It can't fully work. The kernel forgets parent-child relationships when processes die. Every orphan is adopted by init, and the kernel doesn't bother to remember the original parent. I've always hated this.
Anybody want to fix it?
The simple fix, kind of bad, is to simply remember the number and report it. The trouble here is that the number might get recycled. Adding a boolean to indicate "my original parent died" would help.
The proper fix is to keep some PID values allocated. Do not free a PID value until all the children of it have died. This would mean that every living process without a living original parent would have a ghost parent that gets reported to ps.
Sadly, for compatibility reasons, the getppid() call would need to report the adoptive parent. The fix for this is to add a new system call that reports both the original parent PID and a flag to indicate adoption.
> The proper fix is to keep some PID values allocated. Do not free a PID value until all the children of it have died.
Any fork bomb at all will exhaust the pid graveyard, wouldn't it? You could change pid_t to 64 bits but then the pid graveyard would take a lot of memory in the kernel.
For an actual fork bomb, nothing ends up in the PID graveyard. No process ever dies. The fork bomb by itself is a problem, even without a PID graveyard. Process limits are required to stop a fork bomb.
For other situations, just keep the direct parents. Worst case, that doubles the PID usage.
