Skip to content

How to trigger a kernel panic & generate a coredump file in Linux

homepage-banner

Introduction

When a Linux system encounters a kernel panic, it may become completely unresponsive, and the only way to gather information about the cause of the issue is by forcing a system reboot. However, by triggering a kernel crash interrupt, we can force the Linux kernel to create a coredump file, which contains valuable information that can aid in troubleshooting and resolving the issue. In this blog post, we will discuss how to trigger a kernel crash interrupt and generate a coredump file in Linux.

Enabling Kernel Crash Dump

Before we can trigger a kernel crash interrupt, we need to ensure that kernel crash dump support is enabled on our Linux system. We can do this by modifying the kernel boot parameters in the /etc/default/grub file. We can open this file using any text editor of our choice and add the following line:

GRUB_CMDLINE_LINUX_DEFAULT="crashkernel=auto"

The crashkernel=auto parameter specifies the amount of memory needed for the kernel to reserve for crash dump usage. Once we have added this line, we need to update the GRUB configuration by running the following command:

sudo update-grub

Triggering a Kernel Crash Interrupt

Now that we have enabled kernel crash dump support, we can trigger a kernel crash interrupt by executing the following command in the terminal:

echo c | sudo tee /proc/sysrq-trigger

This command sends the “c” character to the /proc/sysrq-trigger file, which triggers a kernel panic and forces the system to crash. When the system reboots, we should be able to find a coredump file in the /var/crash directory. The coredump file will contain information about the state of the system at the time of the crash, including registers, stack traces, and other system information.

Triggering a Crash Interrupt Using kill

kill -s SEGV <PID>
kill -11 <PID>

Analyzing the Coredump File

Once we have generated a coredump file, we can use various tools to analyze it and gather information about the cause of the kernel panic. One such tool is the crash utility, which is designed specifically for analyzing Linux kernel crash dumps. To install the crash utility, we can run the following command:

sudo apt-get install linux-crashdump

Once the utility is installed, we can use the following command to analyze the coredump file:

crash /usr/lib/debug/boot/vmlinux-$(uname -r) /var/crash/<file-name>.dmp

This command launches the crash utility and specifies the location of the vmlinux file and the coredump file we want to analyze. We can then use various commands within the crash utility to analyze the coredump file and gather information about the cause of the kernel panic.

Conclusion

By triggering a kernel crash interrupt and generating a coredump file, we can gather valuable information about the cause of a Linux system crash. This information can aid in troubleshooting and resolving the issue, preventing similar crashes from occurring in the future. By enabling kernel crash dump support, triggering a kernel crash interrupt, and analyzing the resulting coredump file, we can gain a deeper understanding of the root cause of the issue and take steps to prevent it from happening again.

other tool

  • https://man.imzye.com/Linux/gcore/
  • gdb --pid <process_id> -ex "set confirm off" -ex generate-core-file -ex q
Leave your message