Recently I've been digging up information about processes in GNU/Linux and I met the infamous fork bomb :
:(){ : | :& }; :
Theoretically, it is supposed to duplicate itself infinitely until the system runs out of resources…
However, I've tried testing both on a CLI Debian and a GUI Mint distro, and it doesn't seem to impact much the system. Yes there are tons of processes that are created, and after a while I read in console messages like :
bash: fork: Resource temporarily unavailable
bash: fork: retry: No child processes
But after some time, all the processes just get killed and everything goes back to normal. I've read that the ulimit set a maximum amount of process per user, but I can't seem to be able to raise it really far.
What are the system protections against a fork-bomb? Why doesn't it replicate itself until everything freezes or at least lags a lot? Is there a way to really crash a system with a fork bomb?
Best Answer
You probably have a Linux distro that uses systemd.
Systemd creates a cgroup for each user, and all processes of a user belong to the same cgroup.
Cgroups is a Linux mechanism to set limits on system resources like max number of processes, CPU cycles, RAM usage, etc. This is a different, more modern, layer of resource limiting than
ulimit
(which uses thegetrlimit()
syscall).If you run
systemctl status user-<uid>.slice
(which represents the user's cgroup), you can see the current and maximum number of tasks (processes and threads) that is allowed within that cgroup.By default, the maximum number of tasks that systemd will allow for each user is 33% of the "system-wide maximum" (
sysctl kernel.threads-max
); this usually amounts to ~10,000 tasks. If you want to change this limit:In systemd v239 and later, the user default is set via TasksMax= in:
To adjust the limit for a specific user (which will be applied immediately as well as stored in /etc/systemd/system.control), run:
The usual mechanisms of overriding a unit's settings (such as
systemctl edit
) can be used here as well, but they will require a reboot. For example, if you want to change the limit for every user, you could create/etc/systemd/system/user-.slice.d/15-limits.conf
.In systemd v238 and earlier, the user default is set via UserTasksMax= in
/etc/systemd/logind.conf
. Changing the value generally requires a reboot.More info about this: