Fatal system error
A fatal system error, also known as a system crash, stop error, kernel error, or bug check, is when an operating system halts at the moment it reaches a condition where it can no longer operate safely.
In Microsoft Windows, a fatal system error can be deliberately caused from a kernel-mode driver with either the KeBugCheck or KeBugCheckEx function.[1] However, this should only be done as a last option when a critical driver is corrupted and is impossible to recover. This design parallels that in OpenVMS. The Unix kernel panic concept is very similar.
Overview
When a bug check is issued, a crash dump file will be created if the system is configured to create them. This file contains a "snapshot" of useful low-level information about the system that can be used to debug the root cause of the problem.
If the user has enabled it, the system will also write an entry to the system event log. The log entry contains information about the bug check (including the bug check code and its parameters) as well as a link which will report the bug and provide the user with prescriptive suggestions if the cause of the check is definitive and well-known.
Next, if a kernel debugger is connected and active when the bug check occurs, the system will break into the debugger where the cause of the crash can be investigated. If no debugger is attached, then a blue text screen is displayed that contains information about why the error occurred, which is commonly known as a blue screen or bug check screen.
The user will only see the blue screen if the system is not configured to Automatically Restart (which became the default setting in Windows XP SP2). Otherwise, it appears as though the system simply rebooted (though a blue screen may be visible briefly).
In Windows, bug checks are only supported by the Windows NT kernel. The corresponding system routine in Windows 9x, named SHELL_SYSMODAL_Message, does not halt the system like bug checks do. Instead, it displays the infamous BSoD (Blue Screen of Death) and allows the user to attempt to continue.
The Windows DDK and the WinDbg documentation both have reference information about most bug checks. The WinDbg package is available as a free download and can be installed by most users. The Windows DDK is larger and more complicated to install.
References
- ↑ KeBugCheckEx at MSDN