Fw: Priority Increasing

Ashwin Chandra ashcs at ucla.edu
Mon Feb 28 04:55:42 GMT 2005 

The forkbomb program I wrote is just one parent that forks 750 or so
 children that each malloc around 40 MB's of memory and do a mem traversal
 through it. The children do not fork. I see the overhead of forking could 
be
 causing this, but shouldn't there be some difference in the load of the
 system when each forkbomb process is set to the lowest priority? To fork 
750
 processes would incur overhead until those processes are created (Which
 shouldnt take much of real time) and once they are running, if they other
 processes that have already been created are running "nicely", I don't see
 why there is so much overhead too.

 Do you recommend anotoher way to solve this forkbomb problem and keep the
 system DoS free for others?
 Ash

> ----- Original Message ----- 
> From: "Coleman Kane" <zombyfork at gmail.com>
> To: "Ashwin Chandra" <ashcs at ucla.edu>
> Cc: <freebsd-hackers at freebsd.org>
> Sent: Sunday, February 27, 2005 7:28 PM
> Subject: Re: Priority Increasing
>
>
>> Well, since the program is running a forkbomb, it is gonna stress out
>> the kernel. The kernel is constantly creating new process spaces, as
>> well as filling in the queue.
>>
>> Are we talking a O(2^n) forkbomb here (where the forks also fork)?
>> Remember, there is overhead associated with forking off new processes,
>> and if your program is doing it continuously, nicing them is not going
>> to fix the problem. I suggest you fix the program so that it doesn't
>> forkbomb.
>>
>> You can also rlimit it, and force the number of processes to a
>> specific ceiling. This will result in crashing the program everytime
>> you hit that limit, however. Try looking into djb's daemontools if you
>> want to duct-tape it (ports/sysutils/daemontools)
>>
>> --
>> coleman
>>
>> On Sun, 27 Feb 2005 18:11:57 -0800, Ashwin Chandra <ashcs at ucla.edu> 
>> wrote:
>>> Hi all,
>>> Ive been trying to counter the malicious effects of a forkbomb by 
>>> setting the forkbomb parent and children to a PRI_MAX priority, although 
>>> this is not having any effect on the system load.
>>>
>>> Basically in my code when I know which process is acting maliciously 
>>> (forkbomb), I run the following simple code:
>>>
>>>       FOREACH_KSEGRP_IN_PROC(p, kg)
>>>         {
>>>           printf("old prio:%d", kg->kg_user_pri);
>>>           kg->kg_user_pri = PRI_MAX;
>>>           printf(" new prio:%d", kg->kg_user_pri);
>>>         }
>>>
>>> When it prints out, the old prio was 180 and the new gets set to 255 
>>> although there is help to the system...the system is still under stress. 
>>> Do you guys know any good ways of hacking the scheduler to make a 
>>> process that is bad run MUCH MUCH less as to not overload the system?
>>>
>>> Ash
>>> _______________________________________________
>>> freebsd-hackers at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>>> To unsubscribe, send any mail to 
>>> "freebsd-hackers-unsubscribe at freebsd.org"
>>>
>

More information about the freebsd-hackers mailing list