:() { :|: & };:

Danger

Don’t run that command.

It’s a fork bomb.

In computing, the fork bomb is a form of denial-of-service attack against a computer system which makes use of the fork operation (or equivalent functionality) whereby a running process can create another running process. Fork bombs typically do not spread as worms or viruses; to incapacitate a system, they rely on the (generally valid) assumption that the number of programs and processes which may execute simultaneously on a computer has a limit. This type of self-replicating program is sometimes called a wabbit.

Wikipedia: Fork Bomb

Borrowing a better explanation in a StackOverflow question‘s answer:

Breaking it down, there are three big pieces:

:() # Defines a function, ":". It takes no arguments.
{ ... }; # The body of the function.
: # Invoke the function ":" that was just defined
view raw gistfile1.txt hosted with ❤ by GitHub

Inside the body, the function is invoked twice and the pipeline is backgrounded; each successive invocation on the processes spawns even more calls to “:”. This leads rapidly to an explosive consumption in system resources, grinding things to a halt.

Note that invoking it once, infinitely recursing, wouldn’t be good enough, since that would just lead to a stack overflow on the original process, which is messy but can be dealt with.

A more human-friendly version looks like this:

kablammo() { # Declaration
kablammo | kablammo& # The problematic body.
}; kablammo # End function definition; invoke function.function definition; invoke function.
view raw gistfile1.txt hosted with ❤ by GitHub

John Feminella‘s answer on Fork Bombs

Other legal variants include:

  • :(){ :|: & };:
  • :() { :|: & };:
  • :(){:|:&};:
  • :() { :|:& };:
written April 12th, 2011

April 2011

Can’t find what you’re looking for? Try hitting the home page or viewing all archives.