1 .\" Hey Emacs! This file is -*- nroff -*- source.
3 .\" Copyright (c) 1992 Drew Eckhardt <drew@cs.colorado.edu>, March 28, 1992
4 .\" and Copyright (c) Michael Kerrisk, 2001, 2002, 2005
5 .\" May be distributed under the GNU General Public License.
6 .\" Modified by Michael Haardt <michael@moria.de>
7 .\" Modified 24 Jul 1993 by Rik Faith <faith@cs.unc.edu>
8 .\" Modified 21 Aug 1994 by Michael Chastain <mec@shell.portal.com>:
9 .\" New man page (copied from 'fork.2').
10 .\" Modified 10 June 1995 by Andries Brouwer <aeb@cwi.nl>
11 .\" Modified 25 April 1998 by Xavier Leroy <Xavier.Leroy@inria.fr>
12 .\" Modified 26 Jun 2001 by Michael Kerrisk
13 .\" Mostly upgraded to 2.4.x
14 .\" Added prototype for sys_clone() plus description
15 .\" Added CLONE_THREAD with a brief description of thread groups
16 .\" Added CLONE_PARENT and revised entire page remove ambiguity
17 .\" between "calling process" and "parent process"
18 .\" Added CLONE_PTRACE and CLONE_VFORK
19 .\" Added EPERM and EINVAL error codes
20 .\" Renamed "__clone" to "clone" (which is the prototype in <sched.h>)
21 .\" various other minor tidy ups and clarifications.
22 .\" Modified 26 Jun 2001 by Michael Kerrisk <mtk.manpages@gmail.com>
23 .\" Updated notes for 2.4.7+ behavior of CLONE_THREAD
24 .\" Modified 15 Oct 2002 by Michael Kerrisk <mtk.manpages@gmail.com>
25 .\" Added description for CLONE_NEWNS, which was added in 2.4.19
26 .\" Slightly rephrased, aeb.
27 .\" Modified 1 Feb 2003 - added CLONE_SIGHAND restriction, aeb.
28 .\" Modified 1 Jan 2004 - various updates, aeb
29 .\" Modified 2004-09-10 - added CLONE_PARENT_SETTID etc. - aeb.
30 .\" 2005-04-12, mtk, noted the PID caching behavior of NPTL's getpid()
31 .\" wrapper under BUGS.
32 .\" 2005-05-10, mtk, added CLONE_SYSVSEM, CLONE_UNTRACED, CLONE_STOPPED.
33 .\" 2005-05-17, mtk, Substantially enhanced discussion of CLONE_THREAD.
34 .\" 2008-11-18, mtk, order CLONE_* flags alphabetically
35 .\" 2008-11-18, mtk, document CLONE_NEWPID
37 .\" FIXME Document CLONE_NEWIPC, which is new in 2.6.18
38 .\" (also supported for unshare()?)
39 .\" FIXME Document CLONE_NEWUTS, which is new in 2.6.19
40 .\" (also supported for unshare()?)
41 .\" FIXME Document CLONE_NEWUSER, which is new in 2.6.23
42 .\" (also supported for unshare()?)
43 .\" FIXME 2.6.25 marks the unused CLONE_STOPPED as obsolete, and it will
44 .\" probably be removed in the future.
45 .\" FIXME 2.6.25: CLONE_IO flag to clone() causes I/O contexts (used in the
46 .\" CFQ block I/O scheduler) to be shared with the new child process.
48 .TH CLONE 2 2008-11-19 "Linux" "Linux Programmer's Manual"
50 clone, __clone2 \- create a child process
53 .B #define _GNU_SOURCE
54 .\" Actually _BSD_SOURCE || _SVID_SOURCE
55 .\" See http://sources.redhat.com/bugzilla/show_bug.cgi?id=4749
58 .BI "int clone(int (*" "fn" ")(void *), void *" child_stack ,
59 .BI " int " flags ", void *" "arg" ", ... "
60 .BI " /* pid_t *" pid ", struct user_desc *" tls \
61 ", pid_t *" ctid " */ );"
65 creates a new process, in a manner similar to
67 It is actually a library function layered on top of the underlying
69 system call, hereinafter referred to as
73 is given towards the end of this page.
78 allow the child process to share parts of its execution context with
79 the calling process, such as the memory space, the table of file
80 descriptors, and the table of signal handlers.
81 (Note that on this manual
82 page, "calling process" normally corresponds to "parent process".
83 But see the description of
89 is to implement threads: multiple threads of control in a program that
90 run concurrently in a shared memory space.
92 When the child process is created with
94 it executes the function
99 where execution continues in the child from the point
105 argument is a pointer to a function that is called by the child
106 process at the beginning of its execution.
109 argument is passed to the
115 function application returns, the child process terminates.
116 The integer returned by
118 is the exit code for the child process.
119 The child process may also terminate explicitly by calling
121 or after receiving a fatal signal.
125 argument specifies the location of the stack used by the child process.
126 Since the child and calling process may share memory,
127 it is not possible for the child process to execute in the
128 same stack as the calling process.
129 The calling process must therefore
130 set up memory space for the child stack and pass a pointer to this
133 Stacks grow downwards on all processors that run Linux
134 (except the HP PA processors), so
136 usually points to the topmost address of the memory space set up for
141 contains the number of the
142 .I "termination signal"
143 sent to the parent when the child dies.
144 If this signal is specified as anything other than
146 then the parent process must specify the
150 options when waiting for the child with
152 If no signal is specified, then the parent process is not signaled
153 when the child terminates.
156 may also be bitwise-or'ed with zero or more of the following constants,
157 in order to specify what is shared between the calling process
158 and the child process:
160 .BR CLONE_CHILD_CLEARTID " (since Linux 2.5.49)"
161 Erase child thread ID at location
163 in child memory when the child exits, and do a wakeup on the futex
165 The address involved may be changed by the
166 .BR set_tid_address (2)
168 This is used by threading libraries.
170 .BR CLONE_CHILD_SETTID " (since Linux 2.5.49)"
171 Store child thread ID at location
178 is set, the calling process and the child process share the same file
180 Any file descriptor created by the calling process or by the child
181 process is also valid in the other process.
182 Similarly, if one of the processes closes a file descriptor,
183 or changes its associated flags (using the
186 operation), the other process is also affected.
190 is not set, the child process inherits a copy of all file descriptors
191 opened in the calling process at the time of
193 (The duplicated file descriptors in the child refer to the
194 same open file descriptions (see
196 as the corresponding file descriptors in the calling process.)
197 Subsequent operations that open or close file descriptors,
198 or change file descriptor flags,
199 performed by either the calling
200 process or the child process do not affect the other process.
205 is set, the caller and the child process share the same file system
207 This includes the root of the file system, the current
208 working directory, and the umask.
214 performed by the calling process or the child process also affects the
219 is not set, the child process works on a copy of the file system
220 information of the calling process at the time of the
227 performed later by one of the processes do not affect the other process.
229 .BR CLONE_NEWNS " (since Linux 2.4.19)"
230 Start the child in a new namespace.
232 Every process lives in a namespace.
235 of a process is the data (the set of mounts) describing the file hierarchy
236 as seen by that process.
243 flag is not set, the child lives in the same namespace as the parent.
248 change the namespace of the calling process, and hence affect
249 all processes that live in the same namespace, but do not affect
250 processes in a different namespace.
256 flag is set, the cloned child is started in a new namespace,
257 initialized with a copy of the namespace of the parent.
259 Only a privileged process (one having the \fBCAP_SYS_ADMIN\fP capability)
263 It is not permitted to specify both
271 .BR CLONE_NEWPID " (since Linux 2.6.24)"
272 .\" This explanation draws a lot of details from
273 .\" http://lwn.net/Articles/259217/
274 .\" Authors: Pavel Emelyanov <xemul@openvz.org>
275 .\" and Kir Kolyshkin <kir@openvz.org>
277 .\" The primary kernel commit is 30e49c263e36341b60b735cbef5ca37912549264
278 .\" Author: Pavel Emelyanov <xemul@openvz.org>
281 is set, then create the process in a new PID namespace.
282 If this flag is not set, then (as with
284 the process is created in the same PID namespace as
286 This flag is intended for the implementation of control groups.
288 A PID namespace provides an isolated environment for PIDs:
289 PIDs in a new namespace start at 1,
290 somewhat like a standalone system, and calls to
295 will produce processes whose PIDs within the namespace
296 are only guaranteed to be unique within that namespace.
298 The first process created in a new namespace
299 (i.e., the process created using the
301 flag) has the PID 1, and is the "init" process for the namespace.
302 Children that are orphaned within the namespace will be reparented
303 to this process rather than
305 Unlike the traditional
307 process, the "init" process of a PID namespace can terminate,
308 and if it does, all of the processes in the namespace are terminated.
310 PID namespaces form a hierarchy.
311 When a PID new namespace is created,
312 the PIDs of the processes in that namespace are visible
313 in the PID namespace of the process that created the new namespace;
314 analogously, if the parent PID namespace is itself
315 the child of another PID namespace,
316 then PIDs of the child and parent PID namespaces will both be
317 visible in the grandparent PID namespace.
318 Conversely, the processes in the "child" PID namespace do not see
319 the PIDs of the processes in the parent namespace.
320 The existence of a namespace hierarchy means that each process
321 may now have multiple PIDs:
322 one for each namespace in which it is visible.
325 always returns the PID associated with the namespace in which
326 the process was created.)
328 After creating the new namespace,
329 it is useful for the child to change its root directory
330 and mount a new procfs instance at
332 so that tools such as
335 .\" mount -t proc proc /proc
337 Use of this flag requires: a kernel configured with the
339 configuration option and that the process be privileged
340 .RB (CAP_SYS_ADMIN ).
341 This flag can't be specified in conjunction with
344 .BR CLONE_PARENT " (since Linux 2.3.12)"
347 is set, then the parent of the new child (as returned by
349 will be the same as that of the calling process.
353 is not set, then (as with
355 the child's parent is the calling process.
357 Note that it is the parent process, as returned by
359 which is signaled when the child terminates, so that
362 is set, then the parent of the calling process, rather than the
363 calling process itself, will be signaled.
365 .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)"
366 Store child thread ID at location
368 in parent and child memory.
369 (In Linux 2.5.32-2.5.48 there was a flag
373 .BR CLONE_PID " (obsolete)"
376 is set, the child process is created with the same process ID as
378 This is good for hacking the system, but otherwise
380 Since 2.3.21 this flag can be
381 specified only by the system boot process (PID 0).
382 It disappeared in Linux 2.5.16.
387 is specified, and the calling process is being traced,
388 then trace the child also (see
391 .BR CLONE_SETTLS " (since Linux 2.5.32)"
394 argument is the new TLS (Thread Local Storage) descriptor.
396 .BR set_thread_area (2).)
401 is set, the calling process and the child process share the same table of
403 If the calling process or child process calls
405 to change the behavior associated with a signal, the behavior is
406 changed in the other process as well.
407 However, the calling process and child
408 processes still have distinct signal masks and sets of pending
410 So, one of them may block or unblock some signals using
412 without affecting the other process.
416 is not set, the child process inherits a copy of the signal handlers
417 of the calling process at the time
422 performed later by one of the processes have no effect on the other
425 Since Linux 2.6.0-test6,
433 .BR CLONE_STOPPED " (since Linux 2.6.0-test2)"
436 is set, then the child is initially stopped (as though it was sent a
438 signal), and must be resumed by sending it a
442 .I "From Linux 2.6.25 this flag is deprecated."
443 You probably never wanted to use it,
444 you certainly shouldn't be using it, and soon it will go away.
445 .\" glibc 2.8 removed this defn from bits/sched.h
447 .BR CLONE_SYSVSEM " (since Linux 2.5.10)"
450 is set, then the child and the calling process share
451 a single list of System V semaphore undo values (see
453 If this flag is not set, then the child has a separate undo list,
454 which is initially empty.
456 .BR CLONE_THREAD " (since Linux 2.4.0-test8)"
459 is set, the child is placed in the same thread group as the calling process.
460 To make the remainder of the discussion of
462 more readable, the term "thread" is used to refer to the
463 processes within a thread group.
465 Thread groups were a feature added in Linux 2.4 to support the
466 POSIX threads notion of a set of threads that share a single PID.
467 Internally, this shared PID is the so-called
468 thread group identifier (TGID) for the thread group.
469 Since Linux 2.4, calls to
471 return the TGID of the caller.
473 The threads within a group can be distinguished by their (system-wide)
474 unique thread IDs (TID).
475 A new thread's TID is available as the function result
476 returned to the caller of
478 and a thread can obtain
482 When a call is made to
486 then the resulting thread is placed in a new thread group
487 whose TGID is the same as the thread's TID.
490 of the new thread group.
492 A new thread created with
494 has the same parent process as the caller of
500 return the same value for all of the threads in a thread group.
503 thread terminates, the thread that created it using
507 (or other termination) signal;
508 nor can the status of such a thread be obtained
511 (The thread is said to be
514 After all of the threads in a thread group terminate
515 the parent process of the thread group is sent a
517 (or other termination) signal.
519 If any of the threads in a thread group performs an
521 then all threads other than the thread group leader are terminated,
522 and the new program is executed in the thread group leader.
524 If one of the threads in a thread group creates a child using
526 then any thread in the group can
538 Signals may be sent to a thread group as a whole (i.e., a TGID) using
540 or to a specific thread (i.e., TID) using
543 Signal dispositions and actions are process-wide:
544 if an unhandled signal is delivered to a thread, then
545 it will affect (terminate, stop, continue, be ignored in)
546 all members of the thread group.
548 Each thread has its own signal mask, as set by
550 but signals can be pending either: for the whole process
551 (i.e., deliverable to any member of the thread group),
554 or for an individual thread, when sent with
558 returns a signal set that is the union of the signals pending for the
559 whole process and the signals that are pending for the calling thread.
563 is used to send a signal to a thread group,
564 and the thread group has installed a handler for the signal, then
565 the handler will be invoked in exactly one, arbitrarily selected
566 member of the thread group that has not blocked the signal.
567 If multiple threads in a group are waiting to accept the same signal using
569 the kernel will arbitrarily select one of these threads
570 to receive a signal sent using
573 .BR CLONE_UNTRACED " (since Linux 2.5.46)"
576 is specified, then a tracing process cannot force
578 on this child process.
583 is set, the execution of the calling process is suspended
584 until the child releases its virtual memory
585 resources via a call to
594 is not set then both the calling process and the child are schedulable
595 after the call, and an application should not rely on execution occurring
596 in any particular order.
601 is set, the calling process and the child process run in the same memory
603 In particular, memory writes performed by the calling process
604 or by the child process are also visible in the other process.
605 Moreover, any memory mapping or unmapping performed with
609 by the child or calling process also affects the other process.
613 is not set, the child process runs in a separate copy of the memory
614 space of the calling process at the time of
616 Memory writes or file mappings/unmappings performed by one of the
617 processes do not affect the other, as with
622 system call corresponds more closely to
624 in that execution in the child continues from the point of the
632 arguments, which have the same meaning as for
634 (Note that the order of these arguments differs from
637 Another difference for
641 argument may be zero, in which case copy-on-write semantics ensure that the
642 child gets separate copies of stack pages when either process modifies
644 In this case, for correct operation, the
646 option should not be specified.
648 Since Linux 2.5.49 the system call has five arguments.
649 The two new arguments are
651 which points to the location (in parent and child memory) where
652 the child thread ID will be written in case
653 .B CLONE_PARENT_SETTID
656 which points to the location (in child memory) where the child thread ID
657 will be written in case
658 .B CLONE_CHILD_SETTID
661 .\" gettid(2) returns current->pid;
662 .\" getpid(2) returns current->tgid;
663 On success, the thread ID of the child process is returned
664 in the caller's thread of execution.
665 On failure, \-1 is returned
666 in the caller's context, no child process will be created, and
668 will be set appropriately.
672 Too many processes are already running.
679 (Since Linux 2.6.0-test6.)
686 (Since Linux 2.5.35.)
690 .\" .B CLONE_DETACHED
694 .\" (Since Linux 2.6.0-test6.)
715 when a zero value is specified for
722 but the kernel was not configured with the
727 Cannot allocate sufficient memory to allocate a task structure for the
728 child, or to copy those parts of the caller's context that need to be
735 was specified by a non-root process (process without \fBCAP_SYS_ADMIN\fP).
739 was specified by a process other than process 0.
741 There is no entry for
746 as described in this manual page.
752 calls are Linux-specific and should not be used in programs
753 intended to be portable.
755 In the kernel 2.4.x series,
757 generally does not make the parent of the new thread the same
758 as the parent of the calling process.
759 However, for kernel versions 2.4.7 to 2.4.18 the
763 flag (as in kernel 2.6).
765 For a while there was
767 (introduced in 2.5.32):
768 parent wants no child-exit signal.
769 In 2.6.2 the need to give this
773 This flag is still defined, but has no effect.
777 should not be called through vsyscall, but directly through
780 On ia64, a different system call is used:
783 .BI "int __clone2(int (*" "fn" ")(void *), "
784 .BI " void *" child_stack_base ", size_t " stack_size ,
785 .BI " int " flags ", void *" "arg" ", ... "
786 .BI " /* pid_t *" pid ", struct user_desc *" tls \
787 ", pid_t *" ctid " */ );"
792 system call operates in the same way as
796 points to the lowest address of the child's stack area,
799 specifies the size of the stack pointed to by
800 .IR child_stack_base .
802 Versions of the GNU C library that include the NPTL threading library
803 contain a wrapper function for
805 that performs caching of PIDs.
806 This caching relies on support in the glibc wrapper for
808 but as currently implemented,
809 the cache may not be up to date in some circumstances.
811 if a signal is delivered to the child immediately after the
815 in a handler for the signal may return the PID
816 of the calling process ("the parent"),
817 if the clone wrapper has not yet had a chance to update the PID
819 (This discussion ignores the case where the child was created using
824 return the same value in the child and in the process that called
826 since the caller and the child are in the same thread group.
827 The stale-cache problem also does not occur if the
831 To get the truth, it may be necessary to use code such as the following:
838 mypid = syscall(SYS_getpid);
840 .\" See also the following bug reports
841 .\" https://bugzilla.redhat.com/show_bug.cgi?id=417521
842 .\" http://sourceware.org/bugzilla/show_bug.cgi?id=6910
848 .BR set_thread_area (2),
849 .BR set_tid_address (2),
853 .BR capabilities (7),