Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/vm/vm_object.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * The Mach Operating System project at Carnegie-Mellon University. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * from: @(#)vm_object.c 8.5 (Berkeley) 3/22/94 33 * 34 * 35 * Copyright (c) 1987, 1990 Carnegie-Mellon University. 36 * All rights reserved. 37 * 38 * Authors: Avadis Tevanian, Jr., Michael Wayne Young 39 * 40 * Permission to use, copy, modify and distribute this software and 41 * its documentation is hereby granted, provided that both the copyright 42 * notice and this permission notice appear in all copies of the 43 * software, derivative works or modified versions, and any portions 44 * thereof, and that both notices appear in supporting documentation. 45 * 46 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" 47 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND 48 * FOR ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. 49 * 50 * Carnegie Mellon requests users of this software to return to 51 * 52 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU 53 * School of Computer Science 54 * Carnegie Mellon University 55 * Pittsburgh PA 15213-3890 56 * 57 * any improvements or extensions that they make and grant Carnegie the 58 * rights to redistribute these changes. 59 */ 60 61 /* 62 * Virtual memory object module. 63 */ 64 65 #include <sys/cdefs.h> 66 __FBSDID("$FreeBSD: releng/10.2/sys/vm/vm_object.c 286276 2015-08-04 05:18:24Z kib $"); 67 68 #include "opt_vm.h" 69 70 #include <sys/param.h> 71 #include <sys/systm.h> 72 #include <sys/lock.h> 73 #include <sys/mman.h> 74 #include <sys/mount.h> 75 #include <sys/kernel.h> 76 #include <sys/sysctl.h> 77 #include <sys/mutex.h> 78 #include <sys/proc.h> /* for curproc, pageproc */ 79 #include <sys/socket.h> 80 #include <sys/resourcevar.h> 81 #include <sys/rwlock.h> 82 #include <sys/vnode.h> 83 #include <sys/vmmeter.h> 84 #include <sys/sx.h> 85 86 #include <vm/vm.h> 87 #include <vm/vm_param.h> 88 #include <vm/pmap.h> 89 #include <vm/vm_map.h> 90 #include <vm/vm_object.h> 91 #include <vm/vm_page.h> 92 #include <vm/vm_pageout.h> 93 #include <vm/vm_pager.h> 94 #include <vm/swap_pager.h> 95 #include <vm/vm_kern.h> 96 #include <vm/vm_extern.h> 97 #include <vm/vm_radix.h> 98 #include <vm/vm_reserv.h> 99 #include <vm/uma.h> 100 101 static int old_msync; 102 SYSCTL_INT(_vm, OID_AUTO, old_msync, CTLFLAG_RW, &old_msync, 0, 103 "Use old (insecure) msync behavior"); 104 105 static int vm_object_page_collect_flush(vm_object_t object, vm_page_t p, 106 int pagerflags, int flags, boolean_t *clearobjflags, 107 boolean_t *eio); 108 static boolean_t vm_object_page_remove_write(vm_page_t p, int flags, 109 boolean_t *clearobjflags); 110 static void vm_object_qcollapse(vm_object_t object); 111 static void vm_object_vndeallocate(vm_object_t object); 112 113 /* 114 * Virtual memory objects maintain the actual data 115 * associated with allocated virtual memory. A given 116 * page of memory exists within exactly one object. 117 * 118 * An object is only deallocated when all "references" 119 * are given up. Only one "reference" to a given 120 * region of an object should be writeable. 121 * 122 * Associated with each object is a list of all resident 123 * memory pages belonging to that object; this list is 124 * maintained by the "vm_page" module, and locked by the object's 125 * lock. 126 * 127 * Each object also records a "pager" routine which is 128 * used to retrieve (and store) pages to the proper backing 129 * storage. In addition, objects may be backed by other 130 * objects from which they were virtual-copied. 131 * 132 * The only items within the object structure which are 133 * modified after time of creation are: 134 * reference count locked by object's lock 135 * pager routine locked by object's lock 136 * 137 */ 138 139 struct object_q vm_object_list; 140 struct mtx vm_object_list_mtx; /* lock for object list and count */ 141 142 struct vm_object kernel_object_store; 143 struct vm_object kmem_object_store; 144 145 static SYSCTL_NODE(_vm_stats, OID_AUTO, object, CTLFLAG_RD, 0, 146 "VM object stats"); 147 148 static long object_collapses; 149 SYSCTL_LONG(_vm_stats_object, OID_AUTO, collapses, CTLFLAG_RD, 150 &object_collapses, 0, "VM object collapses"); 151 152 static long object_bypasses; 153 SYSCTL_LONG(_vm_stats_object, OID_AUTO, bypasses, CTLFLAG_RD, 154 &object_bypasses, 0, "VM object bypasses"); 155 156 static uma_zone_t obj_zone; 157 158 static int vm_object_zinit(void *mem, int size, int flags); 159 160 #ifdef INVARIANTS 161 static void vm_object_zdtor(void *mem, int size, void *arg); 162 163 static void 164 vm_object_zdtor(void *mem, int size, void *arg) 165 { 166 vm_object_t object; 167 168 object = (vm_object_t)mem; 169 KASSERT(object->ref_count == 0, 170 ("object %p ref_count = %d", object, object->ref_count)); 171 KASSERT(TAILQ_EMPTY(&object->memq), 172 ("object %p has resident pages in its memq", object)); 173 KASSERT(vm_radix_is_empty(&object->rtree), 174 ("object %p has resident pages in its trie", object)); 175 #if VM_NRESERVLEVEL > 0 176 KASSERT(LIST_EMPTY(&object->rvq), 177 ("object %p has reservations", 178 object)); 179 #endif 180 KASSERT(vm_object_cache_is_empty(object), 181 ("object %p has cached pages", 182 object)); 183 KASSERT(object->paging_in_progress == 0, 184 ("object %p paging_in_progress = %d", 185 object, object->paging_in_progress)); 186 KASSERT(object->resident_page_count == 0, 187 ("object %p resident_page_count = %d", 188 object, object->resident_page_count)); 189 KASSERT(object->shadow_count == 0, 190 ("object %p shadow_count = %d", 191 object, object->shadow_count)); 192 KASSERT(object->type == OBJT_DEAD, 193 ("object %p has non-dead type %d", 194 object, object->type)); 195 } 196 #endif 197 198 static int 199 vm_object_zinit(void *mem, int size, int flags) 200 { 201 vm_object_t object; 202 203 object = (vm_object_t)mem; 204 bzero(&object->lock, sizeof(object->lock)); 205 rw_init_flags(&object->lock, "vm object", RW_DUPOK); 206 207 /* These are true for any object that has been freed */ 208 object->type = OBJT_DEAD; 209 object->ref_count = 0; 210 object->rtree.rt_root = 0; 211 object->rtree.rt_flags = 0; 212 object->paging_in_progress = 0; 213 object->resident_page_count = 0; 214 object->shadow_count = 0; 215 object->cache.rt_root = 0; 216 object->cache.rt_flags = 0; 217 218 mtx_lock(&vm_object_list_mtx); 219 TAILQ_INSERT_TAIL(&vm_object_list, object, object_list); 220 mtx_unlock(&vm_object_list_mtx); 221 return (0); 222 } 223 224 static void 225 _vm_object_allocate(objtype_t type, vm_pindex_t size, vm_object_t object) 226 { 227 228 TAILQ_INIT(&object->memq); 229 LIST_INIT(&object->shadow_head); 230 231 object->type = type; 232 switch (type) { 233 case OBJT_DEAD: 234 panic("_vm_object_allocate: can't create OBJT_DEAD"); 235 case OBJT_DEFAULT: 236 case OBJT_SWAP: 237 object->flags = OBJ_ONEMAPPING; 238 break; 239 case OBJT_DEVICE: 240 case OBJT_SG: 241 object->flags = OBJ_FICTITIOUS | OBJ_UNMANAGED; 242 break; 243 case OBJT_MGTDEVICE: 244 object->flags = OBJ_FICTITIOUS; 245 break; 246 case OBJT_PHYS: 247 object->flags = OBJ_UNMANAGED; 248 break; 249 case OBJT_VNODE: 250 object->flags = 0; 251 break; 252 default: 253 panic("_vm_object_allocate: type %d is undefined", type); 254 } 255 object->size = size; 256 object->generation = 1; 257 object->ref_count = 1; 258 object->memattr = VM_MEMATTR_DEFAULT; 259 object->cred = NULL; 260 object->charge = 0; 261 object->handle = NULL; 262 object->backing_object = NULL; 263 object->backing_object_offset = (vm_ooffset_t) 0; 264 #if VM_NRESERVLEVEL > 0 265 LIST_INIT(&object->rvq); 266 #endif 267 } 268 269 /* 270 * vm_object_init: 271 * 272 * Initialize the VM objects module. 273 */ 274 void 275 vm_object_init(void) 276 { 277 TAILQ_INIT(&vm_object_list); 278 mtx_init(&vm_object_list_mtx, "vm object_list", NULL, MTX_DEF); 279 280 rw_init(&kernel_object->lock, "kernel vm object"); 281 _vm_object_allocate(OBJT_PHYS, OFF_TO_IDX(VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS), 282 kernel_object); 283 #if VM_NRESERVLEVEL > 0 284 kernel_object->flags |= OBJ_COLORED; 285 kernel_object->pg_color = (u_short)atop(VM_MIN_KERNEL_ADDRESS); 286 #endif 287 288 rw_init(&kmem_object->lock, "kmem vm object"); 289 _vm_object_allocate(OBJT_PHYS, OFF_TO_IDX(VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS), 290 kmem_object); 291 #if VM_NRESERVLEVEL > 0 292 kmem_object->flags |= OBJ_COLORED; 293 kmem_object->pg_color = (u_short)atop(VM_MIN_KERNEL_ADDRESS); 294 #endif 295 296 /* 297 * The lock portion of struct vm_object must be type stable due 298 * to vm_pageout_fallback_object_lock locking a vm object 299 * without holding any references to it. 300 */ 301 obj_zone = uma_zcreate("VM OBJECT", sizeof (struct vm_object), NULL, 302 #ifdef INVARIANTS 303 vm_object_zdtor, 304 #else 305 NULL, 306 #endif 307 vm_object_zinit, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); 308 309 vm_radix_init(); 310 } 311 312 void 313 vm_object_clear_flag(vm_object_t object, u_short bits) 314 { 315 316 VM_OBJECT_ASSERT_WLOCKED(object); 317 object->flags &= ~bits; 318 } 319 320 /* 321 * Sets the default memory attribute for the specified object. Pages 322 * that are allocated to this object are by default assigned this memory 323 * attribute. 324 * 325 * Presently, this function must be called before any pages are allocated 326 * to the object. In the future, this requirement may be relaxed for 327 * "default" and "swap" objects. 328 */ 329 int 330 vm_object_set_memattr(vm_object_t object, vm_memattr_t memattr) 331 { 332 333 VM_OBJECT_ASSERT_WLOCKED(object); 334 switch (object->type) { 335 case OBJT_DEFAULT: 336 case OBJT_DEVICE: 337 case OBJT_MGTDEVICE: 338 case OBJT_PHYS: 339 case OBJT_SG: 340 case OBJT_SWAP: 341 case OBJT_VNODE: 342 if (!TAILQ_EMPTY(&object->memq)) 343 return (KERN_FAILURE); 344 break; 345 case OBJT_DEAD: 346 return (KERN_INVALID_ARGUMENT); 347 default: 348 panic("vm_object_set_memattr: object %p is of undefined type", 349 object); 350 } 351 object->memattr = memattr; 352 return (KERN_SUCCESS); 353 } 354 355 void 356 vm_object_pip_add(vm_object_t object, short i) 357 { 358 359 VM_OBJECT_ASSERT_WLOCKED(object); 360 object->paging_in_progress += i; 361 } 362 363 void 364 vm_object_pip_subtract(vm_object_t object, short i) 365 { 366 367 VM_OBJECT_ASSERT_WLOCKED(object); 368 object->paging_in_progress -= i; 369 } 370 371 void 372 vm_object_pip_wakeup(vm_object_t object) 373 { 374 375 VM_OBJECT_ASSERT_WLOCKED(object); 376 object->paging_in_progress--; 377 if ((object->flags & OBJ_PIPWNT) && object->paging_in_progress == 0) { 378 vm_object_clear_flag(object, OBJ_PIPWNT); 379 wakeup(object); 380 } 381 } 382 383 void 384 vm_object_pip_wakeupn(vm_object_t object, short i) 385 { 386 387 VM_OBJECT_ASSERT_WLOCKED(object); 388 if (i) 389 object->paging_in_progress -= i; 390 if ((object->flags & OBJ_PIPWNT) && object->paging_in_progress == 0) { 391 vm_object_clear_flag(object, OBJ_PIPWNT); 392 wakeup(object); 393 } 394 } 395 396 void 397 vm_object_pip_wait(vm_object_t object, char *waitid) 398 { 399 400 VM_OBJECT_ASSERT_WLOCKED(object); 401 while (object->paging_in_progress) { 402 object->flags |= OBJ_PIPWNT; 403 VM_OBJECT_SLEEP(object, object, PVM, waitid, 0); 404 } 405 } 406 407 /* 408 * vm_object_allocate: 409 * 410 * Returns a new object with the given size. 411 */ 412 vm_object_t 413 vm_object_allocate(objtype_t type, vm_pindex_t size) 414 { 415 vm_object_t object; 416 417 object = (vm_object_t)uma_zalloc(obj_zone, M_WAITOK); 418 _vm_object_allocate(type, size, object); 419 return (object); 420 } 421 422 423 /* 424 * vm_object_reference: 425 * 426 * Gets another reference to the given object. Note: OBJ_DEAD 427 * objects can be referenced during final cleaning. 428 */ 429 void 430 vm_object_reference(vm_object_t object) 431 { 432 if (object == NULL) 433 return; 434 VM_OBJECT_WLOCK(object); 435 vm_object_reference_locked(object); 436 VM_OBJECT_WUNLOCK(object); 437 } 438 439 /* 440 * vm_object_reference_locked: 441 * 442 * Gets another reference to the given object. 443 * 444 * The object must be locked. 445 */ 446 void 447 vm_object_reference_locked(vm_object_t object) 448 { 449 struct vnode *vp; 450 451 VM_OBJECT_ASSERT_WLOCKED(object); 452 object->ref_count++; 453 if (object->type == OBJT_VNODE) { 454 vp = object->handle; 455 vref(vp); 456 } 457 } 458 459 /* 460 * Handle deallocating an object of type OBJT_VNODE. 461 */ 462 static void 463 vm_object_vndeallocate(vm_object_t object) 464 { 465 struct vnode *vp = (struct vnode *) object->handle; 466 467 VM_OBJECT_ASSERT_WLOCKED(object); 468 KASSERT(object->type == OBJT_VNODE, 469 ("vm_object_vndeallocate: not a vnode object")); 470 KASSERT(vp != NULL, ("vm_object_vndeallocate: missing vp")); 471 #ifdef INVARIANTS 472 if (object->ref_count == 0) { 473 vprint("vm_object_vndeallocate", vp); 474 panic("vm_object_vndeallocate: bad object reference count"); 475 } 476 #endif 477 478 /* 479 * The test for text of vp vnode does not need a bypass to 480 * reach right VV_TEXT there, since it is obtained from 481 * object->handle. 482 */ 483 if (object->ref_count > 1 || (vp->v_vflag & VV_TEXT) == 0) { 484 object->ref_count--; 485 VM_OBJECT_WUNLOCK(object); 486 /* vrele may need the vnode lock. */ 487 vrele(vp); 488 } else { 489 vhold(vp); 490 VM_OBJECT_WUNLOCK(object); 491 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 492 vdrop(vp); 493 VM_OBJECT_WLOCK(object); 494 object->ref_count--; 495 if (object->type == OBJT_DEAD) { 496 VM_OBJECT_WUNLOCK(object); 497 VOP_UNLOCK(vp, 0); 498 } else { 499 if (object->ref_count == 0) 500 VOP_UNSET_TEXT(vp); 501 VM_OBJECT_WUNLOCK(object); 502 vput(vp); 503 } 504 } 505 } 506 507 /* 508 * vm_object_deallocate: 509 * 510 * Release a reference to the specified object, 511 * gained either through a vm_object_allocate 512 * or a vm_object_reference call. When all references 513 * are gone, storage associated with this object 514 * may be relinquished. 515 * 516 * No object may be locked. 517 */ 518 void 519 vm_object_deallocate(vm_object_t object) 520 { 521 vm_object_t temp; 522 struct vnode *vp; 523 524 while (object != NULL) { 525 VM_OBJECT_WLOCK(object); 526 if (object->type == OBJT_VNODE) { 527 vm_object_vndeallocate(object); 528 return; 529 } 530 531 KASSERT(object->ref_count != 0, 532 ("vm_object_deallocate: object deallocated too many times: %d", object->type)); 533 534 /* 535 * If the reference count goes to 0 we start calling 536 * vm_object_terminate() on the object chain. 537 * A ref count of 1 may be a special case depending on the 538 * shadow count being 0 or 1. 539 */ 540 object->ref_count--; 541 if (object->ref_count > 1) { 542 VM_OBJECT_WUNLOCK(object); 543 return; 544 } else if (object->ref_count == 1) { 545 if (object->type == OBJT_SWAP && 546 (object->flags & OBJ_TMPFS) != 0) { 547 vp = object->un_pager.swp.swp_tmpfs; 548 vhold(vp); 549 VM_OBJECT_WUNLOCK(object); 550 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 551 VM_OBJECT_WLOCK(object); 552 if (object->type == OBJT_DEAD || 553 object->ref_count != 1) { 554 VM_OBJECT_WUNLOCK(object); 555 VOP_UNLOCK(vp, 0); 556 vdrop(vp); 557 return; 558 } 559 if ((object->flags & OBJ_TMPFS) != 0) 560 VOP_UNSET_TEXT(vp); 561 VOP_UNLOCK(vp, 0); 562 vdrop(vp); 563 } 564 if (object->shadow_count == 0 && 565 object->handle == NULL && 566 (object->type == OBJT_DEFAULT || 567 (object->type == OBJT_SWAP && 568 (object->flags & OBJ_TMPFS_NODE) == 0))) { 569 vm_object_set_flag(object, OBJ_ONEMAPPING); 570 } else if ((object->shadow_count == 1) && 571 (object->handle == NULL) && 572 (object->type == OBJT_DEFAULT || 573 object->type == OBJT_SWAP)) { 574 vm_object_t robject; 575 576 robject = LIST_FIRST(&object->shadow_head); 577 KASSERT(robject != NULL, 578 ("vm_object_deallocate: ref_count: %d, shadow_count: %d", 579 object->ref_count, 580 object->shadow_count)); 581 KASSERT((robject->flags & OBJ_TMPFS_NODE) == 0, 582 ("shadowed tmpfs v_object %p", object)); 583 if (!VM_OBJECT_TRYWLOCK(robject)) { 584 /* 585 * Avoid a potential deadlock. 586 */ 587 object->ref_count++; 588 VM_OBJECT_WUNLOCK(object); 589 /* 590 * More likely than not the thread 591 * holding robject's lock has lower 592 * priority than the current thread. 593 * Let the lower priority thread run. 594 */ 595 pause("vmo_de", 1); 596 continue; 597 } 598 /* 599 * Collapse object into its shadow unless its 600 * shadow is dead. In that case, object will 601 * be deallocated by the thread that is 602 * deallocating its shadow. 603 */ 604 if ((robject->flags & OBJ_DEAD) == 0 && 605 (robject->handle == NULL) && 606 (robject->type == OBJT_DEFAULT || 607 robject->type == OBJT_SWAP)) { 608 609 robject->ref_count++; 610 retry: 611 if (robject->paging_in_progress) { 612 VM_OBJECT_WUNLOCK(object); 613 vm_object_pip_wait(robject, 614 "objde1"); 615 temp = robject->backing_object; 616 if (object == temp) { 617 VM_OBJECT_WLOCK(object); 618 goto retry; 619 } 620 } else if (object->paging_in_progress) { 621 VM_OBJECT_WUNLOCK(robject); 622 object->flags |= OBJ_PIPWNT; 623 VM_OBJECT_SLEEP(object, object, 624 PDROP | PVM, "objde2", 0); 625 VM_OBJECT_WLOCK(robject); 626 temp = robject->backing_object; 627 if (object == temp) { 628 VM_OBJECT_WLOCK(object); 629 goto retry; 630 } 631 } else 632 VM_OBJECT_WUNLOCK(object); 633 634 if (robject->ref_count == 1) { 635 robject->ref_count--; 636 object = robject; 637 goto doterm; 638 } 639 object = robject; 640 vm_object_collapse(object); 641 VM_OBJECT_WUNLOCK(object); 642 continue; 643 } 644 VM_OBJECT_WUNLOCK(robject); 645 } 646 VM_OBJECT_WUNLOCK(object); 647 return; 648 } 649 doterm: 650 temp = object->backing_object; 651 if (temp != NULL) { 652 KASSERT((object->flags & OBJ_TMPFS_NODE) == 0, 653 ("shadowed tmpfs v_object 2 %p", object)); 654 VM_OBJECT_WLOCK(temp); 655 LIST_REMOVE(object, shadow_list); 656 temp->shadow_count--; 657 VM_OBJECT_WUNLOCK(temp); 658 object->backing_object = NULL; 659 } 660 /* 661 * Don't double-terminate, we could be in a termination 662 * recursion due to the terminate having to sync data 663 * to disk. 664 */ 665 if ((object->flags & OBJ_DEAD) == 0) 666 vm_object_terminate(object); 667 else 668 VM_OBJECT_WUNLOCK(object); 669 object = temp; 670 } 671 } 672 673 /* 674 * vm_object_destroy removes the object from the global object list 675 * and frees the space for the object. 676 */ 677 void 678 vm_object_destroy(vm_object_t object) 679 { 680 681 /* 682 * Release the allocation charge. 683 */ 684 if (object->cred != NULL) { 685 swap_release_by_cred(object->charge, object->cred); 686 object->charge = 0; 687 crfree(object->cred); 688 object->cred = NULL; 689 } 690 691 /* 692 * Free the space for the object. 693 */ 694 uma_zfree(obj_zone, object); 695 } 696 697 /* 698 * vm_object_terminate actually destroys the specified object, freeing 699 * up all previously used resources. 700 * 701 * The object must be locked. 702 * This routine may block. 703 */ 704 void 705 vm_object_terminate(vm_object_t object) 706 { 707 vm_page_t p, p_next; 708 709 VM_OBJECT_ASSERT_WLOCKED(object); 710 711 /* 712 * Make sure no one uses us. 713 */ 714 vm_object_set_flag(object, OBJ_DEAD); 715 716 /* 717 * wait for the pageout daemon to be done with the object 718 */ 719 vm_object_pip_wait(object, "objtrm"); 720 721 KASSERT(!object->paging_in_progress, 722 ("vm_object_terminate: pageout in progress")); 723 724 /* 725 * Clean and free the pages, as appropriate. All references to the 726 * object are gone, so we don't need to lock it. 727 */ 728 if (object->type == OBJT_VNODE) { 729 struct vnode *vp = (struct vnode *)object->handle; 730 731 /* 732 * Clean pages and flush buffers. 733 */ 734 vm_object_page_clean(object, 0, 0, OBJPC_SYNC); 735 VM_OBJECT_WUNLOCK(object); 736 737 vinvalbuf(vp, V_SAVE, 0, 0); 738 739 VM_OBJECT_WLOCK(object); 740 } 741 742 KASSERT(object->ref_count == 0, 743 ("vm_object_terminate: object with references, ref_count=%d", 744 object->ref_count)); 745 746 /* 747 * Free any remaining pageable pages. This also removes them from the 748 * paging queues. However, don't free wired pages, just remove them 749 * from the object. Rather than incrementally removing each page from 750 * the object, the page and object are reset to any empty state. 751 */ 752 TAILQ_FOREACH_SAFE(p, &object->memq, listq, p_next) { 753 vm_page_assert_unbusied(p); 754 vm_page_lock(p); 755 /* 756 * Optimize the page's removal from the object by resetting 757 * its "object" field. Specifically, if the page is not 758 * wired, then the effect of this assignment is that 759 * vm_page_free()'s call to vm_page_remove() will return 760 * immediately without modifying the page or the object. 761 */ 762 p->object = NULL; 763 if (p->wire_count == 0) { 764 vm_page_free(p); 765 PCPU_INC(cnt.v_pfree); 766 } 767 vm_page_unlock(p); 768 } 769 /* 770 * If the object contained any pages, then reset it to an empty state. 771 * None of the object's fields, including "resident_page_count", were 772 * modified by the preceding loop. 773 */ 774 if (object->resident_page_count != 0) { 775 vm_radix_reclaim_allnodes(&object->rtree); 776 TAILQ_INIT(&object->memq); 777 object->resident_page_count = 0; 778 if (object->type == OBJT_VNODE) 779 vdrop(object->handle); 780 } 781 782 #if VM_NRESERVLEVEL > 0 783 if (__predict_false(!LIST_EMPTY(&object->rvq))) 784 vm_reserv_break_all(object); 785 #endif 786 if (__predict_false(!vm_object_cache_is_empty(object))) 787 vm_page_cache_free(object, 0, 0); 788 789 KASSERT(object->cred == NULL || object->type == OBJT_DEFAULT || 790 object->type == OBJT_SWAP, 791 ("%s: non-swap obj %p has cred", __func__, object)); 792 793 /* 794 * Let the pager know object is dead. 795 */ 796 vm_pager_deallocate(object); 797 VM_OBJECT_WUNLOCK(object); 798 799 vm_object_destroy(object); 800 } 801 802 /* 803 * Make the page read-only so that we can clear the object flags. However, if 804 * this is a nosync mmap then the object is likely to stay dirty so do not 805 * mess with the page and do not clear the object flags. Returns TRUE if the 806 * page should be flushed, and FALSE otherwise. 807 */ 808 static boolean_t 809 vm_object_page_remove_write(vm_page_t p, int flags, boolean_t *clearobjflags) 810 { 811 812 /* 813 * If we have been asked to skip nosync pages and this is a 814 * nosync page, skip it. Note that the object flags were not 815 * cleared in this case so we do not have to set them. 816 */ 817 if ((flags & OBJPC_NOSYNC) != 0 && (p->oflags & VPO_NOSYNC) != 0) { 818 *clearobjflags = FALSE; 819 return (FALSE); 820 } else { 821 pmap_remove_write(p); 822 return (p->dirty != 0); 823 } 824 } 825 826 /* 827 * vm_object_page_clean 828 * 829 * Clean all dirty pages in the specified range of object. Leaves page 830 * on whatever queue it is currently on. If NOSYNC is set then do not 831 * write out pages with VPO_NOSYNC set (originally comes from MAP_NOSYNC), 832 * leaving the object dirty. 833 * 834 * When stuffing pages asynchronously, allow clustering. XXX we need a 835 * synchronous clustering mode implementation. 836 * 837 * Odd semantics: if start == end, we clean everything. 838 * 839 * The object must be locked. 840 * 841 * Returns FALSE if some page from the range was not written, as 842 * reported by the pager, and TRUE otherwise. 843 */ 844 boolean_t 845 vm_object_page_clean(vm_object_t object, vm_ooffset_t start, vm_ooffset_t end, 846 int flags) 847 { 848 vm_page_t np, p; 849 vm_pindex_t pi, tend, tstart; 850 int curgeneration, n, pagerflags; 851 boolean_t clearobjflags, eio, res; 852 853 VM_OBJECT_ASSERT_WLOCKED(object); 854 855 /* 856 * The OBJ_MIGHTBEDIRTY flag is only set for OBJT_VNODE 857 * objects. The check below prevents the function from 858 * operating on non-vnode objects. 859 */ 860 if ((object->flags & OBJ_MIGHTBEDIRTY) == 0 || 861 object->resident_page_count == 0) 862 return (TRUE); 863 864 pagerflags = (flags & (OBJPC_SYNC | OBJPC_INVAL)) != 0 ? 865 VM_PAGER_PUT_SYNC : VM_PAGER_CLUSTER_OK; 866 pagerflags |= (flags & OBJPC_INVAL) != 0 ? VM_PAGER_PUT_INVAL : 0; 867 868 tstart = OFF_TO_IDX(start); 869 tend = (end == 0) ? object->size : OFF_TO_IDX(end + PAGE_MASK); 870 clearobjflags = tstart == 0 && tend >= object->size; 871 res = TRUE; 872 873 rescan: 874 curgeneration = object->generation; 875 876 for (p = vm_page_find_least(object, tstart); p != NULL; p = np) { 877 pi = p->pindex; 878 if (pi >= tend) 879 break; 880 np = TAILQ_NEXT(p, listq); 881 if (p->valid == 0) 882 continue; 883 if (vm_page_sleep_if_busy(p, "vpcwai")) { 884 if (object->generation != curgeneration) { 885 if ((flags & OBJPC_SYNC) != 0) 886 goto rescan; 887 else 888 clearobjflags = FALSE; 889 } 890 np = vm_page_find_least(object, pi); 891 continue; 892 } 893 if (!vm_object_page_remove_write(p, flags, &clearobjflags)) 894 continue; 895 896 n = vm_object_page_collect_flush(object, p, pagerflags, 897 flags, &clearobjflags, &eio); 898 if (eio) { 899 res = FALSE; 900 clearobjflags = FALSE; 901 } 902 if (object->generation != curgeneration) { 903 if ((flags & OBJPC_SYNC) != 0) 904 goto rescan; 905 else 906 clearobjflags = FALSE; 907 } 908 909 /* 910 * If the VOP_PUTPAGES() did a truncated write, so 911 * that even the first page of the run is not fully 912 * written, vm_pageout_flush() returns 0 as the run 913 * length. Since the condition that caused truncated 914 * write may be permanent, e.g. exhausted free space, 915 * accepting n == 0 would cause an infinite loop. 916 * 917 * Forwarding the iterator leaves the unwritten page 918 * behind, but there is not much we can do there if 919 * filesystem refuses to write it. 920 */ 921 if (n == 0) { 922 n = 1; 923 clearobjflags = FALSE; 924 } 925 np = vm_page_find_least(object, pi + n); 926 } 927 #if 0 928 VOP_FSYNC(vp, (pagerflags & VM_PAGER_PUT_SYNC) ? MNT_WAIT : 0); 929 #endif 930 931 if (clearobjflags) 932 vm_object_clear_flag(object, OBJ_MIGHTBEDIRTY); 933 return (res); 934 } 935 936 static int 937 vm_object_page_collect_flush(vm_object_t object, vm_page_t p, int pagerflags, 938 int flags, boolean_t *clearobjflags, boolean_t *eio) 939 { 940 vm_page_t ma[vm_pageout_page_count], p_first, tp; 941 int count, i, mreq, runlen; 942 943 vm_page_lock_assert(p, MA_NOTOWNED); 944 VM_OBJECT_ASSERT_WLOCKED(object); 945 946 count = 1; 947 mreq = 0; 948 949 for (tp = p; count < vm_pageout_page_count; count++) { 950 tp = vm_page_next(tp); 951 if (tp == NULL || vm_page_busied(tp)) 952 break; 953 if (!vm_object_page_remove_write(tp, flags, clearobjflags)) 954 break; 955 } 956 957 for (p_first = p; count < vm_pageout_page_count; count++) { 958 tp = vm_page_prev(p_first); 959 if (tp == NULL || vm_page_busied(tp)) 960 break; 961 if (!vm_object_page_remove_write(tp, flags, clearobjflags)) 962 break; 963 p_first = tp; 964 mreq++; 965 } 966 967 for (tp = p_first, i = 0; i < count; tp = TAILQ_NEXT(tp, listq), i++) 968 ma[i] = tp; 969 970 vm_pageout_flush(ma, count, pagerflags, mreq, &runlen, eio); 971 return (runlen); 972 } 973 974 /* 975 * Note that there is absolutely no sense in writing out 976 * anonymous objects, so we track down the vnode object 977 * to write out. 978 * We invalidate (remove) all pages from the address space 979 * for semantic correctness. 980 * 981 * If the backing object is a device object with unmanaged pages, then any 982 * mappings to the specified range of pages must be removed before this 983 * function is called. 984 * 985 * Note: certain anonymous maps, such as MAP_NOSYNC maps, 986 * may start out with a NULL object. 987 */ 988 boolean_t 989 vm_object_sync(vm_object_t object, vm_ooffset_t offset, vm_size_t size, 990 boolean_t syncio, boolean_t invalidate) 991 { 992 vm_object_t backing_object; 993 struct vnode *vp; 994 struct mount *mp; 995 int error, flags, fsync_after; 996 boolean_t res; 997 998 if (object == NULL) 999 return (TRUE); 1000 res = TRUE; 1001 error = 0; 1002 VM_OBJECT_WLOCK(object); 1003 while ((backing_object = object->backing_object) != NULL) { 1004 VM_OBJECT_WLOCK(backing_object); 1005 offset += object->backing_object_offset; 1006 VM_OBJECT_WUNLOCK(object); 1007 object = backing_object; 1008 if (object->size < OFF_TO_IDX(offset + size)) 1009 size = IDX_TO_OFF(object->size) - offset; 1010 } 1011 /* 1012 * Flush pages if writing is allowed, invalidate them 1013 * if invalidation requested. Pages undergoing I/O 1014 * will be ignored by vm_object_page_remove(). 1015 * 1016 * We cannot lock the vnode and then wait for paging 1017 * to complete without deadlocking against vm_fault. 1018 * Instead we simply call vm_object_page_remove() and 1019 * allow it to block internally on a page-by-page 1020 * basis when it encounters pages undergoing async 1021 * I/O. 1022 */ 1023 if (object->type == OBJT_VNODE && 1024 (object->flags & OBJ_MIGHTBEDIRTY) != 0) { 1025 vp = object->handle; 1026 VM_OBJECT_WUNLOCK(object); 1027 (void) vn_start_write(vp, &mp, V_WAIT); 1028 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 1029 if (syncio && !invalidate && offset == 0 && 1030 OFF_TO_IDX(size) == object->size) { 1031 /* 1032 * If syncing the whole mapping of the file, 1033 * it is faster to schedule all the writes in 1034 * async mode, also allowing the clustering, 1035 * and then wait for i/o to complete. 1036 */ 1037 flags = 0; 1038 fsync_after = TRUE; 1039 } else { 1040 flags = (syncio || invalidate) ? OBJPC_SYNC : 0; 1041 flags |= invalidate ? (OBJPC_SYNC | OBJPC_INVAL) : 0; 1042 fsync_after = FALSE; 1043 } 1044 VM_OBJECT_WLOCK(object); 1045 res = vm_object_page_clean(object, offset, offset + size, 1046 flags); 1047 VM_OBJECT_WUNLOCK(object); 1048 if (fsync_after) 1049 error = VOP_FSYNC(vp, MNT_WAIT, curthread); 1050 VOP_UNLOCK(vp, 0); 1051 vn_finished_write(mp); 1052 if (error != 0) 1053 res = FALSE; 1054 VM_OBJECT_WLOCK(object); 1055 } 1056 if ((object->type == OBJT_VNODE || 1057 object->type == OBJT_DEVICE) && invalidate) { 1058 if (object->type == OBJT_DEVICE) 1059 /* 1060 * The option OBJPR_NOTMAPPED must be passed here 1061 * because vm_object_page_remove() cannot remove 1062 * unmanaged mappings. 1063 */ 1064 flags = OBJPR_NOTMAPPED; 1065 else if (old_msync) 1066 flags = 0; 1067 else 1068 flags = OBJPR_CLEANONLY; 1069 vm_object_page_remove(object, OFF_TO_IDX(offset), 1070 OFF_TO_IDX(offset + size + PAGE_MASK), flags); 1071 } 1072 VM_OBJECT_WUNLOCK(object); 1073 return (res); 1074 } 1075 1076 /* 1077 * vm_object_madvise: 1078 * 1079 * Implements the madvise function at the object/page level. 1080 * 1081 * MADV_WILLNEED (any object) 1082 * 1083 * Activate the specified pages if they are resident. 1084 * 1085 * MADV_DONTNEED (any object) 1086 * 1087 * Deactivate the specified pages if they are resident. 1088 * 1089 * MADV_FREE (OBJT_DEFAULT/OBJT_SWAP objects, 1090 * OBJ_ONEMAPPING only) 1091 * 1092 * Deactivate and clean the specified pages if they are 1093 * resident. This permits the process to reuse the pages 1094 * without faulting or the kernel to reclaim the pages 1095 * without I/O. 1096 */ 1097 void 1098 vm_object_madvise(vm_object_t object, vm_pindex_t pindex, vm_pindex_t end, 1099 int advise) 1100 { 1101 vm_pindex_t tpindex; 1102 vm_object_t backing_object, tobject; 1103 vm_page_t m; 1104 1105 if (object == NULL) 1106 return; 1107 VM_OBJECT_WLOCK(object); 1108 /* 1109 * Locate and adjust resident pages 1110 */ 1111 for (; pindex < end; pindex += 1) { 1112 relookup: 1113 tobject = object; 1114 tpindex = pindex; 1115 shadowlookup: 1116 /* 1117 * MADV_FREE only operates on OBJT_DEFAULT or OBJT_SWAP pages 1118 * and those pages must be OBJ_ONEMAPPING. 1119 */ 1120 if (advise == MADV_FREE) { 1121 if ((tobject->type != OBJT_DEFAULT && 1122 tobject->type != OBJT_SWAP) || 1123 (tobject->flags & OBJ_ONEMAPPING) == 0) { 1124 goto unlock_tobject; 1125 } 1126 } else if ((tobject->flags & OBJ_UNMANAGED) != 0) 1127 goto unlock_tobject; 1128 m = vm_page_lookup(tobject, tpindex); 1129 if (m == NULL && advise == MADV_WILLNEED) { 1130 /* 1131 * If the page is cached, reactivate it. 1132 */ 1133 m = vm_page_alloc(tobject, tpindex, VM_ALLOC_IFCACHED | 1134 VM_ALLOC_NOBUSY); 1135 } 1136 if (m == NULL) { 1137 /* 1138 * There may be swap even if there is no backing page 1139 */ 1140 if (advise == MADV_FREE && tobject->type == OBJT_SWAP) 1141 swap_pager_freespace(tobject, tpindex, 1); 1142 /* 1143 * next object 1144 */ 1145 backing_object = tobject->backing_object; 1146 if (backing_object == NULL) 1147 goto unlock_tobject; 1148 VM_OBJECT_WLOCK(backing_object); 1149 tpindex += OFF_TO_IDX(tobject->backing_object_offset); 1150 if (tobject != object) 1151 VM_OBJECT_WUNLOCK(tobject); 1152 tobject = backing_object; 1153 goto shadowlookup; 1154 } else if (m->valid != VM_PAGE_BITS_ALL) 1155 goto unlock_tobject; 1156 /* 1157 * If the page is not in a normal state, skip it. 1158 */ 1159 vm_page_lock(m); 1160 if (m->hold_count != 0 || m->wire_count != 0) { 1161 vm_page_unlock(m); 1162 goto unlock_tobject; 1163 } 1164 KASSERT((m->flags & PG_FICTITIOUS) == 0, 1165 ("vm_object_madvise: page %p is fictitious", m)); 1166 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 1167 ("vm_object_madvise: page %p is not managed", m)); 1168 if (vm_page_busied(m)) { 1169 if (advise == MADV_WILLNEED) { 1170 /* 1171 * Reference the page before unlocking and 1172 * sleeping so that the page daemon is less 1173 * likely to reclaim it. 1174 */ 1175 vm_page_aflag_set(m, PGA_REFERENCED); 1176 } 1177 if (object != tobject) 1178 VM_OBJECT_WUNLOCK(object); 1179 VM_OBJECT_WUNLOCK(tobject); 1180 vm_page_busy_sleep(m, "madvpo"); 1181 VM_OBJECT_WLOCK(object); 1182 goto relookup; 1183 } 1184 if (advise == MADV_WILLNEED) { 1185 vm_page_activate(m); 1186 } else { 1187 vm_page_advise(m, advise); 1188 } 1189 vm_page_unlock(m); 1190 if (advise == MADV_FREE && tobject->type == OBJT_SWAP) 1191 swap_pager_freespace(tobject, tpindex, 1); 1192 unlock_tobject: 1193 if (tobject != object) 1194 VM_OBJECT_WUNLOCK(tobject); 1195 } 1196 VM_OBJECT_WUNLOCK(object); 1197 } 1198 1199 /* 1200 * vm_object_shadow: 1201 * 1202 * Create a new object which is backed by the 1203 * specified existing object range. The source 1204 * object reference is deallocated. 1205 * 1206 * The new object and offset into that object 1207 * are returned in the source parameters. 1208 */ 1209 void 1210 vm_object_shadow( 1211 vm_object_t *object, /* IN/OUT */ 1212 vm_ooffset_t *offset, /* IN/OUT */ 1213 vm_size_t length) 1214 { 1215 vm_object_t source; 1216 vm_object_t result; 1217 1218 source = *object; 1219 1220 /* 1221 * Don't create the new object if the old object isn't shared. 1222 */ 1223 if (source != NULL) { 1224 VM_OBJECT_WLOCK(source); 1225 if (source->ref_count == 1 && 1226 source->handle == NULL && 1227 (source->type == OBJT_DEFAULT || 1228 source->type == OBJT_SWAP)) { 1229 VM_OBJECT_WUNLOCK(source); 1230 return; 1231 } 1232 VM_OBJECT_WUNLOCK(source); 1233 } 1234 1235 /* 1236 * Allocate a new object with the given length. 1237 */ 1238 result = vm_object_allocate(OBJT_DEFAULT, atop(length)); 1239 1240 /* 1241 * The new object shadows the source object, adding a reference to it. 1242 * Our caller changes his reference to point to the new object, 1243 * removing a reference to the source object. Net result: no change 1244 * of reference count. 1245 * 1246 * Try to optimize the result object's page color when shadowing 1247 * in order to maintain page coloring consistency in the combined 1248 * shadowed object. 1249 */ 1250 result->backing_object = source; 1251 /* 1252 * Store the offset into the source object, and fix up the offset into 1253 * the new object. 1254 */ 1255 result->backing_object_offset = *offset; 1256 if (source != NULL) { 1257 VM_OBJECT_WLOCK(source); 1258 LIST_INSERT_HEAD(&source->shadow_head, result, shadow_list); 1259 source->shadow_count++; 1260 #if VM_NRESERVLEVEL > 0 1261 result->flags |= source->flags & OBJ_COLORED; 1262 result->pg_color = (source->pg_color + OFF_TO_IDX(*offset)) & 1263 ((1 << (VM_NFREEORDER - 1)) - 1); 1264 #endif 1265 VM_OBJECT_WUNLOCK(source); 1266 } 1267 1268 1269 /* 1270 * Return the new things 1271 */ 1272 *offset = 0; 1273 *object = result; 1274 } 1275 1276 /* 1277 * vm_object_split: 1278 * 1279 * Split the pages in a map entry into a new object. This affords 1280 * easier removal of unused pages, and keeps object inheritance from 1281 * being a negative impact on memory usage. 1282 */ 1283 void 1284 vm_object_split(vm_map_entry_t entry) 1285 { 1286 vm_page_t m, m_next; 1287 vm_object_t orig_object, new_object, source; 1288 vm_pindex_t idx, offidxstart; 1289 vm_size_t size; 1290 1291 orig_object = entry->object.vm_object; 1292 if (orig_object->type != OBJT_DEFAULT && orig_object->type != OBJT_SWAP) 1293 return; 1294 if (orig_object->ref_count <= 1) 1295 return; 1296 VM_OBJECT_WUNLOCK(orig_object); 1297 1298 offidxstart = OFF_TO_IDX(entry->offset); 1299 size = atop(entry->end - entry->start); 1300 1301 /* 1302 * If swap_pager_copy() is later called, it will convert new_object 1303 * into a swap object. 1304 */ 1305 new_object = vm_object_allocate(OBJT_DEFAULT, size); 1306 1307 /* 1308 * At this point, the new object is still private, so the order in 1309 * which the original and new objects are locked does not matter. 1310 */ 1311 VM_OBJECT_WLOCK(new_object); 1312 VM_OBJECT_WLOCK(orig_object); 1313 source = orig_object->backing_object; 1314 if (source != NULL) { 1315 VM_OBJECT_WLOCK(source); 1316 if ((source->flags & OBJ_DEAD) != 0) { 1317 VM_OBJECT_WUNLOCK(source); 1318 VM_OBJECT_WUNLOCK(orig_object); 1319 VM_OBJECT_WUNLOCK(new_object); 1320 vm_object_deallocate(new_object); 1321 VM_OBJECT_WLOCK(orig_object); 1322 return; 1323 } 1324 LIST_INSERT_HEAD(&source->shadow_head, 1325 new_object, shadow_list); 1326 source->shadow_count++; 1327 vm_object_reference_locked(source); /* for new_object */ 1328 vm_object_clear_flag(source, OBJ_ONEMAPPING); 1329 VM_OBJECT_WUNLOCK(source); 1330 new_object->backing_object_offset = 1331 orig_object->backing_object_offset + entry->offset; 1332 new_object->backing_object = source; 1333 } 1334 if (orig_object->cred != NULL) { 1335 new_object->cred = orig_object->cred; 1336 crhold(orig_object->cred); 1337 new_object->charge = ptoa(size); 1338 KASSERT(orig_object->charge >= ptoa(size), 1339 ("orig_object->charge < 0")); 1340 orig_object->charge -= ptoa(size); 1341 } 1342 retry: 1343 m = vm_page_find_least(orig_object, offidxstart); 1344 for (; m != NULL && (idx = m->pindex - offidxstart) < size; 1345 m = m_next) { 1346 m_next = TAILQ_NEXT(m, listq); 1347 1348 /* 1349 * We must wait for pending I/O to complete before we can 1350 * rename the page. 1351 * 1352 * We do not have to VM_PROT_NONE the page as mappings should 1353 * not be changed by this operation. 1354 */ 1355 if (vm_page_busied(m)) { 1356 VM_OBJECT_WUNLOCK(new_object); 1357 vm_page_lock(m); 1358 VM_OBJECT_WUNLOCK(orig_object); 1359 vm_page_busy_sleep(m, "spltwt"); 1360 VM_OBJECT_WLOCK(orig_object); 1361 VM_OBJECT_WLOCK(new_object); 1362 goto retry; 1363 } 1364 1365 /* vm_page_rename() will handle dirty and cache. */ 1366 if (vm_page_rename(m, new_object, idx)) { 1367 VM_OBJECT_WUNLOCK(new_object); 1368 VM_OBJECT_WUNLOCK(orig_object); 1369 VM_WAIT; 1370 VM_OBJECT_WLOCK(orig_object); 1371 VM_OBJECT_WLOCK(new_object); 1372 goto retry; 1373 } 1374 #if VM_NRESERVLEVEL > 0 1375 /* 1376 * If some of the reservation's allocated pages remain with 1377 * the original object, then transferring the reservation to 1378 * the new object is neither particularly beneficial nor 1379 * particularly harmful as compared to leaving the reservation 1380 * with the original object. If, however, all of the 1381 * reservation's allocated pages are transferred to the new 1382 * object, then transferring the reservation is typically 1383 * beneficial. Determining which of these two cases applies 1384 * would be more costly than unconditionally renaming the 1385 * reservation. 1386 */ 1387 vm_reserv_rename(m, new_object, orig_object, offidxstart); 1388 #endif 1389 if (orig_object->type == OBJT_SWAP) 1390 vm_page_xbusy(m); 1391 } 1392 if (orig_object->type == OBJT_SWAP) { 1393 /* 1394 * swap_pager_copy() can sleep, in which case the orig_object's 1395 * and new_object's locks are released and reacquired. 1396 */ 1397 swap_pager_copy(orig_object, new_object, offidxstart, 0); 1398 TAILQ_FOREACH(m, &new_object->memq, listq) 1399 vm_page_xunbusy(m); 1400 1401 /* 1402 * Transfer any cached pages from orig_object to new_object. 1403 * If swap_pager_copy() found swapped out pages within the 1404 * specified range of orig_object, then it changed 1405 * new_object's type to OBJT_SWAP when it transferred those 1406 * pages to new_object. Otherwise, new_object's type 1407 * should still be OBJT_DEFAULT and orig_object should not 1408 * contain any cached pages within the specified range. 1409 */ 1410 if (__predict_false(!vm_object_cache_is_empty(orig_object))) 1411 vm_page_cache_transfer(orig_object, offidxstart, 1412 new_object); 1413 } 1414 VM_OBJECT_WUNLOCK(orig_object); 1415 VM_OBJECT_WUNLOCK(new_object); 1416 entry->object.vm_object = new_object; 1417 entry->offset = 0LL; 1418 vm_object_deallocate(orig_object); 1419 VM_OBJECT_WLOCK(new_object); 1420 } 1421 1422 #define OBSC_TEST_ALL_SHADOWED 0x0001 1423 #define OBSC_COLLAPSE_NOWAIT 0x0002 1424 #define OBSC_COLLAPSE_WAIT 0x0004 1425 1426 static int 1427 vm_object_backing_scan(vm_object_t object, int op) 1428 { 1429 int r = 1; 1430 vm_page_t p; 1431 vm_object_t backing_object; 1432 vm_pindex_t backing_offset_index; 1433 1434 VM_OBJECT_ASSERT_WLOCKED(object); 1435 VM_OBJECT_ASSERT_WLOCKED(object->backing_object); 1436 1437 backing_object = object->backing_object; 1438 backing_offset_index = OFF_TO_IDX(object->backing_object_offset); 1439 1440 /* 1441 * Initial conditions 1442 */ 1443 if (op & OBSC_TEST_ALL_SHADOWED) { 1444 /* 1445 * We do not want to have to test for the existence of cache 1446 * or swap pages in the backing object. XXX but with the 1447 * new swapper this would be pretty easy to do. 1448 * 1449 * XXX what about anonymous MAP_SHARED memory that hasn't 1450 * been ZFOD faulted yet? If we do not test for this, the 1451 * shadow test may succeed! XXX 1452 */ 1453 if (backing_object->type != OBJT_DEFAULT) { 1454 return (0); 1455 } 1456 } 1457 if (op & OBSC_COLLAPSE_WAIT) { 1458 vm_object_set_flag(backing_object, OBJ_DEAD); 1459 } 1460 1461 /* 1462 * Our scan 1463 */ 1464 p = TAILQ_FIRST(&backing_object->memq); 1465 while (p) { 1466 vm_page_t next = TAILQ_NEXT(p, listq); 1467 vm_pindex_t new_pindex = p->pindex - backing_offset_index; 1468 1469 if (op & OBSC_TEST_ALL_SHADOWED) { 1470 vm_page_t pp; 1471 1472 /* 1473 * Ignore pages outside the parent object's range 1474 * and outside the parent object's mapping of the 1475 * backing object. 1476 * 1477 * note that we do not busy the backing object's 1478 * page. 1479 */ 1480 if ( 1481 p->pindex < backing_offset_index || 1482 new_pindex >= object->size 1483 ) { 1484 p = next; 1485 continue; 1486 } 1487 1488 /* 1489 * See if the parent has the page or if the parent's 1490 * object pager has the page. If the parent has the 1491 * page but the page is not valid, the parent's 1492 * object pager must have the page. 1493 * 1494 * If this fails, the parent does not completely shadow 1495 * the object and we might as well give up now. 1496 */ 1497 1498 pp = vm_page_lookup(object, new_pindex); 1499 if ( 1500 (pp == NULL || pp->valid == 0) && 1501 !vm_pager_has_page(object, new_pindex, NULL, NULL) 1502 ) { 1503 r = 0; 1504 break; 1505 } 1506 } 1507 1508 /* 1509 * Check for busy page 1510 */ 1511 if (op & (OBSC_COLLAPSE_WAIT | OBSC_COLLAPSE_NOWAIT)) { 1512 vm_page_t pp; 1513 1514 if (op & OBSC_COLLAPSE_NOWAIT) { 1515 if (!p->valid || vm_page_busied(p)) { 1516 p = next; 1517 continue; 1518 } 1519 } else if (op & OBSC_COLLAPSE_WAIT) { 1520 if (vm_page_busied(p)) { 1521 VM_OBJECT_WUNLOCK(object); 1522 vm_page_lock(p); 1523 VM_OBJECT_WUNLOCK(backing_object); 1524 vm_page_busy_sleep(p, "vmocol"); 1525 VM_OBJECT_WLOCK(object); 1526 VM_OBJECT_WLOCK(backing_object); 1527 /* 1528 * If we slept, anything could have 1529 * happened. Since the object is 1530 * marked dead, the backing offset 1531 * should not have changed so we 1532 * just restart our scan. 1533 */ 1534 p = TAILQ_FIRST(&backing_object->memq); 1535 continue; 1536 } 1537 } 1538 1539 KASSERT( 1540 p->object == backing_object, 1541 ("vm_object_backing_scan: object mismatch") 1542 ); 1543 1544 if ( 1545 p->pindex < backing_offset_index || 1546 new_pindex >= object->size 1547 ) { 1548 if (backing_object->type == OBJT_SWAP) 1549 swap_pager_freespace(backing_object, 1550 p->pindex, 1); 1551 1552 /* 1553 * Page is out of the parent object's range, we 1554 * can simply destroy it. 1555 */ 1556 vm_page_lock(p); 1557 KASSERT(!pmap_page_is_mapped(p), 1558 ("freeing mapped page %p", p)); 1559 if (p->wire_count == 0) 1560 vm_page_free(p); 1561 else 1562 vm_page_remove(p); 1563 vm_page_unlock(p); 1564 p = next; 1565 continue; 1566 } 1567 1568 pp = vm_page_lookup(object, new_pindex); 1569 if ( 1570 (op & OBSC_COLLAPSE_NOWAIT) != 0 && 1571 (pp != NULL && pp->valid == 0) 1572 ) { 1573 if (backing_object->type == OBJT_SWAP) 1574 swap_pager_freespace(backing_object, 1575 p->pindex, 1); 1576 1577 /* 1578 * The page in the parent is not (yet) valid. 1579 * We don't know anything about the state of 1580 * the original page. It might be mapped, 1581 * so we must avoid the next if here. 1582 * 1583 * This is due to a race in vm_fault() where 1584 * we must unbusy the original (backing_obj) 1585 * page before we can (re)lock the parent. 1586 * Hence we can get here. 1587 */ 1588 p = next; 1589 continue; 1590 } 1591 if ( 1592 pp != NULL || 1593 vm_pager_has_page(object, new_pindex, NULL, NULL) 1594 ) { 1595 if (backing_object->type == OBJT_SWAP) 1596 swap_pager_freespace(backing_object, 1597 p->pindex, 1); 1598 1599 /* 1600 * page already exists in parent OR swap exists 1601 * for this location in the parent. Destroy 1602 * the original page from the backing object. 1603 * 1604 * Leave the parent's page alone 1605 */ 1606 vm_page_lock(p); 1607 KASSERT(!pmap_page_is_mapped(p), 1608 ("freeing mapped page %p", p)); 1609 if (p->wire_count == 0) 1610 vm_page_free(p); 1611 else 1612 vm_page_remove(p); 1613 vm_page_unlock(p); 1614 p = next; 1615 continue; 1616 } 1617 1618 /* 1619 * Page does not exist in parent, rename the 1620 * page from the backing object to the main object. 1621 * 1622 * If the page was mapped to a process, it can remain 1623 * mapped through the rename. 1624 * vm_page_rename() will handle dirty and cache. 1625 */ 1626 if (vm_page_rename(p, object, new_pindex)) { 1627 if (op & OBSC_COLLAPSE_NOWAIT) { 1628 p = next; 1629 continue; 1630 } 1631 VM_OBJECT_WUNLOCK(backing_object); 1632 VM_OBJECT_WUNLOCK(object); 1633 VM_WAIT; 1634 VM_OBJECT_WLOCK(object); 1635 VM_OBJECT_WLOCK(backing_object); 1636 p = TAILQ_FIRST(&backing_object->memq); 1637 continue; 1638 } 1639 1640 /* Use the old pindex to free the right page. */ 1641 if (backing_object->type == OBJT_SWAP) 1642 swap_pager_freespace(backing_object, 1643 new_pindex + backing_offset_index, 1); 1644 1645 #if VM_NRESERVLEVEL > 0 1646 /* 1647 * Rename the reservation. 1648 */ 1649 vm_reserv_rename(p, object, backing_object, 1650 backing_offset_index); 1651 #endif 1652 } 1653 p = next; 1654 } 1655 return (r); 1656 } 1657 1658 1659 /* 1660 * this version of collapse allows the operation to occur earlier and 1661 * when paging_in_progress is true for an object... This is not a complete 1662 * operation, but should plug 99.9% of the rest of the leaks. 1663 */ 1664 static void 1665 vm_object_qcollapse(vm_object_t object) 1666 { 1667 vm_object_t backing_object = object->backing_object; 1668 1669 VM_OBJECT_ASSERT_WLOCKED(object); 1670 VM_OBJECT_ASSERT_WLOCKED(backing_object); 1671 1672 if (backing_object->ref_count != 1) 1673 return; 1674 1675 vm_object_backing_scan(object, OBSC_COLLAPSE_NOWAIT); 1676 } 1677 1678 /* 1679 * vm_object_collapse: 1680 * 1681 * Collapse an object with the object backing it. 1682 * Pages in the backing object are moved into the 1683 * parent, and the backing object is deallocated. 1684 */ 1685 void 1686 vm_object_collapse(vm_object_t object) 1687 { 1688 VM_OBJECT_ASSERT_WLOCKED(object); 1689 1690 while (TRUE) { 1691 vm_object_t backing_object; 1692 1693 /* 1694 * Verify that the conditions are right for collapse: 1695 * 1696 * The object exists and the backing object exists. 1697 */ 1698 if ((backing_object = object->backing_object) == NULL) 1699 break; 1700 1701 /* 1702 * we check the backing object first, because it is most likely 1703 * not collapsable. 1704 */ 1705 VM_OBJECT_WLOCK(backing_object); 1706 if (backing_object->handle != NULL || 1707 (backing_object->type != OBJT_DEFAULT && 1708 backing_object->type != OBJT_SWAP) || 1709 (backing_object->flags & OBJ_DEAD) || 1710 object->handle != NULL || 1711 (object->type != OBJT_DEFAULT && 1712 object->type != OBJT_SWAP) || 1713 (object->flags & OBJ_DEAD)) { 1714 VM_OBJECT_WUNLOCK(backing_object); 1715 break; 1716 } 1717 1718 if ( 1719 object->paging_in_progress != 0 || 1720 backing_object->paging_in_progress != 0 1721 ) { 1722 vm_object_qcollapse(object); 1723 VM_OBJECT_WUNLOCK(backing_object); 1724 break; 1725 } 1726 /* 1727 * We know that we can either collapse the backing object (if 1728 * the parent is the only reference to it) or (perhaps) have 1729 * the parent bypass the object if the parent happens to shadow 1730 * all the resident pages in the entire backing object. 1731 * 1732 * This is ignoring pager-backed pages such as swap pages. 1733 * vm_object_backing_scan fails the shadowing test in this 1734 * case. 1735 */ 1736 if (backing_object->ref_count == 1) { 1737 /* 1738 * If there is exactly one reference to the backing 1739 * object, we can collapse it into the parent. 1740 */ 1741 vm_object_backing_scan(object, OBSC_COLLAPSE_WAIT); 1742 1743 #if VM_NRESERVLEVEL > 0 1744 /* 1745 * Break any reservations from backing_object. 1746 */ 1747 if (__predict_false(!LIST_EMPTY(&backing_object->rvq))) 1748 vm_reserv_break_all(backing_object); 1749 #endif 1750 1751 /* 1752 * Move the pager from backing_object to object. 1753 */ 1754 if (backing_object->type == OBJT_SWAP) { 1755 /* 1756 * swap_pager_copy() can sleep, in which case 1757 * the backing_object's and object's locks are 1758 * released and reacquired. 1759 * Since swap_pager_copy() is being asked to 1760 * destroy the source, it will change the 1761 * backing_object's type to OBJT_DEFAULT. 1762 */ 1763 swap_pager_copy( 1764 backing_object, 1765 object, 1766 OFF_TO_IDX(object->backing_object_offset), TRUE); 1767 1768 /* 1769 * Free any cached pages from backing_object. 1770 */ 1771 if (__predict_false( 1772 !vm_object_cache_is_empty(backing_object))) 1773 vm_page_cache_free(backing_object, 0, 0); 1774 } 1775 /* 1776 * Object now shadows whatever backing_object did. 1777 * Note that the reference to 1778 * backing_object->backing_object moves from within 1779 * backing_object to within object. 1780 */ 1781 LIST_REMOVE(object, shadow_list); 1782 backing_object->shadow_count--; 1783 if (backing_object->backing_object) { 1784 VM_OBJECT_WLOCK(backing_object->backing_object); 1785 LIST_REMOVE(backing_object, shadow_list); 1786 LIST_INSERT_HEAD( 1787 &backing_object->backing_object->shadow_head, 1788 object, shadow_list); 1789 /* 1790 * The shadow_count has not changed. 1791 */ 1792 VM_OBJECT_WUNLOCK(backing_object->backing_object); 1793 } 1794 object->backing_object = backing_object->backing_object; 1795 object->backing_object_offset += 1796 backing_object->backing_object_offset; 1797 1798 /* 1799 * Discard backing_object. 1800 * 1801 * Since the backing object has no pages, no pager left, 1802 * and no object references within it, all that is 1803 * necessary is to dispose of it. 1804 */ 1805 KASSERT(backing_object->ref_count == 1, ( 1806 "backing_object %p was somehow re-referenced during collapse!", 1807 backing_object)); 1808 backing_object->type = OBJT_DEAD; 1809 backing_object->ref_count = 0; 1810 VM_OBJECT_WUNLOCK(backing_object); 1811 vm_object_destroy(backing_object); 1812 1813 object_collapses++; 1814 } else { 1815 vm_object_t new_backing_object; 1816 1817 /* 1818 * If we do not entirely shadow the backing object, 1819 * there is nothing we can do so we give up. 1820 */ 1821 if (object->resident_page_count != object->size && 1822 vm_object_backing_scan(object, 1823 OBSC_TEST_ALL_SHADOWED) == 0) { 1824 VM_OBJECT_WUNLOCK(backing_object); 1825 break; 1826 } 1827 1828 /* 1829 * Make the parent shadow the next object in the 1830 * chain. Deallocating backing_object will not remove 1831 * it, since its reference count is at least 2. 1832 */ 1833 LIST_REMOVE(object, shadow_list); 1834 backing_object->shadow_count--; 1835 1836 new_backing_object = backing_object->backing_object; 1837 if ((object->backing_object = new_backing_object) != NULL) { 1838 VM_OBJECT_WLOCK(new_backing_object); 1839 LIST_INSERT_HEAD( 1840 &new_backing_object->shadow_head, 1841 object, 1842 shadow_list 1843 ); 1844 new_backing_object->shadow_count++; 1845 vm_object_reference_locked(new_backing_object); 1846 VM_OBJECT_WUNLOCK(new_backing_object); 1847 object->backing_object_offset += 1848 backing_object->backing_object_offset; 1849 } 1850 1851 /* 1852 * Drop the reference count on backing_object. Since 1853 * its ref_count was at least 2, it will not vanish. 1854 */ 1855 backing_object->ref_count--; 1856 VM_OBJECT_WUNLOCK(backing_object); 1857 object_bypasses++; 1858 } 1859 1860 /* 1861 * Try again with this object's new backing object. 1862 */ 1863 } 1864 } 1865 1866 /* 1867 * vm_object_page_remove: 1868 * 1869 * For the given object, either frees or invalidates each of the 1870 * specified pages. In general, a page is freed. However, if a page is 1871 * wired for any reason other than the existence of a managed, wired 1872 * mapping, then it may be invalidated but not removed from the object. 1873 * Pages are specified by the given range ["start", "end") and the option 1874 * OBJPR_CLEANONLY. As a special case, if "end" is zero, then the range 1875 * extends from "start" to the end of the object. If the option 1876 * OBJPR_CLEANONLY is specified, then only the non-dirty pages within the 1877 * specified range are affected. If the option OBJPR_NOTMAPPED is 1878 * specified, then the pages within the specified range must have no 1879 * mappings. Otherwise, if this option is not specified, any mappings to 1880 * the specified pages are removed before the pages are freed or 1881 * invalidated. 1882 * 1883 * In general, this operation should only be performed on objects that 1884 * contain managed pages. There are, however, two exceptions. First, it 1885 * is performed on the kernel and kmem objects by vm_map_entry_delete(). 1886 * Second, it is used by msync(..., MS_INVALIDATE) to invalidate device- 1887 * backed pages. In both of these cases, the option OBJPR_CLEANONLY must 1888 * not be specified and the option OBJPR_NOTMAPPED must be specified. 1889 * 1890 * The object must be locked. 1891 */ 1892 void 1893 vm_object_page_remove(vm_object_t object, vm_pindex_t start, vm_pindex_t end, 1894 int options) 1895 { 1896 vm_page_t p, next; 1897 1898 VM_OBJECT_ASSERT_WLOCKED(object); 1899 KASSERT((object->flags & OBJ_UNMANAGED) == 0 || 1900 (options & (OBJPR_CLEANONLY | OBJPR_NOTMAPPED)) == OBJPR_NOTMAPPED, 1901 ("vm_object_page_remove: illegal options for object %p", object)); 1902 if (object->resident_page_count == 0) 1903 goto skipmemq; 1904 vm_object_pip_add(object, 1); 1905 again: 1906 p = vm_page_find_least(object, start); 1907 1908 /* 1909 * Here, the variable "p" is either (1) the page with the least pindex 1910 * greater than or equal to the parameter "start" or (2) NULL. 1911 */ 1912 for (; p != NULL && (p->pindex < end || end == 0); p = next) { 1913 next = TAILQ_NEXT(p, listq); 1914 1915 /* 1916 * If the page is wired for any reason besides the existence 1917 * of managed, wired mappings, then it cannot be freed. For 1918 * example, fictitious pages, which represent device memory, 1919 * are inherently wired and cannot be freed. They can, 1920 * however, be invalidated if the option OBJPR_CLEANONLY is 1921 * not specified. 1922 */ 1923 vm_page_lock(p); 1924 if (vm_page_xbusied(p)) { 1925 VM_OBJECT_WUNLOCK(object); 1926 vm_page_busy_sleep(p, "vmopax"); 1927 VM_OBJECT_WLOCK(object); 1928 goto again; 1929 } 1930 if (p->wire_count != 0) { 1931 if ((options & OBJPR_NOTMAPPED) == 0) 1932 pmap_remove_all(p); 1933 if ((options & OBJPR_CLEANONLY) == 0) { 1934 p->valid = 0; 1935 vm_page_undirty(p); 1936 } 1937 goto next; 1938 } 1939 if (vm_page_busied(p)) { 1940 VM_OBJECT_WUNLOCK(object); 1941 vm_page_busy_sleep(p, "vmopar"); 1942 VM_OBJECT_WLOCK(object); 1943 goto again; 1944 } 1945 KASSERT((p->flags & PG_FICTITIOUS) == 0, 1946 ("vm_object_page_remove: page %p is fictitious", p)); 1947 if ((options & OBJPR_CLEANONLY) != 0 && p->valid != 0) { 1948 if ((options & OBJPR_NOTMAPPED) == 0) 1949 pmap_remove_write(p); 1950 if (p->dirty) 1951 goto next; 1952 } 1953 if ((options & OBJPR_NOTMAPPED) == 0) 1954 pmap_remove_all(p); 1955 vm_page_free(p); 1956 next: 1957 vm_page_unlock(p); 1958 } 1959 vm_object_pip_wakeup(object); 1960 skipmemq: 1961 if (__predict_false(!vm_object_cache_is_empty(object))) 1962 vm_page_cache_free(object, start, end); 1963 } 1964 1965 /* 1966 * vm_object_page_cache: 1967 * 1968 * For the given object, attempt to move the specified clean 1969 * pages to the cache queue. If a page is wired for any reason, 1970 * then it will not be changed. Pages are specified by the given 1971 * range ["start", "end"). As a special case, if "end" is zero, 1972 * then the range extends from "start" to the end of the object. 1973 * Any mappings to the specified pages are removed before the 1974 * pages are moved to the cache queue. 1975 * 1976 * This operation should only be performed on objects that 1977 * contain non-fictitious, managed pages. 1978 * 1979 * The object must be locked. 1980 */ 1981 void 1982 vm_object_page_cache(vm_object_t object, vm_pindex_t start, vm_pindex_t end) 1983 { 1984 struct mtx *mtx, *new_mtx; 1985 vm_page_t p, next; 1986 1987 VM_OBJECT_ASSERT_WLOCKED(object); 1988 KASSERT((object->flags & (OBJ_FICTITIOUS | OBJ_UNMANAGED)) == 0, 1989 ("vm_object_page_cache: illegal object %p", object)); 1990 if (object->resident_page_count == 0) 1991 return; 1992 p = vm_page_find_least(object, start); 1993 1994 /* 1995 * Here, the variable "p" is either (1) the page with the least pindex 1996 * greater than or equal to the parameter "start" or (2) NULL. 1997 */ 1998 mtx = NULL; 1999 for (; p != NULL && (p->pindex < end || end == 0); p = next) { 2000 next = TAILQ_NEXT(p, listq); 2001 2002 /* 2003 * Avoid releasing and reacquiring the same page lock. 2004 */ 2005 new_mtx = vm_page_lockptr(p); 2006 if (mtx != new_mtx) { 2007 if (mtx != NULL) 2008 mtx_unlock(mtx); 2009 mtx = new_mtx; 2010 mtx_lock(mtx); 2011 } 2012 vm_page_try_to_cache(p); 2013 } 2014 if (mtx != NULL) 2015 mtx_unlock(mtx); 2016 } 2017 2018 /* 2019 * Populate the specified range of the object with valid pages. Returns 2020 * TRUE if the range is successfully populated and FALSE otherwise. 2021 * 2022 * Note: This function should be optimized to pass a larger array of 2023 * pages to vm_pager_get_pages() before it is applied to a non- 2024 * OBJT_DEVICE object. 2025 * 2026 * The object must be locked. 2027 */ 2028 boolean_t 2029 vm_object_populate(vm_object_t object, vm_pindex_t start, vm_pindex_t end) 2030 { 2031 vm_page_t m, ma[1]; 2032 vm_pindex_t pindex; 2033 int rv; 2034 2035 VM_OBJECT_ASSERT_WLOCKED(object); 2036 for (pindex = start; pindex < end; pindex++) { 2037 m = vm_page_grab(object, pindex, VM_ALLOC_NORMAL); 2038 if (m->valid != VM_PAGE_BITS_ALL) { 2039 ma[0] = m; 2040 rv = vm_pager_get_pages(object, ma, 1, 0); 2041 m = vm_page_lookup(object, pindex); 2042 if (m == NULL) 2043 break; 2044 if (rv != VM_PAGER_OK) { 2045 vm_page_lock(m); 2046 vm_page_free(m); 2047 vm_page_unlock(m); 2048 break; 2049 } 2050 } 2051 /* 2052 * Keep "m" busy because a subsequent iteration may unlock 2053 * the object. 2054 */ 2055 } 2056 if (pindex > start) { 2057 m = vm_page_lookup(object, start); 2058 while (m != NULL && m->pindex < pindex) { 2059 vm_page_xunbusy(m); 2060 m = TAILQ_NEXT(m, listq); 2061 } 2062 } 2063 return (pindex == end); 2064 } 2065 2066 /* 2067 * Routine: vm_object_coalesce 2068 * Function: Coalesces two objects backing up adjoining 2069 * regions of memory into a single object. 2070 * 2071 * returns TRUE if objects were combined. 2072 * 2073 * NOTE: Only works at the moment if the second object is NULL - 2074 * if it's not, which object do we lock first? 2075 * 2076 * Parameters: 2077 * prev_object First object to coalesce 2078 * prev_offset Offset into prev_object 2079 * prev_size Size of reference to prev_object 2080 * next_size Size of reference to the second object 2081 * reserved Indicator that extension region has 2082 * swap accounted for 2083 * 2084 * Conditions: 2085 * The object must *not* be locked. 2086 */ 2087 boolean_t 2088 vm_object_coalesce(vm_object_t prev_object, vm_ooffset_t prev_offset, 2089 vm_size_t prev_size, vm_size_t next_size, boolean_t reserved) 2090 { 2091 vm_pindex_t next_pindex; 2092 2093 if (prev_object == NULL) 2094 return (TRUE); 2095 VM_OBJECT_WLOCK(prev_object); 2096 if ((prev_object->type != OBJT_DEFAULT && 2097 prev_object->type != OBJT_SWAP) || 2098 (prev_object->flags & OBJ_TMPFS_NODE) != 0) { 2099 VM_OBJECT_WUNLOCK(prev_object); 2100 return (FALSE); 2101 } 2102 2103 /* 2104 * Try to collapse the object first 2105 */ 2106 vm_object_collapse(prev_object); 2107 2108 /* 2109 * Can't coalesce if: . more than one reference . paged out . shadows 2110 * another object . has a copy elsewhere (any of which mean that the 2111 * pages not mapped to prev_entry may be in use anyway) 2112 */ 2113 if (prev_object->backing_object != NULL) { 2114 VM_OBJECT_WUNLOCK(prev_object); 2115 return (FALSE); 2116 } 2117 2118 prev_size >>= PAGE_SHIFT; 2119 next_size >>= PAGE_SHIFT; 2120 next_pindex = OFF_TO_IDX(prev_offset) + prev_size; 2121 2122 if ((prev_object->ref_count > 1) && 2123 (prev_object->size != next_pindex)) { 2124 VM_OBJECT_WUNLOCK(prev_object); 2125 return (FALSE); 2126 } 2127 2128 /* 2129 * Account for the charge. 2130 */ 2131 if (prev_object->cred != NULL) { 2132 2133 /* 2134 * If prev_object was charged, then this mapping, 2135 * althought not charged now, may become writable 2136 * later. Non-NULL cred in the object would prevent 2137 * swap reservation during enabling of the write 2138 * access, so reserve swap now. Failed reservation 2139 * cause allocation of the separate object for the map 2140 * entry, and swap reservation for this entry is 2141 * managed in appropriate time. 2142 */ 2143 if (!reserved && !swap_reserve_by_cred(ptoa(next_size), 2144 prev_object->cred)) { 2145 return (FALSE); 2146 } 2147 prev_object->charge += ptoa(next_size); 2148 } 2149 2150 /* 2151 * Remove any pages that may still be in the object from a previous 2152 * deallocation. 2153 */ 2154 if (next_pindex < prev_object->size) { 2155 vm_object_page_remove(prev_object, next_pindex, next_pindex + 2156 next_size, 0); 2157 if (prev_object->type == OBJT_SWAP) 2158 swap_pager_freespace(prev_object, 2159 next_pindex, next_size); 2160 #if 0 2161 if (prev_object->cred != NULL) { 2162 KASSERT(prev_object->charge >= 2163 ptoa(prev_object->size - next_pindex), 2164 ("object %p overcharged 1 %jx %jx", prev_object, 2165 (uintmax_t)next_pindex, (uintmax_t)next_size)); 2166 prev_object->charge -= ptoa(prev_object->size - 2167 next_pindex); 2168 } 2169 #endif 2170 } 2171 2172 /* 2173 * Extend the object if necessary. 2174 */ 2175 if (next_pindex + next_size > prev_object->size) 2176 prev_object->size = next_pindex + next_size; 2177 2178 VM_OBJECT_WUNLOCK(prev_object); 2179 return (TRUE); 2180 } 2181 2182 void 2183 vm_object_set_writeable_dirty(vm_object_t object) 2184 { 2185 2186 VM_OBJECT_ASSERT_WLOCKED(object); 2187 if (object->type != OBJT_VNODE) { 2188 if ((object->flags & OBJ_TMPFS_NODE) != 0) { 2189 KASSERT(object->type == OBJT_SWAP, ("non-swap tmpfs")); 2190 vm_object_set_flag(object, OBJ_TMPFS_DIRTY); 2191 } 2192 return; 2193 } 2194 object->generation++; 2195 if ((object->flags & OBJ_MIGHTBEDIRTY) != 0) 2196 return; 2197 vm_object_set_flag(object, OBJ_MIGHTBEDIRTY); 2198 } 2199 2200 /* 2201 * vm_object_unwire: 2202 * 2203 * For each page offset within the specified range of the given object, 2204 * find the highest-level page in the shadow chain and unwire it. A page 2205 * must exist at every page offset, and the highest-level page must be 2206 * wired. 2207 */ 2208 void 2209 vm_object_unwire(vm_object_t object, vm_ooffset_t offset, vm_size_t length, 2210 uint8_t queue) 2211 { 2212 vm_object_t tobject; 2213 vm_page_t m, tm; 2214 vm_pindex_t end_pindex, pindex, tpindex; 2215 int depth, locked_depth; 2216 2217 KASSERT((offset & PAGE_MASK) == 0, 2218 ("vm_object_unwire: offset is not page aligned")); 2219 KASSERT((length & PAGE_MASK) == 0, 2220 ("vm_object_unwire: length is not a multiple of PAGE_SIZE")); 2221 /* The wired count of a fictitious page never changes. */ 2222 if ((object->flags & OBJ_FICTITIOUS) != 0) 2223 return; 2224 pindex = OFF_TO_IDX(offset); 2225 end_pindex = pindex + atop(length); 2226 locked_depth = 1; 2227 VM_OBJECT_RLOCK(object); 2228 m = vm_page_find_least(object, pindex); 2229 while (pindex < end_pindex) { 2230 if (m == NULL || pindex < m->pindex) { 2231 /* 2232 * The first object in the shadow chain doesn't 2233 * contain a page at the current index. Therefore, 2234 * the page must exist in a backing object. 2235 */ 2236 tobject = object; 2237 tpindex = pindex; 2238 depth = 0; 2239 do { 2240 tpindex += 2241 OFF_TO_IDX(tobject->backing_object_offset); 2242 tobject = tobject->backing_object; 2243 KASSERT(tobject != NULL, 2244 ("vm_object_unwire: missing page")); 2245 if ((tobject->flags & OBJ_FICTITIOUS) != 0) 2246 goto next_page; 2247 depth++; 2248 if (depth == locked_depth) { 2249 locked_depth++; 2250 VM_OBJECT_RLOCK(tobject); 2251 } 2252 } while ((tm = vm_page_lookup(tobject, tpindex)) == 2253 NULL); 2254 } else { 2255 tm = m; 2256 m = TAILQ_NEXT(m, listq); 2257 } 2258 vm_page_lock(tm); 2259 vm_page_unwire(tm, queue); 2260 vm_page_unlock(tm); 2261 next_page: 2262 pindex++; 2263 } 2264 /* Release the accumulated object locks. */ 2265 for (depth = 0; depth < locked_depth; depth++) { 2266 tobject = object->backing_object; 2267 VM_OBJECT_RUNLOCK(object); 2268 object = tobject; 2269 } 2270 } 2271 2272 #include "opt_ddb.h" 2273 #ifdef DDB 2274 #include <sys/kernel.h> 2275 2276 #include <sys/cons.h> 2277 2278 #include <ddb/ddb.h> 2279 2280 static int 2281 _vm_object_in_map(vm_map_t map, vm_object_t object, vm_map_entry_t entry) 2282 { 2283 vm_map_t tmpm; 2284 vm_map_entry_t tmpe; 2285 vm_object_t obj; 2286 int entcount; 2287 2288 if (map == 0) 2289 return 0; 2290 2291 if (entry == 0) { 2292 tmpe = map->header.next; 2293 entcount = map->nentries; 2294 while (entcount-- && (tmpe != &map->header)) { 2295 if (_vm_object_in_map(map, object, tmpe)) { 2296 return 1; 2297 } 2298 tmpe = tmpe->next; 2299 } 2300 } else if (entry->eflags & MAP_ENTRY_IS_SUB_MAP) { 2301 tmpm = entry->object.sub_map; 2302 tmpe = tmpm->header.next; 2303 entcount = tmpm->nentries; 2304 while (entcount-- && tmpe != &tmpm->header) { 2305 if (_vm_object_in_map(tmpm, object, tmpe)) { 2306 return 1; 2307 } 2308 tmpe = tmpe->next; 2309 } 2310 } else if ((obj = entry->object.vm_object) != NULL) { 2311 for (; obj; obj = obj->backing_object) 2312 if (obj == object) { 2313 return 1; 2314 } 2315 } 2316 return 0; 2317 } 2318 2319 static int 2320 vm_object_in_map(vm_object_t object) 2321 { 2322 struct proc *p; 2323 2324 /* sx_slock(&allproc_lock); */ 2325 FOREACH_PROC_IN_SYSTEM(p) { 2326 if (!p->p_vmspace /* || (p->p_flag & (P_SYSTEM|P_WEXIT)) */) 2327 continue; 2328 if (_vm_object_in_map(&p->p_vmspace->vm_map, object, 0)) { 2329 /* sx_sunlock(&allproc_lock); */ 2330 return 1; 2331 } 2332 } 2333 /* sx_sunlock(&allproc_lock); */ 2334 if (_vm_object_in_map(kernel_map, object, 0)) 2335 return 1; 2336 return 0; 2337 } 2338 2339 DB_SHOW_COMMAND(vmochk, vm_object_check) 2340 { 2341 vm_object_t object; 2342 2343 /* 2344 * make sure that internal objs are in a map somewhere 2345 * and none have zero ref counts. 2346 */ 2347 TAILQ_FOREACH(object, &vm_object_list, object_list) { 2348 if (object->handle == NULL && 2349 (object->type == OBJT_DEFAULT || object->type == OBJT_SWAP)) { 2350 if (object->ref_count == 0) { 2351 db_printf("vmochk: internal obj has zero ref count: %ld\n", 2352 (long)object->size); 2353 } 2354 if (!vm_object_in_map(object)) { 2355 db_printf( 2356 "vmochk: internal obj is not in a map: " 2357 "ref: %d, size: %lu: 0x%lx, backing_object: %p\n", 2358 object->ref_count, (u_long)object->size, 2359 (u_long)object->size, 2360 (void *)object->backing_object); 2361 } 2362 } 2363 } 2364 } 2365 2366 /* 2367 * vm_object_print: [ debug ] 2368 */ 2369 DB_SHOW_COMMAND(object, vm_object_print_static) 2370 { 2371 /* XXX convert args. */ 2372 vm_object_t object = (vm_object_t)addr; 2373 boolean_t full = have_addr; 2374 2375 vm_page_t p; 2376 2377 /* XXX count is an (unused) arg. Avoid shadowing it. */ 2378 #define count was_count 2379 2380 int count; 2381 2382 if (object == NULL) 2383 return; 2384 2385 db_iprintf( 2386 "Object %p: type=%d, size=0x%jx, res=%d, ref=%d, flags=0x%x ruid %d charge %jx\n", 2387 object, (int)object->type, (uintmax_t)object->size, 2388 object->resident_page_count, object->ref_count, object->flags, 2389 object->cred ? object->cred->cr_ruid : -1, (uintmax_t)object->charge); 2390 db_iprintf(" sref=%d, backing_object(%d)=(%p)+0x%jx\n", 2391 object->shadow_count, 2392 object->backing_object ? object->backing_object->ref_count : 0, 2393 object->backing_object, (uintmax_t)object->backing_object_offset); 2394 2395 if (!full) 2396 return; 2397 2398 db_indent += 2; 2399 count = 0; 2400 TAILQ_FOREACH(p, &object->memq, listq) { 2401 if (count == 0) 2402 db_iprintf("memory:="); 2403 else if (count == 6) { 2404 db_printf("\n"); 2405 db_iprintf(" ..."); 2406 count = 0; 2407 } else 2408 db_printf(","); 2409 count++; 2410 2411 db_printf("(off=0x%jx,page=0x%jx)", 2412 (uintmax_t)p->pindex, (uintmax_t)VM_PAGE_TO_PHYS(p)); 2413 } 2414 if (count != 0) 2415 db_printf("\n"); 2416 db_indent -= 2; 2417 } 2418 2419 /* XXX. */ 2420 #undef count 2421 2422 /* XXX need this non-static entry for calling from vm_map_print. */ 2423 void 2424 vm_object_print( 2425 /* db_expr_t */ long addr, 2426 boolean_t have_addr, 2427 /* db_expr_t */ long count, 2428 char *modif) 2429 { 2430 vm_object_print_static(addr, have_addr, count, modif); 2431 } 2432 2433 DB_SHOW_COMMAND(vmopag, vm_object_print_pages) 2434 { 2435 vm_object_t object; 2436 vm_pindex_t fidx; 2437 vm_paddr_t pa; 2438 vm_page_t m, prev_m; 2439 int rcount, nl, c; 2440 2441 nl = 0; 2442 TAILQ_FOREACH(object, &vm_object_list, object_list) { 2443 db_printf("new object: %p\n", (void *)object); 2444 if (nl > 18) { 2445 c = cngetc(); 2446 if (c != ' ') 2447 return; 2448 nl = 0; 2449 } 2450 nl++; 2451 rcount = 0; 2452 fidx = 0; 2453 pa = -1; 2454 TAILQ_FOREACH(m, &object->memq, listq) { 2455 if (m->pindex > 128) 2456 break; 2457 if ((prev_m = TAILQ_PREV(m, pglist, listq)) != NULL && 2458 prev_m->pindex + 1 != m->pindex) { 2459 if (rcount) { 2460 db_printf(" index(%ld)run(%d)pa(0x%lx)\n", 2461 (long)fidx, rcount, (long)pa); 2462 if (nl > 18) { 2463 c = cngetc(); 2464 if (c != ' ') 2465 return; 2466 nl = 0; 2467 } 2468 nl++; 2469 rcount = 0; 2470 } 2471 } 2472 if (rcount && 2473 (VM_PAGE_TO_PHYS(m) == pa + rcount * PAGE_SIZE)) { 2474 ++rcount; 2475 continue; 2476 } 2477 if (rcount) { 2478 db_printf(" index(%ld)run(%d)pa(0x%lx)\n", 2479 (long)fidx, rcount, (long)pa); 2480 if (nl > 18) { 2481 c = cngetc(); 2482 if (c != ' ') 2483 return; 2484 nl = 0; 2485 } 2486 nl++; 2487 } 2488 fidx = m->pindex; 2489 pa = VM_PAGE_TO_PHYS(m); 2490 rcount = 1; 2491 } 2492 if (rcount) { 2493 db_printf(" index(%ld)run(%d)pa(0x%lx)\n", 2494 (long)fidx, rcount, (long)pa); 2495 if (nl > 18) { 2496 c = cngetc(); 2497 if (c != ' ') 2498 return; 2499 nl = 0; 2500 } 2501 nl++; 2502 } 2503 } 2504 } 2505 #endif /* DDB */
Cache object: f64949263e90f2ed45760543bfa0bfc1
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]