get_user_pages() and shared memory question

From: Timur Tabi
Date: Tue Jun 21 2005 - 10:20:45 EST


Is it possible for a page of memory that's been "grabbed" with get_user_pages() to ever be allocated to another process? I'm assuming the answer is no, but I have a specific case I want to ask about.

Let's say an application allocates some shared memory, and then calls into a driver which calls get_user_pages(). The driver exits without releasing the pages, so they now have a reference count on them. Then the application deallocates the shared memory. At this point, the virtual addresses disappear, and no process owns them, but the pages still have a reference count.

Another process now tries to allocate a shared memory buffer. Is there any way that this new buffer can contain those pages that were grabbed with get_user_pages() (i.e. that already have a reference count)?

Until 2.6.7, there was a bug in the VM where a page that was grabbed with get_user_pages() could be swapped out. Those of you familar with the OpenIB work know what I'm talking about. Would that bug affect anything I'm talking about?

Timur Tabi
Staff Software Engineer

