Fatal system error explained

A fatal system error (also known as a system crash, stop error, kernel error, or bug check) occurs when an operating system halts because it has reached a condition where it can no longer operate safely (i.e. where critical data could be lost or the system damaged in other ways).

In Microsoft Windows, a fatal system error can be deliberately caused from a kernel-mode driver with either the or function.[1] However, this should only be done as a last option when a critical driver is corrupted and is impossible to recover. This design parallels that in OpenVMS. The Unix kernel panic concept is very similar.

In Windows

When a bug check is issued, a crash dump file will be created if the system is configured to create them.[2] This file contains a "snapshot" of useful low-level information about the system that can be used to debug the root cause of the problem and possibly other things in the background.

If the user has enabled it, the system will also write an entry to the system event log. The log entry contains information about the bug check (including the bug check code and its parameters) as well as a link that will report the bug and provide the user with prescriptive suggestions if the cause of the check is definitive and well-known.

Next, if a kernel debugger is connected and active when the bug check occurs, the system will break into the debugger where the cause of the crash can be investigated. If no debugger is attached, then a blue text screen is displayed that contains information about why the error occurred, which is commonly known as a blue screen or bug check screen.

The user will only see the blue screen if the system is not configured to automatically restart (which became the default setting in Windows XP SP2). Otherwise, it appears as though the system simply rebooted (though a blue screen may be visible briefly). In Windows, bug checks are only supported by the Windows NT kernel. The corresponding system routine in Windows 9x, named, does not halt the system like bug checks do. Instead, it displays the infamous "blue screen of death" (BSoD) and allows the user to attempt to continue.

The Windows DDK and the WinDbg documentation both have reference information about most bug checks. The WinDbg package is available as a free download and can be installed by most users. The Windows DDK is larger and more complicated to install.

See also

References

  1. Web site: KeBugCheckEx function (wdm.h). Microsoft Learn. 25 February 2022. 1 May 2024.
  2. Web site: Kernel-Mode Dump Files. Microsoft Learn. 28 December 2023. 1 May 2024.

External links