How to handle a Linux kernel panic

A kernel panic often lives up to its name, causing panic for the admin. But the good news is that all is not lost; there are steps you can take.

So, first off, what is a kernel panic? As defined in the Computer Security Resource Center (CSRC) Glossary, a kernel panic is "a system error that cannot be recovered from, and requires the system to be restarted." As we all know, a forced restart is never good.

[ Readers also liked: Working with the real-time kernel for Red Hat Enterprise Linux ]

As a result of the system needing to be rebooted, valuable debugging information, like what is in the system’s memory at the time of the panic, will be lost when the system comes back up. To collect that information, which might be very valuable for troubleshooting purposes, it is imperative to configure a core collection method ahead of time. To configure kdump in Red Hat Enterprise Linux 8, follow the steps listed at System Design Guide Red Hat Enterprise Linux 8 or in this lab. After kdump has been configured, tested, and verified to work, you’re now ready to collect a core in the event that a system has a kernel panic.

Once the system has crashed and you’ve collected a core dump, the next steps are digging into the core and analyzing the logs. If you have a Red Hat subscription, you can make a support case so that the Red Hat support engineers can work on your issue. To create a support ticket, go to this location and click the "Open a case" button in the top right corner. Go through the steps to create the case and upload the core file to the case. If you need help in attaching the file, please see the following articles:

• How to provide files to Red Hat Support (vmcore, rhev logcollector, sosreports, heap dumps, log files, etc.)
• Red Hat Access: Red Hat Support Tool
   

If you want or need to troubleshoot the issue without involving Red Hat Support, you’ll want to set up an environment to analyze the core dump to get started. To do that, the articles How to set up a vmcore analysis environment and How to create a basic centralized crash analysis system to analyze vmcore locally detail the steps. After the environment has been configured, the Vmcore analysis techniques article has a walkthrough on analyzing a process from inside of a vmcore. In sections 43.10.2 and 43.10.3 of the previously referenced System Design Guide, there are a number of examples of starting the crash utility and then getting information from the core file.

For further information, please refer to the following articles:

• Kernel Panic Summary
• How to retrieve an application core dump from the kernel crash dump?
• Kernel oops analyzer

[ Free download: Advanced Linux commands cheat sheet. ]