Blue Screen of death : A stop error, better known as a Blue Screen of Death or also known as a blue screen or BSoD is an error screen displayed on a Windows computer system after a fatal system error, also known as a system crash when the operating system reaches a condition where it can no longer operate safely.
BSoDs have been present in Windows NT 3.1 (the first version of the Windows NT family, released in 1993) and all Windows operating systems released afterwards. BSoDs can be caused by poorly written device drivers or malfunctioning hardware, such as faulty memory, power supply issues, overheating of components, or hardware running beyond its specification limits. In the Windows 9x era, incompatible DLLsor bugs in the operating system kernel could also cause BSoDs. Because of the instability and lack of memory protection in Windows 9x, BSoDs were much more common.
In Windows NT family of operating systems, the blue screen of death (officially known as a stop error and referred to as "bug check" in the Windows software development kit and driver development kit documentation) occurs when the kernel or a driver running in kernel mode encounters an error from which it cannot recover. This is usually caused by an illegal operation being performed. The only safe action the operating system can take in this situation is to restart the computer. As a result, data may be lost, as users are not given an opportunity to save data that has not yet been saved to the hard drive.
The text on the error screen contains the code of the error and its symbolic name (e.g. "0x0000001E, KMODE_EXCEPTION_NOT_HANDLED") along with four error-dependent values in parentheses that are there to help software engineers fix the problem that occurred. Depending on the error code, it may display the address where the problem occurred, along with the driver which is loaded at that address. Under Windows NT, the second and third sections of the screen may contain information on all loaded drivers and a stack dump, respectively. The driver information is in three columns; the first lists the base address of the driver, the second lists the driver's creation date (as a Unix timestamp), and the third lists the name of the driver.
By default, Windows will create a memory dump file when a stop error occurs. Depending on the OS version, there may be several formats this can be saved in, ranging from a 64kB "minidump" (introduced in Windows 2000) to a "complete dump" which is effectively a copy of the entire contents of physical memory (RAM). The resulting memory dump file may be debugged later, using a kernel debugger. For Windows WinDBG or KD debuggers from Debugging Tools for Windows are used.A debugger is necessary to obtain a stack trace, and may be required to ascertain the true cause of the problem as the information on-screen is limited and thus possibly misleading, it may hide the true source of the error. By default, Windows XP is configured to save only a 64kB minidump when it encounters a stop error, and to then automatically reboot the computer. Because this process happens very quickly, the blue screen may be seen only for an instant or not at all. Users have sometimes noted this as a random reboot rather than a traditional stop error, and are only aware of an issue after Windows reboots and displays a notification that it has recovered from a serious error. This happens only when the computer has a function called "Auto Restart" enabled, which can be disabled in the Control Panel which in turn shows the stop error.
Microsoft Windows can also be configured to send live debugging information to a kernel debugger running on a separate computer. If a stop error is encountered while a live kernel debugger is attached to the system, Windows will halt execution and cause the debugger to break in, rather than displaying the BSoD. The debugger can then be used to examine the contents of memory and determine the source of the problem.
A BSoD can also be caused by a critical boot loader error, where the operating system is unable to access the boot partition due to incorrect storage drivers, a damaged file system or similar problems. The error code in this situation is STOP 0x0000007B (INACCESSIBLE_BOOT_DEVICE). In such cases, there is no memory dump saved. Since the system is unable to boot from the hard drive in this situation, correction of the problem often requires using the repair tools found on the Windows installation disc.
No comments:
Post a Comment