Kernel Panic: Defining System Inconsistencies
Author: Puru Govind
Date: Wednesday, 03 May 2006
Topic: Linux/Unix
(Review) - Kernel panic is a web comic started and maintained by Christopher Wright. The main characters of this comic are a group of UNIX and Linux server administrators ordered to change the server farm over Nifty Doorways. It’s a humorous way of looking at otherwise complicated, mundane and dry topics, especially for those of you who deal with such scenarios constantly.
Kernel panic, in this article, however, will refer to a message displayed by an operating system after detecting a system inconsistency from which it cannot recover completely (Linux displays the Kernel Panic, while Windows displays the Blue Screen of Death - soon to become Red in Vista). These errors occur in kernel space and not in user space. These kernel messages are often too cryptic to comprehend rationally, but they clearly provide enough information that’s important for developers in order to resolve a particular problem. Generally, these messages aid developers by recording all information that appeared during the Kernel Panic, for example recording the status of each process and hardware.
The Kernel panic message is there since early versions of UNIX. Multics developer Tom van Vleck recalls a discussion of this change with UNIX developer Dennis Ritchie:
"I remarked to Dennis that easily half the code I was writing in Multics was error recovery code. He said, 'We left all that stuff out. If there's an error, we have this routine called panic, and when it is called, the machine crashes, and you holler down the hall, 'Hey, reboot it.' ‘"
Kernel panic can occur due to various reasons.
1.
Kernel panic occurs whenever the operating system attempts to read an invalid address or addresses that are not permitted for access.
2.
A panic may also occur if the hardware settings are changed considerably.
3.
As a result of a hardware failure.
4.
Panics can also occur during the boot sequence, if the processes needed are not running properly or conditions for a successful boot are not met.
5.
File system errors. Most of these errors can be done with by running file system error recovery programs like fsck for Linux and ScanDisk for Windows. These error results in panic when these errors are unrecoverable.
6.
Failure of memory allocation.
7.
Task exit during an interrupt handler.
8.
When the whole memory is exhausted.
9.
Unexpected destruction of kernel structures like struct task_struct.
10.
Failure to load essential drivers.
Linux kernel defines the mechanism for a panic in function panic() in kernel/panic.c file. Actually, the panic() function call of the Linux kernel is prone to a buffer overflow vulnerability.
The vulnerability is reported when an unbounded vsprintf() call within panic() copies user supplied data into a fixed buffer. But some reports say this vulnerability is not exploitable to any means.
You can gather, save, and analyze information about the kernel when the system dies due to software failure using few utilities. One such utility is LKCD (Linux Kernel Crash Dump). We’ll delve into these utilities in the near future.
The only thing you can do after a kernel panic is to restart your machine.
Date: Wednesday, 03 May 2006
Topic: Linux/Unix
(Review) - Kernel panic is a web comic started and maintained by Christopher Wright. The main characters of this comic are a group of UNIX and Linux server administrators ordered to change the server farm over Nifty Doorways. It’s a humorous way of looking at otherwise complicated, mundane and dry topics, especially for those of you who deal with such scenarios constantly.
Kernel panic, in this article, however, will refer to a message displayed by an operating system after detecting a system inconsistency from which it cannot recover completely (Linux displays the Kernel Panic, while Windows displays the Blue Screen of Death - soon to become Red in Vista). These errors occur in kernel space and not in user space. These kernel messages are often too cryptic to comprehend rationally, but they clearly provide enough information that’s important for developers in order to resolve a particular problem. Generally, these messages aid developers by recording all information that appeared during the Kernel Panic, for example recording the status of each process and hardware.
The Kernel panic message is there since early versions of UNIX. Multics developer Tom van Vleck recalls a discussion of this change with UNIX developer Dennis Ritchie:
"I remarked to Dennis that easily half the code I was writing in Multics was error recovery code. He said, 'We left all that stuff out. If there's an error, we have this routine called panic, and when it is called, the machine crashes, and you holler down the hall, 'Hey, reboot it.' ‘"
Kernel panic can occur due to various reasons.
1.
Kernel panic occurs whenever the operating system attempts to read an invalid address or addresses that are not permitted for access.
2.
A panic may also occur if the hardware settings are changed considerably.
3.
As a result of a hardware failure.
4.
Panics can also occur during the boot sequence, if the processes needed are not running properly or conditions for a successful boot are not met.
5.
File system errors. Most of these errors can be done with by running file system error recovery programs like fsck for Linux and ScanDisk for Windows. These error results in panic when these errors are unrecoverable.
6.
Failure of memory allocation.
7.
Task exit during an interrupt handler.
8.
When the whole memory is exhausted.
9.
Unexpected destruction of kernel structures like struct task_struct.
10.
Failure to load essential drivers.
Linux kernel defines the mechanism for a panic in function panic() in kernel/panic.c file. Actually, the panic() function call of the Linux kernel is prone to a buffer overflow vulnerability.
The vulnerability is reported when an unbounded vsprintf() call within panic() copies user supplied data into a fixed buffer. But some reports say this vulnerability is not exploitable to any means.
You can gather, save, and analyze information about the kernel when the system dies due to software failure using few utilities. One such utility is LKCD (Linux Kernel Crash Dump). We’ll delve into these utilities in the near future.
The only thing you can do after a kernel panic is to restart your machine.
posted by Ehrwin at
6:24 AM
0 Comments:
Post a Comment
<< Home