A dumpfile is a file which acts as a place where the computer writes current information about the system’s status. This information can include the current time and date, details about the previous executed commands on the system, and details about any error codes that preceded a system or program crash. The dumpfile may also include memory information for data stored above and below the location of the faulty thread and lists of running modules and threads active at the time of the dump, as well as other data. Typically used in crash scenarios, a dumpfile provides the end-user with relevant information about the state of the system before the crash, making debugging efforts easier for the end user.
Similar to an archeological report of the computer’s status before a massive catastrophe or other system event, a dumpfile acts as a memento that survives a system or program crash, attempting to provide the end user with sufficient information to help discover the reason behind the crash. While the information contained in a single dump file might not be enough to pinpoint the reason behind a fatal error or crash, the combined information from multiple dumpfiles can often highlight patterns that can help to identify the root cause of a problem. If the end user has a single dumpfile that shows a crash occurring in conjunction with another suspicious active program or thread, this is likely to be an anomaly; if the other suspicious thread is active each and every time a crash occurs, it becomes far more probable that the suspicious thread is somehow contributing to the problem.
The information contained in any specific dumpfile is often application-dependent. This means that different programs will store different types of data in a dumpfile. In addition, certain programs can produce different types of dump files, with differing levels of detail. For example, Windows CE 5.0 has the ability to generate, in escalating order of complexity, context dumps, system dumps, and complete dumps. These differ depending upon the level of detail; system dumps contain all information found in a context dump plus information about callstacks; module, process, and thread lists for the system; and information about memory surrounding the faulty thread.