Provided by: manpages-dev_4.15-1_all bug

NAME

       vfork - create a child process and block parent

SYNOPSIS

       #include <sys/types.h>
       #include <unistd.h>

       pid_t vfork(void);

   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):

       vfork():
           Since glibc 2.12:
               (_XOPEN_SOURCE >= 500) && ! (_POSIX_C_SOURCE >= 200809L)
                   || /* Since glibc 2.19: */ _DEFAULT_SOURCE
                   || /* Glibc versions <= 2.19: */ _BSD_SOURCE
           Before glibc 2.12:
               _BSD_SOURCE || _XOPEN_SOURCE >= 500

DESCRIPTION

   Standard description
       (From  POSIX.1)  The  vfork()  function  has  the  same effect as fork(2), except that the
       behavior is undefined if the process created by vfork() either  modifies  any  data  other
       than a variable of type pid_t used to store the return value from vfork(), or returns from
       the function in which vfork() was called, or calls any other function before  successfully
       calling _exit(2) or one of the exec(3) family of functions.

   Linux description
       vfork(),  just  like fork(2), creates a child process of the calling process.  For details
       and return value and errors, see fork(2).

       vfork() is a special case of clone(2).  It is used to create new processes without copying
       the  page  tables  of  the  parent  process.   It  may  be useful in performance-sensitive
       applications where a child is created which then immediately issues an execve(2).

       vfork() differs from fork(2) in that the calling  thread  is  suspended  until  the  child
       terminates (either normally, by calling _exit(2), or abnormally, after delivery of a fatal
       signal), or it makes a call to execve(2).  Until that point, the child shares  all  memory
       with its parent, including the stack.  The child must not return from the current function
       or call exit(3) (which would have the effect of calling exit handlers established  by  the
       parent process and flushing the parent's stdio(3) buffers), but may call _exit(2).

       As  with  fork(2),  the child process created by vfork() inherits copies of various of the
       caller's process attributes (e.g., file  descriptors,  signal  dispositions,  and  current
       working  directory); the vfork() call differs only in the treatment of the virtual address
       space, as described above.

       Signals sent to the parent arrive after the child  releases  the  parent's  memory  (i.e.,
       after the child terminates or calls execve(2)).

   Historic description
       Under  Linux,  fork(2)  is  implemented  using  copy-on-write  pages,  so the only penalty
       incurred by fork(2) is the time and memory required to duplicate the parent's page tables,
       and  to  create  a  unique  task  structure for the child.  However, in the bad old days a
       fork(2) would require making a complete copy of the caller's data space, often needlessly,
       since usually immediately afterward an exec(3) is done.  Thus, for greater efficiency, BSD
       introduced the vfork() system call, which did not fully copy  the  address  space  of  the
       parent  process,  but  borrowed  the parent's memory and thread of control until a call to
       execve(2) or an exit occurred.  The parent process was suspended while the child was using
       its  resources.   The  use  of  vfork() was tricky: for example, not modifying data in the
       parent process depended on knowing which variables were held in a register.

CONFORMING TO

       4.3BSD; POSIX.1-2001 (but marked OBSOLETE).  POSIX.1-2008  removes  the  specification  of
       vfork().

       The  requirements put on vfork() by the standards are weaker than those put on fork(2), so
       an implementation  where  the  two  are  synonymous  is  compliant.   In  particular,  the
       programmer  cannot  rely on the parent remaining blocked until the child either terminates
       or calls execve(2), and cannot rely on  any  specific  behavior  with  respect  to  shared
       memory.

NOTES

       Some  consider the semantics of vfork() to be an architectural blemish, and the 4.2BSD man
       page stated: "This system call will be eliminated when proper  system  sharing  mechanisms
       are implemented.  Users should not depend on the memory sharing semantics of vfork() as it
       will, in that case, be made synonymous to fork(2)."  However, even  though  modern  memory
       management  hardware has decreased the performance difference between fork(2) and vfork(),
       there are various reasons why Linux and other systems have retained vfork():

       *  Some  performance-critical  applications  require  the  small   performance   advantage
          conferred by vfork().

       *  vfork()  can  be  implemented  on systems that lack a memory-management unit (MMU), but
          fork(2) can't be implemented on such systems.  (POSIX.1-2008 removed vfork()  from  the
          standard; the POSIX rationale for the posix_spawn(3) function notes that that function,
          which  provides  functionality  equivalent  to  fork(2)+exec(3),  is  designed  to   be
          implementable on systems that lack an MMU.)

       *  On  systems  where memory is constrained, vfork() avoids the need to temporarily commit
          memory (see the description of /proc/sys/vm/overcommit_memory in proc(5)) in  order  to
          execute a new program.  (This can be especially beneficial where a large parent process
          wishes to execute a small helper program in  a  child  process.)   By  contrast,  using
          fork(2)  in  this  scenario requires either committing an amount of memory equal to the
          size of the parent process (if strict overcommitting is  in  force)  or  overcommitting
          memory with the risk that a process is terminated by the out-of-memory (OOM) killer.

   Caveats
       The child process should take care not to modify the memory in unintended ways, since such
       changes will be seen by the parent process once the child terminates or  executes  another
       program.   In  this  regard,  signal  handlers  can be especially problematic: if a signal
       handler that is invoked in the child of vfork() changes memory, those changes  may  result
       in  an inconsistent process state from the perspective of the parent process (e.g., memory
       changes would be visible in the parent, but changes to the state of open file  descriptors
       would not be visible).

       When  vfork()  is  called in a multithreaded process, only the calling thread is suspended
       until the child terminates or executes a new  program.   This  means  that  the  child  is
       sharing an address space with other running code.  This can be dangerous if another thread
       in the parent process changes credentials (using setuid(2) or similar),  since  there  are
       now  two  processes with different privilege levels running in the same address space.  As
       an example of the dangers, suppose that a multithreaded program running as root creates  a
       child  using vfork().  After the vfork(), a thread in the parent process drops the process
       to an unprivileged user in order to run some untrusted code  (e.g.,  perhaps  via  plug-in
       opened  with dlopen(3)).  In this case, attacks are possible where the parent process uses
       mmap(2) to map in code that will be executed by the privileged child process.

   Linux notes
       Fork handlers established using pthread_atfork(3) are  not  called  when  a  multithreaded
       program  employing  the NPTL threading library calls vfork().  Fork handlers are called in
       this case in a program using the LinuxThreads threading library.  (See pthreads(7)  for  a
       description of Linux threading libraries.)

       A call to vfork() is equivalent to calling clone(2) with flags specified as:

            CLONE_VM | CLONE_VFORK | SIGCHLD

   History
       The  vfork()  system call appeared in 3.0BSD.  In 4.4BSD it was made synonymous to fork(2)
       but  NetBSD   introduced   it   again;   see   ⟨http://www.netbsd.org/Documentation/kernel
       /vfork.html⟩.   In Linux, it has been equivalent to fork(2) until 2.2.0-pre6 or so.  Since
       2.2.0-pre9 (on i386, somewhat later on other architectures) it is  an  independent  system
       call.  Support was added in glibc 2.0.112.

BUGS

       Details  of  the signal handling are obscure and differ between systems.  The BSD man page
       states: "To avoid a possible deadlock situation, processes that are children in the middle
       of  a  vfork()  are  never  sent  SIGTTOU or SIGTTIN signals; rather, output or ioctls are
       allowed and input attempts result in an end-of-file indication."

SEE ALSO

       clone(2), execve(2), _exit(2), fork(2), unshare(2), wait(2)

COLOPHON

       This page is part of release 4.15 of the Linux man-pages project.  A  description  of  the
       project,  information  about  reporting  bugs, and the latest version of this page, can be
       found at https://www.kernel.org/doc/man-pages/.