Catching the dreaded Blue Screen Of Death

StackOverflow https://stackoverflow.com/questions/1465381

  •  13-09-2019
  •  | 
  •  

Question

It's a simple problem. Sometimes Windows will just halt everything and throws a BSOD. Game over, please reboot to play another game. Or whatever. Annoying but not extremely serious...

What I want is simple. I want to catch the BSOD when it occurs. Why? Just for some additional crash logging. It's okay that the system goes blue but when it happens, I just want to log some additional information or perform one additional action.

Is this even possible? If so, how? And what would be the limitations?

Btw, I don't want to do anything when the system recovers, I want to catch it while it happens. This to allow me one final action. (For example, flushing a file before the system goes down.)

Was it helpful?

Solution

BSOD happens due to an error in the Windows kernel or more commonly in a faulty device driver (that runs in kernel mode). There is very little you can do about it. If it is a driver problem, you can hope the vendor will fix it.

You can configure Windows to a create memory dump upon BSOD which will help you troubleshoot the problem. You can get a pretty good idea about the faulting driver by loading the dump into WinDbg and using the !analyze command.

Knowing which driver is causing the problem will let you look for a new driver, but if that doesn't fix the problem, there is little you can do about it (unless you're very good with a hex editor).

UPDATE: If you want to debug this while it is happening, you need to debug the kernel. A good place to pick up more info is the book Windows Internals by Mark Russinovich. Also, I believe there's a bit of info in the help file for WinDbg and there must be something in the device driver kit as well (but that is beyond my knowledge).

OTHER TIPS

The data is stored in what's called "Minidumps".

You can then use debugging tools to explore those dumps. The process is documented here http://forums.majorgeeks.com/showthread.php?t=35246

You have two ways to figure out what happened:

The first is to upload the dmp file located under C:\Minidump***.dmp to microsoft service as they describe it : http://answers.microsoft.com/en-us/windows/wiki/windows_10-update/blue-screen-of-death-bsod/1939df35-283f-4830-a4dd-e95ee5d8669d

NB: You will find several files, you can tell the difference using the name that contain the event date.

The second way is to note the error code from the blue screen and to make a search about it in Google and Microsoft website.

The first method is more accurate and efficient.

Windows can be configured to create a crash dump on blue screens.

Here's more information: How to read the small memory dump files that Windows creates for debugging (support.microsoft.com)

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top