FreeBSD/Linux Kernel Cross Reference
sys/vm/vm_object.c
1 /*
2 * Mach Operating System
3 * Copyright (c) 1993-1987 Carnegie Mellon University
4 * All Rights Reserved.
5 *
6 * Permission to use, copy, modify and distribute this software and its
7 * documentation is hereby granted, provided that both the copyright
8 * notice and this permission notice appear in all copies of the
9 * software, derivative works or modified versions, and any portions
10 * thereof, and that both notices appear in supporting documentation.
11 *
12 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
13 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
14 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
15 *
16 * Carnegie Mellon requests users of this software to return to
17 *
18 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
19 * School of Computer Science
20 * Carnegie Mellon University
21 * Pittsburgh PA 15213-3890
22 *
23 * any improvements or extensions that they make and grant Carnegie Mellon
24 * the rights to redistribute these changes.
25 */
26 /*
27 * HISTORY
28 * $Log: vm_object.c,v $
29 * Revision 2.38 93/11/17 18:56:09 dbg
30 * Made vm_object_page_map mark a page in error if the mapping
31 * routine returns -1.
32 * [93/05/24 dbg]
33 *
34 * Revision 2.37 93/01/14 18:01:42 danner
35 * Added ANSI function prototypes.
36 * [92/12/30 dbg]
37 * 64bit cleanup.
38 * [92/12/01 af]
39 *
40 * Revision 2.36 92/08/03 18:01:47 jfriedl
41 * removed silly prototypes
42 * [92/08/02 jfriedl]
43 *
44 * Revision 2.35 92/05/21 17:26:23 jfriedl
45 * Cleanup to quiet gcc warnings.
46 * [92/05/16 jfriedl]
47 *
48 * Revision 2.34 92/04/01 19:37:41 rpd
49 * Fixed vm_object_pager_wakeup to use ip_active. From dlb.
50 * [92/03/22 rpd]
51 *
52 * Revision 2.33 92/03/10 16:30:12 jsb
53 * Fix to NORMA_VM pager_name merge.
54 * [92/03/10 13:45:01 jsb]
55 *
56 * Merged in NORMA_VM strategy for pager_name ports.
57 * Should one day reconcile the jsb and rpd schemes.
58 * [92/03/10 08:17:32 jsb]
59 *
60 * Added new NORMA_VM changes.
61 * [92/03/06 16:35:19 jsb]
62 *
63 * (Naively) handle temporary objects in vm_object_copy_strategically.
64 * This now happens because of new MEMORY_OBJECT_COPY_TEMPORARY option.
65 * [92/03/06 16:22:17 jsb]
66 *
67 * Use IKOT_PAGER_TERMINATING to solve terminate/init race.
68 * Includes fixes from David Black.
69 * [92/03/06 16:15:41 jsb]
70 *
71 * Changes for object->pager_request now being a pager_request_t.
72 * [92/03/06 15:20:07 jsb]
73 *
74 * Removed old NORMA_VM stuff.
75 * [92/03/06 14:37:19 jsb]
76 *
77 * Revision 2.32 92/03/04 20:26:49 rpd
78 * Fixed the most blatant errors in vm_object_copy_call.
79 * [92/03/04 17:52:30 jsb]
80 *
81 * Revision 2.31 92/03/01 15:16:01 rpd
82 * Fixed vm_object_copy_temporary to only set shadowed
83 * if symmetric copy-on-write is used. From dlb.
84 * [92/03/01 rpd]
85 *
86 * Revision 2.30 92/02/23 19:51:09 elf
87 * Remove dest_wired logic from vm_object_copy_slowly.
88 * [92/02/21 10:16:35 dlb]
89 *
90 * Maintain shadowed field in objects for use by new
91 * VM_INHERIT_SHARE code (vm_map_fork). Restore old
92 * interface to vm_object_pmap_protect.
93 * [92/02/19 14:28:12 dlb]
94 *
95 * Use use_shared_copy instead of new copy strategy for
96 * temporary objects.
97 * [92/01/07 11:15:53 dlb]
98 *
99 * Add asynchronous copy-on-write logic for temporary objects.
100 * [92/01/06 16:24:59 dlb]
101 *
102 * Revision 2.29 92/02/19 15:10:25 elf
103 * Fixed vm_object_collapse to unlock the object before calling
104 * ipc_port_dealloc_kernel (which might allocate memory).
105 * [92/02/16 rpd]
106 *
107 * Picked up dlb fix for vm_object_copy_slowly,
108 * for when vm_fault_page is interrupted.
109 * [92/02/14 rpd]
110 *
111 * Revision 2.28 92/01/14 16:48:10 rpd
112 * Fixed vm_object_lookup to use IP_VALID, lock the port, and
113 * allow only IKOT_PAGING_REQUEST, not IKOT_PAGER.
114 * Added vm_object_lookup_name (which uses IKOT_PAGING_NAME).
115 * Removed vm_object_debug.
116 * [91/12/31 rpd]
117 *
118 * Changed vm_object_allocate, vm_object_enter, etc so that
119 * all objects have name ports. Added IKOT_PAGING_NAME.
120 * Split vm_object_init into vm_object_bootstrap and vm_object_init.
121 * [91/12/28 rpd]
122 *
123 * Revision 2.27 91/12/11 08:44:01 jsb
124 * Changed vm_object_coalesce to also check for paging references.
125 * This fixes a problem with page-list map-copy objects.
126 * [91/12/03 rpd]
127 *
128 * Revision 2.26 91/12/10 13:27:07 jsb
129 * Comment out noisy printf. (Avoiding dealloc ...)
130 * [91/12/10 12:50:34 jsb]
131 *
132 * Revision 2.25 91/11/12 11:52:09 rvb
133 * Added simple_lock_pause.
134 * [91/11/12 rpd]
135 *
136 * Revision 2.24 91/08/28 11:18:37 jsb
137 * Handle dirty private pages correctly in vm_object_terminate().
138 * [91/07/30 14:18:54 dlb]
139 *
140 * single_use --> use_old_pageout in object initialization template.
141 * Support precious pages in vm_object_terminate().
142 * [91/07/03 14:18:07 dlb]
143 *
144 * Revision 2.23 91/07/31 18:21:27 dbg
145 * Add vm_object_page_map, to attach a set of physical pages to an
146 * object.
147 * [91/07/30 17:26:58 dbg]
148 *
149 * Revision 2.22 91/07/01 08:27:52 jsb
150 * Improved NORMA_VM support, including support for memory_object_create.
151 * [91/06/29 17:06:11 jsb]
152 *
153 * Revision 2.21 91/06/25 11:07:02 rpd
154 * Fixed includes to avoid norma files unless they are really needed.
155 * [91/06/25 rpd]
156 *
157 * Revision 2.20 91/06/25 10:34:11 rpd
158 * Changed memory_object_t to ipc_port_t where appropriate.
159 * Removed extraneous casts.
160 * [91/05/28 rpd]
161 *
162 * Revision 2.19 91/06/17 15:49:25 jsb
163 * Added NORMA_VM support.
164 * [91/06/17 15:28:16 jsb]
165 *
166 * Revision 2.18 91/05/18 14:41:22 rpd
167 * Changed vm_object_deactivate_pages to call vm_page_deactivate
168 * on inactivate pages, because that is no longer a no-op.
169 * [91/04/20 rpd]
170 *
171 * Fixed vm_object_pmap_protect, vm_object_pmap_remove,
172 * vm_object_page_remove, vm_object_copy_call, vm_object_copy_delayed
173 * to check for fictitious pages.
174 * [91/04/10 rpd]
175 * Fixed vm_object_terminate to allow for busy/absent pages.
176 * [91/04/02 rpd]
177 *
178 * Added VM_FAULT_FICTITIOUS_SHORTAGE.
179 * [91/03/29 rpd]
180 * Added vm/memory_object.h.
181 * [91/03/22 rpd]
182 *
183 * Revision 2.17 91/05/14 17:50:19 mrt
184 * Correcting copyright
185 *
186 * Revision 2.16 91/05/08 13:34:59 dbg
187 * Rearrange initialization code in vm_object_enter to clearly
188 * separate 'internal' case (and to avoid a vax GCC bug).
189 * [91/04/17 dbg]
190 *
191 * Revision 2.15 91/03/16 15:06:19 rpd
192 * Changed vm_object_deactivate_pages and vm_object_terminate to
193 * check for busy pages. Changed how vm_object_terminate
194 * interacts with the pageout daemon.
195 * [91/03/12 rpd]
196 * Fixed vm_object_page_remove to be smart about small regions.
197 * [91/03/05 rpd]
198 * Added resume, continuation arguments to vm_fault_page.
199 * Added continuation argument to VM_PAGE_WAIT.
200 * [91/02/05 rpd]
201 *
202 * Revision 2.14 91/02/05 17:59:16 mrt
203 * Changed to new Mach copyright
204 * [91/02/01 16:33:29 mrt]
205 *
206 * Revision 2.13 91/01/08 16:45:32 rpd
207 * Added continuation argument to thread_block.
208 * [90/12/08 rpd]
209 *
210 * Fixed vm_object_terminate to give vm_pageout_page busy pages.
211 * [90/11/22 rpd]
212 *
213 * Changed VM_WAIT to VM_PAGE_WAIT.
214 * [90/11/13 rpd]
215 *
216 * Revision 2.12 90/11/06 18:44:12 rpd
217 * From dlb@osf.org:
218 * If pager initialization is in progress (object->pager_created &&
219 * !object->pager_initialized), then vm_object_deallocate must wait
220 * for it to complete before terminating the object. Because anything
221 * can happen in the interim, it must recheck its decision to terminate
222 * after the wait completes.
223 *
224 * Revision 2.11 90/10/12 13:06:24 rpd
225 * In vm_object_copy_slowly, only activate pages returned from
226 * vm_fault_page if they aren't already on a pageout queue.
227 * [90/10/08 rpd]
228 *
229 * Revision 2.10 90/09/09 14:34:20 rpd
230 * Fixed bug in vm_object_copy_slowly. The pages in the new object
231 * should be marked as dirty.
232 * [90/09/08 rpd]
233 *
234 * Revision 2.9 90/06/19 23:02:52 rpd
235 * Picked up vm_submap_object.
236 * [90/06/08 rpd]
237 *
238 * Revision 2.8 90/06/02 15:11:31 rpd
239 * Changed vm_object_collapse_bypass_allowed back to TRUE.
240 * [90/04/22 rpd]
241 * Converted to new IPC.
242 * [90/03/26 23:16:54 rpd]
243 *
244 * Revision 2.7 90/05/29 18:38:57 rwd
245 * Rfr change to reflect change in vm_pageout_page.
246 * [90/04/12 13:48:31 rwd]
247 *
248 * Revision 2.6 90/05/03 15:53:08 dbg
249 * Make vm_object_pmap_protect follow shadow chains if removing all
250 * permissions. Fix check for using pmap_protect on entire range.
251 * [90/04/18 dbg]
252 *
253 * Pass 'flush' argument to vm_pageout_page.
254 * [90/03/28 dbg]
255 *
256 * Revision 2.5 90/02/22 20:06:24 dbg
257 * Add changes from mainline:
258 *
259 * Fix comment on vm_object_delayed.
260 * [89/12/18 dlb]
261 * Revised use of PAGE_WAKEUP macros. Don't clear busy flag when
262 * restarting unlock requests.
263 * [89/12/13 dlb]
264 * Fix locking problems in vm_object_copy_slowly:
265 * 1. Must hold lock on object containing page being copied
266 * from (result_page) object when activating that page.
267 * 2. Fix typo that tried to lock source object twice if
268 * vm_fault_page returned two objects; this rare case
269 * would hang a multiprocessor if it occurred.
270 * [89/12/11 dlb]
271 *
272 * Complete un-optimized overwriting implementation. Move
273 * futuristic implementation here. Clean up and document
274 * copy routines.
275 * [89/08/05 18:01:22 mwyoung]
276 * Add vm_object_pmap_protect() to perform pmap protection
277 * changes more efficiently.
278 * [89/07/07 14:06:34 mwyoung]
279 * Split up vm_object_copy into one part that does not unlock the
280 * object (i.e., does not sleep), and another that may. Also, use
281 * separate routines for each copy strategy.
282 * [89/07/06 18:39:55 mwyoung]
283 *
284 * Revision 2.4 90/01/11 11:47:58 dbg
285 * Use vm_fault_cleanup.
286 * [89/12/13 dbg]
287 *
288 * Fix locking bug in vm_object_copy_slowly.
289 * [89/12/13 dbg]
290 *
291 * Pick up changes from mainline:
292 * Remove size argument from vm_external_destroy.
293 * Add paging_offset to size used in vm_external_create.
294 * Account for existence_info movement in vm_object_collapse.
295 * [89/10/16 15:30:16 af]
296 *
297 * Remove XP conditionals.
298 * Document global variables.
299 * [89/10/10 mwyoung]
300 *
301 * Added initialization for lock_in_progress, lock_restart fields.
302 * [89/08/07 mwyoung]
303 *
304 * Beautify dirty bit handling in vm_object_terminate().
305 * Don't write back "error" pages in vm_object_terminate().
306 * [89/04/22 mwyoung]
307 *
308 * Removed vm_object_list, vm_object_count.
309 * [89/08/31 19:45:43 rpd]
310 *
311 * Optimization from NeXT: vm_object_deactivate_pages checks now
312 * that the page is inactive before call vm_page_deactivate. Also,
313 * initialize the last_alloc field in vm_object_template.
314 * [89/08/19 23:46:42 rpd]
315 *
316 * Revision 2.3 89/10/16 15:22:22 rwd
317 * In vm_object_collapse: leave paging_offset zero if the backing
318 * object does not have a pager.
319 * [89/10/12 dbg]
320 *
321 * Revision 2.2 89/09/08 11:28:45 dbg
322 * Add keep_wired parameter to vm_object_copy_slowly to wire new
323 * pages.
324 * [89/07/14 dbg]
325 *
326 * 22-May-89 David Golub (dbg) at Carnegie-Mellon University
327 * Refuse vm_object_pager_create if no default memory manager.
328 *
329 * 28-Apr-89 David Golub (dbg) at Carnegie-Mellon University
330 * Changes for MACH_KERNEL:
331 * . Use port_alloc_internal to simplify port_alloc call.
332 * . Remove non-XP code.
333 *
334 * Revision 2.23 89/04/23 13:25:43 gm0w
335 * Changed assert(!p->busy) to assert(!p->busy || p->absent) in
336 * vm_object_collapse(). Change from jsb/mwyoung.
337 * [89/04/23 gm0w]
338 *
339 * Revision 2.22 89/04/18 21:26:29 mwyoung
340 * Recent history [mwyoung]:
341 * Use hints about pages not in main memory.
342 * Get default memory manager port more carefully, as it
343 * may now be changed after initialization.
344 * Use new event mechanism.
345 * Correct vm_object_destroy() to actually abort requests.
346 * Correct handling of paging offset in vm_object_collapse().
347 * Condensed history:
348 * Add copy strategy handling, including a routine
349 * (vm_object_copy_slowly() to perform an immediate copy
350 * of a region of an object. [mwyoung]
351 * Restructure the handling of the relationships among memory
352 * objects (the ports), the related fields in the vm_object
353 * structure, and routines that manipulate them [mwyoung].
354 * Simplify maintenance of the unreferenced-object cache. [mwyoung]
355 * Distinguish internal and temporary attributes. [mwyoung]
356 * Reorganized and documented maintenance of the
357 * vm_object-to-memory_object assocations. [mwyoung]
358 * Improved external memory management interface. [mwyoung]
359 * Several reimplementations/fixes to the object cache
360 * and the port to object translation. [mwyoung, avie, dbg]
361 * Create a cache of objects that have no references
362 * so that their pages remain in memory (inactive). [avie]
363 * Collapse object tree when reference counts drop to one.
364 * Use "paging_in_progress" to prevent collapsing. [dbg]
365 * Split up paging system lock, eliminate SPL handling.
366 * The only uses of vm_object code at interrupt level
367 * uses objects that are only touched at interrupt level. [dbg]
368 * Use "copy object" rather than normal shadows for
369 * permanent objects. [dbg]
370 * Accomodate external pagers [mwyoung, bolosky].
371 * Allow objects to be coalesced to avoid growing address
372 * maps during sequential allocations. [dbg]
373 * Optimizations and fixes to copy-on-write [avie, mwyoung, dbg].
374 * Use only one object for all kernel data. [avie]
375 *
376 */
377 /*
378 * File: vm/vm_object.c
379 * Author: Avadis Tevanian, Jr., Michael Wayne Young
380 *
381 * Virtual memory object module.
382 */
383
384 #include <norma_vm.h>
385 #include <mach_pagemap.h>
386
387 #if NORMA_VM
388 #include <norma/xmm_server_rename.h>
389 #endif /* NORMA_VM */
390
391 #include <mach/memory_object.h>
392 #include <mach/memory_object_default.h>
393 #include <mach/memory_object_user.h>
394 #include <mach/vm_param.h>
395 #include <ipc/ipc_port.h>
396 #include <ipc/ipc_space.h>
397 #include <kern/assert.h>
398 #include <kern/kern_io.h>
399 #include <kern/lock.h>
400 #include <kern/memory.h>
401 #include <kern/queue.h>
402 #include <kern/xpr.h>
403 #include <kern/zalloc.h>
404 #include <vm/memory_object.h>
405 #include <vm/vm_fault.h>
406 #include <vm/vm_map.h>
407 #include <vm/vm_object.h>
408 #include <vm/vm_page.h>
409 #include <vm/vm_pageout.h>
410
411
412 void memory_object_release(
413 ipc_port_t pager,
414 pager_request_t pager_request,
415 ipc_port_t pager_name); /* forward */
416
417 void vm_object_deactivate_pages(vm_object_t);
418
419 /*
420 * Virtual memory objects maintain the actual data
421 * associated with allocated virtual memory. A given
422 * page of memory exists within exactly one object.
423 *
424 * An object is only deallocated when all "references"
425 * are given up. Only one "reference" to a given
426 * region of an object should be writeable.
427 *
428 * Associated with each object is a list of all resident
429 * memory pages belonging to that object; this list is
430 * maintained by the "vm_page" module, but locked by the object's
431 * lock.
432 *
433 * Each object also records the memory object port
434 * that is used by the kernel to request and write
435 * back data (the memory object port, field "pager"),
436 * and the ports provided to the memory manager, the server that
437 * manages that data, to return data and control its
438 * use (the memory object control port, field "pager_request")
439 * and for naming (the memory object name port, field "pager_name").
440 *
441 * Virtual memory objects are allocated to provide
442 * zero-filled memory (vm_allocate) or map a user-defined
443 * memory object into a virtual address space (vm_map).
444 *
445 * Virtual memory objects that refer to a user-defined
446 * memory object are called "permanent", because all changes
447 * made in virtual memory are reflected back to the
448 * memory manager, which may then store it permanently.
449 * Other virtual memory objects are called "temporary",
450 * meaning that changes need be written back only when
451 * necessary to reclaim pages, and that storage associated
452 * with the object can be discarded once it is no longer
453 * mapped.
454 *
455 * A permanent memory object may be mapped into more
456 * than one virtual address space. Moreover, two threads
457 * may attempt to make the first mapping of a memory
458 * object concurrently. Only one thread is allowed to
459 * complete this mapping; all others wait for the
460 * "pager_initialized" field is asserted, indicating
461 * that the first thread has initialized all of the
462 * necessary fields in the virtual memory object structure.
463 *
464 * The kernel relies on a *default memory manager* to
465 * provide backing storage for the zero-filled virtual
466 * memory objects. The memory object ports associated
467 * with these temporary virtual memory objects are only
468 * generated and passed to the default memory manager
469 * when it becomes necessary. Virtual memory objects
470 * that depend on the default memory manager are called
471 * "internal". The "pager_created" field is provided to
472 * indicate whether these ports have ever been allocated.
473 *
474 * The kernel may also create virtual memory objects to
475 * hold changed pages after a copy-on-write operation.
476 * In this case, the virtual memory object (and its
477 * backing storage -- its memory object) only contain
478 * those pages that have been changed. The "shadow"
479 * field refers to the virtual memory object that contains
480 * the remainder of the contents. The "shadow_offset"
481 * field indicates where in the "shadow" these contents begin.
482 * The "copy" field refers to a virtual memory object
483 * to which changed pages must be copied before changing
484 * this object, in order to implement another form
485 * of copy-on-write optimization.
486 *
487 * The virtual memory object structure also records
488 * the attributes associated with its memory object.
489 * The "pager_ready", "can_persist" and "copy_strategy"
490 * fields represent those attributes. The "cached_list"
491 * field is used in the implementation of the persistence
492 * attribute.
493 *
494 * ZZZ Continue this comment.
495 */
496
497 zone_t vm_object_zone; /* vm backing store zone */
498
499 /*
500 * All wired-down kernel memory belongs to a single virtual
501 * memory object (kernel_object) to avoid wasting data structures.
502 */
503 vm_object_t kernel_object;
504
505 /*
506 * Virtual memory objects that are not referenced by
507 * any address maps, but that are allowed to persist
508 * (an attribute specified by the associated memory manager),
509 * are kept in a queue (vm_object_cached_list).
510 *
511 * When an object from this queue is referenced again,
512 * for example to make another address space mapping,
513 * it must be removed from the queue. That is, the
514 * queue contains *only* objects with zero references.
515 *
516 * The kernel may choose to terminate objects from this
517 * queue in order to reclaim storage. The current policy
518 * is to permit a fixed maximum number of unreferenced
519 * objects (vm_object_cached_max).
520 *
521 * A simple lock (accessed by routines
522 * vm_object_cache_{lock,lock_try,unlock}) governs the
523 * object cache. It must be held when objects are
524 * added to or removed from the cache (in vm_object_terminate).
525 * The routines that acquire a reference to a virtual
526 * memory object based on one of the memory object ports
527 * must also lock the cache.
528 *
529 * Ideally, the object cache should be more isolated
530 * from the reference mechanism, so that the lock need
531 * not be held to make simple references.
532 */
533 queue_head_t vm_object_cached_list;
534 int vm_object_cached_count;
535 int vm_object_cached_max = 100; /* may be patched*/
536
537 decl_simple_lock_data(,vm_object_cached_lock_data)
538
539 #define vm_object_cache_lock() \
540 simple_lock(&vm_object_cached_lock_data)
541 #define vm_object_cache_lock_try() \
542 simple_lock_try(&vm_object_cached_lock_data)
543 #define vm_object_cache_unlock() \
544 simple_unlock(&vm_object_cached_lock_data)
545
546 /*
547 * Virtual memory objects are initialized from
548 * a template (see vm_object_allocate).
549 *
550 * When adding a new field to the virtual memory
551 * object structure, be sure to add initialization
552 * (see vm_object_init).
553 */
554 vm_object_t vm_object_template;
555
556 /*
557 * vm_object_allocate:
558 *
559 * Returns a new object with the given size.
560 */
561
562 vm_object_t _vm_object_allocate(
563 vm_size_t size)
564 {
565 register vm_object_t object;
566
567 object = (vm_object_t) zalloc(vm_object_zone);
568
569 *object = *vm_object_template;
570 queue_init(&object->memq);
571 vm_object_lock_init(object);
572 object->size = size;
573
574 return object;
575 }
576
577 vm_object_t vm_object_allocate(
578 vm_size_t size)
579 {
580 register vm_object_t object;
581 register ipc_port_t port;
582
583 object = _vm_object_allocate(size);
584 #if !NORMA_VM
585 port = ipc_port_alloc_kernel();
586 if (port == IP_NULL)
587 panic("vm_object_allocate");
588 object->pager_name = port;
589 ipc_kobject_set(port, (ipc_kobject_t) object, IKOT_PAGING_NAME);
590 #endif /* !NORMA_VM */
591
592 return object;
593 }
594
595 /*
596 * vm_object_bootstrap:
597 *
598 * Initialize the VM objects module.
599 */
600 void vm_object_bootstrap(void)
601 {
602 vm_object_zone = zinit((vm_size_t) sizeof(struct vm_object),
603 round_page(512*1024),
604 round_page(12*1024),
605 FALSE, "objects");
606
607 queue_init(&vm_object_cached_list);
608 simple_lock_init(&vm_object_cached_lock_data);
609
610 /*
611 * Fill in a template object, for quick initialization
612 */
613
614 vm_object_template = (vm_object_t) zalloc(vm_object_zone);
615 bzero(vm_object_template, sizeof *vm_object_template);
616
617 vm_object_template->ref_count = 1;
618 vm_object_template->size = 0;
619 vm_object_template->resident_page_count = 0;
620 vm_object_template->copy = VM_OBJECT_NULL;
621 vm_object_template->shadow = VM_OBJECT_NULL;
622 vm_object_template->shadow_offset = (vm_offset_t) 0;
623
624 vm_object_template->pager = IP_NULL;
625 vm_object_template->paging_offset = 0;
626 vm_object_template->pager_request = PAGER_REQUEST_NULL;
627 vm_object_template->pager_name = IP_NULL;
628
629 vm_object_template->pager_created = FALSE;
630 vm_object_template->pager_initialized = FALSE;
631 vm_object_template->pager_ready = FALSE;
632
633 vm_object_template->copy_strategy = MEMORY_OBJECT_COPY_NONE;
634 /* ignored if temporary, will be reset before
635 * permanent object becomes ready */
636 vm_object_template->use_shared_copy = FALSE;
637 vm_object_template->shadowed = FALSE;
638
639 vm_object_template->absent_count = 0;
640 vm_object_template->all_wanted = 0; /* all bits FALSE */
641
642 vm_object_template->paging_in_progress = 0;
643 vm_object_template->can_persist = FALSE;
644 vm_object_template->internal = TRUE;
645 vm_object_template->temporary = TRUE;
646 vm_object_template->alive = TRUE;
647 vm_object_template->lock_in_progress = FALSE;
648 vm_object_template->lock_restart = FALSE;
649 vm_object_template->use_old_pageout = TRUE; /* XXX change later */
650 vm_object_template->last_alloc = (vm_offset_t) 0;
651
652 #if MACH_PAGEMAP
653 vm_object_template->existence_info = VM_EXTERNAL_NULL;
654 #endif /* MACH_PAGEMAP */
655
656 /*
657 * Initialize the "kernel object"
658 */
659
660 kernel_object = _vm_object_allocate(
661 VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS);
662
663 /*
664 * Initialize the "submap object". Make it as large as the
665 * kernel object so that no limit is imposed on submap sizes.
666 */
667
668 vm_submap_object = _vm_object_allocate(
669 VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS);
670
671 #if MACH_PAGEMAP
672 vm_external_module_initialize();
673 #endif /* MACH_PAGEMAP */
674 }
675
676 void vm_object_init(void)
677 {
678 #if !NORMA_VM
679 /*
680 * Finish initializing the kernel object.
681 * The submap object doesn't need a name port.
682 */
683
684 kernel_object->pager_name = ipc_port_alloc_kernel();
685 ipc_kobject_set(kernel_object->pager_name,
686 (ipc_kobject_t) kernel_object,
687 IKOT_PAGING_NAME);
688 #endif /* !NORMA_VM */
689 }
690
691 /*
692 * vm_object_reference:
693 *
694 * Gets another reference to the given object.
695 */
696 void vm_object_reference(
697 register vm_object_t object)
698 {
699 if (object == VM_OBJECT_NULL)
700 return;
701
702 vm_object_lock(object);
703 assert(object->ref_count > 0);
704 object->ref_count++;
705 vm_object_unlock(object);
706 }
707
708 /*
709 * vm_object_deallocate:
710 *
711 * Release a reference to the specified object,
712 * gained either through a vm_object_allocate
713 * or a vm_object_reference call. When all references
714 * are gone, storage associated with this object
715 * may be relinquished.
716 *
717 * No object may be locked.
718 */
719 void vm_object_deallocate(
720 register vm_object_t object)
721 {
722 vm_object_t temp;
723
724 while (object != VM_OBJECT_NULL) {
725
726 /*
727 * The cache holds a reference (uncounted) to
728 * the object; we must lock it before removing
729 * the object.
730 */
731
732 vm_object_cache_lock();
733
734 /*
735 * Lose the reference
736 */
737 vm_object_lock(object);
738 if (--(object->ref_count) > 0) {
739
740 /*
741 * If there are still references, then
742 * we are done.
743 */
744 vm_object_unlock(object);
745 vm_object_cache_unlock();
746 return;
747 }
748
749 /*
750 * See whether this object can persist. If so, enter
751 * it in the cache, then deactivate all of its
752 * pages.
753 */
754 if (object->can_persist) {
755 boolean_t overflow;
756
757 /*
758 * Enter the object onto the queue
759 * of "cached" objects. Remember whether
760 * we've caused the queue to overflow,
761 * as a hint.
762 */
763
764 queue_enter(&vm_object_cached_list, object,
765 vm_object_t, cached_list);
766 overflow = (++vm_object_cached_count > vm_object_cached_max);
767 vm_object_cache_unlock();
768
769 vm_object_deactivate_pages(object);
770 vm_object_unlock(object);
771
772 /*
773 * If we didn't overflow, or if the queue has
774 * been reduced back to below the specified
775 * minimum, then quit.
776 */
777 if (!overflow)
778 return;
779
780 while (TRUE) {
781 vm_object_cache_lock();
782 if (vm_object_cached_count <=
783 vm_object_cached_max) {
784 vm_object_cache_unlock();
785 return;
786 }
787
788 /*
789 * If we must trim down the queue, take
790 * the first object, and proceed to
791 * terminate it instead of the original
792 * object. Have to wait for pager init.
793 * if it's in progress.
794 */
795 object= (vm_object_t)
796 queue_first(&vm_object_cached_list);
797 vm_object_lock(object);
798
799 if (!(object->pager_created &&
800 !object->pager_initialized)) {
801
802 /*
803 * Ok to terminate, hang on to lock.
804 */
805 break;
806 }
807
808 vm_object_assert_wait(object,
809 VM_OBJECT_EVENT_INITIALIZED, FALSE);
810 vm_object_unlock(object);
811 vm_object_cache_unlock();
812 thread_block(CONTINUE_NULL);
813
814 /*
815 * Continue loop to check if cache still
816 * needs to be trimmed.
817 */
818 }
819
820 /*
821 * Actually remove object from cache.
822 */
823
824 queue_remove(&vm_object_cached_list, object,
825 vm_object_t, cached_list);
826 vm_object_cached_count--;
827
828 assert(object->ref_count == 0);
829 }
830 else {
831 if (object->pager_created &&
832 !object->pager_initialized) {
833
834 /*
835 * Have to wait for initialization.
836 * Put reference back and retry
837 * when it's initialized.
838 */
839 object->ref_count++;
840 vm_object_assert_wait(object,
841 VM_OBJECT_EVENT_INITIALIZED, FALSE);
842 vm_object_unlock(object);
843 vm_object_cache_unlock();
844 thread_block(CONTINUE_NULL);
845 continue;
846 }
847 }
848
849 /*
850 * Take the reference to the shadow object
851 * out of the object to be destroyed.
852 */
853
854 temp = object->shadow;
855
856 /*
857 * Destroy the object; the cache lock will
858 * be released in the process.
859 */
860
861 vm_object_terminate(object);
862
863 /*
864 * Deallocate the reference to the shadow
865 * by continuing the loop with that object
866 * in place of the original.
867 */
868
869 object = temp;
870 }
871 }
872
873 boolean_t vm_object_terminate_remove_all = FALSE;
874
875 /*
876 * Routine: vm_object_terminate
877 * Purpose:
878 * Free all resources associated with a vm_object.
879 * In/out conditions:
880 * Upon entry, the object and the cache must be locked,
881 * and the object must have no references.
882 *
883 * The shadow object reference is left alone.
884 *
885 * Upon exit, the cache will be unlocked, and the
886 * object will cease to exist.
887 */
888 void vm_object_terminate(
889 register vm_object_t object)
890 {
891 register vm_page_t p;
892 vm_object_t shadow_object;
893
894 /*
895 * Make sure the object isn't already being terminated
896 */
897
898 assert(object->alive);
899 object->alive = FALSE;
900
901 /*
902 * Make sure no one can look us up now.
903 */
904
905 vm_object_remove(object);
906 vm_object_cache_unlock();
907
908 /*
909 * Detach the object from its shadow if we are the shadow's
910 * copy.
911 */
912 if ((shadow_object = object->shadow) != VM_OBJECT_NULL) {
913 vm_object_lock(shadow_object);
914 assert((shadow_object->copy == object) ||
915 (shadow_object->copy == VM_OBJECT_NULL));
916 shadow_object->copy = VM_OBJECT_NULL;
917 vm_object_unlock(shadow_object);
918 }
919
920 /*
921 * The pageout daemon might be playing with our pages.
922 * Now that the object is dead, it won't touch any more
923 * pages, but some pages might already be on their way out.
924 * Hence, we wait until the active paging activities have ceased.
925 */
926
927 vm_object_paging_wait(object, FALSE);
928
929 /*
930 * Clean or free the pages, as appropriate.
931 * It is possible for us to find busy/absent pages,
932 * if some faults on this object were aborted.
933 */
934
935 if ((object->temporary) || (object->pager == IP_NULL)) {
936 while (!queue_empty(&object->memq)) {
937 p = (vm_page_t) queue_first(&object->memq);
938
939 VM_PAGE_CHECK(p);
940
941 if (p->busy && !p->absent)
942 panic("vm_object_terminate.2 0x%x 0x%x",
943 object, p);
944
945 VM_PAGE_FREE(p);
946 }
947 } else while (!queue_empty(&object->memq)) {
948 p = (vm_page_t) queue_first(&object->memq);
949
950 VM_PAGE_CHECK(p);
951
952 if (p->busy && !p->absent)
953 panic("vm_object_terminate.3 0x%x 0x%x", object, p);
954
955 vm_page_lock_queues();
956 VM_PAGE_QUEUES_REMOVE(p);
957 vm_page_unlock_queues();
958
959 if (p->absent || p->private) {
960
961 /*
962 * For private pages, VM_PAGE_FREE just
963 * leaves the page structure around for
964 * its owner to clean up. For absent
965 * pages, the structure is returned to
966 * the appropriate pool.
967 */
968
969 goto free_page;
970 }
971
972 if (p->fictitious)
973 panic("vm_object_terminate.4 0x%x 0x%x", object, p);
974
975 if (!p->dirty)
976 p->dirty = pmap_is_modified(p->phys_addr);
977
978 if (p->dirty || p->precious) {
979 p->busy = TRUE;
980 vm_pageout_page(p, FALSE, TRUE); /* flush page */
981 } else {
982 free_page:
983 VM_PAGE_FREE(p);
984 }
985 }
986
987 assert(object->ref_count == 0);
988 assert(object->paging_in_progress == 0);
989
990 /*
991 * Throw away port rights... note that they may
992 * already have been thrown away (by vm_object_destroy
993 * or memory_object_destroy).
994 *
995 * Instead of destroying the control and name ports,
996 * we send all rights off to the memory manager instead,
997 * using memory_object_terminate.
998 */
999
1000 vm_object_unlock(object);
1001
1002 if (object->pager != IP_NULL) {
1003 /* consumes our rights for pager, pager_request, pager_name */
1004 memory_object_release(object->pager,
1005 object->pager_request,
1006 object->pager_name);
1007 } else if (object->pager_name != IP_NULL) {
1008 /* consumes our right for pager_name */
1009 #if NORMA_VM
1010 ipc_port_release_send(object->pager_name);
1011 #else /* NORMA_VM */
1012 ipc_port_dealloc_kernel(object->pager_name);
1013 #endif /* NORMA_VM */
1014 }
1015
1016 #if MACH_PAGEMAP
1017 vm_external_destroy(object->existence_info);
1018 #endif /* MACH_PAGEMAP */
1019
1020 /*
1021 * Free the space for the object.
1022 */
1023
1024 zfree(vm_object_zone, (vm_offset_t) object);
1025 }
1026
1027 /*
1028 * Routine: vm_object_pager_wakeup
1029 * Purpose: Wake up anyone waiting for IKOT_PAGER_TERMINATING
1030 */
1031
1032 void
1033 vm_object_pager_wakeup(
1034 ipc_port_t pager)
1035 {
1036 boolean_t someone_waiting;
1037
1038 /*
1039 * If anyone was waiting for the memory_object_terminate
1040 * to be queued, wake them up now.
1041 */
1042 vm_object_cache_lock();
1043 assert(ip_kotype(pager) == IKOT_PAGER_TERMINATING);
1044 someone_waiting = (pager->ip_kobject != IKO_NULL);
1045 if (ip_active(pager))
1046 ipc_kobject_set(pager, IKO_NULL, IKOT_NONE);
1047 vm_object_cache_unlock();
1048 if (someone_waiting) {
1049 thread_wakeup((event_t) pager);
1050 }
1051 }
1052
1053 /*
1054 * Routine: memory_object_release
1055 * Purpose: Terminate the pager and release port rights,
1056 * just like memory_object_terminate, except
1057 * that we wake up anyone blocked in vm_object_enter
1058 * waiting for termination message to be queued
1059 * before calling memory_object_init.
1060 */
1061 void memory_object_release(
1062 ipc_port_t pager,
1063 pager_request_t pager_request,
1064 ipc_port_t pager_name)
1065 {
1066
1067 /*
1068 * Keep a reference to pager port;
1069 * the terminate might otherwise release all references.
1070 */
1071 ip_reference(pager);
1072
1073 /*
1074 * Terminate the pager.
1075 */
1076 (void) memory_object_terminate(pager, pager_request, pager_name);
1077
1078 /*
1079 * Wakeup anyone waiting for this terminate
1080 */
1081 vm_object_pager_wakeup(pager);
1082
1083 /*
1084 * Release reference to pager port.
1085 */
1086 ip_release(pager);
1087 }
1088
1089 /*
1090 * Routine: vm_object_abort_activity [internal use only]
1091 * Purpose:
1092 * Abort paging requests pending on this object.
1093 * In/out conditions:
1094 * The object is locked on entry and exit.
1095 */
1096 void vm_object_abort_activity(
1097 vm_object_t object)
1098 {
1099 register
1100 vm_page_t p;
1101 vm_page_t next;
1102
1103 /*
1104 * Abort all activity that would be waiting
1105 * for a result on this memory object.
1106 *
1107 * We could also choose to destroy all pages
1108 * that we have in memory for this object, but
1109 * we don't.
1110 */
1111
1112 p = (vm_page_t) queue_first(&object->memq);
1113 while (!queue_end(&object->memq, (queue_entry_t) p)) {
1114 next = (vm_page_t) queue_next(&p->listq);
1115
1116 /*
1117 * If it's being paged in, destroy it.
1118 * If an unlock has been requested, start it again.
1119 */
1120
1121 if (p->busy && p->absent) {
1122 VM_PAGE_FREE(p);
1123 }
1124 else {
1125 if (p->unlock_request != VM_PROT_NONE)
1126 p->unlock_request = VM_PROT_NONE;
1127 PAGE_WAKEUP(p);
1128 }
1129
1130 p = next;
1131 }
1132
1133 /*
1134 * Wake up threads waiting for the memory object to
1135 * become ready.
1136 */
1137
1138 object->pager_ready = TRUE;
1139 vm_object_wakeup(object, VM_OBJECT_EVENT_PAGER_READY);
1140 }
1141
1142 /*
1143 * Routine: memory_object_destroy [user interface]
1144 * Purpose:
1145 * Shut down a memory object, despite the
1146 * presence of address map (or other) references
1147 * to the vm_object.
1148 * Note:
1149 * This routine may be called either from the user interface,
1150 * or from port destruction handling (via vm_object_destroy).
1151 */
1152 kern_return_t memory_object_destroy(
1153 register
1154 vm_object_t object,
1155 kern_return_t reason)
1156 {
1157 ipc_port_t old_object, old_name;
1158 pager_request_t old_control;
1159
1160 #ifdef lint
1161 reason++;
1162 #endif /* lint */
1163
1164 if (object == VM_OBJECT_NULL)
1165 return KERN_SUCCESS;
1166
1167 /*
1168 * Remove the port associations immediately.
1169 *
1170 * This will prevent the memory manager from further
1171 * meddling. [If it wanted to flush data or make
1172 * other changes, it should have done so before performing
1173 * the destroy call.]
1174 */
1175
1176 vm_object_cache_lock();
1177 vm_object_lock(object);
1178 vm_object_remove(object);
1179 object->can_persist = FALSE;
1180 vm_object_cache_unlock();
1181
1182 /*
1183 * Rip out the ports from the vm_object now... this
1184 * will prevent new memory_object calls from succeeding.
1185 */
1186
1187 old_object = object->pager;
1188 object->pager = IP_NULL;
1189
1190 old_control = object->pager_request;
1191 object->pager_request = PAGER_REQUEST_NULL;
1192
1193 old_name = object->pager_name;
1194 object->pager_name = IP_NULL;
1195
1196
1197 /*
1198 * Wait for existing paging activity (that might
1199 * have the old ports) to subside.
1200 */
1201
1202 vm_object_paging_wait(object, FALSE);
1203 vm_object_unlock(object);
1204
1205 /*
1206 * Shut down the ports now.
1207 *
1208 * [Paging operations may be proceeding concurrently --
1209 * they'll get the null values established above.]
1210 */
1211
1212 if (old_object != IP_NULL) {
1213 /* consumes our rights for object, control, name */
1214 memory_object_release(old_object, old_control,
1215 old_name);
1216 } else if (old_name != IP_NULL) {
1217 /* consumes our right for name */
1218 #if NORMA_VM
1219 ipc_port_release_send(object->pager_name);
1220 #else /* NORMA_VM */
1221 ipc_port_dealloc_kernel(object->pager_name);
1222 #endif /* NORMA_VM */
1223 }
1224
1225 /*
1226 * Lose the reference that was donated for this routine
1227 */
1228
1229 vm_object_deallocate(object);
1230
1231 return KERN_SUCCESS;
1232 }
1233
1234 /*
1235 * vm_object_deactivate_pages
1236 *
1237 * Deactivate all pages in the specified object. (Keep its pages
1238 * in memory even though it is no longer referenced.)
1239 *
1240 * The object must be locked.
1241 */
1242 void vm_object_deactivate_pages(
1243 register vm_object_t object)
1244 {
1245 register vm_page_t p;
1246
1247 queue_iterate(&object->memq, p, vm_page_t, listq) {
1248 vm_page_lock_queues();
1249 if (!p->busy)
1250 vm_page_deactivate(p);
1251 vm_page_unlock_queues();
1252 }
1253 }
1254
1255
1256 /*
1257 * Routine: vm_object_pmap_protect
1258 *
1259 * Purpose:
1260 * Reduces the permission for all physical
1261 * pages in the specified object range.
1262 *
1263 * If removing write permission only, it is
1264 * sufficient to protect only the pages in
1265 * the top-level object; only those pages may
1266 * have write permission.
1267 *
1268 * If removing all access, we must follow the
1269 * shadow chain from the top-level object to
1270 * remove access to all pages in shadowed objects.
1271 *
1272 * The object must *not* be locked. The object must
1273 * be temporary/internal.
1274 *
1275 * If pmap is not NULL, this routine assumes that
1276 * the only mappings for the pages are in that
1277 * pmap.
1278 */
1279 boolean_t vm_object_pmap_protect_by_page = FALSE;
1280
1281 void vm_object_pmap_protect(
1282 register vm_object_t object,
1283 register vm_offset_t offset,
1284 vm_offset_t size,
1285 pmap_t pmap,
1286 vm_offset_t pmap_start,
1287 vm_prot_t prot)
1288 {
1289 if (object == VM_OBJECT_NULL)
1290 return;
1291
1292 vm_object_lock(object);
1293
1294 assert(object->temporary && object->internal);
1295
1296 while (TRUE) {
1297 if (object->resident_page_count > atop(size) / 2 &&
1298 pmap != PMAP_NULL) {
1299 vm_object_unlock(object);
1300 pmap_protect(pmap, pmap_start, pmap_start + size, prot);
1301 return;
1302 }
1303
1304 {
1305 register vm_page_t p;
1306 register vm_offset_t end;
1307
1308 end = offset + size;
1309
1310 queue_iterate(&object->memq, p, vm_page_t, listq) {
1311 if (!p->fictitious &&
1312 (offset <= p->offset) &&
1313 (p->offset < end)) {
1314 if ((pmap == PMAP_NULL) ||
1315 vm_object_pmap_protect_by_page) {
1316 pmap_page_protect(p->phys_addr,
1317 prot & ~p->page_lock);
1318 } else {
1319 vm_offset_t start =
1320 pmap_start +
1321 (p->offset - offset);
1322
1323 pmap_protect(pmap,
1324 start,
1325 start + PAGE_SIZE,
1326 prot);
1327 }
1328 }
1329 }
1330 }
1331
1332 if (prot == VM_PROT_NONE) {
1333 /*
1334 * Must follow shadow chain to remove access
1335 * to pages in shadowed objects.
1336 */
1337 register vm_object_t next_object;
1338
1339 next_object = object->shadow;
1340 if (next_object != VM_OBJECT_NULL) {
1341 offset += object->shadow_offset;
1342 vm_object_lock(next_object);
1343 vm_object_unlock(object);
1344 object = next_object;
1345 }
1346 else {
1347 /*
1348 * End of chain - we are done.
1349 */
1350 break;
1351 }
1352 }
1353 else {
1354 /*
1355 * Pages in shadowed objects may never have
1356 * write permission - we may stop here.
1357 */
1358 break;
1359 }
1360 }
1361
1362 vm_object_unlock(object);
1363 }
1364
1365 /*
1366 * vm_object_pmap_remove:
1367 *
1368 * Removes all physical pages in the specified
1369 * object range from all physical maps.
1370 *
1371 * The object must *not* be locked.
1372 */
1373 void vm_object_pmap_remove(
1374 register vm_object_t object,
1375 register vm_offset_t start,
1376 register vm_offset_t end)
1377 {
1378 register vm_page_t p;
1379
1380 if (object == VM_OBJECT_NULL)
1381 return;
1382
1383 vm_object_lock(object);
1384 queue_iterate(&object->memq, p, vm_page_t, listq) {
1385 if (!p->fictitious &&
1386 (start <= p->offset) &&
1387 (p->offset < end))
1388 pmap_page_protect(p->phys_addr, VM_PROT_NONE);
1389 }
1390 vm_object_unlock(object);
1391 }
1392
1393 /*
1394 * Routine: vm_object_copy_slowly
1395 *
1396 * Description:
1397 * Copy the specified range of the source
1398 * virtual memory object without using
1399 * protection-based optimizations (such
1400 * as copy-on-write). The pages in the
1401 * region are actually copied.
1402 *
1403 * In/out conditions:
1404 * The caller must hold a reference and a lock
1405 * for the source virtual memory object. The source
1406 * object will be returned *unlocked*.
1407 *
1408 * Results:
1409 * If the copy is completed successfully, KERN_SUCCESS is
1410 * returned. If the caller asserted the interruptible
1411 * argument, and an interruption occurred while waiting
1412 * for a user-generated event, MACH_SEND_INTERRUPTED is
1413 * returned. Other values may be returned to indicate
1414 * hard errors during the copy operation.
1415 *
1416 * A new virtual memory object is returned in a
1417 * parameter (_result_object). The contents of this
1418 * new object, starting at a zero offset, are a copy
1419 * of the source memory region. In the event of
1420 * an error, this parameter will contain the value
1421 * VM_OBJECT_NULL.
1422 */
1423 kern_return_t vm_object_copy_slowly(
1424 register
1425 vm_object_t src_object,
1426 vm_offset_t src_offset,
1427 vm_size_t size,
1428 boolean_t interruptible,
1429 vm_object_t *_result_object) /* OUT */
1430 {
1431 vm_object_t new_object;
1432 vm_offset_t new_offset;
1433
1434 if (size == 0) {
1435 vm_object_unlock(src_object);
1436 *_result_object = VM_OBJECT_NULL;
1437 return KERN_INVALID_ARGUMENT;
1438 }
1439
1440 /*
1441 * Prevent destruction of the source object while we copy.
1442 */
1443
1444 assert(src_object->ref_count > 0);
1445 src_object->ref_count++;
1446 vm_object_unlock(src_object);
1447
1448 /*
1449 * Create a new object to hold the copied pages.
1450 * A few notes:
1451 * We fill the new object starting at offset 0,
1452 * regardless of the input offset.
1453 * We don't bother to lock the new object within
1454 * this routine, since we have the only reference.
1455 */
1456
1457 new_object = vm_object_allocate(size);
1458 new_offset = 0;
1459
1460 assert(size == trunc_page(size)); /* Will the loop terminate? */
1461
1462 for ( ;
1463 size != 0 ;
1464 src_offset += PAGE_SIZE, new_offset += PAGE_SIZE, size -= PAGE_SIZE
1465 ) {
1466 vm_page_t new_page;
1467 vm_fault_return_t result;
1468
1469 while ((new_page = vm_page_alloc(new_object, new_offset))
1470 == VM_PAGE_NULL) {
1471 VM_PAGE_WAIT(CONTINUE_NULL);
1472 }
1473
1474 do {
1475 vm_prot_t prot = VM_PROT_READ;
1476 vm_page_t _result_page;
1477 vm_page_t top_page;
1478 register
1479 vm_page_t result_page;
1480
1481 vm_object_lock(src_object);
1482 src_object->paging_in_progress++;
1483
1484 result = vm_fault_page(src_object, src_offset,
1485 VM_PROT_READ, FALSE, interruptible,
1486 &prot, &_result_page, &top_page,
1487 FALSE, 0);
1488
1489 switch(result) {
1490 case VM_FAULT_SUCCESS:
1491 result_page = _result_page;
1492
1493 /*
1494 * We don't need to hold the object
1495 * lock -- the busy page will be enough.
1496 * [We don't care about picking up any
1497 * new modifications.]
1498 *
1499 * Copy the page to the new object.
1500 *
1501 * POLICY DECISION:
1502 * If result_page is clean,
1503 * we could steal it instead
1504 * of copying.
1505 */
1506
1507 vm_object_unlock(result_page->object);
1508 vm_page_copy(result_page, new_page);
1509
1510 /*
1511 * Let go of both pages (make them
1512 * not busy, perform wakeup, activate).
1513 */
1514
1515 new_page->busy = FALSE;
1516 new_page->dirty = TRUE;
1517 vm_object_lock(result_page->object);
1518 PAGE_WAKEUP_DONE(result_page);
1519
1520 vm_page_lock_queues();
1521 if (!result_page->active &&
1522 !result_page->inactive)
1523 vm_page_activate(result_page);
1524 vm_page_activate(new_page);
1525 vm_page_unlock_queues();
1526
1527 /*
1528 * Release paging references and
1529 * top-level placeholder page, if any.
1530 */
1531
1532 vm_fault_cleanup(result_page->object,
1533 top_page);
1534
1535 break;
1536
1537 case VM_FAULT_RETRY:
1538 break;
1539
1540 case VM_FAULT_MEMORY_SHORTAGE:
1541 VM_PAGE_WAIT(CONTINUE_NULL);
1542 break;
1543
1544 case VM_FAULT_FICTITIOUS_SHORTAGE:
1545 vm_page_more_fictitious();
1546 break;
1547
1548 case VM_FAULT_INTERRUPTED:
1549 vm_page_free(new_page);
1550 vm_object_deallocate(new_object);
1551 vm_object_deallocate(src_object);
1552 *_result_object = VM_OBJECT_NULL;
1553 return MACH_SEND_INTERRUPTED;
1554
1555 case VM_FAULT_MEMORY_ERROR:
1556 /*
1557 * A policy choice:
1558 * (a) ignore pages that we can't
1559 * copy
1560 * (b) return the null object if
1561 * any page fails [chosen]
1562 */
1563
1564 vm_page_free(new_page);
1565 vm_object_deallocate(new_object);
1566 vm_object_deallocate(src_object);
1567 *_result_object = VM_OBJECT_NULL;
1568 return KERN_MEMORY_ERROR;
1569 }
1570 } while (result != VM_FAULT_SUCCESS);
1571 }
1572
1573 /*
1574 * Lose the extra reference, and return our object.
1575 */
1576
1577 vm_object_deallocate(src_object);
1578 *_result_object = new_object;
1579 return KERN_SUCCESS;
1580 }
1581
1582 /*
1583 * Routine: vm_object_copy_temporary
1584 *
1585 * Purpose:
1586 * Copy the specified range of the source virtual
1587 * memory object, if it can be done without blocking.
1588 *
1589 * Results:
1590 * If the copy is successful, the copy is returned in
1591 * the arguments; otherwise, the arguments are not
1592 * affected.
1593 *
1594 * In/out conditions:
1595 * The object should be unlocked on entry and exit.
1596 */
1597
1598 vm_object_t vm_object_copy_delayed(); /* forward declaration */
1599
1600 boolean_t vm_object_copy_temporary(
1601 vm_object_t *_object, /* INOUT */
1602 vm_offset_t *_offset, /* INOUT */
1603 boolean_t *_src_needs_copy, /* OUT */
1604 boolean_t *_dst_needs_copy) /* OUT */
1605 {
1606 vm_object_t object = *_object;
1607
1608 #ifdef lint
1609 ++*_offset;
1610 #endif /* lint */
1611
1612 if (object == VM_OBJECT_NULL) {
1613 *_src_needs_copy = FALSE;
1614 *_dst_needs_copy = FALSE;
1615 return TRUE;
1616 }
1617
1618 /*
1619 * If the object is temporary, we can perform
1620 * a symmetric copy-on-write without asking.
1621 */
1622
1623 vm_object_lock(object);
1624 if (object->temporary) {
1625
1626 /*
1627 * Shared objects use delayed copy
1628 */
1629 if (object->use_shared_copy) {
1630
1631 /*
1632 * Asymmetric copy strategy. Destination
1633 * must be copied (to allow copy object reuse).
1634 * Source is unaffected.
1635 */
1636 vm_object_unlock(object);
1637 object = vm_object_copy_delayed(object);
1638 *_object = object;
1639 *_src_needs_copy = FALSE;
1640 *_dst_needs_copy = TRUE;
1641 return TRUE;
1642 }
1643
1644 /*
1645 * Make another reference to the object.
1646 *
1647 * Leave object/offset unchanged.
1648 */
1649
1650 assert(object->ref_count > 0);
1651 object->ref_count++;
1652 object->shadowed = TRUE;
1653 vm_object_unlock(object);
1654
1655 /*
1656 * Both source and destination must make
1657 * shadows, and the source must be made
1658 * read-only if not already.
1659 */
1660
1661 *_src_needs_copy = TRUE;
1662 *_dst_needs_copy = TRUE;
1663 return TRUE;
1664 }
1665
1666 if (object->pager_ready &&
1667 (object->copy_strategy == MEMORY_OBJECT_COPY_DELAY)) {
1668 /* XXX Do something intelligent (see temporary code above) */
1669 }
1670 vm_object_unlock(object);
1671
1672 return FALSE;
1673 }
1674
1675 /*
1676 * Routine: vm_object_copy_call [internal]
1677 *
1678 * Description:
1679 * Copy the specified (src_offset, size) portion
1680 * of the source object (src_object), using the
1681 * user-managed copy algorithm.
1682 *
1683 * In/out conditions:
1684 * The source object must be locked on entry. It
1685 * will be *unlocked* on exit.
1686 *
1687 * Results:
1688 * If the copy is successful, KERN_SUCCESS is returned.
1689 * This routine is interruptible; if a wait for
1690 * a user-generated event is interrupted, MACH_SEND_INTERRUPTED
1691 * is returned. Other return values indicate hard errors
1692 * in creating the user-managed memory object for the copy.
1693 *
1694 * A new object that represents the copied virtual
1695 * memory is returned in a parameter (*_result_object).
1696 * If the return value indicates an error, this parameter
1697 * is not valid.
1698 */
1699 kern_return_t vm_object_copy_call(
1700 vm_object_t src_object,
1701 vm_offset_t src_offset,
1702 vm_size_t size,
1703 vm_object_t *_result_object) /* OUT */
1704 {
1705 vm_offset_t src_end = src_offset + size;
1706 ipc_port_t new_memory_object;
1707 vm_object_t new_object;
1708 vm_page_t p;
1709
1710 /*
1711 * Set the backing object for the new
1712 * temporary object.
1713 */
1714
1715 assert(src_object->ref_count > 0);
1716 src_object->ref_count++;
1717 vm_object_paging_begin(src_object);
1718 vm_object_unlock(src_object);
1719
1720 /*
1721 * Create a memory object port to be associated
1722 * with this new vm_object.
1723 *
1724 * Since the kernel has the only rights to this
1725 * port, we need not hold the cache lock.
1726 *
1727 * Since we have the only object reference, we
1728 * need not be worried about collapse operations.
1729 *
1730 */
1731
1732 new_memory_object = ipc_port_alloc_kernel();
1733 if (new_memory_object == IP_NULL) {
1734 panic("vm_object_copy_call: allocate memory object port");
1735 /* XXX Shouldn't panic here. */
1736 }
1737
1738 /* we hold a naked receive right for new_memory_object */
1739 (void) ipc_port_make_send(new_memory_object);
1740 /* now we also hold a naked send right for new_memory_object */
1741
1742 /*
1743 * Let the memory manager know that a copy operation
1744 * is in progress. Note that we're using the old
1745 * memory object's ports (for which we're holding
1746 * a paging reference)... the memory manager cannot
1747 * yet affect the new memory object.
1748 */
1749
1750 (void) memory_object_copy(src_object->pager,
1751 src_object->pager_request,
1752 src_offset, size,
1753 new_memory_object);
1754 /* no longer hold the naked receive right for new_memory_object */
1755
1756 vm_object_lock(src_object);
1757 vm_object_paging_end(src_object);
1758
1759 /*
1760 * Remove write access from all of the pages of
1761 * the old memory object that we can.
1762 */
1763
1764 queue_iterate(&src_object->memq, p, vm_page_t, listq) {
1765 if (!p->fictitious &&
1766 (src_offset <= p->offset) &&
1767 (p->offset < src_end) &&
1768 !(p->page_lock & VM_PROT_WRITE)) {
1769 p->page_lock |= VM_PROT_WRITE;
1770 pmap_page_protect(p->phys_addr, VM_PROT_ALL & ~p->page_lock);
1771 }
1772 }
1773
1774 vm_object_unlock(src_object);
1775
1776 /*
1777 * Initialize the rest of the paging stuff
1778 */
1779
1780 new_object = vm_object_enter(new_memory_object, size, FALSE);
1781 new_object->shadow = src_object;
1782 new_object->shadow_offset = src_offset;
1783
1784 /*
1785 * Drop the reference for new_memory_object taken above.
1786 */
1787
1788 ipc_port_release_send(new_memory_object);
1789 /* no longer hold the naked send right for new_memory_object */
1790
1791 *_result_object = new_object;
1792 return KERN_SUCCESS;
1793 }
1794
1795 /*
1796 * Routine: vm_object_copy_delayed [internal]
1797 *
1798 * Description:
1799 * Copy the specified virtual memory object, using
1800 * the asymmetric copy-on-write algorithm.
1801 *
1802 * In/out conditions:
1803 * The object must be unlocked on entry.
1804 *
1805 * This routine will not block waiting for user-generated
1806 * events. It is not interruptible.
1807 */
1808 vm_object_t vm_object_copy_delayed(
1809 vm_object_t src_object)
1810 {
1811 vm_object_t new_copy;
1812 vm_object_t old_copy;
1813 vm_page_t p;
1814
1815 /*
1816 * The user-level memory manager wants to see
1817 * all of the changes to this object, but it
1818 * has promised not to make any changes on its own.
1819 *
1820 * Perform an asymmetric copy-on-write, as follows:
1821 * Create a new object, called a "copy object"
1822 * to hold pages modified by the new mapping
1823 * (i.e., the copy, not the original mapping).
1824 * Record the original object as the backing
1825 * object for the copy object. If the
1826 * original mapping does not change a page,
1827 * it may be used read-only by the copy.
1828 * Record the copy object in the original
1829 * object. When the original mapping causes
1830 * a page to be modified, it must be copied
1831 * to a new page that is "pushed" to the
1832 * copy object.
1833 * Mark the new mapping (the copy object)
1834 * copy-on-write. This makes the copy
1835 * object itself read-only, allowing it
1836 * to be reused if the original mapping
1837 * makes no changes, and simplifying the
1838 * synchronization required in the "push"
1839 * operation described above.
1840 *
1841 * The copy-on-write is said to be assymetric because
1842 * the original object is *not* marked copy-on-write.
1843 * A copied page is pushed to the copy object, regardless
1844 * which party attempted to modify the page.
1845 *
1846 * Repeated asymmetric copy operations may be done.
1847 * If the original object has not been changed since
1848 * the last copy, its copy object can be reused.
1849 * Otherwise, a new copy object can be inserted
1850 * between the original object and its previous
1851 * copy object. Since any copy object is read-only,
1852 * this cannot affect the contents of the previous copy
1853 * object.
1854 *
1855 * Note that a copy object is higher in the object
1856 * tree than the original object; therefore, use of
1857 * the copy object recorded in the original object
1858 * must be done carefully, to avoid deadlock.
1859 */
1860
1861 /*
1862 * Allocate a new copy object before locking, even
1863 * though we may not need it later.
1864 */
1865
1866 new_copy = vm_object_allocate(src_object->size);
1867
1868 vm_object_lock(src_object);
1869
1870 /*
1871 * See whether we can reuse the result of a previous
1872 * copy operation.
1873 */
1874 Retry:
1875 old_copy = src_object->copy;
1876 if (old_copy != VM_OBJECT_NULL) {
1877 /*
1878 * Try to get the locks (out of order)
1879 */
1880 if (!vm_object_lock_try(old_copy)) {
1881 vm_object_unlock(src_object);
1882
1883 simple_lock_pause(); /* wait a bit */
1884
1885 vm_object_lock(src_object);
1886 goto Retry;
1887 }
1888
1889 /*
1890 * Determine whether the old copy object has
1891 * been modified.
1892 */
1893
1894 if (old_copy->resident_page_count == 0 &&
1895 !old_copy->pager_created) {
1896 /*
1897 * It has not been modified.
1898 *
1899 * Return another reference to
1900 * the existing copy-object.
1901 */
1902 assert(old_copy->ref_count > 0);
1903 old_copy->ref_count++;
1904 vm_object_unlock(old_copy);
1905 vm_object_unlock(src_object);
1906
1907 vm_object_deallocate(new_copy);
1908
1909 return old_copy;
1910 }
1911
1912 /*
1913 * The copy-object is always made large enough to
1914 * completely shadow the original object, since
1915 * it may have several users who want to shadow
1916 * the original object at different points.
1917 */
1918
1919 assert((old_copy->shadow == src_object) &&
1920 (old_copy->shadow_offset == (vm_offset_t) 0));
1921
1922 /*
1923 * Make the old copy-object shadow the new one.
1924 * It will receive no more pages from the original
1925 * object.
1926 */
1927
1928 src_object->ref_count--; /* remove ref. from old_copy */
1929 assert(src_object->ref_count > 0);
1930 old_copy->shadow = new_copy;
1931 assert(new_copy->ref_count > 0);
1932 new_copy->ref_count++;
1933 vm_object_unlock(old_copy); /* done with old_copy */
1934 }
1935
1936 /*
1937 * Point the new copy at the existing object.
1938 */
1939
1940 new_copy->shadow = src_object;
1941 new_copy->shadow_offset = 0;
1942 new_copy->shadowed = TRUE; /* caller must set needs_copy */
1943 assert(src_object->ref_count > 0);
1944 src_object->ref_count++;
1945 src_object->copy = new_copy;
1946
1947 /*
1948 * Mark all pages of the existing object copy-on-write.
1949 * This object may have a shadow chain below it, but
1950 * those pages will already be marked copy-on-write.
1951 */
1952
1953 queue_iterate(&src_object->memq, p, vm_page_t, listq) {
1954 if (!p->fictitious)
1955 pmap_page_protect(p->phys_addr,
1956 (VM_PROT_ALL & ~VM_PROT_WRITE &
1957 ~p->page_lock));
1958 }
1959
1960 vm_object_unlock(src_object);
1961
1962 return new_copy;
1963 }
1964
1965 /*
1966 * Routine: vm_object_copy_strategically
1967 *
1968 * Purpose:
1969 * Perform a copy according to the source object's
1970 * declared strategy. This operation may block,
1971 * and may be interrupted.
1972 */
1973 kern_return_t vm_object_copy_strategically(
1974 register
1975 vm_object_t src_object,
1976 vm_offset_t src_offset,
1977 vm_size_t size,
1978 vm_object_t *dst_object, /* OUT */
1979 vm_offset_t *dst_offset, /* OUT */
1980 boolean_t *dst_needs_copy) /* OUT */
1981 {
1982 kern_return_t result = KERN_SUCCESS; /* to quiet gcc warnings */
1983 boolean_t interruptible = TRUE; /* XXX */
1984
1985 assert(src_object != VM_OBJECT_NULL);
1986
1987 vm_object_lock(src_object);
1988
1989 /* XXX assert(!src_object->temporary); JSB FIXME */
1990
1991 /*
1992 * The copy strategy is only valid if the memory manager
1993 * is "ready".
1994 */
1995
1996 while (!src_object->pager_ready) {
1997 vm_object_wait( src_object,
1998 VM_OBJECT_EVENT_PAGER_READY,
1999 interruptible);
2000 if (interruptible &&
2001 (current_thread()->wait_result != THREAD_AWAKENED)) {
2002 *dst_object = VM_OBJECT_NULL;
2003 *dst_offset = 0;
2004 *dst_needs_copy = FALSE;
2005 return MACH_SEND_INTERRUPTED;
2006 }
2007 vm_object_lock(src_object);
2008 }
2009
2010 /*
2011 * The object may be temporary (even though it is external).
2012 * If so, do a symmetric copy.
2013 */
2014
2015 if (src_object->temporary) {
2016 /*
2017 * XXX
2018 * This does not count as intelligent!
2019 * This buys us the object->temporary optimizations,
2020 * but we aren't using a symmetric copy,
2021 * which may confuse the vm code. The correct thing
2022 * to do here is to figure out what to call to get
2023 * a temporary shadowing set up.
2024 */
2025 src_object->copy_strategy = MEMORY_OBJECT_COPY_DELAY;
2026 }
2027
2028 /*
2029 * The object is permanent. Use the appropriate copy strategy.
2030 */
2031
2032 switch (src_object->copy_strategy) {
2033 case MEMORY_OBJECT_COPY_NONE:
2034 if ((result = vm_object_copy_slowly(
2035 src_object,
2036 src_offset,
2037 size,
2038 interruptible,
2039 dst_object))
2040 == KERN_SUCCESS) {
2041 *dst_offset = 0;
2042 *dst_needs_copy = FALSE;
2043 }
2044 break;
2045
2046 case MEMORY_OBJECT_COPY_CALL:
2047 if ((result = vm_object_copy_call(
2048 src_object,
2049 src_offset,
2050 size,
2051 dst_object))
2052 == KERN_SUCCESS) {
2053 *dst_offset = 0;
2054 *dst_needs_copy = FALSE;
2055 }
2056 break;
2057
2058 case MEMORY_OBJECT_COPY_DELAY:
2059 vm_object_unlock(src_object);
2060 *dst_object = vm_object_copy_delayed(src_object);
2061 *dst_offset = src_offset;
2062 *dst_needs_copy = TRUE;
2063
2064 result = KERN_SUCCESS;
2065 break;
2066 }
2067
2068 return result;
2069 }
2070
2071 /*
2072 * vm_object_shadow:
2073 *
2074 * Create a new object which is backed by the
2075 * specified existing object range. The source
2076 * object reference is deallocated.
2077 *
2078 * The new object and offset into that object
2079 * are returned in the source parameters.
2080 */
2081
2082 void vm_object_shadow(
2083 vm_object_t *object, /* IN/OUT */
2084 vm_offset_t *offset, /* IN/OUT */
2085 vm_size_t length)
2086 {
2087 register vm_object_t source;
2088 register vm_object_t result;
2089
2090 source = *object;
2091
2092 /*
2093 * Allocate a new object with the given length
2094 */
2095
2096 if ((result = vm_object_allocate(length)) == VM_OBJECT_NULL)
2097 panic("vm_object_shadow: no object for shadowing");
2098
2099 /*
2100 * The new object shadows the source object, adding
2101 * a reference to it. Our caller changes his reference
2102 * to point to the new object, removing a reference to
2103 * the source object. Net result: no change of reference
2104 * count.
2105 */
2106 result->shadow = source;
2107
2108 /*
2109 * Store the offset into the source object,
2110 * and fix up the offset into the new object.
2111 */
2112
2113 result->shadow_offset = *offset;
2114
2115 /*
2116 * Return the new things
2117 */
2118
2119 *offset = 0;
2120 *object = result;
2121 }
2122
2123 /*
2124 * The relationship between vm_object structures and
2125 * the memory_object ports requires careful synchronization.
2126 *
2127 * All associations are created by vm_object_enter. All three
2128 * port fields are filled in, as follows:
2129 * pager: the memory_object port itself, supplied by
2130 * the user requesting a mapping (or the kernel,
2131 * when initializing internal objects); the
2132 * kernel simulates holding send rights by keeping
2133 * a port reference;
2134 * pager_request:
2135 * pager_name:
2136 * the memory object control and name ports,
2137 * created by the kernel; the kernel holds
2138 * receive (and ownership) rights to these
2139 * ports, but no other references.
2140 * All of the ports are referenced by their global names.
2141 *
2142 * When initialization is complete, the "initialized" field
2143 * is asserted. Other mappings using a particular memory object,
2144 * and any references to the vm_object gained through the
2145 * port association must wait for this initialization to occur.
2146 *
2147 * In order to allow the memory manager to set attributes before
2148 * requests (notably virtual copy operations, but also data or
2149 * unlock requests) are made, a "ready" attribute is made available.
2150 * Only the memory manager may affect the value of this attribute.
2151 * Its value does not affect critical kernel functions, such as
2152 * internal object initialization or destruction. [Furthermore,
2153 * memory objects created by the kernel are assumed to be ready
2154 * immediately; the default memory manager need not explicitly
2155 * set the "ready" attribute.]
2156 *
2157 * [Both the "initialized" and "ready" attribute wait conditions
2158 * use the "pager" field as the wait event.]
2159 *
2160 * The port associations can be broken down by any of the
2161 * following routines:
2162 * vm_object_terminate:
2163 * No references to the vm_object remain, and
2164 * the object cannot (or will not) be cached.
2165 * This is the normal case, and is done even
2166 * though one of the other cases has already been
2167 * done.
2168 * vm_object_destroy:
2169 * The memory_object port has been destroyed,
2170 * meaning that the kernel cannot flush dirty
2171 * pages or request new data or unlock existing
2172 * data.
2173 * memory_object_destroy:
2174 * The memory manager has requested that the
2175 * kernel relinquish rights to the memory object
2176 * port. [The memory manager may not want to
2177 * destroy the port, but may wish to refuse or
2178 * tear down existing memory mappings.]
2179 * Each routine that breaks an association must break all of
2180 * them at once. At some later time, that routine must clear
2181 * the vm_object port fields and release the port rights.
2182 * [Furthermore, each routine must cope with the simultaneous
2183 * or previous operations of the others.]
2184 *
2185 * In addition to the lock on the object, the vm_object_cache_lock
2186 * governs the port associations. References gained through the
2187 * port association require use of the cache lock.
2188 *
2189 * Because the port fields may be cleared spontaneously, they
2190 * cannot be used to determine whether a memory object has
2191 * ever been associated with a particular vm_object. [This
2192 * knowledge is important to the shadow object mechanism.]
2193 * For this reason, an additional "created" attribute is
2194 * provided.
2195 *
2196 * During various paging operations, the port values found in the
2197 * vm_object must be valid. To prevent these port rights from being
2198 * released, and to prevent the port associations from changing
2199 * (other than being removed, i.e., made null), routines may use
2200 * the vm_object_paging_begin/end routines [actually, macros].
2201 * The implementation uses the "paging_in_progress" and "wanted" fields.
2202 * [Operations that alter the validity of the port values include the
2203 * termination routines and vm_object_collapse.]
2204 */
2205
2206 vm_object_t vm_object_lookup(
2207 ipc_port_t port)
2208 {
2209 vm_object_t object = VM_OBJECT_NULL;
2210
2211 if (IP_VALID(port)) {
2212 ip_lock(port);
2213 if (ip_active(port) &&
2214 #if NORMA_VM
2215 (ip_kotype(port) == IKOT_PAGER)) {
2216 #else /* NORMA_VM */
2217 (ip_kotype(port) == IKOT_PAGING_REQUEST)) {
2218 #endif /* NORMA_VM */
2219 vm_object_cache_lock();
2220 object = (vm_object_t) port->ip_kobject;
2221 vm_object_lock(object);
2222
2223 assert(object->alive);
2224
2225 if (object->ref_count == 0) {
2226 queue_remove(&vm_object_cached_list, object,
2227 vm_object_t, cached_list);
2228 vm_object_cached_count--;
2229 }
2230
2231 object->ref_count++;
2232 vm_object_unlock(object);
2233 vm_object_cache_unlock();
2234 }
2235 ip_unlock(port);
2236 }
2237
2238 return object;
2239 }
2240
2241 vm_object_t vm_object_lookup_name(
2242 ipc_port_t port)
2243 {
2244 vm_object_t object = VM_OBJECT_NULL;
2245
2246 if (IP_VALID(port)) {
2247 ip_lock(port);
2248 if (ip_active(port) &&
2249 (ip_kotype(port) == IKOT_PAGING_NAME)) {
2250 vm_object_cache_lock();
2251 object = (vm_object_t) port->ip_kobject;
2252 vm_object_lock(object);
2253
2254 assert(object->alive);
2255
2256 if (object->ref_count == 0) {
2257 queue_remove(&vm_object_cached_list, object,
2258 vm_object_t, cached_list);
2259 vm_object_cached_count--;
2260 }
2261
2262 object->ref_count++;
2263 vm_object_unlock(object);
2264 vm_object_cache_unlock();
2265 }
2266 ip_unlock(port);
2267 }
2268
2269 return object;
2270 }
2271
2272 void vm_object_destroy(
2273 ipc_port_t pager)
2274 {
2275 vm_object_t object;
2276 pager_request_t old_request;
2277 ipc_port_t old_name;
2278
2279 /*
2280 * Perform essentially the same operations as in vm_object_lookup,
2281 * except that this time we look up based on the memory_object
2282 * port, not the control port.
2283 */
2284 vm_object_cache_lock();
2285 if (ip_kotype(pager) != IKOT_PAGER) {
2286 vm_object_cache_unlock();
2287 return;
2288 }
2289
2290 object = (vm_object_t) pager->ip_kobject;
2291 vm_object_lock(object);
2292 if (object->ref_count == 0) {
2293 queue_remove(&vm_object_cached_list, object,
2294 vm_object_t, cached_list);
2295 vm_object_cached_count--;
2296 }
2297 object->ref_count++;
2298
2299 object->can_persist = FALSE;
2300
2301 assert(object->pager == pager);
2302
2303 /*
2304 * Remove the port associations.
2305 *
2306 * Note that the memory_object itself is dead, so
2307 * we don't bother with it.
2308 */
2309
2310 object->pager = IP_NULL;
2311 vm_object_remove(object);
2312
2313 old_request = object->pager_request;
2314 object->pager_request = PAGER_REQUEST_NULL;
2315
2316 old_name = object->pager_name;
2317 object->pager_name = IP_NULL;
2318
2319 vm_object_unlock(object);
2320 vm_object_cache_unlock();
2321
2322 /*
2323 * Clean up the port references. Note that there's no
2324 * point in trying the memory_object_terminate call
2325 * because the memory_object itself is dead.
2326 */
2327
2328 ipc_port_release_send(pager);
2329 #if !NORMA_VM
2330 if (old_request != IP_NULL)
2331 ipc_port_dealloc_kernel(old_request);
2332 #endif /* !NORMA_VM */
2333 if (old_name != IP_NULL)
2334 #if NORMA_VM
2335 ipc_port_release_send(old_name);
2336 #else /* NORMA_VM */
2337 ipc_port_dealloc_kernel(old_name);
2338 #endif /* NORMA_VM */
2339
2340 /*
2341 * Restart pending page requests
2342 */
2343
2344 vm_object_abort_activity(object);
2345
2346 /*
2347 * Lose the object reference.
2348 */
2349
2350 vm_object_deallocate(object);
2351 }
2352
2353 boolean_t vm_object_accept_old_init_protocol = FALSE;
2354
2355 /*
2356 * Routine: vm_object_enter
2357 * Purpose:
2358 * Find a VM object corresponding to the given
2359 * pager; if no such object exists, create one,
2360 * and initialize the pager.
2361 */
2362 vm_object_t vm_object_enter(
2363 ipc_port_t pager,
2364 vm_size_t size,
2365 boolean_t internal)
2366 {
2367 register
2368 vm_object_t object;
2369 vm_object_t new_object;
2370 boolean_t must_init;
2371 ipc_kobject_type_t po;
2372
2373 restart:
2374 if (!IP_VALID(pager))
2375 return vm_object_allocate(size);
2376
2377 new_object = VM_OBJECT_NULL;
2378 must_init = FALSE;
2379
2380 /*
2381 * Look for an object associated with this port.
2382 */
2383
2384 vm_object_cache_lock();
2385 for (;;) {
2386 po = ip_kotype(pager);
2387
2388 /*
2389 * If a previous object is being terminated,
2390 * we must wait for the termination message
2391 * to be queued.
2392 *
2393 * We set kobject to a non-null value to let the
2394 * terminator know that someone is waiting.
2395 * Among the possibilities is that the port
2396 * could die while we're waiting. Must restart
2397 * instead of continuing the loop.
2398 */
2399
2400 if (po == IKOT_PAGER_TERMINATING) {
2401 pager->ip_kobject = (ipc_kobject_t) pager;
2402 assert_wait((event_t) pager, FALSE);
2403 vm_object_cache_unlock();
2404 thread_block(CONTINUE_NULL);
2405 goto restart;
2406 }
2407
2408 /*
2409 * Bail if there is already a kobject associated
2410 * with the pager port.
2411 */
2412 if (po != IKOT_NONE) {
2413 break;
2414 }
2415
2416 /*
2417 * We must unlock to create a new object;
2418 * if we do so, we must try the lookup again.
2419 */
2420
2421 if (new_object == VM_OBJECT_NULL) {
2422 vm_object_cache_unlock();
2423 new_object = vm_object_allocate(size);
2424 vm_object_cache_lock();
2425 } else {
2426 /*
2427 * Lookup failed twice, and we have something
2428 * to insert; set the object.
2429 */
2430
2431 ipc_kobject_set(pager,
2432 (ipc_kobject_t) new_object,
2433 IKOT_PAGER);
2434 new_object = VM_OBJECT_NULL;
2435 must_init = TRUE;
2436 }
2437 }
2438
2439 if (internal)
2440 must_init = TRUE;
2441
2442 /*
2443 * It's only good if it's a VM object!
2444 */
2445
2446 object = (po == IKOT_PAGER) ? (vm_object_t) pager->ip_kobject
2447 : VM_OBJECT_NULL;
2448
2449 if ((object != VM_OBJECT_NULL) && !must_init) {
2450 vm_object_lock(object);
2451 if (object->ref_count == 0) {
2452 queue_remove(&vm_object_cached_list, object,
2453 vm_object_t, cached_list);
2454 vm_object_cached_count--;
2455 }
2456 object->ref_count++;
2457 vm_object_unlock(object);
2458
2459 vm_stat.hits++;
2460 }
2461 assert((object == VM_OBJECT_NULL) || (object->ref_count > 0) ||
2462 ((object->paging_in_progress != 0) && internal));
2463
2464 vm_stat.lookups++;
2465
2466 vm_object_cache_unlock();
2467
2468 /*
2469 * If we raced to create a vm_object but lost, let's
2470 * throw away ours.
2471 */
2472
2473 if (new_object != VM_OBJECT_NULL)
2474 vm_object_deallocate(new_object);
2475
2476 if (object == VM_OBJECT_NULL)
2477 return(object);
2478
2479 if (must_init) {
2480 /*
2481 * Copy the naked send right we were given.
2482 */
2483
2484 pager = ipc_port_copy_send(pager);
2485 if (!IP_VALID(pager))
2486 panic("vm_object_enter: port died"); /* XXX */
2487
2488 object->pager_created = TRUE;
2489 object->pager = pager;
2490
2491 #if NORMA_VM
2492
2493 /*
2494 * Let the xmm system know that we want to use the pager.
2495 *
2496 * Name port will be provided by the xmm system
2497 * when set_attributes_common is called.
2498 */
2499
2500 object->internal = internal;
2501 object->pager_ready = internal;
2502 if (internal) {
2503 assert(object->temporary);
2504 } else {
2505 object->temporary = FALSE;
2506 }
2507 object->pager_name = IP_NULL;
2508
2509 (void) xmm_memory_object_init(object);
2510 #else /* NORMA_VM */
2511
2512 /*
2513 * Allocate request port.
2514 */
2515
2516 object->pager_request = ipc_port_alloc_kernel();
2517 if (object->pager_request == IP_NULL)
2518 panic("vm_object_enter: pager request alloc");
2519
2520 ipc_kobject_set(object->pager_request,
2521 (ipc_kobject_t) object,
2522 IKOT_PAGING_REQUEST);
2523
2524 /*
2525 * Let the pager know we're using it.
2526 */
2527
2528 if (internal) {
2529 /* acquire a naked send right for the DMM */
2530 ipc_port_t DMM = memory_manager_default_reference();
2531
2532 /* mark the object internal */
2533 object->internal = TRUE;
2534 assert(object->temporary);
2535
2536 /* default-pager objects are ready immediately */
2537 object->pager_ready = TRUE;
2538
2539 /* consumes the naked send right for DMM */
2540 (void) memory_object_create(DMM,
2541 pager,
2542 object->size,
2543 object->pager_request,
2544 object->pager_name,
2545 PAGE_SIZE);
2546 } else {
2547 /* the object is external and not temporary */
2548 object->internal = FALSE;
2549 object->temporary = FALSE;
2550
2551 /* user pager objects are not ready until marked so */
2552 object->pager_ready = FALSE;
2553
2554 (void) memory_object_init(pager,
2555 object->pager_request,
2556 object->pager_name,
2557 PAGE_SIZE);
2558
2559 }
2560 #endif /* NORMA_VM */
2561
2562 vm_object_lock(object);
2563 object->pager_initialized = TRUE;
2564
2565 if (vm_object_accept_old_init_protocol)
2566 object->pager_ready = TRUE;
2567
2568 vm_object_wakeup(object, VM_OBJECT_EVENT_INITIALIZED);
2569 } else {
2570 vm_object_lock(object);
2571 }
2572 /*
2573 * [At this point, the object must be locked]
2574 */
2575
2576 /*
2577 * Wait for the work above to be done by the first
2578 * thread to map this object.
2579 */
2580
2581 while (!object->pager_initialized) {
2582 vm_object_wait( object,
2583 VM_OBJECT_EVENT_INITIALIZED,
2584 FALSE);
2585 vm_object_lock(object);
2586 }
2587 vm_object_unlock(object);
2588
2589 return object;
2590 }
2591
2592 /*
2593 * Routine: vm_object_pager_create
2594 * Purpose:
2595 * Create a memory object for an internal object.
2596 * In/out conditions:
2597 * The object is locked on entry and exit;
2598 * it may be unlocked within this call.
2599 * Limitations:
2600 * Only one thread may be performing a
2601 * vm_object_pager_create on an object at
2602 * a time. Presumably, only the pageout
2603 * daemon will be using this routine.
2604 */
2605 void vm_object_pager_create(
2606 register
2607 vm_object_t object)
2608 {
2609 ipc_port_t pager;
2610
2611 if (object->pager_created) {
2612 /*
2613 * Someone else got to it first...
2614 * wait for them to finish initializing
2615 */
2616
2617 while (!object->pager_initialized) {
2618 vm_object_wait( object,
2619 VM_OBJECT_EVENT_PAGER_READY,
2620 FALSE);
2621 vm_object_lock(object);
2622 }
2623 return;
2624 }
2625
2626 /*
2627 * Indicate that a memory object has been assigned
2628 * before dropping the lock, to prevent a race.
2629 */
2630
2631 object->pager_created = TRUE;
2632
2633 /*
2634 * Prevent collapse or termination by
2635 * holding a paging reference
2636 */
2637
2638 vm_object_paging_begin(object);
2639 vm_object_unlock(object);
2640
2641 #if MACH_PAGEMAP
2642 object->existence_info = vm_external_create(
2643 object->size +
2644 object->paging_offset);
2645 assert((object->size + object->paging_offset) >=
2646 object->size);
2647 #endif /* MACH_PAGEMAP */
2648
2649 /*
2650 * Create the pager, and associate with it
2651 * this object.
2652 *
2653 * Note that we only make the port association
2654 * so that vm_object_enter can properly look up
2655 * the object to complete the initialization...
2656 * we do not expect any user to ever map this
2657 * object.
2658 *
2659 * Since the kernel has the only rights to the
2660 * port, it's safe to install the association
2661 * without holding the cache lock.
2662 */
2663
2664 pager = ipc_port_alloc_kernel();
2665 if (pager == IP_NULL)
2666 panic("vm_object_pager_create: allocate pager port");
2667
2668 (void) ipc_port_make_send(pager);
2669 ipc_kobject_set(pager, (ipc_kobject_t) object, IKOT_PAGER);
2670
2671 /*
2672 * Initialize the rest of the paging stuff
2673 */
2674
2675 if (vm_object_enter(pager, object->size, TRUE) != object)
2676 panic("vm_object_pager_create: mismatch");
2677
2678 /*
2679 * Drop the naked send right taken above.
2680 */
2681
2682 ipc_port_release_send(pager);
2683
2684 /*
2685 * Release the paging reference
2686 */
2687
2688 vm_object_lock(object);
2689 vm_object_paging_end(object);
2690 }
2691
2692 /*
2693 * Routine: vm_object_remove
2694 * Purpose:
2695 * Eliminate the pager/object association
2696 * for this pager.
2697 * Conditions:
2698 * The object cache must be locked.
2699 */
2700 void vm_object_remove(
2701 vm_object_t object)
2702 {
2703 ipc_port_t port;
2704
2705 if ((port = object->pager) != IP_NULL) {
2706 if (ip_kotype(port) == IKOT_PAGER)
2707 ipc_kobject_set(port, IKO_NULL,
2708 IKOT_PAGER_TERMINATING);
2709 else if (ip_kotype(port) != IKOT_NONE)
2710 panic("vm_object_remove: bad object port");
2711 }
2712 #if !NORMA_VM
2713 if ((port = object->pager_request) != IP_NULL) {
2714 if (ip_kotype(port) == IKOT_PAGING_REQUEST)
2715 ipc_kobject_set(port, IKO_NULL, IKOT_NONE);
2716 else if (ip_kotype(port) != IKOT_NONE)
2717 panic("vm_object_remove: bad request port");
2718 }
2719 if ((port = object->pager_name) != IP_NULL) {
2720 if (ip_kotype(port) == IKOT_PAGING_NAME)
2721 ipc_kobject_set(port, IKO_NULL, IKOT_NONE);
2722 else if (ip_kotype(port) != IKOT_NONE)
2723 panic("vm_object_remove: bad name port");
2724 }
2725 #endif /* !NORMA_VM */
2726 }
2727
2728 /*
2729 * Global variables for vm_object_collapse():
2730 *
2731 * Counts for normal collapses and bypasses.
2732 * Debugging variables, to watch or disable collapse.
2733 */
2734 long object_collapses = 0;
2735 long object_bypasses = 0;
2736
2737 int vm_object_collapse_debug = 0;
2738 boolean_t vm_object_collapse_allowed = TRUE;
2739 boolean_t vm_object_collapse_bypass_allowed = TRUE;
2740
2741 /*
2742 * vm_object_collapse:
2743 *
2744 * Collapse an object with the object backing it.
2745 * Pages in the backing object are moved into the
2746 * parent, and the backing object is deallocated.
2747 *
2748 * Requires that the object be locked and the page
2749 * queues be unlocked. May unlock/relock the object,
2750 * so the caller should hold a reference for the object.
2751 */
2752 void vm_object_collapse(
2753 register vm_object_t object)
2754 {
2755 register vm_object_t backing_object;
2756 register vm_offset_t backing_offset;
2757 register vm_size_t size;
2758 register vm_offset_t new_offset;
2759 register vm_page_t p, pp;
2760 ipc_port_t old_name_port;
2761
2762 if (!vm_object_collapse_allowed)
2763 return;
2764
2765 while (TRUE) {
2766 /*
2767 * Verify that the conditions are right for collapse:
2768 *
2769 * The object exists and no pages in it are currently
2770 * being paged out (or have ever been paged out).
2771 *
2772 * This check is probably overkill -- if a memory
2773 * object has not been created, the fault handler
2774 * shouldn't release the object lock while paging
2775 * is in progress or absent pages exist.
2776 */
2777 if (object == VM_OBJECT_NULL ||
2778 object->pager_created ||
2779 object->paging_in_progress != 0 ||
2780 object->absent_count != 0)
2781 return;
2782
2783 /*
2784 * There is a backing object, and
2785 */
2786
2787 if ((backing_object = object->shadow) == VM_OBJECT_NULL)
2788 return;
2789
2790 vm_object_lock(backing_object);
2791 /*
2792 * ...
2793 * The backing object is not read_only,
2794 * and no pages in the backing object are
2795 * currently being paged out.
2796 * The backing object is internal.
2797 *
2798 * XXX It may be sufficient for the backing
2799 * XXX object to be temporary.
2800 */
2801
2802 if (!backing_object->internal ||
2803 backing_object->paging_in_progress != 0) {
2804 vm_object_unlock(backing_object);
2805 return;
2806 }
2807
2808 /*
2809 * The backing object can't be a copy-object:
2810 * the shadow_offset for the copy-object must stay
2811 * as 0. Furthermore (for the 'we have all the
2812 * pages' case), if we bypass backing_object and
2813 * just shadow the next object in the chain, old
2814 * pages from that object would then have to be copied
2815 * BOTH into the (former) backing_object and into the
2816 * parent object.
2817 */
2818 if (backing_object->shadow != VM_OBJECT_NULL &&
2819 backing_object->shadow->copy != VM_OBJECT_NULL) {
2820 vm_object_unlock(backing_object);
2821 return;
2822 }
2823
2824 /*
2825 * We know that we can either collapse the backing
2826 * object (if the parent is the only reference to
2827 * it) or (perhaps) remove the parent's reference
2828 * to it.
2829 */
2830
2831 backing_offset = object->shadow_offset;
2832 size = object->size;
2833
2834 /*
2835 * If there is exactly one reference to the backing
2836 * object, we can collapse it into the parent.
2837 */
2838
2839 if (backing_object->ref_count == 1) {
2840 if (!vm_object_cache_lock_try()) {
2841 vm_object_unlock(backing_object);
2842 return;
2843 }
2844
2845 /*
2846 * We can collapse the backing object.
2847 *
2848 * Move all in-memory pages from backing_object
2849 * to the parent. Pages that have been paged out
2850 * will be overwritten by any of the parent's
2851 * pages that shadow them.
2852 */
2853
2854 while (!queue_empty(&backing_object->memq)) {
2855
2856 p = (vm_page_t)
2857 queue_first(&backing_object->memq);
2858
2859 new_offset = (p->offset - backing_offset);
2860
2861 assert(!p->busy || p->absent);
2862
2863 /*
2864 * If the parent has a page here, or if
2865 * this page falls outside the parent,
2866 * dispose of it.
2867 *
2868 * Otherwise, move it as planned.
2869 */
2870
2871 if (p->offset < backing_offset ||
2872 new_offset >= size) {
2873 vm_page_lock_queues();
2874 vm_page_free(p);
2875 vm_page_unlock_queues();
2876 } else {
2877 pp = vm_page_lookup(object, new_offset);
2878 if (pp != VM_PAGE_NULL && !pp->absent) {
2879 /*
2880 * Parent object has a real page.
2881 * Throw away the backing object's
2882 * page.
2883 */
2884 vm_page_lock_queues();
2885 vm_page_free(p);
2886 vm_page_unlock_queues();
2887 }
2888 else {
2889 if (pp != VM_PAGE_NULL) {
2890 /*
2891 * Parent has an absent page...
2892 * it's not being paged in, so
2893 * it must really be missing from
2894 * the parent.
2895 *
2896 * Throw out the absent page...
2897 * any faults looking for that
2898 * page will restart with the new
2899 * one.
2900 */
2901
2902 /*
2903 * This should never happen -- the
2904 * parent cannot have ever had an
2905 * external memory object, and thus
2906 * cannot have absent pages.
2907 */
2908 panic("vm_object_collapse: bad case");
2909
2910 vm_page_lock_queues();
2911 vm_page_free(pp);
2912 vm_page_unlock_queues();
2913
2914 /*
2915 * Fall through to move the backing
2916 * object's page up.
2917 */
2918 }
2919 /*
2920 * Parent now has no page.
2921 * Move the backing object's page up.
2922 */
2923 vm_page_rename(p, object, new_offset);
2924 }
2925 }
2926 }
2927
2928 /*
2929 * Move the pager from backing_object to object.
2930 *
2931 * XXX We're only using part of the paging space
2932 * for keeps now... we ought to discard the
2933 * unused portion.
2934 */
2935
2936 switch (vm_object_collapse_debug) {
2937 case 0:
2938 break;
2939 case 1:
2940 if ((backing_object->pager == IP_NULL) &&
2941 (backing_object->pager_request ==
2942 PAGER_REQUEST_NULL))
2943 break;
2944 /* Fall through to... */
2945
2946 default:
2947 printf("vm_object_collapse: %#x (pager %#x, request %#x) up to %#x\n",
2948 (vm_offset_t)backing_object,
2949 (vm_offset_t)backing_object->pager,
2950 (vm_offset_t)backing_object->pager_request,
2951 (vm_offset_t)object);
2952 if (vm_object_collapse_debug > 2)
2953 Debugger("vm_object_collapse");
2954 }
2955
2956 object->pager = backing_object->pager;
2957 if (object->pager != IP_NULL)
2958 ipc_kobject_set(object->pager,
2959 (ipc_kobject_t) object,
2960 IKOT_PAGER);
2961 object->pager_initialized = backing_object->pager_initialized;
2962 object->pager_ready = backing_object->pager_ready;
2963 object->pager_created = backing_object->pager_created;
2964
2965 object->pager_request = backing_object->pager_request;
2966 #if NORMA_VM
2967 old_name_port = object->pager_name;
2968 object->pager_name = backing_object->pager_name;
2969 #else /* NORMA_VM */
2970 if (object->pager_request != IP_NULL)
2971 ipc_kobject_set(object->pager_request,
2972 (ipc_kobject_t) object,
2973 IKOT_PAGING_REQUEST);
2974 old_name_port = object->pager_name;
2975 if (old_name_port != IP_NULL)
2976 ipc_kobject_set(old_name_port,
2977 IKO_NULL, IKOT_NONE);
2978 object->pager_name = backing_object->pager_name;
2979 if (object->pager_name != IP_NULL)
2980 ipc_kobject_set(object->pager_name,
2981 (ipc_kobject_t) object,
2982 IKOT_PAGING_NAME);
2983 #endif /* NORMA_VM */
2984
2985 vm_object_cache_unlock();
2986
2987 /*
2988 * If there is no pager, leave paging-offset alone.
2989 */
2990 if (object->pager != IP_NULL)
2991 object->paging_offset =
2992 backing_object->paging_offset +
2993 backing_offset;
2994
2995 #if MACH_PAGEMAP
2996 assert(object->existence_info == VM_EXTERNAL_NULL);
2997 object->existence_info = backing_object->existence_info;
2998 #endif /* MACH_PAGEMAP */
2999
3000 /*
3001 * Object now shadows whatever backing_object did.
3002 * Note that the reference to backing_object->shadow
3003 * moves from within backing_object to within object.
3004 */
3005
3006 object->shadow = backing_object->shadow;
3007 object->shadow_offset += backing_object->shadow_offset;
3008 if (object->shadow != VM_OBJECT_NULL &&
3009 object->shadow->copy != VM_OBJECT_NULL) {
3010 panic("vm_object_collapse: we collapsed a copy-object!");
3011 }
3012 /*
3013 * Discard backing_object.
3014 *
3015 * Since the backing object has no pages, no
3016 * pager left, and no object references within it,
3017 * all that is necessary is to dispose of it.
3018 */
3019
3020 assert(
3021 (backing_object->ref_count == 1) &&
3022 (backing_object->resident_page_count == 0) &&
3023 (backing_object->paging_in_progress == 0)
3024 );
3025
3026 assert(backing_object->alive);
3027 backing_object->alive = FALSE;
3028 vm_object_unlock(backing_object);
3029
3030 vm_object_unlock(object);
3031 if (old_name_port != IP_NULL)
3032 #if NORMA_VM
3033 ipc_port_release_send(old_name_port);
3034 #else /* NORMA_VM */
3035 ipc_port_dealloc_kernel(old_name_port);
3036 #endif /* NORMA_VM */
3037 zfree(vm_object_zone, (vm_offset_t) backing_object);
3038 vm_object_lock(object);
3039
3040 object_collapses++;
3041 }
3042 else {
3043 if (!vm_object_collapse_bypass_allowed) {
3044 vm_object_unlock(backing_object);
3045 return;
3046 }
3047
3048 /*
3049 * If all of the pages in the backing object are
3050 * shadowed by the parent object, the parent
3051 * object no longer has to shadow the backing
3052 * object; it can shadow the next one in the
3053 * chain.
3054 *
3055 * The backing object must not be paged out - we'd
3056 * have to check all of the paged-out pages, as
3057 * well.
3058 */
3059
3060 if (backing_object->pager_created) {
3061 vm_object_unlock(backing_object);
3062 return;
3063 }
3064
3065 /*
3066 * Should have a check for a 'small' number
3067 * of pages here.
3068 */
3069
3070 queue_iterate(&backing_object->memq, p,
3071 vm_page_t, listq)
3072 {
3073 new_offset = (p->offset - backing_offset);
3074
3075 /*
3076 * If the parent has a page here, or if
3077 * this page falls outside the parent,
3078 * keep going.
3079 *
3080 * Otherwise, the backing_object must be
3081 * left in the chain.
3082 */
3083
3084 if (p->offset >= backing_offset &&
3085 new_offset <= size &&
3086 (pp = vm_page_lookup(object, new_offset))
3087 == VM_PAGE_NULL) {
3088 /*
3089 * Page still needed.
3090 * Can't go any further.
3091 */
3092 vm_object_unlock(backing_object);
3093 return;
3094 }
3095 }
3096
3097 /*
3098 * Make the parent shadow the next object
3099 * in the chain. Deallocating backing_object
3100 * will not remove it, since its reference
3101 * count is at least 2.
3102 */
3103
3104 vm_object_reference(object->shadow = backing_object->shadow);
3105 object->shadow_offset += backing_object->shadow_offset;
3106
3107 /*
3108 * Backing object might have had a copy pointer
3109 * to us. If it did, clear it.
3110 */
3111 if (backing_object->copy == object)
3112 backing_object->copy = VM_OBJECT_NULL;
3113
3114 /*
3115 * Drop the reference count on backing_object.
3116 * Since its ref_count was at least 2, it
3117 * will not vanish; so we don't need to call
3118 * vm_object_deallocate.
3119 */
3120 backing_object->ref_count--;
3121 assert(backing_object->ref_count > 0);
3122 vm_object_unlock(backing_object);
3123
3124 object_bypasses ++;
3125
3126 }
3127
3128 /*
3129 * Try again with this object's new backing object.
3130 */
3131 }
3132 }
3133
3134 /*
3135 * Routine: vm_object_page_remove: [internal]
3136 * Purpose:
3137 * Removes all physical pages in the specified
3138 * object range from the object's list of pages.
3139 *
3140 * In/out conditions:
3141 * The object must be locked.
3142 */
3143 unsigned int vm_object_page_remove_lookup = 0;
3144 unsigned int vm_object_page_remove_iterate = 0;
3145
3146 void vm_object_page_remove(
3147 register vm_object_t object,
3148 register vm_offset_t start,
3149 register vm_offset_t end)
3150 {
3151 register vm_page_t p, next;
3152
3153 /*
3154 * One and two page removals are most popular.
3155 * The factor of 16 here is somewhat arbitrary.
3156 * It balances vm_object_lookup vs iteration.
3157 */
3158
3159 if (atop(end - start) < (unsigned)object->resident_page_count/16) {
3160 vm_object_page_remove_lookup++;
3161
3162 for (; start < end; start += PAGE_SIZE) {
3163 p = vm_page_lookup(object, start);
3164 if (p != VM_PAGE_NULL) {
3165 if (!p->fictitious)
3166 pmap_page_protect(p->phys_addr,
3167 VM_PROT_NONE);
3168 vm_page_lock_queues();
3169 vm_page_free(p);
3170 vm_page_unlock_queues();
3171 }
3172 }
3173 } else {
3174 vm_object_page_remove_iterate++;
3175
3176 p = (vm_page_t) queue_first(&object->memq);
3177 while (!queue_end(&object->memq, (queue_entry_t) p)) {
3178 next = (vm_page_t) queue_next(&p->listq);
3179 if ((start <= p->offset) && (p->offset < end)) {
3180 if (!p->fictitious)
3181 pmap_page_protect(p->phys_addr,
3182 VM_PROT_NONE);
3183 vm_page_lock_queues();
3184 vm_page_free(p);
3185 vm_page_unlock_queues();
3186 }
3187 p = next;
3188 }
3189 }
3190 }
3191
3192 /*
3193 * Routine: vm_object_coalesce
3194 * Function: Coalesces two objects backing up adjoining
3195 * regions of memory into a single object.
3196 *
3197 * returns TRUE if objects were combined.
3198 *
3199 * NOTE: Only works at the moment if the second object is NULL -
3200 * if it's not, which object do we lock first?
3201 *
3202 * Parameters:
3203 * prev_object First object to coalesce
3204 * prev_offset Offset into prev_object
3205 * next_object Second object into coalesce
3206 * next_offset Offset into next_object
3207 *
3208 * prev_size Size of reference to prev_object
3209 * next_size Size of reference to next_object
3210 *
3211 * Conditions:
3212 * The object must *not* be locked.
3213 */
3214
3215 boolean_t vm_object_coalesce(
3216 register vm_object_t prev_object,
3217 vm_object_t next_object,
3218 vm_offset_t prev_offset,
3219 vm_offset_t next_offset,
3220 vm_size_t prev_size,
3221 vm_size_t next_size)
3222 {
3223 vm_size_t newsize;
3224
3225 #ifdef lint
3226 next_offset++;
3227 #endif /* lint */
3228
3229 if (next_object != VM_OBJECT_NULL) {
3230 return FALSE;
3231 }
3232
3233 if (prev_object == VM_OBJECT_NULL) {
3234 return TRUE;
3235 }
3236
3237 vm_object_lock(prev_object);
3238
3239 /*
3240 * Try to collapse the object first
3241 */
3242 vm_object_collapse(prev_object);
3243
3244 /*
3245 * Can't coalesce if pages not mapped to
3246 * prev_entry may be in use anyway:
3247 * . more than one reference
3248 * . paged out
3249 * . shadows another object
3250 * . has a copy elsewhere
3251 * . paging references (pages might be in page-list)
3252 */
3253
3254 if ((prev_object->ref_count > 1) ||
3255 prev_object->pager_created ||
3256 (prev_object->shadow != VM_OBJECT_NULL) ||
3257 (prev_object->copy != VM_OBJECT_NULL) ||
3258 (prev_object->paging_in_progress != 0)) {
3259 vm_object_unlock(prev_object);
3260 return FALSE;
3261 }
3262
3263 /*
3264 * Remove any pages that may still be in the object from
3265 * a previous deallocation.
3266 */
3267
3268 vm_object_page_remove(prev_object,
3269 prev_offset + prev_size,
3270 prev_offset + prev_size + next_size);
3271
3272 /*
3273 * Extend the object if necessary.
3274 */
3275 newsize = prev_offset + prev_size + next_size;
3276 if (newsize > prev_object->size)
3277 prev_object->size = newsize;
3278
3279 vm_object_unlock(prev_object);
3280 return TRUE;
3281 }
3282
3283 vm_object_t vm_object_request_object(
3284 ipc_port_t p)
3285 {
3286 return vm_object_lookup(p);
3287 }
3288
3289 /*
3290 * Routine: vm_object_name
3291 * Purpose:
3292 * Returns a naked send right to the "name" port associated
3293 * with this object.
3294 */
3295 ipc_port_t vm_object_name(
3296 vm_object_t object)
3297 {
3298 ipc_port_t p;
3299
3300 if (object == VM_OBJECT_NULL)
3301 return IP_NULL;
3302
3303 vm_object_lock(object);
3304
3305 while (object->shadow != VM_OBJECT_NULL) {
3306 vm_object_t new_object = object->shadow;
3307 vm_object_lock(new_object);
3308 vm_object_unlock(object);
3309 object = new_object;
3310 }
3311
3312 p = object->pager_name;
3313 if (p != IP_NULL)
3314 #if NORMA_VM
3315 p = ipc_port_copy_send(p);
3316 #else /* NORMA_VM */
3317 p = ipc_port_make_send(p);
3318 #endif /* NORMA_VM */
3319 vm_object_unlock(object);
3320
3321 return p;
3322 }
3323
3324 /*
3325 * Attach a set of physical pages to an object, so that they can
3326 * be mapped by mapping the object. Typically used to map IO memory.
3327 *
3328 * The mapping function and its private data are used to obtain the
3329 * physical addresses for each page to be mapped.
3330 */
3331 void
3332 vm_object_page_map(
3333 vm_object_t object,
3334 vm_offset_t offset,
3335 vm_size_t size,
3336 vm_offset_t (*map_fn)(void *, vm_offset_t),
3337 void * map_fn_data) /* private to map_fn */
3338 {
3339 int num_pages;
3340 int i;
3341 vm_page_t m;
3342 vm_page_t old_page;
3343 vm_offset_t addr;
3344
3345 num_pages = atop(size);
3346
3347 for (i = 0; i < num_pages; i++, offset += PAGE_SIZE) {
3348
3349 addr = (*map_fn)(map_fn_data, offset);
3350
3351 while ((m = vm_page_grab_fictitious()) == VM_PAGE_NULL)
3352 vm_page_more_fictitious();
3353
3354 vm_object_lock(object);
3355 if ((old_page = vm_page_lookup(object, offset))
3356 != VM_PAGE_NULL)
3357 {
3358 vm_page_lock_queues();
3359 vm_page_free(old_page);
3360 vm_page_unlock_queues();
3361 }
3362
3363 if (addr == (vm_offset_t) (-1)) {
3364 m->error = TRUE;
3365 }
3366 else {
3367 vm_page_init(m, addr);
3368 m->wire_count = 1;
3369 m->private = TRUE; /* don`t free page */
3370 }
3371 vm_page_lock_queues();
3372 vm_page_insert(m, object, offset);
3373 vm_page_unlock_queues();
3374
3375 PAGE_WAKEUP_DONE(m);
3376 vm_object_unlock(object);
3377 }
3378 }
3379
3380 #include <mach_kdb.h>
3381
3382
3383 #if MACH_KDB
3384 #include <ddb/db_output.h>
3385
3386 boolean_t vm_object_print_pages = FALSE;
3387
3388 /*
3389 * vm_object_print: [ debug ]
3390 */
3391 void vm_object_print(
3392 vm_object_t object)
3393 {
3394 register vm_page_t p;
3395
3396 register int count;
3397
3398 if (object == VM_OBJECT_NULL)
3399 return;
3400
3401 db_iprintf("Object 0x%X: size=0x%X",
3402 (vm_offset_t) object, (vm_offset_t) object->size);
3403 db_printf(", %d references, %d resident pages,", object->ref_count,
3404 object->resident_page_count);
3405 db_printf(" %d absent pages,", object->absent_count);
3406 db_printf(" %d paging ops\n", object->paging_in_progress);
3407 db_indent += 2;
3408 db_iprintf("memory object=0x%X (offset=0x%X),",
3409 (vm_offset_t) object->pager, (vm_offset_t) object->paging_offset);
3410 db_printf("control=0x%X, name=0x%X\n",
3411 (vm_offset_t) object->pager_request, (vm_offset_t) object->pager_name);
3412 db_iprintf("%s%s",
3413 object->pager_ready ? " ready" : "",
3414 object->pager_created ? " created" : "");
3415 db_printf("%s,%s ",
3416 object->pager_initialized ? "" : "uninitialized",
3417 object->temporary ? "temporary" : "permanent");
3418 db_printf("%s%s,",
3419 object->internal ? "internal" : "external",
3420 object->can_persist ? " cacheable" : "");
3421 db_printf("copy_strategy=%d\n", (vm_offset_t)object->copy_strategy);
3422 db_iprintf("shadow=0x%X (offset=0x%X),",
3423 (vm_offset_t) object->shadow, (vm_offset_t) object->shadow_offset);
3424 db_printf("copy=0x%X\n", (vm_offset_t) object->copy);
3425
3426 db_indent += 2;
3427
3428 if (vm_object_print_pages) {
3429 count = 0;
3430 p = (vm_page_t) queue_first(&object->memq);
3431 while (!queue_end(&object->memq, (queue_entry_t) p)) {
3432 if (count == 0) db_iprintf("memory:=");
3433 else if (count == 4) {db_printf("\n"); db_iprintf(" ..."); count = 0;}
3434 else db_printf(",");
3435 count++;
3436
3437 db_printf("(off=0x%X,page=0x%X)", p->offset, (vm_offset_t) p);
3438 p = (vm_page_t) queue_next(&p->listq);
3439 }
3440 if (count != 0)
3441 db_printf("\n");
3442 }
3443 db_indent -= 4;
3444 }
3445
3446 #endif /* MACH_KDB */
Cache object: 977c4bf788c6f16ec4b1f5ca72588935
|