way to view the contents of a dump file?
We hope that you've found this method of reading the contents of dump files fairly easy. If you know of other ways that are even more user-friendly, or if you have something to add to our guide, don't hesitate to let us know in the comments section.
