Re: get_user_pages() and shared memory question

From: Hugh Dickins
Date: Tue Jun 21 2005 - 13:02:15 EST


On Tue, 21 Jun 2005, Timur Tabi wrote:
>
> Is it possible for a page of memory that's been "grabbed" with
> get_user_pages() to ever be allocated to another process? I'm assuming the
> answer is no, but I have a specific case I want to ask about.
>
> Let's say an application allocates some shared memory, and then calls into a
> driver which calls get_user_pages(). The driver exits without releasing the
> pages, so they now have a reference count on them. Then the application
> deallocates the shared memory. At this point, the virtual addresses
> disappear, and no process owns them, but the pages still have a reference
> count.
>
> Another process now tries to allocate a shared memory buffer. Is there any
> way that this new buffer can contain those pages that were grabbed with
> get_user_pages() (i.e. that already have a reference count)?

It depends on what you mean by allocate and deallocate. If the second
process is attaching the same shared memory segment as the first process
had attached, then yes, its buffer will contain those very pages which
the driver erroneously failed to release.

> Until 2.6.7, there was a bug in the VM where a page that was grabbed with
> get_user_pages() could be swapped out. Those of you familar with the OpenIB
> work know what I'm talking about. Would that bug affect anything I'm talking
> about?

No. That was a bug peculiar to anonymous memory,
whereas shared memory is treated like file cache.

Hugh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/