How to cause kernel panic with a single command?
Solution 1
FreeBSD:
sysctl debug.kdb.panic=1
Linux (more info in the kernel documentation):
echo c > /proc/sysrq-trigger
Solution 2
mkdir /tmp/kpanic && cd /tmp/kpanic && printf '#include <linux/kernel.h>\n#include <linux/module.h>\nMODULE_LICENSE("GPL");static int8_t* message = "buffer overrun at 0x4ba4c73e73acce54";int init_module(void){panic(message);return 0;}' > kpanic.c && printf 'obj-m += kpanic.o\nall:\n\tmake -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules' > Makefile && make && insmod kpanic.ko
Compiles a module that crashes the kernel by calling the panic
function, needs root, requires make
and gcc
Replace the "buffer overrun at 0x4ba4c73e73acce54" in the command with something interesting for more drama.
Solution 3
The kernel is meant to keep running no matter what. So any way to cause a kernel panic by user interaction (other than deliberate vandalism by all-powerful root, like Bruce Ediger jokingly proposes, and most kernels today are built so most of those pranks won't work in the first place) is an extremely serious bug, that would get fixed fast.
Solution 4
The easiest thing is to hold down alt + print screen (sysrq) and press c while still holding them
It does the same as echo c > /proc/sysrq-trigger
A little explanation: the sysrq key is used to send low-level commands to the kernel itself, as a last resort to try to save the system. If you hold alt + print screen(sysrq) down and press another key next to them, it does the same as if you were to echo the key in that sysrq-trigger file. They call it trigger for a reason ;3
The 'c' tells the kernel to crash (cause a kernel panic)
However, you may want to see the content of 'proc/sys/kernel/sysrq'. If it is 178 or anything else, you should change it to 1. 0 is all disabled, 1 is all enabled, and anything larger than 1 is a bitmap for the specific things the kernel allows to do with sysrq.
Solution 5
Try this:
dd if=/dev/urandom of=/proc/sysrq-trigger
This did a very fast kernel panic for me, but I'm not sure how safe the process is because I did it on the live Ubuntu installation. But the kernel did spam error messages at me when I did it in the pure terminal environment.
Related videos on Youtube
Desmond Hume
Updated on September 18, 2022Comments
-
Desmond Hume almost 2 years
Is it possible to cause a kernel panic with a single command line?
What would be the most straightforward such command for a sudoing user and what would it be for a regular user, if any?
Scenarios that suggest downloading something as a part of the command do not count.
-
Admin over 11 years
:(){ :|:& };:
maybe? -
Admin over 11 years@carleeto Ok, could you explain that one to rest of us?
-
Admin over 11 years@hydroparadise It's called a "forkbomb".
:()
defines a function called:
with the body of:|:&
, meaning "run : and also run : in the background".;
ends the function definition, and:
calls your new function, which endlessly spawns new versions of itself until you either hit process limits or the system grinds to a halt. It's a command that effectively freezes any system without good process limits set. Don't try this at home. -
Admin over 11 yearsBasicly an extremely efficient recursive function call causing the stack to overflow. Genius.
-
Admin over 11 yearsGotta confirm that
:(){ :|:& };:
does crash (or rather hang) Ubuntu 12.04 (kernel version 3.2), even if run by a regular user without elevated privileges. Don't know how much it has to do with the kernel though. -
Admin over 11 years@Kevin You mean writing a C program, compiling it, and installing it as a driver, all in a single command line? A working example would be great.
-
Admin over 11 yearsSounds like a good candidate for IOCCC :)
-
Admin over 11 yearsA forkbomb does not necessarily causes a kernel panic. OTOH, one thing that may do that is to write (as root) is to, say,
dd if=/dev/urandom of=/dev/mem
(depending on your kernel version, you may not have/dev/kmem
). But I wouldn't use the system after that. :) -
Admin over 11 yearsWhy do you need that? Is this your STONITH-solution for a cluster?
-
Admin over 7 years@DesmondHume Working example in the answers
-
Admin about 4 yearsYou might also be interested in the GitHub project 'crash'.
-
-
Desmond Hume over 11 yearsWell, there is no much use of the kernel when the system has been completely frozen by a non-sudoing user who issued a command in the likeness of
:(){ :|:& };:
. -
Desmond Hume over 11 years
echo c > /proc/sysrq-trigger
sure does a good job in freezing a Linux system. But personally, an ol' good black screen of death narrating about a dramatic development of the call stack would feel like a more "canonical" kernel panic. -
hellodanylo over 10 yearsThis will cause an
oops
, but not a panic. -
Christian over 10 yearsOn Linux, you might have to
echo 1 > /proc/sys/kernel/sysrq
before you are able toecho c > /proc/sysrq-trigger
. -
Siddharth about 10 yearshow in OpenBSD?
-
Vaibhav Khatri almost 9 yearsWhen one needs to prove how flawed an innocent piece of hw is, this might come in handy...
-
Mark Lakata over 8 yearsThis source code looks harmless enough.
-
Kusalananda about 7 years@mykhal See man.openbsd.org/ddb That will describe how to enter the kernel debugger on OpenBSD.
-
Yakusho about 6 yearsYou can also slowly type "REISUB" While holding those magic keys down to restart your computer when it completely froze under linux. R-change keyboard mode to Xlate ||E-send SigTerm to all process|| I- send SigKill to all processes (except for init of course)||S- sync all mounted drives||U-Remount all devices in read-only||B- restarts instantly without any process killing or unmounting (which we took care about before). You can also use O instead of B to shut down instead of restart ;D have a nice time crashing your system
-
iamantony almost 6 yearsSee sysrq.rst for latest documentation of sysrq
-
Josua Robson over 5 yearsWhy is it down voted? It addresses the question asked.
-
AshMv almost 5 yearsThis caused the kernel to crash, but how do you tell the kernel to dump memory and restart? Raspbian just hung for me using this.
-
AshMv almost 5 yearsUpdate: Looks like I need to do
apt-get install kdump-tools
on Raspbian/Debian. -
user almost 5 yearsThe issue with this one is it can potentially run the command to terminate all the user processes before it writes 'c' to the file.
-
Michael Sondergaard about 4 yearsop (like me) might be interested in how to fire a kernel panic to debug how its infrastructure reacts when a node gets down. I for example came here looking for a way to do chaos testing in my AWS infra.
-
Scorb about 4 yearsI get permission denied when running echo c > ... even though I am root user.
-
NieDzejkob almost 4 years@ScottF are you really root, or are you using sudo? Note that sudo doesn't behave as you'd expect with redirections - the echo itself runs as root, but the output is redirected as your user.
-
wizzwizz4 almost 4 years@ScottF Try
echo c | sudo tee /proc/sysrq-trigger
. -
wizzwizz4 almost 4 yearsYou only need to keep the Alt key down.
-
TheTechRobo Stands for Ukraine over 3 years@wizzwizz4 I get the same issue as @ScottF, and with your command:
❯ echo c | sudo tee /proc/sysrq-trigger
and get the outputtee: /proc/sysrq-trigger: Permission denied
-
TheTechRobo Stands for Ukraine over 3 years
make[1]: *** /lib/modules/5.4.58-07649-ge120df5deade/build: No such file or directory. Stop.
-
TopherIsSwell about 3 yearsThe kernel is not meant to keep running no matter what. The kernel is meant to be stable for as long as possible. If a condition is detected where the kernel cannot ensure a consistent environment, it should panic rather than attempt to process data in an unknown state. A node crashing is a lot easier to deal with then your application suddenly giving away free cars to every visitor because the hardware lost its mind and the kernel just ignored it.