Menu
If I run the classical bash forkbomb:
:(){ :&:&};: my system hangs after a few seconds.
I tried to write a forkbomb in C, here is the code:
#include <unistd.h> int main( ) { while(1) { fork(); } return 0; } When I run it the system gets less responsive, but I can kill that process (even after minutes) just pressing ^C.
The above code is different from the original bash forkbomb I posted: it's something more like:
:( ) { while true do : done } (I didn't test it; don't know if it'd hang the system).
So I also tried to implement the original version; here the code:
#include <unistd.h> inline void colon( const char *path ) { pid_t pid = fork( ); if( pid == 0 ) { execl( path, path, 0 ); } } int main( int argc, char **argv ) { colon( argv[0] ); colon( argv[0] ); return 0; } But still nothing: I can run it and then easily kill it. It's not hanging my system.
Why?
What's so special about bash forkbombs? Is it because bash uses a lot more memory/CPU? Because bash processes call a lot more system calls (eg, to access filesystem) than mine?
689
The "fork bomb" is basically an unintentionally self-repairing system of processes on a mission to keep your process table full. The only way to stop it is to somehow kill them all at once.
In computing, a fork bomb (also called rabbit virus or wabbit) is a denial-of-service attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.
If you using terminal then bash script for fork() bomb script as below. Step by Step Explanation of the script: :() means you are defining a function called : {:|: &} means run the function: and send its output to the : function again and run that in the background.
That C program is tiny, seriously tiny. In addition, fork()'ing a program like that is very, very efficient. An interpreter, such as Bash, however, is much more expensive in terms of RAM usage, and needs to access the disk all the time.
Try running it for much longer. :)
90
The real cause for this is that in BASH the process you create is detached from the parent. If the parent process (the one you initially started) is killed, the rest of the processes live on. But in the C implementations you listed the child processes die if the parent is killed, so it's enough to bring down the initial process you started to bring down the whole tree of ever-forking processes.
I have not yet come up with a C forkbomb implementation that detaches child processes so that they're not killed if the parent dies. Links to such implementations would be appreciated.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
