一張圖深度解析Linux共享內存的內核實現
Sailor_forever sailing_9806#163.com
http://blog.csdn.net/sailor_8318/article/details/39484747
PDF版本下載鏈接 http://download.csdn.net/detail/sailor_8318/7960535
(本原創文章發表於Sailor_forever 的個人blog,未經本人許可,不得用於商業用途。任何個人、媒體、其他網站不得私自抄襲;網絡媒體轉載請註明出處,增加原文鏈接,否則屬於侵權行爲。如有任何問題,請留言或者發郵件給sailing_9806#163.com)
【摘要】本文首先介紹了衆所周知的共享內存API,然後介紹了相關的內核主要數據結構,並逐一分析了shmget、shmat、數據訪問、shmdt的內核實現及數據結構之間的動態關係,從數據的關聯圖即可一窺共享內存的實現機制。
【關鍵字】共享內存,shmat, smget, mmap,shmid_kernel
1 功能
System V共享內存作爲多進程間通信的最高效手段,是因爲:
1、 其將物理內存直接映射爲虛擬地址,通過虛擬地址即可直接訪問數據,避免了rd/wr等系統調用的開銷
2、 其避免了msg及socket通信方式的數據拷貝過程
基本原理介紹可參考“Linux環境進程間通信(五): 共享內存(下)”
2 示例代碼
/**********************************************************
*實驗要求: 創建兩個進程,通過共享內存進行通訊。
*功能描述: 本程序申請了上一段程序相同的共享內存塊,然後循環向共享中
* 寫數據,直至寫入“end”。
*日 期: 2010-9-17
*作 者: 國嵌
**********************************************************/
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/shm.h>
#include "shm_com.h"
/*
* 程序入口
**/
int main(void)
{
int running=1;
void *shared_memory=(void *)0;
struct shared_use_st *shared_stuff;
char buffer[BUFSIZ];
int shmid;
/*創建共享內存*/
shmid=shmget((key_t)1234,sizeof(structshared_use_st),0666|IPC_CREAT);
if(shmid==-1)
{
fprintf(stderr,"shmget failed\n");
exit(EXIT_FAILURE);
}
/*映射共享內存*/
shared_memory=shmat(shmid,(void *)0,0);
if(shared_memory==(void *)-1)
{
fprintf(stderr,"shmat failed\n");
exit(EXIT_FAILURE);
}
printf("Memory attached at %X\n",(int)shared_memory);
/*讓結構體指針指向這塊共享內存*/
shared_stuff=(struct shared_use_st *)shared_memory;
/*循環的向共享內存中寫數據,直到寫入的爲“end”爲止*/
while(running)
{
while(shared_stuff->written_by_you==1)
{
sleep(1);//等到讀進程讀完之後再寫
printf("waiting for client...\n");
}
printf("Ener some text:");
fgets(buffer,BUFSIZ,stdin);
strncpy(shared_stuff->some_text,buffer,TEXT_SZ);
shared_stuff->written_by_you=1;
if(strncmp(buffer,"end",3)==0)
{
running=0; //結束循環
}
}
/*detach共享內存*/
if(shmdt(shared_memory)==-1)
{
fprintf(stderr,"shmdt failed\n");
exit(EXIT_FAILURE);
}
exit(EXIT_SUCCESS);
}
/**********************************************************
*實驗要求: 創建兩個進程,通過共享內存進行通訊。
*功能描述: 本程序申請和分配共享內存,然後輪訓並讀取共享中的數據,直至
* 讀到“end”。
*日 期: 2010-9-17
*作 者: 國嵌
**********************************************************/
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/shm.h>
#include "shm_com.h"
/*
* 程序入口
**/
int main(void)
{
int running=1;
void *shared_memory=(void *)0;
struct shared_use_st *shared_stuff;
int shmid;
/*創建共享內存*/
shmid=shmget((key_t)1234,sizeof(structshared_use_st),0666|IPC_CREAT);
if(shmid==-1)
{
fprintf(stderr,"shmget failed\n");
exit(EXIT_FAILURE);
}
/*映射共享內存*/
shared_memory=shmat(shmid,(void *)0,0);
if(shared_memory==(void *)-1)
{
fprintf(stderr,"shmat failed\n");
exit(EXIT_FAILURE);
}
printf("Memory attached at %X\n",(int)shared_memory);
/*讓結構體指針指向這塊共享內存*/
shared_stuff=(struct shared_use_st *)shared_memory;
/*控制讀寫順序*/
shared_stuff->written_by_you=0;
/*循環的從共享內存中讀數據,直到讀到“end”爲止*/
while(running)
{
if(shared_stuff->written_by_you)
{
printf("You wrote:%s",shared_stuff->some_text);
sleep(1); //讀進程睡一秒,同時會導致寫進程睡一秒,這樣做到讀了之後再寫
shared_stuff->written_by_you=0;
if(strncmp(shared_stuff->some_text,"end",3)==0)
{
running=0; //結束循環
}
}
}
/*刪除共享內存*/
if(shmdt(shared_memory)==-1)
{
fprintf(stderr,"shmdt failed\n");
exit(EXIT_FAILURE);
}
exit(EXIT_SUCCESS);
}
3 主要數據結構及其關係
通過上面的示例代碼我們大概瞭解了共享內存的用戶API,但其是如何實現的呢,讓我們來一探究竟。首先介紹相關的主要數據結構。
3.1 ipc_params
該數據結構爲用戶空間和內核空間通信的API,key、flg、size爲創建共享內存的必備參數
/*
*Structure that holds the parameters needed by the ipc operations
*(see after)
*/
struct ipc_params {
key_t key;
intflg;
union{
size_t size; /* for shared memories */
intnsems; /* for semaphores */
}u; /* holds thegetnew() specific param */
};
3.2 shmid_kernel
shmid_kernel一個共享內存區在內核態的ipc標識
8 struct shmid_kernel /* private to thekernel */
9 {
10 struct kern_ipc_perm shm_perm;
11 struct file *shm_file; /* 定位共享內存在ramfs中的inode */
12 unsigned long shm_nattch; /* 被映射的次數,爲0時才能刪除此共享內存區*/
13 unsigned long shm_segsz; /* 爲用戶態傳遞下來的共享內存區size*/
14 time_t shm_atim;
15 time_t shm_dtim;
16 time_t shm_ctim;
17 pid_t shm_cprid;
18 pid_t shm_lprid;
19 struct user_struct *mlock_user;
20
21 /* The task created the shmobject. NULL if the task is dead. */
22 struct task_struct *shm_creator;
23 };
3.3 kern_ipc_perm
kern_ipc_perm保存用戶態shm key值和內核態的shmid及其他權限信息
10 /* used by in-kernel data structures*/
11 struct kern_ipc_perm
12 {
13 spinlock_t lock;
14 bool deleted;
15 int id; /* shm的內核標識,同一個key多次映射的shmid可能不一樣*/
16 key_t key; /* 用戶空間用於識別shm的key標識,該key標識可以靜態約定或者根據某個值唯一標識,避免衝突*/
17 kuid_t uid;
18 kgid_t gid;
19 kuid_t cuid;
20 kgid_t cgid;
21 umode_t mode;
22 unsigned long seq;
23 void *security;
24 };
3.4 shm_file_data
當進程attach到某個共享內存區時,即建立該數據結構,後續所有操作都通過該數據結構訪問到其他所有信息。
struct shm_file_data {
intid;
structipc_namespace *ns;
structfile *file;
conststruct vm_operations_struct *vm_ops;
};
3.5 shm_file_operations
static const struct file_operationsshm_file_operations = {
.mmap = shm_mmap,
.fsync = shm_fsync,
.release = shm_release,
};
3.6 shm_vm_ops
static const struct vm_operations_structshm_vm_ops = {
.open = shm_open, /* callback for a new vm-area open */
.close = shm_close, /* callback for when the vm-area is released */
.fault = shm_fault,
};
3.7 ipc_ops
/*
*Structure that holds some ipc operations. This structure is used to unify
*the calls to sys_msgget(), sys_semget(), sys_shmget()
* .routine to call to create a new ipc object. Can be one of newque,
* newary, newseg
* .routine to call to check permissions for a new ipc object.
* Can be one of security_msg_associate, security_sem_associate,
* security_shm_associate
* .routine to call for an extra check if needed
*/
struct ipc_ops {
int(*getnew) (struct ipc_namespace *, struct ipc_params *);
int(*associate) (struct kern_ipc_perm *, int);
int(*more_checks) (struct kern_ipc_perm *, struct ipc_params *);
};
shm_ops.getnew = newseg;
shm_ops.associate = shm_security;
shm_ops.more_checks = shm_more_checks;
3.8 數據結構之間的關係
隨着共享內存的建立、映射、訪問等過程,最終會在建立如下的數據信息關聯表,通過此表即可完全搞懂共享內存的內部原理。
4 創建or打開share memory
4.1 主流程
以key爲關鍵字獲取shm信息。若在ipc中未創建,則在shm文件系統(tempfs)裏分配一個inode,其對應文件爲/SYSV-shmid(用戶態不可見),並分配一個file文件描述符指向此inode的dentry,並保存在ipc shm數據結構shmid_kernel裏,並返回shmid。若已經創建,則獲取shmid即可。
共享內存的物理地址保存在inode的struct address_space*i_mapping域的structradix_tree_root page_tree; /* radix treeof all pages */成員中。共享內存也使用了page cache的框架來管理物理頁,但並不是通過read/write等系統調用方式來訪問共享內存“文件”。
在內核態建立的相關數據關聯信息如下:
黃色是用戶態的參數輸入,藍色部分是shmget過程中動態建立的信息,其中shmid爲最終返回值。
用systemtap(可參考文章)監測到的函數調用棧信息如下:
-------------------------------------
shmem_alloc_inode(sb=0xf5c3ac00)
0xc1153110 : shmem_alloc_inode+0x0/0x30[kernel]
0xc11a5a50 : alloc_inode+0x20/0x80 [kernel]
0xc11a7ba6 : new_inode_pseudo+0x16/0x60[kernel]
0xc11a7c07 : new_inode+0x17/0x30 [kernel]
0xc115409b : shmem_get_inode+0x2b/0x170[kernel]
0xc11545c4 : shmem_file_setup+0xb4/0x1b0[kernel]
0xc12915b9 : newseg+0x239/0x2a0 [kernel]
0xc128dc51 : ipcget+0x111/0x1d0 [kernel]
0xc1291cf2 : sys_shmget+0x52/0x60 [kernel]
0xc1292b39 : sys_ipc+0x249/0x280 [kernel]
0xc161abb4 : syscall_call+0x7/0xb [kernel]
-------------------------------------
4.2 Shmget
用戶空間以key爲關鍵字來區分不同的share memory
SYSCALL_DEFINE3(shmget, key_t, key, size_t,size, int, shmflg)
{
structipc_namespace *ns;
structipc_ops shm_ops;
structipc_params shm_params;
ns= current->nsproxy->ipc_ns;
shm_ops.getnew = newseg;
shm_params.key = key;
shm_params.flg = shmflg;
shm_params.u.size = size;
returnipcget(ns, &shm_ids(ns), &shm_ops, &shm_params);
}
4.3 ipcget_public
/**
* ipcget_public - get an ipc object or create anew one
* @ns: namespace
* @ids: IPC identifer set
* @ops: the actual creation routine to call
* @params: its parameters
*
* This routine is called by sys_msgget,sys_semget() and sys_shmget()
* when the key is not IPC_PRIVATE.
* It adds a new entry if the key is not found and does somepermission
* /security checkings if the key is found.
*
* On success, the ipc id is returned.
*/
static int ipcget_public(structipc_namespace *ns, struct ipc_ids *ids,
structipc_ops *ops, struct ipc_params *params)
{
ipcp = ipc_findkey(ids,params->key);
if(ipcp == NULL) {
/*key not used */
if(!(flg & IPC_CREAT))
err= -ENOENT;
else
err = ops->getnew(ns,params);
}else {
if(ops->more_checks)
err= ops->more_checks(ipcp, params);
}
}
以key爲關鍵字在現有的share memory實例中查找,查找失敗,則ops->getnew(ns,params)創建一個新的shm實例;查找成功,做一些必要的安全性檢查即可。
4.4 newseg
/**
*newseg - Create a new shared memory segment
* @params: ptr to the structure thatcontains key, size and shmflg
*/
static int newseg(struct ipc_namespace *ns,struct ipc_params *params)
{
key_tkey = params->key;
intshmflg = params->flg;
size_tsize = params->u.size;
structshmid_kernel *shp;
int numpages = (size + PAGE_SIZE-1) >> PAGE_SHIFT; /* 計算shm文件大小*/
structfile * file;
shp= ipc_rcu_alloc(sizeof(*shp));
shp->shm_perm.key= key;
shp->shm_perm.mode= (shmflg & S_IRWXUGO);
sprintf(name, "SYSV%08x", key); /* shm文件名稱,包含keyid */
file= shmem_file_setup(name, size, acctflag); /* 在shm的tempfs中創建一個文件inode節點,並返回一個文件描述符,文件存在哪個路徑了呢??是個隱藏文件,用戶空間看不到!!*/
id= ipc_addid(&shm_ids(ns), &shp->shm_perm, ns->shm_ctlmni);
shp->shm_segsz= size;
shp->shm_nattch= 0;
shp->shm_file = file; /* 將file指針保存在ipc shmid_kernel中shp->shm_file 中以備後用 */
/*
* shmid gets reported as "inode#" in /proc/pid/maps.
* proc-ps tools use this. Changing this willbreak them.
*/
file->f_dentry->d_inode->i_ino= shp->shm_perm.id; /* shm ID作爲inodenumber */
error= shp->shm_perm.id;
returnerror;
}
4.5 shmem_file_setup
/**
*shmem_file_setup - get anunlinked file living in tmpfs
*@name: name for dentry (to be seen in /proc/<pid>/maps
*@size: size to be set for the file
*/
struct file *shmem_file_setup(const char*name, loff_t size, unsigned long flags)
{
interror;
structfile *file;
structinode *inode;
structpath path;
structdentry *root;
error= -ENOMEM;
this.name= name;
this.len= strlen(name);
root= shm_mnt->mnt_root;
path.dentry= d_alloc(root, &this); /*在shm所mount文件系統根目錄下創建dentry節點 */
path.mnt= mntget(shm_mnt);
inode= shmem_get_inode(root->d_sb, S_IFREG | S_IRWXUGO, 0, flags); /* 創建inode節點 */
d_instantiate(path.dentry,inode); /* 將dentry和inode節點關聯起來 */
inode->i_size= size;
file= alloc_file(&path, FMODE_WRITE | FMODE_READ,
&shmem_file_operations); /*分配一個file文件描述符指向該inode節點,並指定該文件操作指針爲shmem_file_operations */
returnfile;
}
EXPORT_SYMBOL_GPL(shmem_file_setup);
4.6 alloc_file
分配一個file描述符,並指向參數中的dentry和inode,並初始化file operations指針
http://lxr.free-electrons.com/source/fs/file_table.c#L166
/**
*alloc_file - allocate and initialize a 'struct file'
* @mnt: the vfsmount on whichthe file will reside
*@dentry: the dentry representing the new file
*@mode: the mode with which the new file will be opened
* @fop: the 'structfile_operations' for the new file
*/
struct file *alloc_file(struct path *path,fmode_t mode,
conststruct file_operations *fop)
{
structfile *file;
file= get_empty_filp();
file->f_path= *path;
file->f_mapping =path->dentry->d_inode->i_mapping;
file->f_mode= mode;
file->f_op = fop;
}
EXPORT_SYMBOL(alloc_file);
4.7 用戶態信息
drq@ubuntu:/mnt/hgfs/systemtap$ ipcs -m
------ Shared Memory Segments --------
key shmid owner perms bytes nattch status
0x000004d2 32768 drq 666 2052 0
drq@ubuntu:/mnt/hgfs/systemtap/share-m$ cat/proc/sysvipc/shm
key shmid perms size cpid lpid nattch uid gid cuid cgid atime dtime ctime rss swap
1234 65536 666 2052 6924 6924 1 1000 1000 1000 1000 1411221835 0 1411221835 4096 0
drq@ubuntu:/mnt/hgfs/systemtap/share-m$
drq@ubuntu:/mnt/hgfs/systemtap/share-m$ cat/proc/meminfo | grep Shmem
Shmem: 144 kB
drq@ubuntu:/mnt/hgfs/systemtap/share-m$mount
/dev/sda1 on / type ext4(rw,errors=remount-ro)
tmpfs on /run type tmpfs(rw,noexec,nosuid,size=10%,mode=0755)
none on /run/shm type tmpfs (rw,nosuid,nodev)
drq@ubuntu:/mnt/hgfs/systemtap/share-m$ df-h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 39G 17G 20G 47% /
udev 494M 4.0K 494M 1% /dev
tmpfs 201M 812K 200M 1% /run
none 5.0M 0 5.0M 0% /run/lock
none 501M 152K 501M 1% /run/shm
5 attach到share memory
5.1 主流程
以shmid attach到shm上,最終在進程空間分配一塊內存區域vm_area_struct指向shm文件的物理頁,加入進程的內存描述符current->mm,此vm_area_struct可通過cat /proc/$pid/maps查看。
在內核態建立的數據關聯信息如下:
紅色部分爲shmat期間在內核新建立的數據信息,並最終返回vm_start即用戶可直接訪問的用戶態地址。
用systemtap監測到的函數調用棧信息如下:
-------------------------------------
shmem_mmap(file=0xc4b42e40 vma=0xddacb000)
0xc11544e0 : shmem_mmap+0x0/0x30 [kernel]
0xc12918d2 : shm_mmap+0x22/0x60 [kernel]
0xc1169380 : mmap_region+0x3d0/0x590 [kernel]
0xc1169726 : do_mmap_pgoff+0x1e6/0x2d0[kernel]
0xc12925af : do_shmat+0x30f/0x3c0 [kernel]
0xc1292af2 : sys_ipc+0x202/0x280 [kernel]
0xc161abb4 : syscall_call+0x7/0xb [kernel]
-------------------------------------
-------------------------------------
shm_open(vma=0xddacb000)
0xc1291850 : shm_open+0x0/0x60 [kernel]
0xc12918f3 : shm_mmap+0x43/0x60 [kernel]
0xc1169380 : mmap_region+0x3d0/0x590 [kernel]
0xc1169726 : do_mmap_pgoff+0x1e6/0x2d0[kernel]
0xc12925af : do_shmat+0x30f/0x3c0 [kernel]
0xc1292af2 : sys_ipc+0x202/0x280 [kernel]
0xc161abb4 : syscall_call+0x7/0xb [kernel]
-------------------------------------
5.2 do_shmat
建立share memory後,以shmid進行後續訪問操作
SYSCALL_DEFINE3(shmat, int, shmid, char__user *, shmaddr, int, shmflg)
{
err= do_shmat(shmid, shmaddr, shmflg, &ret);
return(long)ret;
}
/*
*Fix shmaddr, allocate descriptor, map shm, add attach descriptor to lists.
*/
long do_shmat(int shmid, char __user*shmaddr, int shmflg, ulong *raddr)
{
struct shmid_kernel *shp;
unsignedlong addr;
unsignedlong size;
structfile * file;
structpath path;
ns= current->nsproxy->ipc_ns;
shp = shm_lock_check(ns, shmid); /*通過shmid找到ipc數據結構shmid_kernel */
path= shp->shm_file->f_path; /* 獲得共享文件的路徑 */
path_get(&path);
shp->shm_nattch++;
size =i_size_read(path.dentry->d_inode); /*根據dentry找到inode,獲取文件大小 */
sfd= kzalloc(sizeof(*sfd), GFP_KERNEL); /*每個進程自身維護的信息*/
file = alloc_file(&path,f_mode,
is_file_hugepages(shp->shm_file) ?
&shm_file_operations_huge:
&shm_file_operations); /* 分配一個新文件描述符指向共享文件,文件訪問指針爲shm_file_operations)*/
file->private_data= sfd;
file->f_mapping= shp->shm_file->f_mapping; /*指向共享文件的address_space */
sfd->id= shp->shm_perm.id; /* 保存shmid*/
sfd->ns= get_ipc_ns(ns);
sfd->file = shp->shm_file;/*指向共享文件的file描述符 */
sfd->vm_ops = NULL;
user_addr = do_mmap (file, addr,size, prot, flags, 0);
*raddr = user_addr; /* 返回在進程空間分配的虛擬地址空間指針*/
}
5.3 shm_mmap
do_mmap最終調用shm_file_operations的shm_mmap
static int shm_mmap(struct file * file,struct vm_area_struct * vma)
{
structshm_file_data *sfd = shm_file_data(file);
intret;
ret =sfd->file->f_op->mmap(sfd->file, vma); /*最終調用shmem_file_setup階段創建的shm裏的file文件的f_op指針shmem_file_operations中的mmap實現shmem_mmap*/
sfd->vm_ops= vma->vm_ops; /* shmem_vm_ops */
vma->vm_ops =&shm_vm_ops; /* 將shmem_vm_ops替換爲shm_vm_ops,以便vm_ops的其他地方可以進行額外封裝處理如shm_open */
shm_open(vma);
returnret;
}
5.4 shmem_mmap
static int shmem_mmap(struct file *file,struct vm_area_struct *vma)
{
file_accessed(file);
vma->vm_ops= &shmem_vm_ops;
vma->vm_flags|= VM_CAN_NONLINEAR;
return0;
}
5.5 shm_open
進程attache到shm後,更新相關訪問信息如時間,attach的個數
/* This is called by fork, once for everyshm attach. */
static void shm_open(struct vm_area_struct*vma)
{
structfile *file = vma->vm_file;
structshm_file_data *sfd = shm_file_data(file);
structshmid_kernel *shp;
shp= shm_lock(sfd->ns, sfd->id);
BUG_ON(IS_ERR(shp));
shp->shm_atim= get_seconds();
shp->shm_lprid= task_tgid_vnr(current);
shp->shm_nattch++;
shm_unlock(shp);
}
5.6 用戶態信息
進程attach到shm後,其nattch會增加
drq@ubuntu:/mnt/hgfs/systemtap$ ipcs -m
------ Shared Memory Segments --------
key shmid owner perms bytes nattch status
0x000004d2 262144 drq 666 2052 1
可以從進程mm中看到映射的虛擬地址空間
drq@ubuntu:/mnt/hgfs/systemtap/share-m$ ps-ef | grep sh-read
drq 11803 5829 99 02:00 pts/7 00:00:17 ./sh-read
b76f0000-b76f1000爲shm映射後的虛擬地址空間,/SYSV000004d2爲shm的虛擬文件
drq@ubuntu:/mnt/hgfs/systemtap/share-m$ cat/proc/11803/maps | grep SYS
b76f0000-b76f1000 rw-s 00000000 00:04262144 /SYSV000004d2 (deleted)
6 數據訪問
用戶空間經過shmat後,得到用於訪問共享內存的虛擬地址,即可以通過該地址直接訪問共享的物理內存。但因爲頁表尚未建立起來,因此觸發page fault,然後建立頁表。
-------------------------------------
shmem_fault(vma=0xddacb000 vmf=0xc25cbe7c)
0xc1155eb0 : shmem_fault+0x0/0x90 [kernel]
0xc12911a4 : shm_fault+0x14/0x20 [kernel]
0xc11606ce : __do_fault+0x6e/0x550 [kernel]
0xc11631cf : handle_pte_fault+0x8f/0xaf0[kernel]
0xc1164d4d : handle_mm_fault+0x1dd/0x280[kernel]
0xc161ddea : do_page_fault+0x15a/0x4b0[kernel]
0xc161b2a3 : error_code+0x67/0x6c [kernel]
-------------------------------------
6.1 shm_fault
在shm_mmap的最後將vm_operations的操作指針更新爲了shm_vm_ops,其page fault處理函數爲shm_fault。其最終仍然調用的是shmem_vm_ops的shmem_fault
static int shm_fault(struct vm_area_struct*vma, struct vm_fault *vmf)
{
structfile *file = vma->vm_file;
structshm_file_data *sfd = shm_file_data(file);
returnsfd->vm_ops->fault(vma,vmf);
}
6.2 shmem_fault
shmem_fault根據產生缺頁異常的線性地址找到對應的物理頁(vma->vm_file->f_path.dentry->d_inode),並將這個物理頁加入頁表,之後用戶就可以像訪問本地數據一樣直接訪問共享內存
static int shmem_fault(structvm_area_struct *vma, struct vm_fault *vmf)
{
struct inode *inode =vma->vm_file->f_path.dentry->d_inode;
interror;
intret;
if(((loff_t)vmf->pgoff << PAGE_CACHE_SHIFT) >= i_size_read(inode))
returnVM_FAULT_SIGBUS;
error= shmem_getpage(inode, vmf->pgoff,&vmf->page, SGP_CACHE, &ret);
if(error)
return((error == -ENOMEM) ? VM_FAULT_OOM : VM_FAULT_SIGBUS);
returnret | VM_FAULT_LOCKED;
}
7 Detach shm
Detach shm時只會將進城對應的mm_struct信息release,但不會刪除shm自身。其中shm_nattch--。
-------------------------------------
shm_close(vma=0xddadf8f0)
0xc1291910 : shm_close+0x0/0xb0 [kernel]
0xc1167086 : remove_vma+0x26/0x60 [kernel]
0xc1168a5c : do_munmap+0x21c/0x2e0 [kernel]
0xc129272b : sys_shmdt+0x9b/0x140 [kernel]
0xc1292b1b : sys_ipc+0x22b/0x280 [kernel]
0xc161abb4 : syscall_call+0x7/0xb [kernel]
-------------------------------------
-------------------------------------
shm_release(ino=0xf69f9e50 file=0xddbdb540)
0xc1291330 : shm_release+0x0/0x40 [kernel]
0xc1190ab6 : fput+0xe6/0x210 [kernel]
0xc1167092 : remove_vma+0x32/0x60 [kernel]
0xc1168a5c : do_munmap+0x21c/0x2e0 [kernel]
0xc129272b : sys_shmdt+0x9b/0x140 [kernel]
0xc1292b1b : sys_ipc+0x22b/0x280 [kernel]
0xc161abb4 : syscall_call+0x7/0xb [kernel]
-------------------------------------
8 刪除share memory
相關命令如下:
drq@ubuntu:/mnt/hgfs/systemtap$ ipcs -m
------ Shared Memory Segments --------
key shmid owner perms bytes nattch status
0x00000000 262144 drq 666 2052 1 dest
drq@ubuntu:/mnt/hgfs/systemtap$ ipcrm -m262144
drq@ubuntu:/mnt/hgfs/systemtap$ ipcs -m
------ Shared Memory Segments --------
key shmid owner perms bytes nattch status
程序可以通過shmctl IO調用刪除shm。
9 參考文檔
共享內存代碼示例
http://blog.csdn.net/cschengvdn/article/details/21086711
Linux環境進程間通信(五): 共享內存(下)
http://www.ibm.com/developerworks/cn/linux/l-ipc/part5/index2.html