Catching the dreaded Blue Screen Of Death...

views:

267

answers:

+4 Q:

Catching the dreaded Blue Screen Of Death...

It's a simple problem. Sometimes Windows will just halt everything and throws a BSOD. Game over, please reboot to play another game. Or whatever. Annoying but not extremely serious...

What I want is simple. I want to catch the BSOD when it occurs. Why? Just for some additional crash logging. It's okay that the system goes blue but when it happens, I just want to log some additional information or perform one additional action.

Is this even possible? If so, how? And what would be the limitations?

Btw, I don't want to do anything when the system recovers, I want to catch it while it happens. This to allow me one final action. (For example, flushing a file before the system goes down.)

+6 A:

BSOD happens due to an error in the Windows kernel or more commonly in a faulty device driver (that runs in kernel mode). There is very little you can do about it. If it is a driver problem, you can hope the vendor will fix it.

You can configure Windows to a create memory dump upon BSOD which will help you troubleshoot the problem. You can get a pretty good idea about the faulting driver by loading the dump into WinDbg and using the !analyze command.

Knowing which driver is causing the problem will let you look for a new driver, but if that doesn't fix the problem, there is little you can do about it (unless you're very good with a hex editor).

UPDATE: If you want to debug this while it is happening, you need to debug the kernel. A good place to pick up more info is the book Windows Internals by Mark Russinovich. Also, I believe there's a bit of info in the help file for WinDbg and there must be something in the device driver kit as well (but that is beyond my knowledge).

Brian Rasmussen 2009-09-23 11:22:20

Anyhow, it's still **very valuable** to know which driver is at fault. Even if you may not be able to actually build a new driver, you can know which vendor to closely watch and, in extreme cases, replace the hardware with faulty drivers for a different brand with better driver developers.

Vinko Vrsalovic 2009-09-23 11:29:38

I agree - updated my answer to reflect that. Thanks.

Brian Rasmussen 2009-09-23 11:30:45

I don't want to fix it when it occurs. I know better than to try this. But I'm hoping to be able to do one more final action before the system goes down. Thus, I want to catch this event.

Workshop Alex 2009-09-23 11:50:51

@Alex: Windows considers BSOD to be an unrecoverable error so that will be hard to do in a reliable way if at all.

Brian Rasmussen 2009-09-23 11:55:17

@Brian, I realize that. Maybe the way to catch it even depends per Windows version. Just wondering if it's possible in any way. And if possible, what the limitations would be for my code.

Workshop Alex 2009-09-23 11:58:29

Well, if debugging the kernel could help me to catch possible errors, I'll try that. :-)

Workshop Alex 2009-09-23 14:51:44

@Alex be aware that kernel debugging is rather complicated and require a special setup.

Brian Rasmussen 2009-09-23 15:03:03

@Brian, I know it's complicated. That has never really stopped me from trying, though. :-)

Workshop Alex 2009-09-23 17:52:04

+4 A:

The data is stored in what's called "Minidumps".

You can then use debugging tools to explore those dumps. The process is documented here http://forums.majorgeeks.com/showthread.php?t=35246

Vinko Vrsalovic 2009-09-23 11:24:21

I know this, but when I'm analysing the dump, I'm too late. I want an action during the crash, not afterwards. Good link (+1) but not the answer I'm looking for.

Workshop Alex 2009-09-23 11:55:33

Windows can be configured to create a crash dump on blue screens.

Here's more information: How to read the small memory dump files that Windows creates for debugging (support.microsoft.com)

DrJokepu 2009-09-23 11:25:59

ansaurus

tags:

views:

answers:

Catching the dreaded Blue Screen Of Death...

related questions