Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why C-forkbombs don't work like bash ones?

Tags:

c++

c

linux

bash

fork

If I run the classical bash forkbomb:

:(){ :&:&};: 

my system hangs after a few seconds.

I tried to write a forkbomb in C, here is the code:

#include <unistd.h>  int main( ) {     while(1) {         fork();     }     return 0; } 

When I run it the system gets less responsive, but I can kill that process (even after minutes) just pressing ^C.


The above code is different from the original bash forkbomb I posted: it's something more like:

:( ) {     while true     do         :     done } 

(I didn't test it; don't know if it'd hang the system).

So I also tried to implement the original version; here the code:

#include <unistd.h>  inline void colon( const char *path ) {     pid_t pid = fork( );     if( pid == 0 ) {         execl( path, path, 0 );     } }  int main( int argc, char **argv ) {     colon( argv[0] );     colon( argv[0] );     return 0; } 

But still nothing: I can run it and then easily kill it. It's not hanging my system.


Why?

What's so special about bash forkbombs? Is it because bash uses a lot more memory/CPU? Because bash processes call a lot more system calls (eg, to access filesystem) than mine?

like image 689
peoro Avatar asked Nov 22 '10 09:11

peoro


People also ask

Does fork bomb still work?

The "fork bomb" is basically an unintentionally self-repairing system of processes on a mission to keep your process table full. The only way to stop it is to somehow kill them all at once.

How does a fork bomb work?

In computing, a fork bomb (also called rabbit virus or wabbit) is a denial-of-service attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.

How do you run a fork bomb in Linux?

If you using terminal then bash script for fork() bomb script as below. Step by Step Explanation of the script: :() means you are defining a function called : {:|: &} means run the function: and send its output to the : function again and run that in the background.


2 Answers

That C program is tiny, seriously tiny. In addition, fork()'ing a program like that is very, very efficient. An interpreter, such as Bash, however, is much more expensive in terms of RAM usage, and needs to access the disk all the time.

Try running it for much longer. :)

like image 90
Arafangion Avatar answered Oct 03 '22 20:10

Arafangion


The real cause for this is that in BASH the process you create is detached from the parent. If the parent process (the one you initially started) is killed, the rest of the processes live on. But in the C implementations you listed the child processes die if the parent is killed, so it's enough to bring down the initial process you started to bring down the whole tree of ever-forking processes.

I have not yet come up with a C forkbomb implementation that detaches child processes so that they're not killed if the parent dies. Links to such implementations would be appreciated.

like image 38
Shnatsel Avatar answered Oct 03 '22 19:10

Shnatsel