Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/vm/vm_object.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* 2 * Mach Operating System 3 * Copyright (c) 1993-1987 Carnegie Mellon University 4 * All Rights Reserved. 5 * 6 * Permission to use, copy, modify and distribute this software and its 7 * documentation is hereby granted, provided that both the copyright 8 * notice and this permission notice appear in all copies of the 9 * software, derivative works or modified versions, and any portions 10 * thereof, and that both notices appear in supporting documentation. 11 * 12 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" 13 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR 14 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. 15 * 16 * Carnegie Mellon requests users of this software to return to 17 * 18 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU 19 * School of Computer Science 20 * Carnegie Mellon University 21 * Pittsburgh PA 15213-3890 22 * 23 * any improvements or extensions that they make and grant Carnegie Mellon 24 * the rights to redistribute these changes. 25 */ 26 /* 27 * HISTORY 28 * $Log: vm_object.c,v $ 29 * Revision 2.38 93/11/17 18:56:09 dbg 30 * Made vm_object_page_map mark a page in error if the mapping 31 * routine returns -1. 32 * [93/05/24 dbg] 33 * 34 * Revision 2.37 93/01/14 18:01:42 danner 35 * Added ANSI function prototypes. 36 * [92/12/30 dbg] 37 * 64bit cleanup. 38 * [92/12/01 af] 39 * 40 * Revision 2.36 92/08/03 18:01:47 jfriedl 41 * removed silly prototypes 42 * [92/08/02 jfriedl] 43 * 44 * Revision 2.35 92/05/21 17:26:23 jfriedl 45 * Cleanup to quiet gcc warnings. 46 * [92/05/16 jfriedl] 47 * 48 * Revision 2.34 92/04/01 19:37:41 rpd 49 * Fixed vm_object_pager_wakeup to use ip_active. From dlb. 50 * [92/03/22 rpd] 51 * 52 * Revision 2.33 92/03/10 16:30:12 jsb 53 * Fix to NORMA_VM pager_name merge. 54 * [92/03/10 13:45:01 jsb] 55 * 56 * Merged in NORMA_VM strategy for pager_name ports. 57 * Should one day reconcile the jsb and rpd schemes. 58 * [92/03/10 08:17:32 jsb] 59 * 60 * Added new NORMA_VM changes. 61 * [92/03/06 16:35:19 jsb] 62 * 63 * (Naively) handle temporary objects in vm_object_copy_strategically. 64 * This now happens because of new MEMORY_OBJECT_COPY_TEMPORARY option. 65 * [92/03/06 16:22:17 jsb] 66 * 67 * Use IKOT_PAGER_TERMINATING to solve terminate/init race. 68 * Includes fixes from David Black. 69 * [92/03/06 16:15:41 jsb] 70 * 71 * Changes for object->pager_request now being a pager_request_t. 72 * [92/03/06 15:20:07 jsb] 73 * 74 * Removed old NORMA_VM stuff. 75 * [92/03/06 14:37:19 jsb] 76 * 77 * Revision 2.32 92/03/04 20:26:49 rpd 78 * Fixed the most blatant errors in vm_object_copy_call. 79 * [92/03/04 17:52:30 jsb] 80 * 81 * Revision 2.31 92/03/01 15:16:01 rpd 82 * Fixed vm_object_copy_temporary to only set shadowed 83 * if symmetric copy-on-write is used. From dlb. 84 * [92/03/01 rpd] 85 * 86 * Revision 2.30 92/02/23 19:51:09 elf 87 * Remove dest_wired logic from vm_object_copy_slowly. 88 * [92/02/21 10:16:35 dlb] 89 * 90 * Maintain shadowed field in objects for use by new 91 * VM_INHERIT_SHARE code (vm_map_fork). Restore old 92 * interface to vm_object_pmap_protect. 93 * [92/02/19 14:28:12 dlb] 94 * 95 * Use use_shared_copy instead of new copy strategy for 96 * temporary objects. 97 * [92/01/07 11:15:53 dlb] 98 * 99 * Add asynchronous copy-on-write logic for temporary objects. 100 * [92/01/06 16:24:59 dlb] 101 * 102 * Revision 2.29 92/02/19 15:10:25 elf 103 * Fixed vm_object_collapse to unlock the object before calling 104 * ipc_port_dealloc_kernel (which might allocate memory). 105 * [92/02/16 rpd] 106 * 107 * Picked up dlb fix for vm_object_copy_slowly, 108 * for when vm_fault_page is interrupted. 109 * [92/02/14 rpd] 110 * 111 * Revision 2.28 92/01/14 16:48:10 rpd 112 * Fixed vm_object_lookup to use IP_VALID, lock the port, and 113 * allow only IKOT_PAGING_REQUEST, not IKOT_PAGER. 114 * Added vm_object_lookup_name (which uses IKOT_PAGING_NAME). 115 * Removed vm_object_debug. 116 * [91/12/31 rpd] 117 * 118 * Changed vm_object_allocate, vm_object_enter, etc so that 119 * all objects have name ports. Added IKOT_PAGING_NAME. 120 * Split vm_object_init into vm_object_bootstrap and vm_object_init. 121 * [91/12/28 rpd] 122 * 123 * Revision 2.27 91/12/11 08:44:01 jsb 124 * Changed vm_object_coalesce to also check for paging references. 125 * This fixes a problem with page-list map-copy objects. 126 * [91/12/03 rpd] 127 * 128 * Revision 2.26 91/12/10 13:27:07 jsb 129 * Comment out noisy printf. (Avoiding dealloc ...) 130 * [91/12/10 12:50:34 jsb] 131 * 132 * Revision 2.25 91/11/12 11:52:09 rvb 133 * Added simple_lock_pause. 134 * [91/11/12 rpd] 135 * 136 * Revision 2.24 91/08/28 11:18:37 jsb 137 * Handle dirty private pages correctly in vm_object_terminate(). 138 * [91/07/30 14:18:54 dlb] 139 * 140 * single_use --> use_old_pageout in object initialization template. 141 * Support precious pages in vm_object_terminate(). 142 * [91/07/03 14:18:07 dlb] 143 * 144 * Revision 2.23 91/07/31 18:21:27 dbg 145 * Add vm_object_page_map, to attach a set of physical pages to an 146 * object. 147 * [91/07/30 17:26:58 dbg] 148 * 149 * Revision 2.22 91/07/01 08:27:52 jsb 150 * Improved NORMA_VM support, including support for memory_object_create. 151 * [91/06/29 17:06:11 jsb] 152 * 153 * Revision 2.21 91/06/25 11:07:02 rpd 154 * Fixed includes to avoid norma files unless they are really needed. 155 * [91/06/25 rpd] 156 * 157 * Revision 2.20 91/06/25 10:34:11 rpd 158 * Changed memory_object_t to ipc_port_t where appropriate. 159 * Removed extraneous casts. 160 * [91/05/28 rpd] 161 * 162 * Revision 2.19 91/06/17 15:49:25 jsb 163 * Added NORMA_VM support. 164 * [91/06/17 15:28:16 jsb] 165 * 166 * Revision 2.18 91/05/18 14:41:22 rpd 167 * Changed vm_object_deactivate_pages to call vm_page_deactivate 168 * on inactivate pages, because that is no longer a no-op. 169 * [91/04/20 rpd] 170 * 171 * Fixed vm_object_pmap_protect, vm_object_pmap_remove, 172 * vm_object_page_remove, vm_object_copy_call, vm_object_copy_delayed 173 * to check for fictitious pages. 174 * [91/04/10 rpd] 175 * Fixed vm_object_terminate to allow for busy/absent pages. 176 * [91/04/02 rpd] 177 * 178 * Added VM_FAULT_FICTITIOUS_SHORTAGE. 179 * [91/03/29 rpd] 180 * Added vm/memory_object.h. 181 * [91/03/22 rpd] 182 * 183 * Revision 2.17 91/05/14 17:50:19 mrt 184 * Correcting copyright 185 * 186 * Revision 2.16 91/05/08 13:34:59 dbg 187 * Rearrange initialization code in vm_object_enter to clearly 188 * separate 'internal' case (and to avoid a vax GCC bug). 189 * [91/04/17 dbg] 190 * 191 * Revision 2.15 91/03/16 15:06:19 rpd 192 * Changed vm_object_deactivate_pages and vm_object_terminate to 193 * check for busy pages. Changed how vm_object_terminate 194 * interacts with the pageout daemon. 195 * [91/03/12 rpd] 196 * Fixed vm_object_page_remove to be smart about small regions. 197 * [91/03/05 rpd] 198 * Added resume, continuation arguments to vm_fault_page. 199 * Added continuation argument to VM_PAGE_WAIT. 200 * [91/02/05 rpd] 201 * 202 * Revision 2.14 91/02/05 17:59:16 mrt 203 * Changed to new Mach copyright 204 * [91/02/01 16:33:29 mrt] 205 * 206 * Revision 2.13 91/01/08 16:45:32 rpd 207 * Added continuation argument to thread_block. 208 * [90/12/08 rpd] 209 * 210 * Fixed vm_object_terminate to give vm_pageout_page busy pages. 211 * [90/11/22 rpd] 212 * 213 * Changed VM_WAIT to VM_PAGE_WAIT. 214 * [90/11/13 rpd] 215 * 216 * Revision 2.12 90/11/06 18:44:12 rpd 217 * From dlb@osf.org: 218 * If pager initialization is in progress (object->pager_created && 219 * !object->pager_initialized), then vm_object_deallocate must wait 220 * for it to complete before terminating the object. Because anything 221 * can happen in the interim, it must recheck its decision to terminate 222 * after the wait completes. 223 * 224 * Revision 2.11 90/10/12 13:06:24 rpd 225 * In vm_object_copy_slowly, only activate pages returned from 226 * vm_fault_page if they aren't already on a pageout queue. 227 * [90/10/08 rpd] 228 * 229 * Revision 2.10 90/09/09 14:34:20 rpd 230 * Fixed bug in vm_object_copy_slowly. The pages in the new object 231 * should be marked as dirty. 232 * [90/09/08 rpd] 233 * 234 * Revision 2.9 90/06/19 23:02:52 rpd 235 * Picked up vm_submap_object. 236 * [90/06/08 rpd] 237 * 238 * Revision 2.8 90/06/02 15:11:31 rpd 239 * Changed vm_object_collapse_bypass_allowed back to TRUE. 240 * [90/04/22 rpd] 241 * Converted to new IPC. 242 * [90/03/26 23:16:54 rpd] 243 * 244 * Revision 2.7 90/05/29 18:38:57 rwd 245 * Rfr change to reflect change in vm_pageout_page. 246 * [90/04/12 13:48:31 rwd] 247 * 248 * Revision 2.6 90/05/03 15:53:08 dbg 249 * Make vm_object_pmap_protect follow shadow chains if removing all 250 * permissions. Fix check for using pmap_protect on entire range. 251 * [90/04/18 dbg] 252 * 253 * Pass 'flush' argument to vm_pageout_page. 254 * [90/03/28 dbg] 255 * 256 * Revision 2.5 90/02/22 20:06:24 dbg 257 * Add changes from mainline: 258 * 259 * Fix comment on vm_object_delayed. 260 * [89/12/18 dlb] 261 * Revised use of PAGE_WAKEUP macros. Don't clear busy flag when 262 * restarting unlock requests. 263 * [89/12/13 dlb] 264 * Fix locking problems in vm_object_copy_slowly: 265 * 1. Must hold lock on object containing page being copied 266 * from (result_page) object when activating that page. 267 * 2. Fix typo that tried to lock source object twice if 268 * vm_fault_page returned two objects; this rare case 269 * would hang a multiprocessor if it occurred. 270 * [89/12/11 dlb] 271 * 272 * Complete un-optimized overwriting implementation. Move 273 * futuristic implementation here. Clean up and document 274 * copy routines. 275 * [89/08/05 18:01:22 mwyoung] 276 * Add vm_object_pmap_protect() to perform pmap protection 277 * changes more efficiently. 278 * [89/07/07 14:06:34 mwyoung] 279 * Split up vm_object_copy into one part that does not unlock the 280 * object (i.e., does not sleep), and another that may. Also, use 281 * separate routines for each copy strategy. 282 * [89/07/06 18:39:55 mwyoung] 283 * 284 * Revision 2.4 90/01/11 11:47:58 dbg 285 * Use vm_fault_cleanup. 286 * [89/12/13 dbg] 287 * 288 * Fix locking bug in vm_object_copy_slowly. 289 * [89/12/13 dbg] 290 * 291 * Pick up changes from mainline: 292 * Remove size argument from vm_external_destroy. 293 * Add paging_offset to size used in vm_external_create. 294 * Account for existence_info movement in vm_object_collapse. 295 * [89/10/16 15:30:16 af] 296 * 297 * Remove XP conditionals. 298 * Document global variables. 299 * [89/10/10 mwyoung] 300 * 301 * Added initialization for lock_in_progress, lock_restart fields. 302 * [89/08/07 mwyoung] 303 * 304 * Beautify dirty bit handling in vm_object_terminate(). 305 * Don't write back "error" pages in vm_object_terminate(). 306 * [89/04/22 mwyoung] 307 * 308 * Removed vm_object_list, vm_object_count. 309 * [89/08/31 19:45:43 rpd] 310 * 311 * Optimization from NeXT: vm_object_deactivate_pages checks now 312 * that the page is inactive before call vm_page_deactivate. Also, 313 * initialize the last_alloc field in vm_object_template. 314 * [89/08/19 23:46:42 rpd] 315 * 316 * Revision 2.3 89/10/16 15:22:22 rwd 317 * In vm_object_collapse: leave paging_offset zero if the backing 318 * object does not have a pager. 319 * [89/10/12 dbg] 320 * 321 * Revision 2.2 89/09/08 11:28:45 dbg 322 * Add keep_wired parameter to vm_object_copy_slowly to wire new 323 * pages. 324 * [89/07/14 dbg] 325 * 326 * 22-May-89 David Golub (dbg) at Carnegie-Mellon University 327 * Refuse vm_object_pager_create if no default memory manager. 328 * 329 * 28-Apr-89 David Golub (dbg) at Carnegie-Mellon University 330 * Changes for MACH_KERNEL: 331 * . Use port_alloc_internal to simplify port_alloc call. 332 * . Remove non-XP code. 333 * 334 * Revision 2.23 89/04/23 13:25:43 gm0w 335 * Changed assert(!p->busy) to assert(!p->busy || p->absent) in 336 * vm_object_collapse(). Change from jsb/mwyoung. 337 * [89/04/23 gm0w] 338 * 339 * Revision 2.22 89/04/18 21:26:29 mwyoung 340 * Recent history [mwyoung]: 341 * Use hints about pages not in main memory. 342 * Get default memory manager port more carefully, as it 343 * may now be changed after initialization. 344 * Use new event mechanism. 345 * Correct vm_object_destroy() to actually abort requests. 346 * Correct handling of paging offset in vm_object_collapse(). 347 * Condensed history: 348 * Add copy strategy handling, including a routine 349 * (vm_object_copy_slowly() to perform an immediate copy 350 * of a region of an object. [mwyoung] 351 * Restructure the handling of the relationships among memory 352 * objects (the ports), the related fields in the vm_object 353 * structure, and routines that manipulate them [mwyoung]. 354 * Simplify maintenance of the unreferenced-object cache. [mwyoung] 355 * Distinguish internal and temporary attributes. [mwyoung] 356 * Reorganized and documented maintenance of the 357 * vm_object-to-memory_object assocations. [mwyoung] 358 * Improved external memory management interface. [mwyoung] 359 * Several reimplementations/fixes to the object cache 360 * and the port to object translation. [mwyoung, avie, dbg] 361 * Create a cache of objects that have no references 362 * so that their pages remain in memory (inactive). [avie] 363 * Collapse object tree when reference counts drop to one. 364 * Use "paging_in_progress" to prevent collapsing. [dbg] 365 * Split up paging system lock, eliminate SPL handling. 366 * The only uses of vm_object code at interrupt level 367 * uses objects that are only touched at interrupt level. [dbg] 368 * Use "copy object" rather than normal shadows for 369 * permanent objects. [dbg] 370 * Accomodate external pagers [mwyoung, bolosky]. 371 * Allow objects to be coalesced to avoid growing address 372 * maps during sequential allocations. [dbg] 373 * Optimizations and fixes to copy-on-write [avie, mwyoung, dbg]. 374 * Use only one object for all kernel data. [avie] 375 * 376 */ 377 /* 378 * File: vm/vm_object.c 379 * Author: Avadis Tevanian, Jr., Michael Wayne Young 380 * 381 * Virtual memory object module. 382 */ 383 384 #include <norma_vm.h> 385 #include <mach_pagemap.h> 386 387 #if NORMA_VM 388 #include <norma/xmm_server_rename.h> 389 #endif /* NORMA_VM */ 390 391 #include <mach/memory_object.h> 392 #include <mach/memory_object_default.h> 393 #include <mach/memory_object_user.h> 394 #include <mach/vm_param.h> 395 #include <ipc/ipc_port.h> 396 #include <ipc/ipc_space.h> 397 #include <kern/assert.h> 398 #include <kern/kern_io.h> 399 #include <kern/lock.h> 400 #include <kern/memory.h> 401 #include <kern/queue.h> 402 #include <kern/xpr.h> 403 #include <kern/zalloc.h> 404 #include <vm/memory_object.h> 405 #include <vm/vm_fault.h> 406 #include <vm/vm_map.h> 407 #include <vm/vm_object.h> 408 #include <vm/vm_page.h> 409 #include <vm/vm_pageout.h> 410 411 412 void memory_object_release( 413 ipc_port_t pager, 414 pager_request_t pager_request, 415 ipc_port_t pager_name); /* forward */ 416 417 void vm_object_deactivate_pages(vm_object_t); 418 419 /* 420 * Virtual memory objects maintain the actual data 421 * associated with allocated virtual memory. A given 422 * page of memory exists within exactly one object. 423 * 424 * An object is only deallocated when all "references" 425 * are given up. Only one "reference" to a given 426 * region of an object should be writeable. 427 * 428 * Associated with each object is a list of all resident 429 * memory pages belonging to that object; this list is 430 * maintained by the "vm_page" module, but locked by the object's 431 * lock. 432 * 433 * Each object also records the memory object port 434 * that is used by the kernel to request and write 435 * back data (the memory object port, field "pager"), 436 * and the ports provided to the memory manager, the server that 437 * manages that data, to return data and control its 438 * use (the memory object control port, field "pager_request") 439 * and for naming (the memory object name port, field "pager_name"). 440 * 441 * Virtual memory objects are allocated to provide 442 * zero-filled memory (vm_allocate) or map a user-defined 443 * memory object into a virtual address space (vm_map). 444 * 445 * Virtual memory objects that refer to a user-defined 446 * memory object are called "permanent", because all changes 447 * made in virtual memory are reflected back to the 448 * memory manager, which may then store it permanently. 449 * Other virtual memory objects are called "temporary", 450 * meaning that changes need be written back only when 451 * necessary to reclaim pages, and that storage associated 452 * with the object can be discarded once it is no longer 453 * mapped. 454 * 455 * A permanent memory object may be mapped into more 456 * than one virtual address space. Moreover, two threads 457 * may attempt to make the first mapping of a memory 458 * object concurrently. Only one thread is allowed to 459 * complete this mapping; all others wait for the 460 * "pager_initialized" field is asserted, indicating 461 * that the first thread has initialized all of the 462 * necessary fields in the virtual memory object structure. 463 * 464 * The kernel relies on a *default memory manager* to 465 * provide backing storage for the zero-filled virtual 466 * memory objects. The memory object ports associated 467 * with these temporary virtual memory objects are only 468 * generated and passed to the default memory manager 469 * when it becomes necessary. Virtual memory objects 470 * that depend on the default memory manager are called 471 * "internal". The "pager_created" field is provided to 472 * indicate whether these ports have ever been allocated. 473 * 474 * The kernel may also create virtual memory objects to 475 * hold changed pages after a copy-on-write operation. 476 * In this case, the virtual memory object (and its 477 * backing storage -- its memory object) only contain 478 * those pages that have been changed. The "shadow" 479 * field refers to the virtual memory object that contains 480 * the remainder of the contents. The "shadow_offset" 481 * field indicates where in the "shadow" these contents begin. 482 * The "copy" field refers to a virtual memory object 483 * to which changed pages must be copied before changing 484 * this object, in order to implement another form 485 * of copy-on-write optimization. 486 * 487 * The virtual memory object structure also records 488 * the attributes associated with its memory object. 489 * The "pager_ready", "can_persist" and "copy_strategy" 490 * fields represent those attributes. The "cached_list" 491 * field is used in the implementation of the persistence 492 * attribute. 493 * 494 * ZZZ Continue this comment. 495 */ 496 497 zone_t vm_object_zone; /* vm backing store zone */ 498 499 /* 500 * All wired-down kernel memory belongs to a single virtual 501 * memory object (kernel_object) to avoid wasting data structures. 502 */ 503 vm_object_t kernel_object; 504 505 /* 506 * Virtual memory objects that are not referenced by 507 * any address maps, but that are allowed to persist 508 * (an attribute specified by the associated memory manager), 509 * are kept in a queue (vm_object_cached_list). 510 * 511 * When an object from this queue is referenced again, 512 * for example to make another address space mapping, 513 * it must be removed from the queue. That is, the 514 * queue contains *only* objects with zero references. 515 * 516 * The kernel may choose to terminate objects from this 517 * queue in order to reclaim storage. The current policy 518 * is to permit a fixed maximum number of unreferenced 519 * objects (vm_object_cached_max). 520 * 521 * A simple lock (accessed by routines 522 * vm_object_cache_{lock,lock_try,unlock}) governs the 523 * object cache. It must be held when objects are 524 * added to or removed from the cache (in vm_object_terminate). 525 * The routines that acquire a reference to a virtual 526 * memory object based on one of the memory object ports 527 * must also lock the cache. 528 * 529 * Ideally, the object cache should be more isolated 530 * from the reference mechanism, so that the lock need 531 * not be held to make simple references. 532 */ 533 queue_head_t vm_object_cached_list; 534 int vm_object_cached_count; 535 int vm_object_cached_max = 100; /* may be patched*/ 536 537 decl_simple_lock_data(,vm_object_cached_lock_data) 538 539 #define vm_object_cache_lock() \ 540 simple_lock(&vm_object_cached_lock_data) 541 #define vm_object_cache_lock_try() \ 542 simple_lock_try(&vm_object_cached_lock_data) 543 #define vm_object_cache_unlock() \ 544 simple_unlock(&vm_object_cached_lock_data) 545 546 /* 547 * Virtual memory objects are initialized from 548 * a template (see vm_object_allocate). 549 * 550 * When adding a new field to the virtual memory 551 * object structure, be sure to add initialization 552 * (see vm_object_init). 553 */ 554 vm_object_t vm_object_template; 555 556 /* 557 * vm_object_allocate: 558 * 559 * Returns a new object with the given size. 560 */ 561 562 vm_object_t _vm_object_allocate( 563 vm_size_t size) 564 { 565 register vm_object_t object; 566 567 object = (vm_object_t) zalloc(vm_object_zone); 568 569 *object = *vm_object_template; 570 queue_init(&object->memq); 571 vm_object_lock_init(object); 572 object->size = size; 573 574 return object; 575 } 576 577 vm_object_t vm_object_allocate( 578 vm_size_t size) 579 { 580 register vm_object_t object; 581 register ipc_port_t port; 582 583 object = _vm_object_allocate(size); 584 #if !NORMA_VM 585 port = ipc_port_alloc_kernel(); 586 if (port == IP_NULL) 587 panic("vm_object_allocate"); 588 object->pager_name = port; 589 ipc_kobject_set(port, (ipc_kobject_t) object, IKOT_PAGING_NAME); 590 #endif /* !NORMA_VM */ 591 592 return object; 593 } 594 595 /* 596 * vm_object_bootstrap: 597 * 598 * Initialize the VM objects module. 599 */ 600 void vm_object_bootstrap(void) 601 { 602 vm_object_zone = zinit((vm_size_t) sizeof(struct vm_object), 603 round_page(512*1024), 604 round_page(12*1024), 605 FALSE, "objects"); 606 607 queue_init(&vm_object_cached_list); 608 simple_lock_init(&vm_object_cached_lock_data); 609 610 /* 611 * Fill in a template object, for quick initialization 612 */ 613 614 vm_object_template = (vm_object_t) zalloc(vm_object_zone); 615 bzero(vm_object_template, sizeof *vm_object_template); 616 617 vm_object_template->ref_count = 1; 618 vm_object_template->size = 0; 619 vm_object_template->resident_page_count = 0; 620 vm_object_template->copy = VM_OBJECT_NULL; 621 vm_object_template->shadow = VM_OBJECT_NULL; 622 vm_object_template->shadow_offset = (vm_offset_t) 0; 623 624 vm_object_template->pager = IP_NULL; 625 vm_object_template->paging_offset = 0; 626 vm_object_template->pager_request = PAGER_REQUEST_NULL; 627 vm_object_template->pager_name = IP_NULL; 628 629 vm_object_template->pager_created = FALSE; 630 vm_object_template->pager_initialized = FALSE; 631 vm_object_template->pager_ready = FALSE; 632 633 vm_object_template->copy_strategy = MEMORY_OBJECT_COPY_NONE; 634 /* ignored if temporary, will be reset before 635 * permanent object becomes ready */ 636 vm_object_template->use_shared_copy = FALSE; 637 vm_object_template->shadowed = FALSE; 638 639 vm_object_template->absent_count = 0; 640 vm_object_template->all_wanted = 0; /* all bits FALSE */ 641 642 vm_object_template->paging_in_progress = 0; 643 vm_object_template->can_persist = FALSE; 644 vm_object_template->internal = TRUE; 645 vm_object_template->temporary = TRUE; 646 vm_object_template->alive = TRUE; 647 vm_object_template->lock_in_progress = FALSE; 648 vm_object_template->lock_restart = FALSE; 649 vm_object_template->use_old_pageout = TRUE; /* XXX change later */ 650 vm_object_template->last_alloc = (vm_offset_t) 0; 651 652 #if MACH_PAGEMAP 653 vm_object_template->existence_info = VM_EXTERNAL_NULL; 654 #endif /* MACH_PAGEMAP */ 655 656 /* 657 * Initialize the "kernel object" 658 */ 659 660 kernel_object = _vm_object_allocate( 661 VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS); 662 663 /* 664 * Initialize the "submap object". Make it as large as the 665 * kernel object so that no limit is imposed on submap sizes. 666 */ 667 668 vm_submap_object = _vm_object_allocate( 669 VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS); 670 671 #if MACH_PAGEMAP 672 vm_external_module_initialize(); 673 #endif /* MACH_PAGEMAP */ 674 } 675 676 void vm_object_init(void) 677 { 678 #if !NORMA_VM 679 /* 680 * Finish initializing the kernel object. 681 * The submap object doesn't need a name port. 682 */ 683 684 kernel_object->pager_name = ipc_port_alloc_kernel(); 685 ipc_kobject_set(kernel_object->pager_name, 686 (ipc_kobject_t) kernel_object, 687 IKOT_PAGING_NAME); 688 #endif /* !NORMA_VM */ 689 } 690 691 /* 692 * vm_object_reference: 693 * 694 * Gets another reference to the given object. 695 */ 696 void vm_object_reference( 697 register vm_object_t object) 698 { 699 if (object == VM_OBJECT_NULL) 700 return; 701 702 vm_object_lock(object); 703 assert(object->ref_count > 0); 704 object->ref_count++; 705 vm_object_unlock(object); 706 } 707 708 /* 709 * vm_object_deallocate: 710 * 711 * Release a reference to the specified object, 712 * gained either through a vm_object_allocate 713 * or a vm_object_reference call. When all references 714 * are gone, storage associated with this object 715 * may be relinquished. 716 * 717 * No object may be locked. 718 */ 719 void vm_object_deallocate( 720 register vm_object_t object) 721 { 722 vm_object_t temp; 723 724 while (object != VM_OBJECT_NULL) { 725 726 /* 727 * The cache holds a reference (uncounted) to 728 * the object; we must lock it before removing 729 * the object. 730 */ 731 732 vm_object_cache_lock(); 733 734 /* 735 * Lose the reference 736 */ 737 vm_object_lock(object); 738 if (--(object->ref_count) > 0) { 739 740 /* 741 * If there are still references, then 742 * we are done. 743 */ 744 vm_object_unlock(object); 745 vm_object_cache_unlock(); 746 return; 747 } 748 749 /* 750 * See whether this object can persist. If so, enter 751 * it in the cache, then deactivate all of its 752 * pages. 753 */ 754 if (object->can_persist) { 755 boolean_t overflow; 756 757 /* 758 * Enter the object onto the queue 759 * of "cached" objects. Remember whether 760 * we've caused the queue to overflow, 761 * as a hint. 762 */ 763 764 queue_enter(&vm_object_cached_list, object, 765 vm_object_t, cached_list); 766 overflow = (++vm_object_cached_count > vm_object_cached_max); 767 vm_object_cache_unlock(); 768 769 vm_object_deactivate_pages(object); 770 vm_object_unlock(object); 771 772 /* 773 * If we didn't overflow, or if the queue has 774 * been reduced back to below the specified 775 * minimum, then quit. 776 */ 777 if (!overflow) 778 return; 779 780 while (TRUE) { 781 vm_object_cache_lock(); 782 if (vm_object_cached_count <= 783 vm_object_cached_max) { 784 vm_object_cache_unlock(); 785 return; 786 } 787 788 /* 789 * If we must trim down the queue, take 790 * the first object, and proceed to 791 * terminate it instead of the original 792 * object. Have to wait for pager init. 793 * if it's in progress. 794 */ 795 object= (vm_object_t) 796 queue_first(&vm_object_cached_list); 797 vm_object_lock(object); 798 799 if (!(object->pager_created && 800 !object->pager_initialized)) { 801 802 /* 803 * Ok to terminate, hang on to lock. 804 */ 805 break; 806 } 807 808 vm_object_assert_wait(object, 809 VM_OBJECT_EVENT_INITIALIZED, FALSE); 810 vm_object_unlock(object); 811 vm_object_cache_unlock(); 812 thread_block(CONTINUE_NULL); 813 814 /* 815 * Continue loop to check if cache still 816 * needs to be trimmed. 817 */ 818 } 819 820 /* 821 * Actually remove object from cache. 822 */ 823 824 queue_remove(&vm_object_cached_list, object, 825 vm_object_t, cached_list); 826 vm_object_cached_count--; 827 828 assert(object->ref_count == 0); 829 } 830 else { 831 if (object->pager_created && 832 !object->pager_initialized) { 833 834 /* 835 * Have to wait for initialization. 836 * Put reference back and retry 837 * when it's initialized. 838 */ 839 object->ref_count++; 840 vm_object_assert_wait(object, 841 VM_OBJECT_EVENT_INITIALIZED, FALSE); 842 vm_object_unlock(object); 843 vm_object_cache_unlock(); 844 thread_block(CONTINUE_NULL); 845 continue; 846 } 847 } 848 849 /* 850 * Take the reference to the shadow object 851 * out of the object to be destroyed. 852 */ 853 854 temp = object->shadow; 855 856 /* 857 * Destroy the object; the cache lock will 858 * be released in the process. 859 */ 860 861 vm_object_terminate(object); 862 863 /* 864 * Deallocate the reference to the shadow 865 * by continuing the loop with that object 866 * in place of the original. 867 */ 868 869 object = temp; 870 } 871 } 872 873 boolean_t vm_object_terminate_remove_all = FALSE; 874 875 /* 876 * Routine: vm_object_terminate 877 * Purpose: 878 * Free all resources associated with a vm_object. 879 * In/out conditions: 880 * Upon entry, the object and the cache must be locked, 881 * and the object must have no references. 882 * 883 * The shadow object reference is left alone. 884 * 885 * Upon exit, the cache will be unlocked, and the 886 * object will cease to exist. 887 */ 888 void vm_object_terminate( 889 register vm_object_t object) 890 { 891 register vm_page_t p; 892 vm_object_t shadow_object; 893 894 /* 895 * Make sure the object isn't already being terminated 896 */ 897 898 assert(object->alive); 899 object->alive = FALSE; 900 901 /* 902 * Make sure no one can look us up now. 903 */ 904 905 vm_object_remove(object); 906 vm_object_cache_unlock(); 907 908 /* 909 * Detach the object from its shadow if we are the shadow's 910 * copy. 911 */ 912 if ((shadow_object = object->shadow) != VM_OBJECT_NULL) { 913 vm_object_lock(shadow_object); 914 assert((shadow_object->copy == object) || 915 (shadow_object->copy == VM_OBJECT_NULL)); 916 shadow_object->copy = VM_OBJECT_NULL; 917 vm_object_unlock(shadow_object); 918 } 919 920 /* 921 * The pageout daemon might be playing with our pages. 922 * Now that the object is dead, it won't touch any more 923 * pages, but some pages might already be on their way out. 924 * Hence, we wait until the active paging activities have ceased. 925 */ 926 927 vm_object_paging_wait(object, FALSE); 928 929 /* 930 * Clean or free the pages, as appropriate. 931 * It is possible for us to find busy/absent pages, 932 * if some faults on this object were aborted. 933 */ 934 935 if ((object->temporary) || (object->pager == IP_NULL)) { 936 while (!queue_empty(&object->memq)) { 937 p = (vm_page_t) queue_first(&object->memq); 938 939 VM_PAGE_CHECK(p); 940 941 if (p->busy && !p->absent) 942 panic("vm_object_terminate.2 0x%x 0x%x", 943 object, p); 944 945 VM_PAGE_FREE(p); 946 } 947 } else while (!queue_empty(&object->memq)) { 948 p = (vm_page_t) queue_first(&object->memq); 949 950 VM_PAGE_CHECK(p); 951 952 if (p->busy && !p->absent) 953 panic("vm_object_terminate.3 0x%x 0x%x", object, p); 954 955 vm_page_lock_queues(); 956 VM_PAGE_QUEUES_REMOVE(p); 957 vm_page_unlock_queues(); 958 959 if (p->absent || p->private) { 960 961 /* 962 * For private pages, VM_PAGE_FREE just 963 * leaves the page structure around for 964 * its owner to clean up. For absent 965 * pages, the structure is returned to 966 * the appropriate pool. 967 */ 968 969 goto free_page; 970 } 971 972 if (p->fictitious) 973 panic("vm_object_terminate.4 0x%x 0x%x", object, p); 974 975 if (!p->dirty) 976 p->dirty = pmap_is_modified(p->phys_addr); 977 978 if (p->dirty || p->precious) { 979 p->busy = TRUE; 980 vm_pageout_page(p, FALSE, TRUE); /* flush page */ 981 } else { 982 free_page: 983 VM_PAGE_FREE(p); 984 } 985 } 986 987 assert(object->ref_count == 0); 988 assert(object->paging_in_progress == 0); 989 990 /* 991 * Throw away port rights... note that they may 992 * already have been thrown away (by vm_object_destroy 993 * or memory_object_destroy). 994 * 995 * Instead of destroying the control and name ports, 996 * we send all rights off to the memory manager instead, 997 * using memory_object_terminate. 998 */ 999 1000 vm_object_unlock(object); 1001 1002 if (object->pager != IP_NULL) { 1003 /* consumes our rights for pager, pager_request, pager_name */ 1004 memory_object_release(object->pager, 1005 object->pager_request, 1006 object->pager_name); 1007 } else if (object->pager_name != IP_NULL) { 1008 /* consumes our right for pager_name */ 1009 #if NORMA_VM 1010 ipc_port_release_send(object->pager_name); 1011 #else /* NORMA_VM */ 1012 ipc_port_dealloc_kernel(object->pager_name); 1013 #endif /* NORMA_VM */ 1014 } 1015 1016 #if MACH_PAGEMAP 1017 vm_external_destroy(object->existence_info); 1018 #endif /* MACH_PAGEMAP */ 1019 1020 /* 1021 * Free the space for the object. 1022 */ 1023 1024 zfree(vm_object_zone, (vm_offset_t) object); 1025 } 1026 1027 /* 1028 * Routine: vm_object_pager_wakeup 1029 * Purpose: Wake up anyone waiting for IKOT_PAGER_TERMINATING 1030 */ 1031 1032 void 1033 vm_object_pager_wakeup( 1034 ipc_port_t pager) 1035 { 1036 boolean_t someone_waiting; 1037 1038 /* 1039 * If anyone was waiting for the memory_object_terminate 1040 * to be queued, wake them up now. 1041 */ 1042 vm_object_cache_lock(); 1043 assert(ip_kotype(pager) == IKOT_PAGER_TERMINATING); 1044 someone_waiting = (pager->ip_kobject != IKO_NULL); 1045 if (ip_active(pager)) 1046 ipc_kobject_set(pager, IKO_NULL, IKOT_NONE); 1047 vm_object_cache_unlock(); 1048 if (someone_waiting) { 1049 thread_wakeup((event_t) pager); 1050 } 1051 } 1052 1053 /* 1054 * Routine: memory_object_release 1055 * Purpose: Terminate the pager and release port rights, 1056 * just like memory_object_terminate, except 1057 * that we wake up anyone blocked in vm_object_enter 1058 * waiting for termination message to be queued 1059 * before calling memory_object_init. 1060 */ 1061 void memory_object_release( 1062 ipc_port_t pager, 1063 pager_request_t pager_request, 1064 ipc_port_t pager_name) 1065 { 1066 1067 /* 1068 * Keep a reference to pager port; 1069 * the terminate might otherwise release all references. 1070 */ 1071 ip_reference(pager); 1072 1073 /* 1074 * Terminate the pager. 1075 */ 1076 (void) memory_object_terminate(pager, pager_request, pager_name); 1077 1078 /* 1079 * Wakeup anyone waiting for this terminate 1080 */ 1081 vm_object_pager_wakeup(pager); 1082 1083 /* 1084 * Release reference to pager port. 1085 */ 1086 ip_release(pager); 1087 } 1088 1089 /* 1090 * Routine: vm_object_abort_activity [internal use only] 1091 * Purpose: 1092 * Abort paging requests pending on this object. 1093 * In/out conditions: 1094 * The object is locked on entry and exit. 1095 */ 1096 void vm_object_abort_activity( 1097 vm_object_t object) 1098 { 1099 register 1100 vm_page_t p; 1101 vm_page_t next; 1102 1103 /* 1104 * Abort all activity that would be waiting 1105 * for a result on this memory object. 1106 * 1107 * We could also choose to destroy all pages 1108 * that we have in memory for this object, but 1109 * we don't. 1110 */ 1111 1112 p = (vm_page_t) queue_first(&object->memq); 1113 while (!queue_end(&object->memq, (queue_entry_t) p)) { 1114 next = (vm_page_t) queue_next(&p->listq); 1115 1116 /* 1117 * If it's being paged in, destroy it. 1118 * If an unlock has been requested, start it again. 1119 */ 1120 1121 if (p->busy && p->absent) { 1122 VM_PAGE_FREE(p); 1123 } 1124 else { 1125 if (p->unlock_request != VM_PROT_NONE) 1126 p->unlock_request = VM_PROT_NONE; 1127 PAGE_WAKEUP(p); 1128 } 1129 1130 p = next; 1131 } 1132 1133 /* 1134 * Wake up threads waiting for the memory object to 1135 * become ready. 1136 */ 1137 1138 object->pager_ready = TRUE; 1139 vm_object_wakeup(object, VM_OBJECT_EVENT_PAGER_READY); 1140 } 1141 1142 /* 1143 * Routine: memory_object_destroy [user interface] 1144 * Purpose: 1145 * Shut down a memory object, despite the 1146 * presence of address map (or other) references 1147 * to the vm_object. 1148 * Note: 1149 * This routine may be called either from the user interface, 1150 * or from port destruction handling (via vm_object_destroy). 1151 */ 1152 kern_return_t memory_object_destroy( 1153 register 1154 vm_object_t object, 1155 kern_return_t reason) 1156 { 1157 ipc_port_t old_object, old_name; 1158 pager_request_t old_control; 1159 1160 #ifdef lint 1161 reason++; 1162 #endif /* lint */ 1163 1164 if (object == VM_OBJECT_NULL) 1165 return KERN_SUCCESS; 1166 1167 /* 1168 * Remove the port associations immediately. 1169 * 1170 * This will prevent the memory manager from further 1171 * meddling. [If it wanted to flush data or make 1172 * other changes, it should have done so before performing 1173 * the destroy call.] 1174 */ 1175 1176 vm_object_cache_lock(); 1177 vm_object_lock(object); 1178 vm_object_remove(object); 1179 object->can_persist = FALSE; 1180 vm_object_cache_unlock(); 1181 1182 /* 1183 * Rip out the ports from the vm_object now... this 1184 * will prevent new memory_object calls from succeeding. 1185 */ 1186 1187 old_object = object->pager; 1188 object->pager = IP_NULL; 1189 1190 old_control = object->pager_request; 1191 object->pager_request = PAGER_REQUEST_NULL; 1192 1193 old_name = object->pager_name; 1194 object->pager_name = IP_NULL; 1195 1196 1197 /* 1198 * Wait for existing paging activity (that might 1199 * have the old ports) to subside. 1200 */ 1201 1202 vm_object_paging_wait(object, FALSE); 1203 vm_object_unlock(object); 1204 1205 /* 1206 * Shut down the ports now. 1207 * 1208 * [Paging operations may be proceeding concurrently -- 1209 * they'll get the null values established above.] 1210 */ 1211 1212 if (old_object != IP_NULL) { 1213 /* consumes our rights for object, control, name */ 1214 memory_object_release(old_object, old_control, 1215 old_name); 1216 } else if (old_name != IP_NULL) { 1217 /* consumes our right for name */ 1218 #if NORMA_VM 1219 ipc_port_release_send(object->pager_name); 1220 #else /* NORMA_VM */ 1221 ipc_port_dealloc_kernel(object->pager_name); 1222 #endif /* NORMA_VM */ 1223 } 1224 1225 /* 1226 * Lose the reference that was donated for this routine 1227 */ 1228 1229 vm_object_deallocate(object); 1230 1231 return KERN_SUCCESS; 1232 } 1233 1234 /* 1235 * vm_object_deactivate_pages 1236 * 1237 * Deactivate all pages in the specified object. (Keep its pages 1238 * in memory even though it is no longer referenced.) 1239 * 1240 * The object must be locked. 1241 */ 1242 void vm_object_deactivate_pages( 1243 register vm_object_t object) 1244 { 1245 register vm_page_t p; 1246 1247 queue_iterate(&object->memq, p, vm_page_t, listq) { 1248 vm_page_lock_queues(); 1249 if (!p->busy) 1250 vm_page_deactivate(p); 1251 vm_page_unlock_queues(); 1252 } 1253 } 1254 1255 1256 /* 1257 * Routine: vm_object_pmap_protect 1258 * 1259 * Purpose: 1260 * Reduces the permission for all physical 1261 * pages in the specified object range. 1262 * 1263 * If removing write permission only, it is 1264 * sufficient to protect only the pages in 1265 * the top-level object; only those pages may 1266 * have write permission. 1267 * 1268 * If removing all access, we must follow the 1269 * shadow chain from the top-level object to 1270 * remove access to all pages in shadowed objects. 1271 * 1272 * The object must *not* be locked. The object must 1273 * be temporary/internal. 1274 * 1275 * If pmap is not NULL, this routine assumes that 1276 * the only mappings for the pages are in that 1277 * pmap. 1278 */ 1279 boolean_t vm_object_pmap_protect_by_page = FALSE; 1280 1281 void vm_object_pmap_protect( 1282 register vm_object_t object, 1283 register vm_offset_t offset, 1284 vm_offset_t size, 1285 pmap_t pmap, 1286 vm_offset_t pmap_start, 1287 vm_prot_t prot) 1288 { 1289 if (object == VM_OBJECT_NULL) 1290 return; 1291 1292 vm_object_lock(object); 1293 1294 assert(object->temporary && object->internal); 1295 1296 while (TRUE) { 1297 if (object->resident_page_count > atop(size) / 2 && 1298 pmap != PMAP_NULL) { 1299 vm_object_unlock(object); 1300 pmap_protect(pmap, pmap_start, pmap_start + size, prot); 1301 return; 1302 } 1303 1304 { 1305 register vm_page_t p; 1306 register vm_offset_t end; 1307 1308 end = offset + size; 1309 1310 queue_iterate(&object->memq, p, vm_page_t, listq) { 1311 if (!p->fictitious && 1312 (offset <= p->offset) && 1313 (p->offset < end)) { 1314 if ((pmap == PMAP_NULL) || 1315 vm_object_pmap_protect_by_page) { 1316 pmap_page_protect(p->phys_addr, 1317 prot & ~p->page_lock); 1318 } else { 1319 vm_offset_t start = 1320 pmap_start + 1321 (p->offset - offset); 1322 1323 pmap_protect(pmap, 1324 start, 1325 start + PAGE_SIZE, 1326 prot); 1327 } 1328 } 1329 } 1330 } 1331 1332 if (prot == VM_PROT_NONE) { 1333 /* 1334 * Must follow shadow chain to remove access 1335 * to pages in shadowed objects. 1336 */ 1337 register vm_object_t next_object; 1338 1339 next_object = object->shadow; 1340 if (next_object != VM_OBJECT_NULL) { 1341 offset += object->shadow_offset; 1342 vm_object_lock(next_object); 1343 vm_object_unlock(object); 1344 object = next_object; 1345 } 1346 else { 1347 /* 1348 * End of chain - we are done. 1349 */ 1350 break; 1351 } 1352 } 1353 else { 1354 /* 1355 * Pages in shadowed objects may never have 1356 * write permission - we may stop here. 1357 */ 1358 break; 1359 } 1360 } 1361 1362 vm_object_unlock(object); 1363 } 1364 1365 /* 1366 * vm_object_pmap_remove: 1367 * 1368 * Removes all physical pages in the specified 1369 * object range from all physical maps. 1370 * 1371 * The object must *not* be locked. 1372 */ 1373 void vm_object_pmap_remove( 1374 register vm_object_t object, 1375 register vm_offset_t start, 1376 register vm_offset_t end) 1377 { 1378 register vm_page_t p; 1379 1380 if (object == VM_OBJECT_NULL) 1381 return; 1382 1383 vm_object_lock(object); 1384 queue_iterate(&object->memq, p, vm_page_t, listq) { 1385 if (!p->fictitious && 1386 (start <= p->offset) && 1387 (p->offset < end)) 1388 pmap_page_protect(p->phys_addr, VM_PROT_NONE); 1389 } 1390 vm_object_unlock(object); 1391 } 1392 1393 /* 1394 * Routine: vm_object_copy_slowly 1395 * 1396 * Description: 1397 * Copy the specified range of the source 1398 * virtual memory object without using 1399 * protection-based optimizations (such 1400 * as copy-on-write). The pages in the 1401 * region are actually copied. 1402 * 1403 * In/out conditions: 1404 * The caller must hold a reference and a lock 1405 * for the source virtual memory object. The source 1406 * object will be returned *unlocked*. 1407 * 1408 * Results: 1409 * If the copy is completed successfully, KERN_SUCCESS is 1410 * returned. If the caller asserted the interruptible 1411 * argument, and an interruption occurred while waiting 1412 * for a user-generated event, MACH_SEND_INTERRUPTED is 1413 * returned. Other values may be returned to indicate 1414 * hard errors during the copy operation. 1415 * 1416 * A new virtual memory object is returned in a 1417 * parameter (_result_object). The contents of this 1418 * new object, starting at a zero offset, are a copy 1419 * of the source memory region. In the event of 1420 * an error, this parameter will contain the value 1421 * VM_OBJECT_NULL. 1422 */ 1423 kern_return_t vm_object_copy_slowly( 1424 register 1425 vm_object_t src_object, 1426 vm_offset_t src_offset, 1427 vm_size_t size, 1428 boolean_t interruptible, 1429 vm_object_t *_result_object) /* OUT */ 1430 { 1431 vm_object_t new_object; 1432 vm_offset_t new_offset; 1433 1434 if (size == 0) { 1435 vm_object_unlock(src_object); 1436 *_result_object = VM_OBJECT_NULL; 1437 return KERN_INVALID_ARGUMENT; 1438 } 1439 1440 /* 1441 * Prevent destruction of the source object while we copy. 1442 */ 1443 1444 assert(src_object->ref_count > 0); 1445 src_object->ref_count++; 1446 vm_object_unlock(src_object); 1447 1448 /* 1449 * Create a new object to hold the copied pages. 1450 * A few notes: 1451 * We fill the new object starting at offset 0, 1452 * regardless of the input offset. 1453 * We don't bother to lock the new object within 1454 * this routine, since we have the only reference. 1455 */ 1456 1457 new_object = vm_object_allocate(size); 1458 new_offset = 0; 1459 1460 assert(size == trunc_page(size)); /* Will the loop terminate? */ 1461 1462 for ( ; 1463 size != 0 ; 1464 src_offset += PAGE_SIZE, new_offset += PAGE_SIZE, size -= PAGE_SIZE 1465 ) { 1466 vm_page_t new_page; 1467 vm_fault_return_t result; 1468 1469 while ((new_page = vm_page_alloc(new_object, new_offset)) 1470 == VM_PAGE_NULL) { 1471 VM_PAGE_WAIT(CONTINUE_NULL); 1472 } 1473 1474 do { 1475 vm_prot_t prot = VM_PROT_READ; 1476 vm_page_t _result_page; 1477 vm_page_t top_page; 1478 register 1479 vm_page_t result_page; 1480 1481 vm_object_lock(src_object); 1482 src_object->paging_in_progress++; 1483 1484 result = vm_fault_page(src_object, src_offset, 1485 VM_PROT_READ, FALSE, interruptible, 1486 &prot, &_result_page, &top_page, 1487 FALSE, 0); 1488 1489 switch(result) { 1490 case VM_FAULT_SUCCESS: 1491 result_page = _result_page; 1492 1493 /* 1494 * We don't need to hold the object 1495 * lock -- the busy page will be enough. 1496 * [We don't care about picking up any 1497 * new modifications.] 1498 * 1499 * Copy the page to the new object. 1500 * 1501 * POLICY DECISION: 1502 * If result_page is clean, 1503 * we could steal it instead 1504 * of copying. 1505 */ 1506 1507 vm_object_unlock(result_page->object); 1508 vm_page_copy(result_page, new_page); 1509 1510 /* 1511 * Let go of both pages (make them 1512 * not busy, perform wakeup, activate). 1513 */ 1514 1515 new_page->busy = FALSE; 1516 new_page->dirty = TRUE; 1517 vm_object_lock(result_page->object); 1518 PAGE_WAKEUP_DONE(result_page); 1519 1520 vm_page_lock_queues(); 1521 if (!result_page->active && 1522 !result_page->inactive) 1523 vm_page_activate(result_page); 1524 vm_page_activate(new_page); 1525 vm_page_unlock_queues(); 1526 1527 /* 1528 * Release paging references and 1529 * top-level placeholder page, if any. 1530 */ 1531 1532 vm_fault_cleanup(result_page->object, 1533 top_page); 1534 1535 break; 1536 1537 case VM_FAULT_RETRY: 1538 break; 1539 1540 case VM_FAULT_MEMORY_SHORTAGE: 1541 VM_PAGE_WAIT(CONTINUE_NULL); 1542 break; 1543 1544 case VM_FAULT_FICTITIOUS_SHORTAGE: 1545 vm_page_more_fictitious(); 1546 break; 1547 1548 case VM_FAULT_INTERRUPTED: 1549 vm_page_free(new_page); 1550 vm_object_deallocate(new_object); 1551 vm_object_deallocate(src_object); 1552 *_result_object = VM_OBJECT_NULL; 1553 return MACH_SEND_INTERRUPTED; 1554 1555 case VM_FAULT_MEMORY_ERROR: 1556 /* 1557 * A policy choice: 1558 * (a) ignore pages that we can't 1559 * copy 1560 * (b) return the null object if 1561 * any page fails [chosen] 1562 */ 1563 1564 vm_page_free(new_page); 1565 vm_object_deallocate(new_object); 1566 vm_object_deallocate(src_object); 1567 *_result_object = VM_OBJECT_NULL; 1568 return KERN_MEMORY_ERROR; 1569 } 1570 } while (result != VM_FAULT_SUCCESS); 1571 } 1572 1573 /* 1574 * Lose the extra reference, and return our object. 1575 */ 1576 1577 vm_object_deallocate(src_object); 1578 *_result_object = new_object; 1579 return KERN_SUCCESS; 1580 } 1581 1582 /* 1583 * Routine: vm_object_copy_temporary 1584 * 1585 * Purpose: 1586 * Copy the specified range of the source virtual 1587 * memory object, if it can be done without blocking. 1588 * 1589 * Results: 1590 * If the copy is successful, the copy is returned in 1591 * the arguments; otherwise, the arguments are not 1592 * affected. 1593 * 1594 * In/out conditions: 1595 * The object should be unlocked on entry and exit. 1596 */ 1597 1598 vm_object_t vm_object_copy_delayed(); /* forward declaration */ 1599 1600 boolean_t vm_object_copy_temporary( 1601 vm_object_t *_object, /* INOUT */ 1602 vm_offset_t *_offset, /* INOUT */ 1603 boolean_t *_src_needs_copy, /* OUT */ 1604 boolean_t *_dst_needs_copy) /* OUT */ 1605 { 1606 vm_object_t object = *_object; 1607 1608 #ifdef lint 1609 ++*_offset; 1610 #endif /* lint */ 1611 1612 if (object == VM_OBJECT_NULL) { 1613 *_src_needs_copy = FALSE; 1614 *_dst_needs_copy = FALSE; 1615 return TRUE; 1616 } 1617 1618 /* 1619 * If the object is temporary, we can perform 1620 * a symmetric copy-on-write without asking. 1621 */ 1622 1623 vm_object_lock(object); 1624 if (object->temporary) { 1625 1626 /* 1627 * Shared objects use delayed copy 1628 */ 1629 if (object->use_shared_copy) { 1630 1631 /* 1632 * Asymmetric copy strategy. Destination 1633 * must be copied (to allow copy object reuse). 1634 * Source is unaffected. 1635 */ 1636 vm_object_unlock(object); 1637 object = vm_object_copy_delayed(object); 1638 *_object = object; 1639 *_src_needs_copy = FALSE; 1640 *_dst_needs_copy = TRUE; 1641 return TRUE; 1642 } 1643 1644 /* 1645 * Make another reference to the object. 1646 * 1647 * Leave object/offset unchanged. 1648 */ 1649 1650 assert(object->ref_count > 0); 1651 object->ref_count++; 1652 object->shadowed = TRUE; 1653 vm_object_unlock(object); 1654 1655 /* 1656 * Both source and destination must make 1657 * shadows, and the source must be made 1658 * read-only if not already. 1659 */ 1660 1661 *_src_needs_copy = TRUE; 1662 *_dst_needs_copy = TRUE; 1663 return TRUE; 1664 } 1665 1666 if (object->pager_ready && 1667 (object->copy_strategy == MEMORY_OBJECT_COPY_DELAY)) { 1668 /* XXX Do something intelligent (see temporary code above) */ 1669 } 1670 vm_object_unlock(object); 1671 1672 return FALSE; 1673 } 1674 1675 /* 1676 * Routine: vm_object_copy_call [internal] 1677 * 1678 * Description: 1679 * Copy the specified (src_offset, size) portion 1680 * of the source object (src_object), using the 1681 * user-managed copy algorithm. 1682 * 1683 * In/out conditions: 1684 * The source object must be locked on entry. It 1685 * will be *unlocked* on exit. 1686 * 1687 * Results: 1688 * If the copy is successful, KERN_SUCCESS is returned. 1689 * This routine is interruptible; if a wait for 1690 * a user-generated event is interrupted, MACH_SEND_INTERRUPTED 1691 * is returned. Other return values indicate hard errors 1692 * in creating the user-managed memory object for the copy. 1693 * 1694 * A new object that represents the copied virtual 1695 * memory is returned in a parameter (*_result_object). 1696 * If the return value indicates an error, this parameter 1697 * is not valid. 1698 */ 1699 kern_return_t vm_object_copy_call( 1700 vm_object_t src_object, 1701 vm_offset_t src_offset, 1702 vm_size_t size, 1703 vm_object_t *_result_object) /* OUT */ 1704 { 1705 vm_offset_t src_end = src_offset + size; 1706 ipc_port_t new_memory_object; 1707 vm_object_t new_object; 1708 vm_page_t p; 1709 1710 /* 1711 * Set the backing object for the new 1712 * temporary object. 1713 */ 1714 1715 assert(src_object->ref_count > 0); 1716 src_object->ref_count++; 1717 vm_object_paging_begin(src_object); 1718 vm_object_unlock(src_object); 1719 1720 /* 1721 * Create a memory object port to be associated 1722 * with this new vm_object. 1723 * 1724 * Since the kernel has the only rights to this 1725 * port, we need not hold the cache lock. 1726 * 1727 * Since we have the only object reference, we 1728 * need not be worried about collapse operations. 1729 * 1730 */ 1731 1732 new_memory_object = ipc_port_alloc_kernel(); 1733 if (new_memory_object == IP_NULL) { 1734 panic("vm_object_copy_call: allocate memory object port"); 1735 /* XXX Shouldn't panic here. */ 1736 } 1737 1738 /* we hold a naked receive right for new_memory_object */ 1739 (void) ipc_port_make_send(new_memory_object); 1740 /* now we also hold a naked send right for new_memory_object */ 1741 1742 /* 1743 * Let the memory manager know that a copy operation 1744 * is in progress. Note that we're using the old 1745 * memory object's ports (for which we're holding 1746 * a paging reference)... the memory manager cannot 1747 * yet affect the new memory object. 1748 */ 1749 1750 (void) memory_object_copy(src_object->pager, 1751 src_object->pager_request, 1752 src_offset, size, 1753 new_memory_object); 1754 /* no longer hold the naked receive right for new_memory_object */ 1755 1756 vm_object_lock(src_object); 1757 vm_object_paging_end(src_object); 1758 1759 /* 1760 * Remove write access from all of the pages of 1761 * the old memory object that we can. 1762 */ 1763 1764 queue_iterate(&src_object->memq, p, vm_page_t, listq) { 1765 if (!p->fictitious && 1766 (src_offset <= p->offset) && 1767 (p->offset < src_end) && 1768 !(p->page_lock & VM_PROT_WRITE)) { 1769 p->page_lock |= VM_PROT_WRITE; 1770 pmap_page_protect(p->phys_addr, VM_PROT_ALL & ~p->page_lock); 1771 } 1772 } 1773 1774 vm_object_unlock(src_object); 1775 1776 /* 1777 * Initialize the rest of the paging stuff 1778 */ 1779 1780 new_object = vm_object_enter(new_memory_object, size, FALSE); 1781 new_object->shadow = src_object; 1782 new_object->shadow_offset = src_offset; 1783 1784 /* 1785 * Drop the reference for new_memory_object taken above. 1786 */ 1787 1788 ipc_port_release_send(new_memory_object); 1789 /* no longer hold the naked send right for new_memory_object */ 1790 1791 *_result_object = new_object; 1792 return KERN_SUCCESS; 1793 } 1794 1795 /* 1796 * Routine: vm_object_copy_delayed [internal] 1797 * 1798 * Description: 1799 * Copy the specified virtual memory object, using 1800 * the asymmetric copy-on-write algorithm. 1801 * 1802 * In/out conditions: 1803 * The object must be unlocked on entry. 1804 * 1805 * This routine will not block waiting for user-generated 1806 * events. It is not interruptible. 1807 */ 1808 vm_object_t vm_object_copy_delayed( 1809 vm_object_t src_object) 1810 { 1811 vm_object_t new_copy; 1812 vm_object_t old_copy; 1813 vm_page_t p; 1814 1815 /* 1816 * The user-level memory manager wants to see 1817 * all of the changes to this object, but it 1818 * has promised not to make any changes on its own. 1819 * 1820 * Perform an asymmetric copy-on-write, as follows: 1821 * Create a new object, called a "copy object" 1822 * to hold pages modified by the new mapping 1823 * (i.e., the copy, not the original mapping). 1824 * Record the original object as the backing 1825 * object for the copy object. If the 1826 * original mapping does not change a page, 1827 * it may be used read-only by the copy. 1828 * Record the copy object in the original 1829 * object. When the original mapping causes 1830 * a page to be modified, it must be copied 1831 * to a new page that is "pushed" to the 1832 * copy object. 1833 * Mark the new mapping (the copy object) 1834 * copy-on-write. This makes the copy 1835 * object itself read-only, allowing it 1836 * to be reused if the original mapping 1837 * makes no changes, and simplifying the 1838 * synchronization required in the "push" 1839 * operation described above. 1840 * 1841 * The copy-on-write is said to be assymetric because 1842 * the original object is *not* marked copy-on-write. 1843 * A copied page is pushed to the copy object, regardless 1844 * which party attempted to modify the page. 1845 * 1846 * Repeated asymmetric copy operations may be done. 1847 * If the original object has not been changed since 1848 * the last copy, its copy object can be reused. 1849 * Otherwise, a new copy object can be inserted 1850 * between the original object and its previous 1851 * copy object. Since any copy object is read-only, 1852 * this cannot affect the contents of the previous copy 1853 * object. 1854 * 1855 * Note that a copy object is higher in the object 1856 * tree than the original object; therefore, use of 1857 * the copy object recorded in the original object 1858 * must be done carefully, to avoid deadlock. 1859 */ 1860 1861 /* 1862 * Allocate a new copy object before locking, even 1863 * though we may not need it later. 1864 */ 1865 1866 new_copy = vm_object_allocate(src_object->size); 1867 1868 vm_object_lock(src_object); 1869 1870 /* 1871 * See whether we can reuse the result of a previous 1872 * copy operation. 1873 */ 1874 Retry: 1875 old_copy = src_object->copy; 1876 if (old_copy != VM_OBJECT_NULL) { 1877 /* 1878 * Try to get the locks (out of order) 1879 */ 1880 if (!vm_object_lock_try(old_copy)) { 1881 vm_object_unlock(src_object); 1882 1883 simple_lock_pause(); /* wait a bit */ 1884 1885 vm_object_lock(src_object); 1886 goto Retry; 1887 } 1888 1889 /* 1890 * Determine whether the old copy object has 1891 * been modified. 1892 */ 1893 1894 if (old_copy->resident_page_count == 0 && 1895 !old_copy->pager_created) { 1896 /* 1897 * It has not been modified. 1898 * 1899 * Return another reference to 1900 * the existing copy-object. 1901 */ 1902 assert(old_copy->ref_count > 0); 1903 old_copy->ref_count++; 1904 vm_object_unlock(old_copy); 1905 vm_object_unlock(src_object); 1906 1907 vm_object_deallocate(new_copy); 1908 1909 return old_copy; 1910 } 1911 1912 /* 1913 * The copy-object is always made large enough to 1914 * completely shadow the original object, since 1915 * it may have several users who want to shadow 1916 * the original object at different points. 1917 */ 1918 1919 assert((old_copy->shadow == src_object) && 1920 (old_copy->shadow_offset == (vm_offset_t) 0)); 1921 1922 /* 1923 * Make the old copy-object shadow the new one. 1924 * It will receive no more pages from the original 1925 * object. 1926 */ 1927 1928 src_object->ref_count--; /* remove ref. from old_copy */ 1929 assert(src_object->ref_count > 0); 1930 old_copy->shadow = new_copy; 1931 assert(new_copy->ref_count > 0); 1932 new_copy->ref_count++; 1933 vm_object_unlock(old_copy); /* done with old_copy */ 1934 } 1935 1936 /* 1937 * Point the new copy at the existing object. 1938 */ 1939 1940 new_copy->shadow = src_object; 1941 new_copy->shadow_offset = 0; 1942 new_copy->shadowed = TRUE; /* caller must set needs_copy */ 1943 assert(src_object->ref_count > 0); 1944 src_object->ref_count++; 1945 src_object->copy = new_copy; 1946 1947 /* 1948 * Mark all pages of the existing object copy-on-write. 1949 * This object may have a shadow chain below it, but 1950 * those pages will already be marked copy-on-write. 1951 */ 1952 1953 queue_iterate(&src_object->memq, p, vm_page_t, listq) { 1954 if (!p->fictitious) 1955 pmap_page_protect(p->phys_addr, 1956 (VM_PROT_ALL & ~VM_PROT_WRITE & 1957 ~p->page_lock)); 1958 } 1959 1960 vm_object_unlock(src_object); 1961 1962 return new_copy; 1963 } 1964 1965 /* 1966 * Routine: vm_object_copy_strategically 1967 * 1968 * Purpose: 1969 * Perform a copy according to the source object's 1970 * declared strategy. This operation may block, 1971 * and may be interrupted. 1972 */ 1973 kern_return_t vm_object_copy_strategically( 1974 register 1975 vm_object_t src_object, 1976 vm_offset_t src_offset, 1977 vm_size_t size, 1978 vm_object_t *dst_object, /* OUT */ 1979 vm_offset_t *dst_offset, /* OUT */ 1980 boolean_t *dst_needs_copy) /* OUT */ 1981 { 1982 kern_return_t result = KERN_SUCCESS; /* to quiet gcc warnings */ 1983 boolean_t interruptible = TRUE; /* XXX */ 1984 1985 assert(src_object != VM_OBJECT_NULL); 1986 1987 vm_object_lock(src_object); 1988 1989 /* XXX assert(!src_object->temporary); JSB FIXME */ 1990 1991 /* 1992 * The copy strategy is only valid if the memory manager 1993 * is "ready". 1994 */ 1995 1996 while (!src_object->pager_ready) { 1997 vm_object_wait( src_object, 1998 VM_OBJECT_EVENT_PAGER_READY, 1999 interruptible); 2000 if (interruptible && 2001 (current_thread()->wait_result != THREAD_AWAKENED)) { 2002 *dst_object = VM_OBJECT_NULL; 2003 *dst_offset = 0; 2004 *dst_needs_copy = FALSE; 2005 return MACH_SEND_INTERRUPTED; 2006 } 2007 vm_object_lock(src_object); 2008 } 2009 2010 /* 2011 * The object may be temporary (even though it is external). 2012 * If so, do a symmetric copy. 2013 */ 2014 2015 if (src_object->temporary) { 2016 /* 2017 * XXX 2018 * This does not count as intelligent! 2019 * This buys us the object->temporary optimizations, 2020 * but we aren't using a symmetric copy, 2021 * which may confuse the vm code. The correct thing 2022 * to do here is to figure out what to call to get 2023 * a temporary shadowing set up. 2024 */ 2025 src_object->copy_strategy = MEMORY_OBJECT_COPY_DELAY; 2026 } 2027 2028 /* 2029 * The object is permanent. Use the appropriate copy strategy. 2030 */ 2031 2032 switch (src_object->copy_strategy) { 2033 case MEMORY_OBJECT_COPY_NONE: 2034 if ((result = vm_object_copy_slowly( 2035 src_object, 2036 src_offset, 2037 size, 2038 interruptible, 2039 dst_object)) 2040 == KERN_SUCCESS) { 2041 *dst_offset = 0; 2042 *dst_needs_copy = FALSE; 2043 } 2044 break; 2045 2046 case MEMORY_OBJECT_COPY_CALL: 2047 if ((result = vm_object_copy_call( 2048 src_object, 2049 src_offset, 2050 size, 2051 dst_object)) 2052 == KERN_SUCCESS) { 2053 *dst_offset = 0; 2054 *dst_needs_copy = FALSE; 2055 } 2056 break; 2057 2058 case MEMORY_OBJECT_COPY_DELAY: 2059 vm_object_unlock(src_object); 2060 *dst_object = vm_object_copy_delayed(src_object); 2061 *dst_offset = src_offset; 2062 *dst_needs_copy = TRUE; 2063 2064 result = KERN_SUCCESS; 2065 break; 2066 } 2067 2068 return result; 2069 } 2070 2071 /* 2072 * vm_object_shadow: 2073 * 2074 * Create a new object which is backed by the 2075 * specified existing object range. The source 2076 * object reference is deallocated. 2077 * 2078 * The new object and offset into that object 2079 * are returned in the source parameters. 2080 */ 2081 2082 void vm_object_shadow( 2083 vm_object_t *object, /* IN/OUT */ 2084 vm_offset_t *offset, /* IN/OUT */ 2085 vm_size_t length) 2086 { 2087 register vm_object_t source; 2088 register vm_object_t result; 2089 2090 source = *object; 2091 2092 /* 2093 * Allocate a new object with the given length 2094 */ 2095 2096 if ((result = vm_object_allocate(length)) == VM_OBJECT_NULL) 2097 panic("vm_object_shadow: no object for shadowing"); 2098 2099 /* 2100 * The new object shadows the source object, adding 2101 * a reference to it. Our caller changes his reference 2102 * to point to the new object, removing a reference to 2103 * the source object. Net result: no change of reference 2104 * count. 2105 */ 2106 result->shadow = source; 2107 2108 /* 2109 * Store the offset into the source object, 2110 * and fix up the offset into the new object. 2111 */ 2112 2113 result->shadow_offset = *offset; 2114 2115 /* 2116 * Return the new things 2117 */ 2118 2119 *offset = 0; 2120 *object = result; 2121 } 2122 2123 /* 2124 * The relationship between vm_object structures and 2125 * the memory_object ports requires careful synchronization. 2126 * 2127 * All associations are created by vm_object_enter. All three 2128 * port fields are filled in, as follows: 2129 * pager: the memory_object port itself, supplied by 2130 * the user requesting a mapping (or the kernel, 2131 * when initializing internal objects); the 2132 * kernel simulates holding send rights by keeping 2133 * a port reference; 2134 * pager_request: 2135 * pager_name: 2136 * the memory object control and name ports, 2137 * created by the kernel; the kernel holds 2138 * receive (and ownership) rights to these 2139 * ports, but no other references. 2140 * All of the ports are referenced by their global names. 2141 * 2142 * When initialization is complete, the "initialized" field 2143 * is asserted. Other mappings using a particular memory object, 2144 * and any references to the vm_object gained through the 2145 * port association must wait for this initialization to occur. 2146 * 2147 * In order to allow the memory manager to set attributes before 2148 * requests (notably virtual copy operations, but also data or 2149 * unlock requests) are made, a "ready" attribute is made available. 2150 * Only the memory manager may affect the value of this attribute. 2151 * Its value does not affect critical kernel functions, such as 2152 * internal object initialization or destruction. [Furthermore, 2153 * memory objects created by the kernel are assumed to be ready 2154 * immediately; the default memory manager need not explicitly 2155 * set the "ready" attribute.] 2156 * 2157 * [Both the "initialized" and "ready" attribute wait conditions 2158 * use the "pager" field as the wait event.] 2159 * 2160 * The port associations can be broken down by any of the 2161 * following routines: 2162 * vm_object_terminate: 2163 * No references to the vm_object remain, and 2164 * the object cannot (or will not) be cached. 2165 * This is the normal case, and is done even 2166 * though one of the other cases has already been 2167 * done. 2168 * vm_object_destroy: 2169 * The memory_object port has been destroyed, 2170 * meaning that the kernel cannot flush dirty 2171 * pages or request new data or unlock existing 2172 * data. 2173 * memory_object_destroy: 2174 * The memory manager has requested that the 2175 * kernel relinquish rights to the memory object 2176 * port. [The memory manager may not want to 2177 * destroy the port, but may wish to refuse or 2178 * tear down existing memory mappings.] 2179 * Each routine that breaks an association must break all of 2180 * them at once. At some later time, that routine must clear 2181 * the vm_object port fields and release the port rights. 2182 * [Furthermore, each routine must cope with the simultaneous 2183 * or previous operations of the others.] 2184 * 2185 * In addition to the lock on the object, the vm_object_cache_lock 2186 * governs the port associations. References gained through the 2187 * port association require use of the cache lock. 2188 * 2189 * Because the port fields may be cleared spontaneously, they 2190 * cannot be used to determine whether a memory object has 2191 * ever been associated with a particular vm_object. [This 2192 * knowledge is important to the shadow object mechanism.] 2193 * For this reason, an additional "created" attribute is 2194 * provided. 2195 * 2196 * During various paging operations, the port values found in the 2197 * vm_object must be valid. To prevent these port rights from being 2198 * released, and to prevent the port associations from changing 2199 * (other than being removed, i.e., made null), routines may use 2200 * the vm_object_paging_begin/end routines [actually, macros]. 2201 * The implementation uses the "paging_in_progress" and "wanted" fields. 2202 * [Operations that alter the validity of the port values include the 2203 * termination routines and vm_object_collapse.] 2204 */ 2205 2206 vm_object_t vm_object_lookup( 2207 ipc_port_t port) 2208 { 2209 vm_object_t object = VM_OBJECT_NULL; 2210 2211 if (IP_VALID(port)) { 2212 ip_lock(port); 2213 if (ip_active(port) && 2214 #if NORMA_VM 2215 (ip_kotype(port) == IKOT_PAGER)) { 2216 #else /* NORMA_VM */ 2217 (ip_kotype(port) == IKOT_PAGING_REQUEST)) { 2218 #endif /* NORMA_VM */ 2219 vm_object_cache_lock(); 2220 object = (vm_object_t) port->ip_kobject; 2221 vm_object_lock(object); 2222 2223 assert(object->alive); 2224 2225 if (object->ref_count == 0) { 2226 queue_remove(&vm_object_cached_list, object, 2227 vm_object_t, cached_list); 2228 vm_object_cached_count--; 2229 } 2230 2231 object->ref_count++; 2232 vm_object_unlock(object); 2233 vm_object_cache_unlock(); 2234 } 2235 ip_unlock(port); 2236 } 2237 2238 return object; 2239 } 2240 2241 vm_object_t vm_object_lookup_name( 2242 ipc_port_t port) 2243 { 2244 vm_object_t object = VM_OBJECT_NULL; 2245 2246 if (IP_VALID(port)) { 2247 ip_lock(port); 2248 if (ip_active(port) && 2249 (ip_kotype(port) == IKOT_PAGING_NAME)) { 2250 vm_object_cache_lock(); 2251 object = (vm_object_t) port->ip_kobject; 2252 vm_object_lock(object); 2253 2254 assert(object->alive); 2255 2256 if (object->ref_count == 0) { 2257 queue_remove(&vm_object_cached_list, object, 2258 vm_object_t, cached_list); 2259 vm_object_cached_count--; 2260 } 2261 2262 object->ref_count++; 2263 vm_object_unlock(object); 2264 vm_object_cache_unlock(); 2265 } 2266 ip_unlock(port); 2267 } 2268 2269 return object; 2270 } 2271 2272 void vm_object_destroy( 2273 ipc_port_t pager) 2274 { 2275 vm_object_t object; 2276 pager_request_t old_request; 2277 ipc_port_t old_name; 2278 2279 /* 2280 * Perform essentially the same operations as in vm_object_lookup, 2281 * except that this time we look up based on the memory_object 2282 * port, not the control port. 2283 */ 2284 vm_object_cache_lock(); 2285 if (ip_kotype(pager) != IKOT_PAGER) { 2286 vm_object_cache_unlock(); 2287 return; 2288 } 2289 2290 object = (vm_object_t) pager->ip_kobject; 2291 vm_object_lock(object); 2292 if (object->ref_count == 0) { 2293 queue_remove(&vm_object_cached_list, object, 2294 vm_object_t, cached_list); 2295 vm_object_cached_count--; 2296 } 2297 object->ref_count++; 2298 2299 object->can_persist = FALSE; 2300 2301 assert(object->pager == pager); 2302 2303 /* 2304 * Remove the port associations. 2305 * 2306 * Note that the memory_object itself is dead, so 2307 * we don't bother with it. 2308 */ 2309 2310 object->pager = IP_NULL; 2311 vm_object_remove(object); 2312 2313 old_request = object->pager_request; 2314 object->pager_request = PAGER_REQUEST_NULL; 2315 2316 old_name = object->pager_name; 2317 object->pager_name = IP_NULL; 2318 2319 vm_object_unlock(object); 2320 vm_object_cache_unlock(); 2321 2322 /* 2323 * Clean up the port references. Note that there's no 2324 * point in trying the memory_object_terminate call 2325 * because the memory_object itself is dead. 2326 */ 2327 2328 ipc_port_release_send(pager); 2329 #if !NORMA_VM 2330 if (old_request != IP_NULL) 2331 ipc_port_dealloc_kernel(old_request); 2332 #endif /* !NORMA_VM */ 2333 if (old_name != IP_NULL) 2334 #if NORMA_VM 2335 ipc_port_release_send(old_name); 2336 #else /* NORMA_VM */ 2337 ipc_port_dealloc_kernel(old_name); 2338 #endif /* NORMA_VM */ 2339 2340 /* 2341 * Restart pending page requests 2342 */ 2343 2344 vm_object_abort_activity(object); 2345 2346 /* 2347 * Lose the object reference. 2348 */ 2349 2350 vm_object_deallocate(object); 2351 } 2352 2353 boolean_t vm_object_accept_old_init_protocol = FALSE; 2354 2355 /* 2356 * Routine: vm_object_enter 2357 * Purpose: 2358 * Find a VM object corresponding to the given 2359 * pager; if no such object exists, create one, 2360 * and initialize the pager. 2361 */ 2362 vm_object_t vm_object_enter( 2363 ipc_port_t pager, 2364 vm_size_t size, 2365 boolean_t internal) 2366 { 2367 register 2368 vm_object_t object; 2369 vm_object_t new_object; 2370 boolean_t must_init; 2371 ipc_kobject_type_t po; 2372 2373 restart: 2374 if (!IP_VALID(pager)) 2375 return vm_object_allocate(size); 2376 2377 new_object = VM_OBJECT_NULL; 2378 must_init = FALSE; 2379 2380 /* 2381 * Look for an object associated with this port. 2382 */ 2383 2384 vm_object_cache_lock(); 2385 for (;;) { 2386 po = ip_kotype(pager); 2387 2388 /* 2389 * If a previous object is being terminated, 2390 * we must wait for the termination message 2391 * to be queued. 2392 * 2393 * We set kobject to a non-null value to let the 2394 * terminator know that someone is waiting. 2395 * Among the possibilities is that the port 2396 * could die while we're waiting. Must restart 2397 * instead of continuing the loop. 2398 */ 2399 2400 if (po == IKOT_PAGER_TERMINATING) { 2401 pager->ip_kobject = (ipc_kobject_t) pager; 2402 assert_wait((event_t) pager, FALSE); 2403 vm_object_cache_unlock(); 2404 thread_block(CONTINUE_NULL); 2405 goto restart; 2406 } 2407 2408 /* 2409 * Bail if there is already a kobject associated 2410 * with the pager port. 2411 */ 2412 if (po != IKOT_NONE) { 2413 break; 2414 } 2415 2416 /* 2417 * We must unlock to create a new object; 2418 * if we do so, we must try the lookup again. 2419 */ 2420 2421 if (new_object == VM_OBJECT_NULL) { 2422 vm_object_cache_unlock(); 2423 new_object = vm_object_allocate(size); 2424 vm_object_cache_lock(); 2425 } else { 2426 /* 2427 * Lookup failed twice, and we have something 2428 * to insert; set the object. 2429 */ 2430 2431 ipc_kobject_set(pager, 2432 (ipc_kobject_t) new_object, 2433 IKOT_PAGER); 2434 new_object = VM_OBJECT_NULL; 2435 must_init = TRUE; 2436 } 2437 } 2438 2439 if (internal) 2440 must_init = TRUE; 2441 2442 /* 2443 * It's only good if it's a VM object! 2444 */ 2445 2446 object = (po == IKOT_PAGER) ? (vm_object_t) pager->ip_kobject 2447 : VM_OBJECT_NULL; 2448 2449 if ((object != VM_OBJECT_NULL) && !must_init) { 2450 vm_object_lock(object); 2451 if (object->ref_count == 0) { 2452 queue_remove(&vm_object_cached_list, object, 2453 vm_object_t, cached_list); 2454 vm_object_cached_count--; 2455 } 2456 object->ref_count++; 2457 vm_object_unlock(object); 2458 2459 vm_stat.hits++; 2460 } 2461 assert((object == VM_OBJECT_NULL) || (object->ref_count > 0) || 2462 ((object->paging_in_progress != 0) && internal)); 2463 2464 vm_stat.lookups++; 2465 2466 vm_object_cache_unlock(); 2467 2468 /* 2469 * If we raced to create a vm_object but lost, let's 2470 * throw away ours. 2471 */ 2472 2473 if (new_object != VM_OBJECT_NULL) 2474 vm_object_deallocate(new_object); 2475 2476 if (object == VM_OBJECT_NULL) 2477 return(object); 2478 2479 if (must_init) { 2480 /* 2481 * Copy the naked send right we were given. 2482 */ 2483 2484 pager = ipc_port_copy_send(pager); 2485 if (!IP_VALID(pager)) 2486 panic("vm_object_enter: port died"); /* XXX */ 2487 2488 object->pager_created = TRUE; 2489 object->pager = pager; 2490 2491 #if NORMA_VM 2492 2493 /* 2494 * Let the xmm system know that we want to use the pager. 2495 * 2496 * Name port will be provided by the xmm system 2497 * when set_attributes_common is called. 2498 */ 2499 2500 object->internal = internal; 2501 object->pager_ready = internal; 2502 if (internal) { 2503 assert(object->temporary); 2504 } else { 2505 object->temporary = FALSE; 2506 } 2507 object->pager_name = IP_NULL; 2508 2509 (void) xmm_memory_object_init(object); 2510 #else /* NORMA_VM */ 2511 2512 /* 2513 * Allocate request port. 2514 */ 2515 2516 object->pager_request = ipc_port_alloc_kernel(); 2517 if (object->pager_request == IP_NULL) 2518 panic("vm_object_enter: pager request alloc"); 2519 2520 ipc_kobject_set(object->pager_request, 2521 (ipc_kobject_t) object, 2522 IKOT_PAGING_REQUEST); 2523 2524 /* 2525 * Let the pager know we're using it. 2526 */ 2527 2528 if (internal) { 2529 /* acquire a naked send right for the DMM */ 2530 ipc_port_t DMM = memory_manager_default_reference(); 2531 2532 /* mark the object internal */ 2533 object->internal = TRUE; 2534 assert(object->temporary); 2535 2536 /* default-pager objects are ready immediately */ 2537 object->pager_ready = TRUE; 2538 2539 /* consumes the naked send right for DMM */ 2540 (void) memory_object_create(DMM, 2541 pager, 2542 object->size, 2543 object->pager_request, 2544 object->pager_name, 2545 PAGE_SIZE); 2546 } else { 2547 /* the object is external and not temporary */ 2548 object->internal = FALSE; 2549 object->temporary = FALSE; 2550 2551 /* user pager objects are not ready until marked so */ 2552 object->pager_ready = FALSE; 2553 2554 (void) memory_object_init(pager, 2555 object->pager_request, 2556 object->pager_name, 2557 PAGE_SIZE); 2558 2559 } 2560 #endif /* NORMA_VM */ 2561 2562 vm_object_lock(object); 2563 object->pager_initialized = TRUE; 2564 2565 if (vm_object_accept_old_init_protocol) 2566 object->pager_ready = TRUE; 2567 2568 vm_object_wakeup(object, VM_OBJECT_EVENT_INITIALIZED); 2569 } else { 2570 vm_object_lock(object); 2571 } 2572 /* 2573 * [At this point, the object must be locked] 2574 */ 2575 2576 /* 2577 * Wait for the work above to be done by the first 2578 * thread to map this object. 2579 */ 2580 2581 while (!object->pager_initialized) { 2582 vm_object_wait( object, 2583 VM_OBJECT_EVENT_INITIALIZED, 2584 FALSE); 2585 vm_object_lock(object); 2586 } 2587 vm_object_unlock(object); 2588 2589 return object; 2590 } 2591 2592 /* 2593 * Routine: vm_object_pager_create 2594 * Purpose: 2595 * Create a memory object for an internal object. 2596 * In/out conditions: 2597 * The object is locked on entry and exit; 2598 * it may be unlocked within this call. 2599 * Limitations: 2600 * Only one thread may be performing a 2601 * vm_object_pager_create on an object at 2602 * a time. Presumably, only the pageout 2603 * daemon will be using this routine. 2604 */ 2605 void vm_object_pager_create( 2606 register 2607 vm_object_t object) 2608 { 2609 ipc_port_t pager; 2610 2611 if (object->pager_created) { 2612 /* 2613 * Someone else got to it first... 2614 * wait for them to finish initializing 2615 */ 2616 2617 while (!object->pager_initialized) { 2618 vm_object_wait( object, 2619 VM_OBJECT_EVENT_PAGER_READY, 2620 FALSE); 2621 vm_object_lock(object); 2622 } 2623 return; 2624 } 2625 2626 /* 2627 * Indicate that a memory object has been assigned 2628 * before dropping the lock, to prevent a race. 2629 */ 2630 2631 object->pager_created = TRUE; 2632 2633 /* 2634 * Prevent collapse or termination by 2635 * holding a paging reference 2636 */ 2637 2638 vm_object_paging_begin(object); 2639 vm_object_unlock(object); 2640 2641 #if MACH_PAGEMAP 2642 object->existence_info = vm_external_create( 2643 object->size + 2644 object->paging_offset); 2645 assert((object->size + object->paging_offset) >= 2646 object->size); 2647 #endif /* MACH_PAGEMAP */ 2648 2649 /* 2650 * Create the pager, and associate with it 2651 * this object. 2652 * 2653 * Note that we only make the port association 2654 * so that vm_object_enter can properly look up 2655 * the object to complete the initialization... 2656 * we do not expect any user to ever map this 2657 * object. 2658 * 2659 * Since the kernel has the only rights to the 2660 * port, it's safe to install the association 2661 * without holding the cache lock. 2662 */ 2663 2664 pager = ipc_port_alloc_kernel(); 2665 if (pager == IP_NULL) 2666 panic("vm_object_pager_create: allocate pager port"); 2667 2668 (void) ipc_port_make_send(pager); 2669 ipc_kobject_set(pager, (ipc_kobject_t) object, IKOT_PAGER); 2670 2671 /* 2672 * Initialize the rest of the paging stuff 2673 */ 2674 2675 if (vm_object_enter(pager, object->size, TRUE) != object) 2676 panic("vm_object_pager_create: mismatch"); 2677 2678 /* 2679 * Drop the naked send right taken above. 2680 */ 2681 2682 ipc_port_release_send(pager); 2683 2684 /* 2685 * Release the paging reference 2686 */ 2687 2688 vm_object_lock(object); 2689 vm_object_paging_end(object); 2690 } 2691 2692 /* 2693 * Routine: vm_object_remove 2694 * Purpose: 2695 * Eliminate the pager/object association 2696 * for this pager. 2697 * Conditions: 2698 * The object cache must be locked. 2699 */ 2700 void vm_object_remove( 2701 vm_object_t object) 2702 { 2703 ipc_port_t port; 2704 2705 if ((port = object->pager) != IP_NULL) { 2706 if (ip_kotype(port) == IKOT_PAGER) 2707 ipc_kobject_set(port, IKO_NULL, 2708 IKOT_PAGER_TERMINATING); 2709 else if (ip_kotype(port) != IKOT_NONE) 2710 panic("vm_object_remove: bad object port"); 2711 } 2712 #if !NORMA_VM 2713 if ((port = object->pager_request) != IP_NULL) { 2714 if (ip_kotype(port) == IKOT_PAGING_REQUEST) 2715 ipc_kobject_set(port, IKO_NULL, IKOT_NONE); 2716 else if (ip_kotype(port) != IKOT_NONE) 2717 panic("vm_object_remove: bad request port"); 2718 } 2719 if ((port = object->pager_name) != IP_NULL) { 2720 if (ip_kotype(port) == IKOT_PAGING_NAME) 2721 ipc_kobject_set(port, IKO_NULL, IKOT_NONE); 2722 else if (ip_kotype(port) != IKOT_NONE) 2723 panic("vm_object_remove: bad name port"); 2724 } 2725 #endif /* !NORMA_VM */ 2726 } 2727 2728 /* 2729 * Global variables for vm_object_collapse(): 2730 * 2731 * Counts for normal collapses and bypasses. 2732 * Debugging variables, to watch or disable collapse. 2733 */ 2734 long object_collapses = 0; 2735 long object_bypasses = 0; 2736 2737 int vm_object_collapse_debug = 0; 2738 boolean_t vm_object_collapse_allowed = TRUE; 2739 boolean_t vm_object_collapse_bypass_allowed = TRUE; 2740 2741 /* 2742 * vm_object_collapse: 2743 * 2744 * Collapse an object with the object backing it. 2745 * Pages in the backing object are moved into the 2746 * parent, and the backing object is deallocated. 2747 * 2748 * Requires that the object be locked and the page 2749 * queues be unlocked. May unlock/relock the object, 2750 * so the caller should hold a reference for the object. 2751 */ 2752 void vm_object_collapse( 2753 register vm_object_t object) 2754 { 2755 register vm_object_t backing_object; 2756 register vm_offset_t backing_offset; 2757 register vm_size_t size; 2758 register vm_offset_t new_offset; 2759 register vm_page_t p, pp; 2760 ipc_port_t old_name_port; 2761 2762 if (!vm_object_collapse_allowed) 2763 return; 2764 2765 while (TRUE) { 2766 /* 2767 * Verify that the conditions are right for collapse: 2768 * 2769 * The object exists and no pages in it are currently 2770 * being paged out (or have ever been paged out). 2771 * 2772 * This check is probably overkill -- if a memory 2773 * object has not been created, the fault handler 2774 * shouldn't release the object lock while paging 2775 * is in progress or absent pages exist. 2776 */ 2777 if (object == VM_OBJECT_NULL || 2778 object->pager_created || 2779 object->paging_in_progress != 0 || 2780 object->absent_count != 0) 2781 return; 2782 2783 /* 2784 * There is a backing object, and 2785 */ 2786 2787 if ((backing_object = object->shadow) == VM_OBJECT_NULL) 2788 return; 2789 2790 vm_object_lock(backing_object); 2791 /* 2792 * ... 2793 * The backing object is not read_only, 2794 * and no pages in the backing object are 2795 * currently being paged out. 2796 * The backing object is internal. 2797 * 2798 * XXX It may be sufficient for the backing 2799 * XXX object to be temporary. 2800 */ 2801 2802 if (!backing_object->internal || 2803 backing_object->paging_in_progress != 0) { 2804 vm_object_unlock(backing_object); 2805 return; 2806 } 2807 2808 /* 2809 * The backing object can't be a copy-object: 2810 * the shadow_offset for the copy-object must stay 2811 * as 0. Furthermore (for the 'we have all the 2812 * pages' case), if we bypass backing_object and 2813 * just shadow the next object in the chain, old 2814 * pages from that object would then have to be copied 2815 * BOTH into the (former) backing_object and into the 2816 * parent object. 2817 */ 2818 if (backing_object->shadow != VM_OBJECT_NULL && 2819 backing_object->shadow->copy != VM_OBJECT_NULL) { 2820 vm_object_unlock(backing_object); 2821 return; 2822 } 2823 2824 /* 2825 * We know that we can either collapse the backing 2826 * object (if the parent is the only reference to 2827 * it) or (perhaps) remove the parent's reference 2828 * to it. 2829 */ 2830 2831 backing_offset = object->shadow_offset; 2832 size = object->size; 2833 2834 /* 2835 * If there is exactly one reference to the backing 2836 * object, we can collapse it into the parent. 2837 */ 2838 2839 if (backing_object->ref_count == 1) { 2840 if (!vm_object_cache_lock_try()) { 2841 vm_object_unlock(backing_object); 2842 return; 2843 } 2844 2845 /* 2846 * We can collapse the backing object. 2847 * 2848 * Move all in-memory pages from backing_object 2849 * to the parent. Pages that have been paged out 2850 * will be overwritten by any of the parent's 2851 * pages that shadow them. 2852 */ 2853 2854 while (!queue_empty(&backing_object->memq)) { 2855 2856 p = (vm_page_t) 2857 queue_first(&backing_object->memq); 2858 2859 new_offset = (p->offset - backing_offset); 2860 2861 assert(!p->busy || p->absent); 2862 2863 /* 2864 * If the parent has a page here, or if 2865 * this page falls outside the parent, 2866 * dispose of it. 2867 * 2868 * Otherwise, move it as planned. 2869 */ 2870 2871 if (p->offset < backing_offset || 2872 new_offset >= size) { 2873 vm_page_lock_queues(); 2874 vm_page_free(p); 2875 vm_page_unlock_queues(); 2876 } else { 2877 pp = vm_page_lookup(object, new_offset); 2878 if (pp != VM_PAGE_NULL && !pp->absent) { 2879 /* 2880 * Parent object has a real page. 2881 * Throw away the backing object's 2882 * page. 2883 */ 2884 vm_page_lock_queues(); 2885 vm_page_free(p); 2886 vm_page_unlock_queues(); 2887 } 2888 else { 2889 if (pp != VM_PAGE_NULL) { 2890 /* 2891 * Parent has an absent page... 2892 * it's not being paged in, so 2893 * it must really be missing from 2894 * the parent. 2895 * 2896 * Throw out the absent page... 2897 * any faults looking for that 2898 * page will restart with the new 2899 * one. 2900 */ 2901 2902 /* 2903 * This should never happen -- the 2904 * parent cannot have ever had an 2905 * external memory object, and thus 2906 * cannot have absent pages. 2907 */ 2908 panic("vm_object_collapse: bad case"); 2909 2910 vm_page_lock_queues(); 2911 vm_page_free(pp); 2912 vm_page_unlock_queues(); 2913 2914 /* 2915 * Fall through to move the backing 2916 * object's page up. 2917 */ 2918 } 2919 /* 2920 * Parent now has no page. 2921 * Move the backing object's page up. 2922 */ 2923 vm_page_rename(p, object, new_offset); 2924 } 2925 } 2926 } 2927 2928 /* 2929 * Move the pager from backing_object to object. 2930 * 2931 * XXX We're only using part of the paging space 2932 * for keeps now... we ought to discard the 2933 * unused portion. 2934 */ 2935 2936 switch (vm_object_collapse_debug) { 2937 case 0: 2938 break; 2939 case 1: 2940 if ((backing_object->pager == IP_NULL) && 2941 (backing_object->pager_request == 2942 PAGER_REQUEST_NULL)) 2943 break; 2944 /* Fall through to... */ 2945 2946 default: 2947 printf("vm_object_collapse: %#x (pager %#x, request %#x) up to %#x\n", 2948 (vm_offset_t)backing_object, 2949 (vm_offset_t)backing_object->pager, 2950 (vm_offset_t)backing_object->pager_request, 2951 (vm_offset_t)object); 2952 if (vm_object_collapse_debug > 2) 2953 Debugger("vm_object_collapse"); 2954 } 2955 2956 object->pager = backing_object->pager; 2957 if (object->pager != IP_NULL) 2958 ipc_kobject_set(object->pager, 2959 (ipc_kobject_t) object, 2960 IKOT_PAGER); 2961 object->pager_initialized = backing_object->pager_initialized; 2962 object->pager_ready = backing_object->pager_ready; 2963 object->pager_created = backing_object->pager_created; 2964 2965 object->pager_request = backing_object->pager_request; 2966 #if NORMA_VM 2967 old_name_port = object->pager_name; 2968 object->pager_name = backing_object->pager_name; 2969 #else /* NORMA_VM */ 2970 if (object->pager_request != IP_NULL) 2971 ipc_kobject_set(object->pager_request, 2972 (ipc_kobject_t) object, 2973 IKOT_PAGING_REQUEST); 2974 old_name_port = object->pager_name; 2975 if (old_name_port != IP_NULL) 2976 ipc_kobject_set(old_name_port, 2977 IKO_NULL, IKOT_NONE); 2978 object->pager_name = backing_object->pager_name; 2979 if (object->pager_name != IP_NULL) 2980 ipc_kobject_set(object->pager_name, 2981 (ipc_kobject_t) object, 2982 IKOT_PAGING_NAME); 2983 #endif /* NORMA_VM */ 2984 2985 vm_object_cache_unlock(); 2986 2987 /* 2988 * If there is no pager, leave paging-offset alone. 2989 */ 2990 if (object->pager != IP_NULL) 2991 object->paging_offset = 2992 backing_object->paging_offset + 2993 backing_offset; 2994 2995 #if MACH_PAGEMAP 2996 assert(object->existence_info == VM_EXTERNAL_NULL); 2997 object->existence_info = backing_object->existence_info; 2998 #endif /* MACH_PAGEMAP */ 2999 3000 /* 3001 * Object now shadows whatever backing_object did. 3002 * Note that the reference to backing_object->shadow 3003 * moves from within backing_object to within object. 3004 */ 3005 3006 object->shadow = backing_object->shadow; 3007 object->shadow_offset += backing_object->shadow_offset; 3008 if (object->shadow != VM_OBJECT_NULL && 3009 object->shadow->copy != VM_OBJECT_NULL) { 3010 panic("vm_object_collapse: we collapsed a copy-object!"); 3011 } 3012 /* 3013 * Discard backing_object. 3014 * 3015 * Since the backing object has no pages, no 3016 * pager left, and no object references within it, 3017 * all that is necessary is to dispose of it. 3018 */ 3019 3020 assert( 3021 (backing_object->ref_count == 1) && 3022 (backing_object->resident_page_count == 0) && 3023 (backing_object->paging_in_progress == 0) 3024 ); 3025 3026 assert(backing_object->alive); 3027 backing_object->alive = FALSE; 3028 vm_object_unlock(backing_object); 3029 3030 vm_object_unlock(object); 3031 if (old_name_port != IP_NULL) 3032 #if NORMA_VM 3033 ipc_port_release_send(old_name_port); 3034 #else /* NORMA_VM */ 3035 ipc_port_dealloc_kernel(old_name_port); 3036 #endif /* NORMA_VM */ 3037 zfree(vm_object_zone, (vm_offset_t) backing_object); 3038 vm_object_lock(object); 3039 3040 object_collapses++; 3041 } 3042 else { 3043 if (!vm_object_collapse_bypass_allowed) { 3044 vm_object_unlock(backing_object); 3045 return; 3046 } 3047 3048 /* 3049 * If all of the pages in the backing object are 3050 * shadowed by the parent object, the parent 3051 * object no longer has to shadow the backing 3052 * object; it can shadow the next one in the 3053 * chain. 3054 * 3055 * The backing object must not be paged out - we'd 3056 * have to check all of the paged-out pages, as 3057 * well. 3058 */ 3059 3060 if (backing_object->pager_created) { 3061 vm_object_unlock(backing_object); 3062 return; 3063 } 3064 3065 /* 3066 * Should have a check for a 'small' number 3067 * of pages here. 3068 */ 3069 3070 queue_iterate(&backing_object->memq, p, 3071 vm_page_t, listq) 3072 { 3073 new_offset = (p->offset - backing_offset); 3074 3075 /* 3076 * If the parent has a page here, or if 3077 * this page falls outside the parent, 3078 * keep going. 3079 * 3080 * Otherwise, the backing_object must be 3081 * left in the chain. 3082 */ 3083 3084 if (p->offset >= backing_offset && 3085 new_offset <= size && 3086 (pp = vm_page_lookup(object, new_offset)) 3087 == VM_PAGE_NULL) { 3088 /* 3089 * Page still needed. 3090 * Can't go any further. 3091 */ 3092 vm_object_unlock(backing_object); 3093 return; 3094 } 3095 } 3096 3097 /* 3098 * Make the parent shadow the next object 3099 * in the chain. Deallocating backing_object 3100 * will not remove it, since its reference 3101 * count is at least 2. 3102 */ 3103 3104 vm_object_reference(object->shadow = backing_object->shadow); 3105 object->shadow_offset += backing_object->shadow_offset; 3106 3107 /* 3108 * Backing object might have had a copy pointer 3109 * to us. If it did, clear it. 3110 */ 3111 if (backing_object->copy == object) 3112 backing_object->copy = VM_OBJECT_NULL; 3113 3114 /* 3115 * Drop the reference count on backing_object. 3116 * Since its ref_count was at least 2, it 3117 * will not vanish; so we don't need to call 3118 * vm_object_deallocate. 3119 */ 3120 backing_object->ref_count--; 3121 assert(backing_object->ref_count > 0); 3122 vm_object_unlock(backing_object); 3123 3124 object_bypasses ++; 3125 3126 } 3127 3128 /* 3129 * Try again with this object's new backing object. 3130 */ 3131 } 3132 } 3133 3134 /* 3135 * Routine: vm_object_page_remove: [internal] 3136 * Purpose: 3137 * Removes all physical pages in the specified 3138 * object range from the object's list of pages. 3139 * 3140 * In/out conditions: 3141 * The object must be locked. 3142 */ 3143 unsigned int vm_object_page_remove_lookup = 0; 3144 unsigned int vm_object_page_remove_iterate = 0; 3145 3146 void vm_object_page_remove( 3147 register vm_object_t object, 3148 register vm_offset_t start, 3149 register vm_offset_t end) 3150 { 3151 register vm_page_t p, next; 3152 3153 /* 3154 * One and two page removals are most popular. 3155 * The factor of 16 here is somewhat arbitrary. 3156 * It balances vm_object_lookup vs iteration. 3157 */ 3158 3159 if (atop(end - start) < (unsigned)object->resident_page_count/16) { 3160 vm_object_page_remove_lookup++; 3161 3162 for (; start < end; start += PAGE_SIZE) { 3163 p = vm_page_lookup(object, start); 3164 if (p != VM_PAGE_NULL) { 3165 if (!p->fictitious) 3166 pmap_page_protect(p->phys_addr, 3167 VM_PROT_NONE); 3168 vm_page_lock_queues(); 3169 vm_page_free(p); 3170 vm_page_unlock_queues(); 3171 } 3172 } 3173 } else { 3174 vm_object_page_remove_iterate++; 3175 3176 p = (vm_page_t) queue_first(&object->memq); 3177 while (!queue_end(&object->memq, (queue_entry_t) p)) { 3178 next = (vm_page_t) queue_next(&p->listq); 3179 if ((start <= p->offset) && (p->offset < end)) { 3180 if (!p->fictitious) 3181 pmap_page_protect(p->phys_addr, 3182 VM_PROT_NONE); 3183 vm_page_lock_queues(); 3184 vm_page_free(p); 3185 vm_page_unlock_queues(); 3186 } 3187 p = next; 3188 } 3189 } 3190 } 3191 3192 /* 3193 * Routine: vm_object_coalesce 3194 * Function: Coalesces two objects backing up adjoining 3195 * regions of memory into a single object. 3196 * 3197 * returns TRUE if objects were combined. 3198 * 3199 * NOTE: Only works at the moment if the second object is NULL - 3200 * if it's not, which object do we lock first? 3201 * 3202 * Parameters: 3203 * prev_object First object to coalesce 3204 * prev_offset Offset into prev_object 3205 * next_object Second object into coalesce 3206 * next_offset Offset into next_object 3207 * 3208 * prev_size Size of reference to prev_object 3209 * next_size Size of reference to next_object 3210 * 3211 * Conditions: 3212 * The object must *not* be locked. 3213 */ 3214 3215 boolean_t vm_object_coalesce( 3216 register vm_object_t prev_object, 3217 vm_object_t next_object, 3218 vm_offset_t prev_offset, 3219 vm_offset_t next_offset, 3220 vm_size_t prev_size, 3221 vm_size_t next_size) 3222 { 3223 vm_size_t newsize; 3224 3225 #ifdef lint 3226 next_offset++; 3227 #endif /* lint */ 3228 3229 if (next_object != VM_OBJECT_NULL) { 3230 return FALSE; 3231 } 3232 3233 if (prev_object == VM_OBJECT_NULL) { 3234 return TRUE; 3235 } 3236 3237 vm_object_lock(prev_object); 3238 3239 /* 3240 * Try to collapse the object first 3241 */ 3242 vm_object_collapse(prev_object); 3243 3244 /* 3245 * Can't coalesce if pages not mapped to 3246 * prev_entry may be in use anyway: 3247 * . more than one reference 3248 * . paged out 3249 * . shadows another object 3250 * . has a copy elsewhere 3251 * . paging references (pages might be in page-list) 3252 */ 3253 3254 if ((prev_object->ref_count > 1) || 3255 prev_object->pager_created || 3256 (prev_object->shadow != VM_OBJECT_NULL) || 3257 (prev_object->copy != VM_OBJECT_NULL) || 3258 (prev_object->paging_in_progress != 0)) { 3259 vm_object_unlock(prev_object); 3260 return FALSE; 3261 } 3262 3263 /* 3264 * Remove any pages that may still be in the object from 3265 * a previous deallocation. 3266 */ 3267 3268 vm_object_page_remove(prev_object, 3269 prev_offset + prev_size, 3270 prev_offset + prev_size + next_size); 3271 3272 /* 3273 * Extend the object if necessary. 3274 */ 3275 newsize = prev_offset + prev_size + next_size; 3276 if (newsize > prev_object->size) 3277 prev_object->size = newsize; 3278 3279 vm_object_unlock(prev_object); 3280 return TRUE; 3281 } 3282 3283 vm_object_t vm_object_request_object( 3284 ipc_port_t p) 3285 { 3286 return vm_object_lookup(p); 3287 } 3288 3289 /* 3290 * Routine: vm_object_name 3291 * Purpose: 3292 * Returns a naked send right to the "name" port associated 3293 * with this object. 3294 */ 3295 ipc_port_t vm_object_name( 3296 vm_object_t object) 3297 { 3298 ipc_port_t p; 3299 3300 if (object == VM_OBJECT_NULL) 3301 return IP_NULL; 3302 3303 vm_object_lock(object); 3304 3305 while (object->shadow != VM_OBJECT_NULL) { 3306 vm_object_t new_object = object->shadow; 3307 vm_object_lock(new_object); 3308 vm_object_unlock(object); 3309 object = new_object; 3310 } 3311 3312 p = object->pager_name; 3313 if (p != IP_NULL) 3314 #if NORMA_VM 3315 p = ipc_port_copy_send(p); 3316 #else /* NORMA_VM */ 3317 p = ipc_port_make_send(p); 3318 #endif /* NORMA_VM */ 3319 vm_object_unlock(object); 3320 3321 return p; 3322 } 3323 3324 /* 3325 * Attach a set of physical pages to an object, so that they can 3326 * be mapped by mapping the object. Typically used to map IO memory. 3327 * 3328 * The mapping function and its private data are used to obtain the 3329 * physical addresses for each page to be mapped. 3330 */ 3331 void 3332 vm_object_page_map( 3333 vm_object_t object, 3334 vm_offset_t offset, 3335 vm_size_t size, 3336 vm_offset_t (*map_fn)(void *, vm_offset_t), 3337 void * map_fn_data) /* private to map_fn */ 3338 { 3339 int num_pages; 3340 int i; 3341 vm_page_t m; 3342 vm_page_t old_page; 3343 vm_offset_t addr; 3344 3345 num_pages = atop(size); 3346 3347 for (i = 0; i < num_pages; i++, offset += PAGE_SIZE) { 3348 3349 addr = (*map_fn)(map_fn_data, offset); 3350 3351 while ((m = vm_page_grab_fictitious()) == VM_PAGE_NULL) 3352 vm_page_more_fictitious(); 3353 3354 vm_object_lock(object); 3355 if ((old_page = vm_page_lookup(object, offset)) 3356 != VM_PAGE_NULL) 3357 { 3358 vm_page_lock_queues(); 3359 vm_page_free(old_page); 3360 vm_page_unlock_queues(); 3361 } 3362 3363 if (addr == (vm_offset_t) (-1)) { 3364 m->error = TRUE; 3365 } 3366 else { 3367 vm_page_init(m, addr); 3368 m->wire_count = 1; 3369 m->private = TRUE; /* don`t free page */ 3370 } 3371 vm_page_lock_queues(); 3372 vm_page_insert(m, object, offset); 3373 vm_page_unlock_queues(); 3374 3375 PAGE_WAKEUP_DONE(m); 3376 vm_object_unlock(object); 3377 } 3378 } 3379 3380 #include <mach_kdb.h> 3381 3382 3383 #if MACH_KDB 3384 #include <ddb/db_output.h> 3385 3386 boolean_t vm_object_print_pages = FALSE; 3387 3388 /* 3389 * vm_object_print: [ debug ] 3390 */ 3391 void vm_object_print( 3392 vm_object_t object) 3393 { 3394 register vm_page_t p; 3395 3396 register int count; 3397 3398 if (object == VM_OBJECT_NULL) 3399 return; 3400 3401 db_iprintf("Object 0x%X: size=0x%X", 3402 (vm_offset_t) object, (vm_offset_t) object->size); 3403 db_printf(", %d references, %d resident pages,", object->ref_count, 3404 object->resident_page_count); 3405 db_printf(" %d absent pages,", object->absent_count); 3406 db_printf(" %d paging ops\n", object->paging_in_progress); 3407 db_indent += 2; 3408 db_iprintf("memory object=0x%X (offset=0x%X),", 3409 (vm_offset_t) object->pager, (vm_offset_t) object->paging_offset); 3410 db_printf("control=0x%X, name=0x%X\n", 3411 (vm_offset_t) object->pager_request, (vm_offset_t) object->pager_name); 3412 db_iprintf("%s%s", 3413 object->pager_ready ? " ready" : "", 3414 object->pager_created ? " created" : ""); 3415 db_printf("%s,%s ", 3416 object->pager_initialized ? "" : "uninitialized", 3417 object->temporary ? "temporary" : "permanent"); 3418 db_printf("%s%s,", 3419 object->internal ? "internal" : "external", 3420 object->can_persist ? " cacheable" : ""); 3421 db_printf("copy_strategy=%d\n", (vm_offset_t)object->copy_strategy); 3422 db_iprintf("shadow=0x%X (offset=0x%X),", 3423 (vm_offset_t) object->shadow, (vm_offset_t) object->shadow_offset); 3424 db_printf("copy=0x%X\n", (vm_offset_t) object->copy); 3425 3426 db_indent += 2; 3427 3428 if (vm_object_print_pages) { 3429 count = 0; 3430 p = (vm_page_t) queue_first(&object->memq); 3431 while (!queue_end(&object->memq, (queue_entry_t) p)) { 3432 if (count == 0) db_iprintf("memory:="); 3433 else if (count == 4) {db_printf("\n"); db_iprintf(" ..."); count = 0;} 3434 else db_printf(","); 3435 count++; 3436 3437 db_printf("(off=0x%X,page=0x%X)", p->offset, (vm_offset_t) p); 3438 p = (vm_page_t) queue_next(&p->listq); 3439 } 3440 if (count != 0) 3441 db_printf("\n"); 3442 } 3443 db_indent -= 4; 3444 } 3445 3446 #endif /* MACH_KDB */
Cache object: 977c4bf788c6f16ec4b1f5ca72588935
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]