2 * SPDX-License-Identifier: BSD-2-Clause
4 * Copyright (c) 2002-2019 Jeffrey Roberson <jeff@FreeBSD.org>
5 * Copyright (c) 2004, 2005 Bosko Milekic <bmilekic@FreeBSD.org>
6 * Copyright (c) 2004-2006 Robert N. M. Watson
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice unmodified, this list of conditions, and the following
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 * uma_core.c Implementation of the Universal Memory allocator
34 * This allocator is intended to replace the multitude of similar object caches
35 * in the standard FreeBSD kernel. The intent is to be flexible as well as
36 * efficient. A primary design goal is to return unused memory to the rest of
37 * the system. This will make the system as a whole more flexible due to the
38 * ability to move memory to subsystems which most need it instead of leaving
39 * pools of reserved memory unused.
41 * The basic ideas stem from similar slab/zone based allocators whose algorithms
48 * - Improve memory usage for large allocations
49 * - Investigate cache size adjustments
52 #include <sys/cdefs.h>
54 #include "opt_param.h"
57 #include <sys/param.h>
58 #include <sys/systm.h>
60 #include <sys/bitset.h>
61 #include <sys/domainset.h>
62 #include <sys/eventhandler.h>
63 #include <sys/kernel.h>
64 #include <sys/types.h>
65 #include <sys/limits.h>
66 #include <sys/queue.h>
67 #include <sys/malloc.h>
70 #include <sys/sysctl.h>
71 #include <sys/mutex.h>
73 #include <sys/random.h>
74 #include <sys/rwlock.h>
76 #include <sys/sched.h>
77 #include <sys/sleepqueue.h>
80 #include <sys/taskqueue.h>
81 #include <sys/vmmeter.h>
84 #include <vm/vm_param.h>
85 #include <vm/vm_domainset.h>
86 #include <vm/vm_object.h>
87 #include <vm/vm_page.h>
88 #include <vm/vm_pageout.h>
89 #include <vm/vm_phys.h>
90 #include <vm/vm_pagequeue.h>
91 #include <vm/vm_map.h>
92 #include <vm/vm_kern.h>
93 #include <vm/vm_extern.h>
94 #include <vm/vm_dumpset.h>
96 #include <vm/uma_int.h>
97 #include <vm/uma_dbg.h>
101 #ifdef DEBUG_MEMGUARD
102 #include <vm/memguard.h>
105 #include <machine/md_var.h>
108 #define UMA_ALWAYS_CTORDTOR 1
110 #define UMA_ALWAYS_CTORDTOR 0
114 * This is the zone and keg from which all zones are spawned.
116 static uma_zone_t kegs;
117 static uma_zone_t zones;
120 * On INVARIANTS builds, the slab contains a second bitset of the same size,
121 * "dbg_bits", which is laid out immediately after us_free.
124 #define SLAB_BITSETS 2
126 #define SLAB_BITSETS 1
130 * These are the two zones from which all offpage uma_slab_ts are allocated.
132 * One zone is for slab headers that can represent a larger number of items,
133 * making the slabs themselves more efficient, and the other zone is for
134 * headers that are smaller and represent fewer items, making the headers more
137 #define SLABZONE_SIZE(setsize) \
138 (sizeof(struct uma_hash_slab) + BITSET_SIZE(setsize) * SLAB_BITSETS)
139 #define SLABZONE0_SETSIZE (PAGE_SIZE / 16)
140 #define SLABZONE1_SETSIZE SLAB_MAX_SETSIZE
141 #define SLABZONE0_SIZE SLABZONE_SIZE(SLABZONE0_SETSIZE)
142 #define SLABZONE1_SIZE SLABZONE_SIZE(SLABZONE1_SETSIZE)
143 static uma_zone_t slabzones[2];
146 * The initial hash tables come out of this zone so they can be allocated
147 * prior to malloc coming up.
149 static uma_zone_t hashzone;
151 /* The boot-time adjusted value for cache line alignment. */
152 static int uma_cache_align_mask = 64 - 1;
154 static MALLOC_DEFINE(M_UMAHASH, "UMAHash", "UMA Hash Buckets");
155 static MALLOC_DEFINE(M_UMA, "UMA", "UMA Misc");
158 * Are we allowed to allocate buckets?
160 static int bucketdisable = 1;
162 /* Linked list of all kegs in the system */
163 static LIST_HEAD(,uma_keg) uma_kegs = LIST_HEAD_INITIALIZER(uma_kegs);
165 /* Linked list of all cache-only zones in the system */
166 static LIST_HEAD(,uma_zone) uma_cachezones =
167 LIST_HEAD_INITIALIZER(uma_cachezones);
170 * Mutex for global lists: uma_kegs, uma_cachezones, and the per-keg list of
173 static struct rwlock_padalign __exclusive_cache_line uma_rwlock;
175 static struct sx uma_reclaim_lock;
178 * First available virual address for boot time allocations.
180 static vm_offset_t bootstart;
181 static vm_offset_t bootmem;
184 * kmem soft limit, initialized by uma_set_limit(). Ensure that early
185 * allocations don't trigger a wakeup of the reclaim thread.
187 unsigned long uma_kmem_limit = LONG_MAX;
188 SYSCTL_ULONG(_vm, OID_AUTO, uma_kmem_limit, CTLFLAG_RD, &uma_kmem_limit, 0,
189 "UMA kernel memory soft limit");
190 unsigned long uma_kmem_total;
191 SYSCTL_ULONG(_vm, OID_AUTO, uma_kmem_total, CTLFLAG_RD, &uma_kmem_total, 0,
192 "UMA kernel memory usage");
194 /* Is the VM done starting up? */
201 } booted = BOOT_COLD;
204 * This is the handle used to schedule events that need to happen
205 * outside of the allocation fast path.
207 static struct timeout_task uma_timeout_task;
208 #define UMA_TIMEOUT 20 /* Seconds for callout interval. */
211 * This structure is passed as the zone ctor arg so that I don't have to create
212 * a special allocation function just for zones.
214 struct uma_zctor_args {
229 struct uma_kctor_args {
238 struct uma_bucket_zone {
240 const char *ubz_name;
241 int ubz_entries; /* Number of items it can hold. */
242 int ubz_maxsize; /* Maximum allocation size per-item. */
246 * Compute the actual number of bucket entries to pack them in power
247 * of two sizes for more efficient space utilization.
249 #define BUCKET_SIZE(n) \
250 (((sizeof(void *) * (n)) - sizeof(struct uma_bucket)) / sizeof(void *))
252 #define BUCKET_MAX BUCKET_SIZE(256)
254 struct uma_bucket_zone bucket_zones[] = {
255 /* Literal bucket sizes. */
256 { NULL, "2 Bucket", 2, 4096 },
257 { NULL, "4 Bucket", 4, 3072 },
258 { NULL, "8 Bucket", 8, 2048 },
259 { NULL, "16 Bucket", 16, 1024 },
260 /* Rounded down power of 2 sizes for efficiency. */
261 { NULL, "32 Bucket", BUCKET_SIZE(32), 512 },
262 { NULL, "64 Bucket", BUCKET_SIZE(64), 256 },
263 { NULL, "128 Bucket", BUCKET_SIZE(128), 128 },
264 { NULL, "256 Bucket", BUCKET_SIZE(256), 64 },
269 * Flags and enumerations to be passed to internal functions.
273 SKIP_CNT = 0x00000001,
274 SKIP_DTOR = 0x00010000,
275 SKIP_FINI = 0x00020000,
280 void uma_startup1(vm_offset_t);
281 void uma_startup2(void);
283 static void *noobj_alloc(uma_zone_t, vm_size_t, int, uint8_t *, int);
284 static void *page_alloc(uma_zone_t, vm_size_t, int, uint8_t *, int);
285 static void *pcpu_page_alloc(uma_zone_t, vm_size_t, int, uint8_t *, int);
286 static void *startup_alloc(uma_zone_t, vm_size_t, int, uint8_t *, int);
287 static void *contig_alloc(uma_zone_t, vm_size_t, int, uint8_t *, int);
288 static void page_free(void *, vm_size_t, uint8_t);
289 static void pcpu_page_free(void *, vm_size_t, uint8_t);
290 static uma_slab_t keg_alloc_slab(uma_keg_t, uma_zone_t, int, int, int);
291 static void cache_drain(uma_zone_t);
292 static void bucket_drain(uma_zone_t, uma_bucket_t);
293 static void bucket_cache_reclaim(uma_zone_t zone, bool, int);
294 static bool bucket_cache_reclaim_domain(uma_zone_t, bool, bool, int);
295 static int keg_ctor(void *, int, void *, int);
296 static void keg_dtor(void *, int, void *);
297 static void keg_drain(uma_keg_t keg, int domain);
298 static int zone_ctor(void *, int, void *, int);
299 static void zone_dtor(void *, int, void *);
300 static inline void item_dtor(uma_zone_t zone, void *item, int size,
301 void *udata, enum zfreeskip skip);
302 static int zero_init(void *, int, int);
303 static void zone_free_bucket(uma_zone_t zone, uma_bucket_t bucket, void *udata,
304 int itemdomain, bool ws);
305 static void zone_foreach(void (*zfunc)(uma_zone_t, void *), void *);
306 static void zone_foreach_unlocked(void (*zfunc)(uma_zone_t, void *), void *);
307 static void zone_timeout(uma_zone_t zone, void *);
308 static int hash_alloc(struct uma_hash *, u_int);
309 static int hash_expand(struct uma_hash *, struct uma_hash *);
310 static void hash_free(struct uma_hash *hash);
311 static void uma_timeout(void *, int);
312 static void uma_shutdown(void);
313 static void *zone_alloc_item(uma_zone_t, void *, int, int);
314 static void zone_free_item(uma_zone_t, void *, void *, enum zfreeskip);
315 static int zone_alloc_limit(uma_zone_t zone, int count, int flags);
316 static void zone_free_limit(uma_zone_t zone, int count);
317 static void bucket_enable(void);
318 static void bucket_init(void);
319 static uma_bucket_t bucket_alloc(uma_zone_t zone, void *, int);
320 static void bucket_free(uma_zone_t zone, uma_bucket_t, void *);
321 static void bucket_zone_drain(int domain);
322 static uma_bucket_t zone_alloc_bucket(uma_zone_t, void *, int, int);
323 static void *slab_alloc_item(uma_keg_t keg, uma_slab_t slab);
324 static void slab_free_item(uma_zone_t zone, uma_slab_t slab, void *item);
325 static size_t slab_sizeof(int nitems);
326 static uma_keg_t uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit,
327 uma_fini fini, int align, uint32_t flags);
328 static int zone_import(void *, void **, int, int, int);
329 static void zone_release(void *, void **, int);
330 static bool cache_alloc(uma_zone_t, uma_cache_t, void *, int);
331 static bool cache_free(uma_zone_t, uma_cache_t, void *, void *, int);
333 static int sysctl_vm_zone_count(SYSCTL_HANDLER_ARGS);
334 static int sysctl_vm_zone_stats(SYSCTL_HANDLER_ARGS);
335 static int sysctl_handle_uma_zone_allocs(SYSCTL_HANDLER_ARGS);
336 static int sysctl_handle_uma_zone_frees(SYSCTL_HANDLER_ARGS);
337 static int sysctl_handle_uma_zone_flags(SYSCTL_HANDLER_ARGS);
338 static int sysctl_handle_uma_slab_efficiency(SYSCTL_HANDLER_ARGS);
339 static int sysctl_handle_uma_zone_items(SYSCTL_HANDLER_ARGS);
341 static uint64_t uma_zone_get_allocs(uma_zone_t zone);
343 static SYSCTL_NODE(_vm, OID_AUTO, debug, CTLFLAG_RD | CTLFLAG_MPSAFE, 0,
344 "Memory allocation debugging");
347 static uint64_t uma_keg_get_allocs(uma_keg_t zone);
348 static inline struct noslabbits *slab_dbg_bits(uma_slab_t slab, uma_keg_t keg);
350 static bool uma_dbg_kskip(uma_keg_t keg, void *mem);
351 static bool uma_dbg_zskip(uma_zone_t zone, void *mem);
352 static void uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item);
353 static void uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item);
355 static u_int dbg_divisor = 1;
356 SYSCTL_UINT(_vm_debug, OID_AUTO, divisor,
357 CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &dbg_divisor, 0,
358 "Debug & thrash every this item in memory allocator");
360 static counter_u64_t uma_dbg_cnt = EARLY_COUNTER;
361 static counter_u64_t uma_skip_cnt = EARLY_COUNTER;
362 SYSCTL_COUNTER_U64(_vm_debug, OID_AUTO, trashed, CTLFLAG_RD,
363 &uma_dbg_cnt, "memory items debugged");
364 SYSCTL_COUNTER_U64(_vm_debug, OID_AUTO, skipped, CTLFLAG_RD,
365 &uma_skip_cnt, "memory items skipped, not debugged");
368 SYSCTL_NODE(_vm, OID_AUTO, uma, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
369 "Universal Memory Allocator");
371 SYSCTL_PROC(_vm, OID_AUTO, zone_count, CTLFLAG_RD|CTLFLAG_MPSAFE|CTLTYPE_INT,
372 0, 0, sysctl_vm_zone_count, "I", "Number of UMA zones");
374 SYSCTL_PROC(_vm, OID_AUTO, zone_stats, CTLFLAG_RD|CTLFLAG_MPSAFE|CTLTYPE_STRUCT,
375 0, 0, sysctl_vm_zone_stats, "s,struct uma_type_header", "Zone Stats");
377 static int zone_warnings = 1;
378 SYSCTL_INT(_vm, OID_AUTO, zone_warnings, CTLFLAG_RWTUN, &zone_warnings, 0,
379 "Warn when UMA zones becomes full");
381 static int multipage_slabs = 1;
382 TUNABLE_INT("vm.debug.uma_multipage_slabs", &multipage_slabs);
383 SYSCTL_INT(_vm_debug, OID_AUTO, uma_multipage_slabs,
384 CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &multipage_slabs, 0,
385 "UMA may choose larger slab sizes for better efficiency");
388 * Select the slab zone for an offpage slab with the given maximum item count.
390 static inline uma_zone_t
394 return (slabzones[ipers > SLABZONE0_SETSIZE]);
398 * This routine checks to see whether or not it's safe to enable buckets.
404 KASSERT(booted >= BOOT_KVA, ("Bucket enable before init"));
405 bucketdisable = vm_page_count_min();
409 * Initialize bucket_zones, the array of zones of buckets of various sizes.
411 * For each zone, calculate the memory required for each bucket, consisting
412 * of the header and an array of pointers.
417 struct uma_bucket_zone *ubz;
420 for (ubz = &bucket_zones[0]; ubz->ubz_entries != 0; ubz++) {
421 size = roundup(sizeof(struct uma_bucket), sizeof(void *));
422 size += sizeof(void *) * ubz->ubz_entries;
423 ubz->ubz_zone = uma_zcreate(ubz->ubz_name, size,
424 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR,
425 UMA_ZONE_MTXCLASS | UMA_ZFLAG_BUCKET |
426 UMA_ZONE_FIRSTTOUCH);
431 * Given a desired number of entries for a bucket, return the zone from which
432 * to allocate the bucket.
434 static struct uma_bucket_zone *
435 bucket_zone_lookup(int entries)
437 struct uma_bucket_zone *ubz;
439 for (ubz = &bucket_zones[0]; ubz->ubz_entries != 0; ubz++)
440 if (ubz->ubz_entries >= entries)
447 bucket_select(int size)
449 struct uma_bucket_zone *ubz;
451 ubz = &bucket_zones[0];
452 if (size > ubz->ubz_maxsize)
453 return MAX((ubz->ubz_maxsize * ubz->ubz_entries) / size, 1);
455 for (; ubz->ubz_entries != 0; ubz++)
456 if (ubz->ubz_maxsize < size)
459 return (ubz->ubz_entries);
463 bucket_alloc(uma_zone_t zone, void *udata, int flags)
465 struct uma_bucket_zone *ubz;
469 * Don't allocate buckets early in boot.
471 if (__predict_false(booted < BOOT_KVA))
475 * To limit bucket recursion we store the original zone flags
476 * in a cookie passed via zalloc_arg/zfree_arg. This allows the
477 * NOVM flag to persist even through deep recursions. We also
478 * store ZFLAG_BUCKET once we have recursed attempting to allocate
479 * a bucket for a bucket zone so we do not allow infinite bucket
480 * recursion. This cookie will even persist to frees of unused
481 * buckets via the allocation path or bucket allocations in the
484 if ((zone->uz_flags & UMA_ZFLAG_BUCKET) == 0)
485 udata = (void *)(uintptr_t)zone->uz_flags;
487 if ((uintptr_t)udata & UMA_ZFLAG_BUCKET)
489 udata = (void *)((uintptr_t)udata | UMA_ZFLAG_BUCKET);
491 if (((uintptr_t)udata & UMA_ZONE_VM) != 0)
493 ubz = bucket_zone_lookup(atomic_load_16(&zone->uz_bucket_size));
494 if (ubz->ubz_zone == zone && (ubz + 1)->ubz_entries != 0)
496 bucket = uma_zalloc_arg(ubz->ubz_zone, udata, flags);
499 bzero(bucket->ub_bucket, sizeof(void *) * ubz->ubz_entries);
502 bucket->ub_entries = min(ubz->ubz_entries,
503 zone->uz_bucket_size_max);
504 bucket->ub_seq = SMR_SEQ_INVALID;
505 CTR3(KTR_UMA, "bucket_alloc: zone %s(%p) allocated bucket %p",
506 zone->uz_name, zone, bucket);
513 bucket_free(uma_zone_t zone, uma_bucket_t bucket, void *udata)
515 struct uma_bucket_zone *ubz;
517 if (bucket->ub_cnt != 0)
518 bucket_drain(zone, bucket);
520 KASSERT(bucket->ub_cnt == 0,
521 ("bucket_free: Freeing a non free bucket."));
522 KASSERT(bucket->ub_seq == SMR_SEQ_INVALID,
523 ("bucket_free: Freeing an SMR bucket."));
524 if ((zone->uz_flags & UMA_ZFLAG_BUCKET) == 0)
525 udata = (void *)(uintptr_t)zone->uz_flags;
526 ubz = bucket_zone_lookup(bucket->ub_entries);
527 uma_zfree_arg(ubz->ubz_zone, bucket, udata);
531 bucket_zone_drain(int domain)
533 struct uma_bucket_zone *ubz;
535 for (ubz = &bucket_zones[0]; ubz->ubz_entries != 0; ubz++)
536 uma_zone_reclaim_domain(ubz->ubz_zone, UMA_RECLAIM_DRAIN,
541 _Static_assert(UMA_SMALLEST_UNIT % KASAN_SHADOW_SCALE == 0,
542 "Base UMA allocation size not a multiple of the KASAN scale factor");
545 kasan_mark_item_valid(uma_zone_t zone, void *item)
551 if ((zone->uz_flags & UMA_ZONE_NOKASAN) != 0)
555 rsz = roundup2(sz, KASAN_SHADOW_SCALE);
556 if ((zone->uz_flags & UMA_ZONE_PCPU) == 0) {
557 kasan_mark(item, sz, rsz, KASAN_GENERIC_REDZONE);
559 pcpu_item = zpcpu_base_to_offset(item);
560 for (i = 0; i <= mp_maxid; i++)
561 kasan_mark(zpcpu_get_cpu(pcpu_item, i), sz, rsz,
562 KASAN_GENERIC_REDZONE);
567 kasan_mark_item_invalid(uma_zone_t zone, void *item)
573 if ((zone->uz_flags & UMA_ZONE_NOKASAN) != 0)
576 sz = roundup2(zone->uz_size, KASAN_SHADOW_SCALE);
577 if ((zone->uz_flags & UMA_ZONE_PCPU) == 0) {
578 kasan_mark(item, 0, sz, KASAN_UMA_FREED);
580 pcpu_item = zpcpu_base_to_offset(item);
581 for (i = 0; i <= mp_maxid; i++)
582 kasan_mark(zpcpu_get_cpu(pcpu_item, i), 0, sz,
588 kasan_mark_slab_valid(uma_keg_t keg, void *mem)
592 if ((keg->uk_flags & UMA_ZONE_NOKASAN) == 0) {
593 sz = keg->uk_ppera * PAGE_SIZE;
594 kasan_mark(mem, sz, sz, 0);
599 kasan_mark_slab_invalid(uma_keg_t keg, void *mem)
603 if ((keg->uk_flags & UMA_ZONE_NOKASAN) == 0) {
604 if ((keg->uk_flags & UMA_ZFLAG_OFFPAGE) != 0)
605 sz = keg->uk_ppera * PAGE_SIZE;
608 kasan_mark(mem, 0, sz, KASAN_UMA_FREED);
613 kasan_mark_item_valid(uma_zone_t zone __unused, void *item __unused)
618 kasan_mark_item_invalid(uma_zone_t zone __unused, void *item __unused)
623 kasan_mark_slab_valid(uma_keg_t keg __unused, void *mem __unused)
628 kasan_mark_slab_invalid(uma_keg_t keg __unused, void *mem __unused)
634 * Acquire the domain lock and record contention.
636 static uma_zone_domain_t
637 zone_domain_lock(uma_zone_t zone, int domain)
639 uma_zone_domain_t zdom;
642 zdom = ZDOM_GET(zone, domain);
644 if (ZDOM_OWNED(zdom))
647 /* This is unsynchronized. The counter does not need to be precise. */
648 if (lockfail && zone->uz_bucket_size < zone->uz_bucket_size_max)
649 zone->uz_bucket_size++;
654 * Search for the domain with the least cached items and return it if it
655 * is out of balance with the preferred domain.
657 static __noinline int
658 zone_domain_lowest(uma_zone_t zone, int pref)
660 long least, nitems, prefitems;
664 prefitems = least = LONG_MAX;
666 for (i = 0; i < vm_ndomains; i++) {
667 nitems = ZDOM_GET(zone, i)->uzd_nitems;
668 if (nitems < least) {
675 if (prefitems < least * 2)
682 * Search for the domain with the most cached items and return it or the
683 * preferred domain if it has enough to proceed.
685 static __noinline int
686 zone_domain_highest(uma_zone_t zone, int pref)
692 if (ZDOM_GET(zone, pref)->uzd_nitems > BUCKET_MAX)
697 for (i = 0; i < vm_ndomains; i++) {
698 nitems = ZDOM_GET(zone, i)->uzd_nitems;
709 * Set the maximum imax value.
712 zone_domain_imax_set(uma_zone_domain_t zdom, int nitems)
716 old = zdom->uzd_imax;
720 } while (atomic_fcmpset_long(&zdom->uzd_imax, &old, nitems) == 0);
723 * We are at new maximum, so do the last WSS update for the old
724 * bimin and prepare to measure next allocation batch.
726 if (zdom->uzd_wss < old - zdom->uzd_bimin)
727 zdom->uzd_wss = old - zdom->uzd_bimin;
728 zdom->uzd_bimin = nitems;
732 * Attempt to satisfy an allocation by retrieving a full bucket from one of the
733 * zone's caches. If a bucket is found the zone is not locked on return.
736 zone_fetch_bucket(uma_zone_t zone, uma_zone_domain_t zdom, bool reclaim)
743 ZDOM_LOCK_ASSERT(zdom);
745 if ((bucket = STAILQ_FIRST(&zdom->uzd_buckets)) == NULL)
748 /* SMR Buckets can not be re-used until readers expire. */
749 if ((zone->uz_flags & UMA_ZONE_SMR) != 0 &&
750 bucket->ub_seq != SMR_SEQ_INVALID) {
751 if (!smr_poll(zone->uz_smr, bucket->ub_seq, false))
753 bucket->ub_seq = SMR_SEQ_INVALID;
754 dtor = (zone->uz_dtor != NULL) || UMA_ALWAYS_CTORDTOR;
755 if (STAILQ_NEXT(bucket, ub_link) != NULL)
756 zdom->uzd_seq = STAILQ_NEXT(bucket, ub_link)->ub_seq;
758 STAILQ_REMOVE_HEAD(&zdom->uzd_buckets, ub_link);
760 KASSERT(zdom->uzd_nitems >= bucket->ub_cnt,
761 ("%s: item count underflow (%ld, %d)",
762 __func__, zdom->uzd_nitems, bucket->ub_cnt));
763 KASSERT(bucket->ub_cnt > 0,
764 ("%s: empty bucket in bucket cache", __func__));
765 zdom->uzd_nitems -= bucket->ub_cnt;
769 * Shift the bounds of the current WSS interval to avoid
770 * perturbing the estimates.
772 cnt = lmin(zdom->uzd_bimin, bucket->ub_cnt);
773 atomic_subtract_long(&zdom->uzd_imax, cnt);
774 zdom->uzd_bimin -= cnt;
775 zdom->uzd_imin -= lmin(zdom->uzd_imin, bucket->ub_cnt);
776 if (zdom->uzd_limin >= bucket->ub_cnt) {
777 zdom->uzd_limin -= bucket->ub_cnt;
782 } else if (zdom->uzd_bimin > zdom->uzd_nitems) {
783 zdom->uzd_bimin = zdom->uzd_nitems;
784 if (zdom->uzd_imin > zdom->uzd_nitems)
785 zdom->uzd_imin = zdom->uzd_nitems;
790 for (i = 0; i < bucket->ub_cnt; i++)
791 item_dtor(zone, bucket->ub_bucket[i], zone->uz_size,
798 * Insert a full bucket into the specified cache. The "ws" parameter indicates
799 * whether the bucket's contents should be counted as part of the zone's working
800 * set. The bucket may be freed if it exceeds the bucket limit.
803 zone_put_bucket(uma_zone_t zone, int domain, uma_bucket_t bucket, void *udata,
806 uma_zone_domain_t zdom;
808 /* We don't cache empty buckets. This can happen after a reclaim. */
809 if (bucket->ub_cnt == 0)
811 zdom = zone_domain_lock(zone, domain);
814 * Conditionally set the maximum number of items.
816 zdom->uzd_nitems += bucket->ub_cnt;
817 if (__predict_true(zdom->uzd_nitems < zone->uz_bucket_max)) {
819 zone_domain_imax_set(zdom, zdom->uzd_nitems);
822 * Shift the bounds of the current WSS interval to
823 * avoid perturbing the estimates.
825 atomic_add_long(&zdom->uzd_imax, bucket->ub_cnt);
826 zdom->uzd_imin += bucket->ub_cnt;
827 zdom->uzd_bimin += bucket->ub_cnt;
828 zdom->uzd_limin += bucket->ub_cnt;
830 if (STAILQ_EMPTY(&zdom->uzd_buckets))
831 zdom->uzd_seq = bucket->ub_seq;
834 * Try to promote reuse of recently used items. For items
835 * protected by SMR, try to defer reuse to minimize polling.
837 if (bucket->ub_seq == SMR_SEQ_INVALID)
838 STAILQ_INSERT_HEAD(&zdom->uzd_buckets, bucket, ub_link);
840 STAILQ_INSERT_TAIL(&zdom->uzd_buckets, bucket, ub_link);
844 zdom->uzd_nitems -= bucket->ub_cnt;
847 bucket_free(zone, bucket, udata);
850 /* Pops an item out of a per-cpu cache bucket. */
852 cache_bucket_pop(uma_cache_t cache, uma_cache_bucket_t bucket)
856 CRITICAL_ASSERT(curthread);
859 item = bucket->ucb_bucket->ub_bucket[bucket->ucb_cnt];
861 bucket->ucb_bucket->ub_bucket[bucket->ucb_cnt] = NULL;
862 KASSERT(item != NULL, ("uma_zalloc: Bucket pointer mangled."));
869 /* Pushes an item into a per-cpu cache bucket. */
871 cache_bucket_push(uma_cache_t cache, uma_cache_bucket_t bucket, void *item)
874 CRITICAL_ASSERT(curthread);
875 KASSERT(bucket->ucb_bucket->ub_bucket[bucket->ucb_cnt] == NULL,
876 ("uma_zfree: Freeing to non free bucket index."));
878 bucket->ucb_bucket->ub_bucket[bucket->ucb_cnt] = item;
884 * Unload a UMA bucket from a per-cpu cache.
886 static inline uma_bucket_t
887 cache_bucket_unload(uma_cache_bucket_t bucket)
891 b = bucket->ucb_bucket;
893 MPASS(b->ub_entries == bucket->ucb_entries);
894 b->ub_cnt = bucket->ucb_cnt;
895 bucket->ucb_bucket = NULL;
896 bucket->ucb_entries = bucket->ucb_cnt = 0;
902 static inline uma_bucket_t
903 cache_bucket_unload_alloc(uma_cache_t cache)
906 return (cache_bucket_unload(&cache->uc_allocbucket));
909 static inline uma_bucket_t
910 cache_bucket_unload_free(uma_cache_t cache)
913 return (cache_bucket_unload(&cache->uc_freebucket));
916 static inline uma_bucket_t
917 cache_bucket_unload_cross(uma_cache_t cache)
920 return (cache_bucket_unload(&cache->uc_crossbucket));
924 * Load a bucket into a per-cpu cache bucket.
927 cache_bucket_load(uma_cache_bucket_t bucket, uma_bucket_t b)
930 CRITICAL_ASSERT(curthread);
931 MPASS(bucket->ucb_bucket == NULL);
932 MPASS(b->ub_seq == SMR_SEQ_INVALID);
934 bucket->ucb_bucket = b;
935 bucket->ucb_cnt = b->ub_cnt;
936 bucket->ucb_entries = b->ub_entries;
940 cache_bucket_load_alloc(uma_cache_t cache, uma_bucket_t b)
943 cache_bucket_load(&cache->uc_allocbucket, b);
947 cache_bucket_load_free(uma_cache_t cache, uma_bucket_t b)
950 cache_bucket_load(&cache->uc_freebucket, b);
955 cache_bucket_load_cross(uma_cache_t cache, uma_bucket_t b)
958 cache_bucket_load(&cache->uc_crossbucket, b);
963 * Copy and preserve ucb_spare.
966 cache_bucket_copy(uma_cache_bucket_t b1, uma_cache_bucket_t b2)
969 b1->ucb_bucket = b2->ucb_bucket;
970 b1->ucb_entries = b2->ucb_entries;
971 b1->ucb_cnt = b2->ucb_cnt;
975 * Swap two cache buckets.
978 cache_bucket_swap(uma_cache_bucket_t b1, uma_cache_bucket_t b2)
980 struct uma_cache_bucket b3;
982 CRITICAL_ASSERT(curthread);
984 cache_bucket_copy(&b3, b1);
985 cache_bucket_copy(b1, b2);
986 cache_bucket_copy(b2, &b3);
990 * Attempt to fetch a bucket from a zone on behalf of the current cpu cache.
993 cache_fetch_bucket(uma_zone_t zone, uma_cache_t cache, int domain)
995 uma_zone_domain_t zdom;
1000 * Avoid the lock if possible.
1002 zdom = ZDOM_GET(zone, domain);
1003 if (zdom->uzd_nitems == 0)
1006 if ((cache_uz_flags(cache) & UMA_ZONE_SMR) != 0 &&
1007 (seq = atomic_load_32(&zdom->uzd_seq)) != SMR_SEQ_INVALID &&
1008 !smr_poll(zone->uz_smr, seq, false))
1012 * Check the zone's cache of buckets.
1014 zdom = zone_domain_lock(zone, domain);
1015 if ((bucket = zone_fetch_bucket(zone, zdom, false)) != NULL)
1023 zone_log_warning(uma_zone_t zone)
1025 static const struct timeval warninterval = { 300, 0 };
1027 if (!zone_warnings || zone->uz_warning == NULL)
1030 if (ratecheck(&zone->uz_ratecheck, &warninterval))
1031 printf("[zone: %s] %s\n", zone->uz_name, zone->uz_warning);
1035 zone_maxaction(uma_zone_t zone)
1038 if (zone->uz_maxaction.ta_func != NULL)
1039 taskqueue_enqueue(taskqueue_thread, &zone->uz_maxaction);
1043 * Routine called by timeout which is used to fire off some time interval
1044 * based calculations. (stats, hash size, etc.)
1053 uma_timeout(void *unused __unused, int pending __unused)
1056 zone_foreach(zone_timeout, NULL);
1058 /* Reschedule this event */
1059 taskqueue_enqueue_timeout(taskqueue_thread, &uma_timeout_task,
1064 * Update the working set size estimates for the zone's bucket cache.
1065 * The constants chosen here are somewhat arbitrary.
1068 zone_domain_update_wss(uma_zone_domain_t zdom)
1072 ZDOM_LOCK_ASSERT(zdom);
1073 MPASS(zdom->uzd_imax >= zdom->uzd_nitems);
1074 MPASS(zdom->uzd_nitems >= zdom->uzd_bimin);
1075 MPASS(zdom->uzd_bimin >= zdom->uzd_imin);
1078 * Estimate WSS as modified moving average of biggest allocation
1079 * batches for each period over few minutes (UMA_TIMEOUT of 20s).
1081 zdom->uzd_wss = lmax(zdom->uzd_wss * 3 / 4,
1082 zdom->uzd_imax - zdom->uzd_bimin);
1085 * Estimate longtime minimum item count as a combination of recent
1086 * minimum item count, adjusted by WSS for safety, and the modified
1087 * moving average over the last several hours (UMA_TIMEOUT of 20s).
1088 * timin measures time since limin tried to go negative, that means
1089 * we were dangerously close to or got out of cache.
1091 m = zdom->uzd_imin - zdom->uzd_wss;
1093 if (zdom->uzd_limin >= m)
1094 zdom->uzd_limin = m;
1096 zdom->uzd_limin = (m + zdom->uzd_limin * 255) / 256;
1099 zdom->uzd_limin = 0;
1100 zdom->uzd_timin = 0;
1103 /* To reduce period edge effects on WSS keep half of the imax. */
1104 atomic_subtract_long(&zdom->uzd_imax,
1105 (zdom->uzd_imax - zdom->uzd_nitems + 1) / 2);
1106 zdom->uzd_imin = zdom->uzd_bimin = zdom->uzd_nitems;
1110 * Routine to perform timeout driven calculations. This expands the
1111 * hashes and does per cpu statistics aggregation.
1116 zone_timeout(uma_zone_t zone, void *unused)
1121 if ((zone->uz_flags & UMA_ZFLAG_HASH) == 0)
1127 * Hash zones are non-numa by definition so the first domain
1128 * is the only one present.
1131 pages = keg->uk_domain[0].ud_pages;
1134 * Expand the keg hash table.
1136 * This is done if the number of slabs is larger than the hash size.
1137 * What I'm trying to do here is completely reduce collisions. This
1138 * may be a little aggressive. Should I allow for two collisions max?
1140 if ((slabs = pages / keg->uk_ppera) > keg->uk_hash.uh_hashsize) {
1141 struct uma_hash newhash;
1142 struct uma_hash oldhash;
1146 * This is so involved because allocating and freeing
1147 * while the keg lock is held will lead to deadlock.
1148 * I have to do everything in stages and check for
1152 ret = hash_alloc(&newhash, 1 << fls(slabs));
1155 if (hash_expand(&keg->uk_hash, &newhash)) {
1156 oldhash = keg->uk_hash;
1157 keg->uk_hash = newhash;
1162 hash_free(&oldhash);
1169 /* Trim caches not used for a long time. */
1170 if ((zone->uz_flags & UMA_ZONE_UNMANAGED) == 0) {
1171 for (int i = 0; i < vm_ndomains; i++) {
1172 if (bucket_cache_reclaim_domain(zone, false, false, i) &&
1173 (zone->uz_flags & UMA_ZFLAG_CACHE) == 0)
1174 keg_drain(zone->uz_keg, i);
1180 * Allocate and zero fill the next sized hash table from the appropriate
1184 * hash A new hash structure with the old hash size in uh_hashsize
1187 * 1 on success and 0 on failure.
1190 hash_alloc(struct uma_hash *hash, u_int size)
1194 KASSERT(powerof2(size), ("hash size must be power of 2"));
1195 if (size > UMA_HASH_SIZE_INIT) {
1196 hash->uh_hashsize = size;
1197 alloc = sizeof(hash->uh_slab_hash[0]) * hash->uh_hashsize;
1198 hash->uh_slab_hash = malloc(alloc, M_UMAHASH, M_NOWAIT);
1200 alloc = sizeof(hash->uh_slab_hash[0]) * UMA_HASH_SIZE_INIT;
1201 hash->uh_slab_hash = zone_alloc_item(hashzone, NULL,
1202 UMA_ANYDOMAIN, M_WAITOK);
1203 hash->uh_hashsize = UMA_HASH_SIZE_INIT;
1205 if (hash->uh_slab_hash) {
1206 bzero(hash->uh_slab_hash, alloc);
1207 hash->uh_hashmask = hash->uh_hashsize - 1;
1215 * Expands the hash table for HASH zones. This is done from zone_timeout
1216 * to reduce collisions. This must not be done in the regular allocation
1217 * path, otherwise, we can recurse on the vm while allocating pages.
1220 * oldhash The hash you want to expand
1221 * newhash The hash structure for the new table
1229 hash_expand(struct uma_hash *oldhash, struct uma_hash *newhash)
1231 uma_hash_slab_t slab;
1235 if (!newhash->uh_slab_hash)
1238 if (oldhash->uh_hashsize >= newhash->uh_hashsize)
1242 * I need to investigate hash algorithms for resizing without a
1246 for (idx = 0; idx < oldhash->uh_hashsize; idx++)
1247 while (!LIST_EMPTY(&oldhash->uh_slab_hash[idx])) {
1248 slab = LIST_FIRST(&oldhash->uh_slab_hash[idx]);
1249 LIST_REMOVE(slab, uhs_hlink);
1250 hval = UMA_HASH(newhash, slab->uhs_data);
1251 LIST_INSERT_HEAD(&newhash->uh_slab_hash[hval],
1259 * Free the hash bucket to the appropriate backing store.
1262 * slab_hash The hash bucket we're freeing
1263 * hashsize The number of entries in that hash bucket
1269 hash_free(struct uma_hash *hash)
1271 if (hash->uh_slab_hash == NULL)
1273 if (hash->uh_hashsize == UMA_HASH_SIZE_INIT)
1274 zone_free_item(hashzone, hash->uh_slab_hash, NULL, SKIP_NONE);
1276 free(hash->uh_slab_hash, M_UMAHASH);
1280 * Frees all outstanding items in a bucket
1283 * zone The zone to free to, must be unlocked.
1284 * bucket The free/alloc bucket with items.
1290 bucket_drain(uma_zone_t zone, uma_bucket_t bucket)
1294 if (bucket->ub_cnt == 0)
1297 if ((zone->uz_flags & UMA_ZONE_SMR) != 0 &&
1298 bucket->ub_seq != SMR_SEQ_INVALID) {
1299 smr_wait(zone->uz_smr, bucket->ub_seq);
1300 bucket->ub_seq = SMR_SEQ_INVALID;
1301 for (i = 0; i < bucket->ub_cnt; i++)
1302 item_dtor(zone, bucket->ub_bucket[i],
1303 zone->uz_size, NULL, SKIP_NONE);
1306 for (i = 0; i < bucket->ub_cnt; i++) {
1307 kasan_mark_item_valid(zone, bucket->ub_bucket[i]);
1308 zone->uz_fini(bucket->ub_bucket[i], zone->uz_size);
1309 kasan_mark_item_invalid(zone, bucket->ub_bucket[i]);
1311 zone->uz_release(zone->uz_arg, bucket->ub_bucket, bucket->ub_cnt);
1312 if (zone->uz_max_items > 0)
1313 zone_free_limit(zone, bucket->ub_cnt);
1315 bzero(bucket->ub_bucket, sizeof(void *) * bucket->ub_cnt);
1321 * Drains the per cpu caches for a zone.
1323 * NOTE: This may only be called while the zone is being torn down, and not
1324 * during normal operation. This is necessary in order that we do not have
1325 * to migrate CPUs to drain the per-CPU caches.
1328 * zone The zone to drain, must be unlocked.
1334 cache_drain(uma_zone_t zone)
1337 uma_bucket_t bucket;
1342 * XXX: It is safe to not lock the per-CPU caches, because we're
1343 * tearing down the zone anyway. I.e., there will be no further use
1344 * of the caches at this point.
1346 * XXX: It would good to be able to assert that the zone is being
1347 * torn down to prevent improper use of cache_drain().
1349 seq = SMR_SEQ_INVALID;
1350 if ((zone->uz_flags & UMA_ZONE_SMR) != 0)
1351 seq = smr_advance(zone->uz_smr);
1353 cache = &zone->uz_cpu[cpu];
1354 bucket = cache_bucket_unload_alloc(cache);
1356 bucket_free(zone, bucket, NULL);
1357 bucket = cache_bucket_unload_free(cache);
1358 if (bucket != NULL) {
1359 bucket->ub_seq = seq;
1360 bucket_free(zone, bucket, NULL);
1362 bucket = cache_bucket_unload_cross(cache);
1363 if (bucket != NULL) {
1364 bucket->ub_seq = seq;
1365 bucket_free(zone, bucket, NULL);
1368 bucket_cache_reclaim(zone, true, UMA_ANYDOMAIN);
1372 cache_shrink(uma_zone_t zone, void *unused)
1375 if (zone->uz_flags & UMA_ZFLAG_INTERNAL)
1379 zone->uz_bucket_size =
1380 (zone->uz_bucket_size_min + zone->uz_bucket_size) / 2;
1385 cache_drain_safe_cpu(uma_zone_t zone, void *unused)
1388 uma_bucket_t b1, b2, b3;
1391 if (zone->uz_flags & UMA_ZFLAG_INTERNAL)
1394 b1 = b2 = b3 = NULL;
1396 cache = &zone->uz_cpu[curcpu];
1397 domain = PCPU_GET(domain);
1398 b1 = cache_bucket_unload_alloc(cache);
1401 * Don't flush SMR zone buckets. This leaves the zone without a
1402 * bucket and forces every free to synchronize().
1404 if ((zone->uz_flags & UMA_ZONE_SMR) == 0) {
1405 b2 = cache_bucket_unload_free(cache);
1406 b3 = cache_bucket_unload_cross(cache);
1411 zone_free_bucket(zone, b1, NULL, domain, false);
1413 zone_free_bucket(zone, b2, NULL, domain, false);
1415 /* Adjust the domain so it goes to zone_free_cross. */
1416 domain = (domain + 1) % vm_ndomains;
1417 zone_free_bucket(zone, b3, NULL, domain, false);
1422 * Safely drain per-CPU caches of a zone(s) to alloc bucket.
1423 * This is an expensive call because it needs to bind to all CPUs
1424 * one by one and enter a critical section on each of them in order
1425 * to safely access their cache buckets.
1426 * Zone lock must not be held on call this function.
1429 pcpu_cache_drain_safe(uma_zone_t zone)
1434 * Polite bucket sizes shrinking was not enough, shrink aggressively.
1437 cache_shrink(zone, NULL);
1439 zone_foreach(cache_shrink, NULL);
1442 thread_lock(curthread);
1443 sched_bind(curthread, cpu);
1444 thread_unlock(curthread);
1447 cache_drain_safe_cpu(zone, NULL);
1449 zone_foreach(cache_drain_safe_cpu, NULL);
1451 thread_lock(curthread);
1452 sched_unbind(curthread);
1453 thread_unlock(curthread);
1457 * Reclaim cached buckets from a zone. All buckets are reclaimed if the caller
1458 * requested a drain, otherwise the per-domain caches are trimmed to either
1459 * estimated working set size.
1462 bucket_cache_reclaim_domain(uma_zone_t zone, bool drain, bool trim, int domain)
1464 uma_zone_domain_t zdom;
1465 uma_bucket_t bucket;
1470 * The cross bucket is partially filled and not part of
1471 * the item count. Reclaim it individually here.
1473 zdom = ZDOM_GET(zone, domain);
1474 if ((zone->uz_flags & UMA_ZONE_SMR) == 0 || drain) {
1475 ZONE_CROSS_LOCK(zone);
1476 bucket = zdom->uzd_cross;
1477 zdom->uzd_cross = NULL;
1478 ZONE_CROSS_UNLOCK(zone);
1480 bucket_free(zone, bucket, NULL);
1484 * If we were asked to drain the zone, we are done only once
1485 * this bucket cache is empty. If trim, we reclaim items in
1486 * excess of the zone's estimated working set size. Multiple
1487 * consecutive calls will shrink the WSS and so reclaim more.
1488 * If neither drain nor trim, then voluntarily reclaim 1/4
1489 * (to reduce first spike) of items not used for a long time.
1492 zone_domain_update_wss(zdom);
1496 target = zdom->uzd_wss;
1497 else if (zdom->uzd_timin > 900 / UMA_TIMEOUT)
1498 target = zdom->uzd_nitems - zdom->uzd_limin / 4;
1503 while ((bucket = STAILQ_FIRST(&zdom->uzd_buckets)) != NULL &&
1504 zdom->uzd_nitems >= target + bucket->ub_cnt) {
1505 bucket = zone_fetch_bucket(zone, zdom, true);
1508 bucket_free(zone, bucket, NULL);
1517 bucket_cache_reclaim(uma_zone_t zone, bool drain, int domain)
1522 * Shrink the zone bucket size to ensure that the per-CPU caches
1523 * don't grow too large.
1525 if (zone->uz_bucket_size > zone->uz_bucket_size_min)
1526 zone->uz_bucket_size--;
1528 if (domain != UMA_ANYDOMAIN &&
1529 (zone->uz_flags & UMA_ZONE_ROUNDROBIN) == 0) {
1530 bucket_cache_reclaim_domain(zone, drain, true, domain);
1532 for (i = 0; i < vm_ndomains; i++)
1533 bucket_cache_reclaim_domain(zone, drain, true, i);
1538 keg_free_slab(uma_keg_t keg, uma_slab_t slab, int start)
1545 CTR4(KTR_UMA, "keg_free_slab keg %s(%p) slab %p, returning %d bytes",
1546 keg->uk_name, keg, slab, PAGE_SIZE * keg->uk_ppera);
1548 mem = slab_data(slab, keg);
1549 size = PAGE_SIZE * keg->uk_ppera;
1551 kasan_mark_slab_valid(keg, mem);
1552 if (keg->uk_fini != NULL) {
1553 for (i = start - 1; i > -1; i--)
1556 * trash_fini implies that dtor was trash_dtor. trash_fini
1557 * would check that memory hasn't been modified since free,
1558 * which executed trash_dtor.
1559 * That's why we need to run uma_dbg_kskip() check here,
1560 * albeit we don't make skip check for other init/fini
1563 if (!uma_dbg_kskip(keg, slab_item(slab, keg, i)) ||
1564 keg->uk_fini != trash_fini)
1566 keg->uk_fini(slab_item(slab, keg, i), keg->uk_size);
1568 flags = slab->us_flags;
1569 if (keg->uk_flags & UMA_ZFLAG_OFFPAGE) {
1570 zone_free_item(slabzone(keg->uk_ipers), slab_tohashslab(slab),
1573 keg->uk_freef(mem, size, flags);
1574 uma_total_dec(size);
1578 keg_drain_domain(uma_keg_t keg, int domain)
1580 struct slabhead freeslabs;
1582 uma_slab_t slab, tmp;
1583 uint32_t i, stofree, stokeep, partial;
1585 dom = &keg->uk_domain[domain];
1586 LIST_INIT(&freeslabs);
1588 CTR4(KTR_UMA, "keg_drain %s(%p) domain %d free items: %u",
1589 keg->uk_name, keg, domain, dom->ud_free_items);
1591 KEG_LOCK(keg, domain);
1594 * Are the free items in partially allocated slabs sufficient to meet
1595 * the reserve? If not, compute the number of fully free slabs that must
1598 partial = dom->ud_free_items - dom->ud_free_slabs * keg->uk_ipers;
1599 if (partial < keg->uk_reserve) {
1600 stokeep = min(dom->ud_free_slabs,
1601 howmany(keg->uk_reserve - partial, keg->uk_ipers));
1605 stofree = dom->ud_free_slabs - stokeep;
1608 * Partition the free slabs into two sets: those that must be kept in
1609 * order to maintain the reserve, and those that may be released back to
1610 * the system. Since one set may be much larger than the other,
1611 * populate the smaller of the two sets and swap them if necessary.
1613 for (i = min(stofree, stokeep); i > 0; i--) {
1614 slab = LIST_FIRST(&dom->ud_free_slab);
1615 LIST_REMOVE(slab, us_link);
1616 LIST_INSERT_HEAD(&freeslabs, slab, us_link);
1618 if (stofree > stokeep)
1619 LIST_SWAP(&freeslabs, &dom->ud_free_slab, uma_slab, us_link);
1621 if ((keg->uk_flags & UMA_ZFLAG_HASH) != 0) {
1622 LIST_FOREACH(slab, &freeslabs, us_link)
1623 UMA_HASH_REMOVE(&keg->uk_hash, slab);
1625 dom->ud_free_items -= stofree * keg->uk_ipers;
1626 dom->ud_free_slabs -= stofree;
1627 dom->ud_pages -= stofree * keg->uk_ppera;
1628 KEG_UNLOCK(keg, domain);
1630 LIST_FOREACH_SAFE(slab, &freeslabs, us_link, tmp)
1631 keg_free_slab(keg, slab, keg->uk_ipers);
1635 * Frees pages from a keg back to the system. This is done on demand from
1636 * the pageout daemon.
1641 keg_drain(uma_keg_t keg, int domain)
1645 if ((keg->uk_flags & UMA_ZONE_NOFREE) != 0)
1647 if (domain != UMA_ANYDOMAIN) {
1648 keg_drain_domain(keg, domain);
1650 for (i = 0; i < vm_ndomains; i++)
1651 keg_drain_domain(keg, i);
1656 zone_reclaim(uma_zone_t zone, int domain, int waitok, bool drain)
1659 * Count active reclaim operations in order to interlock with
1660 * zone_dtor(), which removes the zone from global lists before
1661 * attempting to reclaim items itself.
1663 * The zone may be destroyed while sleeping, so only zone_dtor() should
1667 if (waitok == M_WAITOK) {
1668 while (zone->uz_reclaimers > 0)
1669 msleep(zone, ZONE_LOCKPTR(zone), PVM, "zonedrain", 1);
1671 zone->uz_reclaimers++;
1673 bucket_cache_reclaim(zone, drain, domain);
1675 if ((zone->uz_flags & UMA_ZFLAG_CACHE) == 0)
1676 keg_drain(zone->uz_keg, domain);
1678 zone->uz_reclaimers--;
1679 if (zone->uz_reclaimers == 0)
1685 * Allocate a new slab for a keg and inserts it into the partial slab list.
1686 * The keg should be unlocked on entry. If the allocation succeeds it will
1687 * be locked on return.
1690 * flags Wait flags for the item initialization routine
1691 * aflags Wait flags for the slab allocation
1694 * The slab that was allocated or NULL if there is no memory and the
1695 * caller specified M_NOWAIT.
1698 keg_alloc_slab(uma_keg_t keg, uma_zone_t zone, int domain, int flags,
1708 KASSERT(domain >= 0 && domain < vm_ndomains,
1709 ("keg_alloc_slab: domain %d out of range", domain));
1713 if (keg->uk_flags & UMA_ZFLAG_OFFPAGE) {
1714 uma_hash_slab_t hslab;
1715 hslab = zone_alloc_item(slabzone(keg->uk_ipers), NULL,
1719 slab = &hslab->uhs_slab;
1723 * This reproduces the old vm_zone behavior of zero filling pages the
1724 * first time they are added to a zone.
1726 * Malloced items are zeroed in uma_zalloc.
1729 if ((keg->uk_flags & UMA_ZONE_MALLOC) == 0)
1734 if (keg->uk_flags & UMA_ZONE_NODUMP)
1737 /* zone is passed for legacy reasons. */
1738 size = keg->uk_ppera * PAGE_SIZE;
1739 mem = keg->uk_allocf(zone, size, domain, &sflags, aflags);
1741 if (keg->uk_flags & UMA_ZFLAG_OFFPAGE)
1742 zone_free_item(slabzone(keg->uk_ipers),
1743 slab_tohashslab(slab), NULL, SKIP_NONE);
1746 uma_total_inc(size);
1748 /* For HASH zones all pages go to the same uma_domain. */
1749 if ((keg->uk_flags & UMA_ZFLAG_HASH) != 0)
1752 /* Point the slab into the allocated memory */
1753 if (!(keg->uk_flags & UMA_ZFLAG_OFFPAGE))
1754 slab = (uma_slab_t)(mem + keg->uk_pgoff);
1756 slab_tohashslab(slab)->uhs_data = mem;
1758 if (keg->uk_flags & UMA_ZFLAG_VTOSLAB)
1759 for (i = 0; i < keg->uk_ppera; i++)
1760 vsetzoneslab((vm_offset_t)mem + (i * PAGE_SIZE),
1763 slab->us_freecount = keg->uk_ipers;
1764 slab->us_flags = sflags;
1765 slab->us_domain = domain;
1767 BIT_FILL(keg->uk_ipers, &slab->us_free);
1769 BIT_ZERO(keg->uk_ipers, slab_dbg_bits(slab, keg));
1772 if (keg->uk_init != NULL) {
1773 for (i = 0; i < keg->uk_ipers; i++)
1774 if (keg->uk_init(slab_item(slab, keg, i),
1775 keg->uk_size, flags) != 0)
1777 if (i != keg->uk_ipers) {
1778 keg_free_slab(keg, slab, i);
1782 kasan_mark_slab_invalid(keg, mem);
1783 KEG_LOCK(keg, domain);
1785 CTR3(KTR_UMA, "keg_alloc_slab: allocated slab %p for %s(%p)",
1786 slab, keg->uk_name, keg);
1788 if (keg->uk_flags & UMA_ZFLAG_HASH)
1789 UMA_HASH_INSERT(&keg->uk_hash, slab, mem);
1792 * If we got a slab here it's safe to mark it partially used
1793 * and return. We assume that the caller is going to remove
1794 * at least one item.
1796 dom = &keg->uk_domain[domain];
1797 LIST_INSERT_HEAD(&dom->ud_part_slab, slab, us_link);
1798 dom->ud_pages += keg->uk_ppera;
1799 dom->ud_free_items += keg->uk_ipers;
1808 * This function is intended to be used early on in place of page_alloc(). It
1809 * performs contiguous physical memory allocations and uses a bump allocator for
1810 * KVA, so is usable before the kernel map is initialized.
1813 startup_alloc(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *pflag,
1820 pages = howmany(bytes, PAGE_SIZE);
1821 KASSERT(pages > 0, ("%s can't reserve 0 pages", __func__));
1823 *pflag = UMA_SLAB_BOOT;
1824 m = vm_page_alloc_noobj_contig_domain(domain, malloc2vm_flags(wait) |
1825 VM_ALLOC_WIRED, pages, (vm_paddr_t)0, ~(vm_paddr_t)0, 1, 0,
1826 VM_MEMATTR_DEFAULT);
1830 pa = VM_PAGE_TO_PHYS(m);
1831 for (i = 0; i < pages; i++, pa += PAGE_SIZE) {
1832 #if defined(__aarch64__) || defined(__amd64__) || defined(__mips__) || \
1833 defined(__riscv) || defined(__powerpc64__)
1834 if ((wait & M_NODUMP) == 0)
1839 /* Allocate KVA and indirectly advance bootmem. */
1840 return ((void *)pmap_map(&bootmem, m->phys_addr,
1841 m->phys_addr + (pages * PAGE_SIZE), VM_PROT_READ | VM_PROT_WRITE));
1845 startup_free(void *mem, vm_size_t bytes)
1850 va = (vm_offset_t)mem;
1851 m = PHYS_TO_VM_PAGE(pmap_kextract(va));
1854 * startup_alloc() returns direct-mapped slabs on some platforms. Avoid
1855 * unmapping ranges of the direct map.
1857 if (va >= bootstart && va + bytes <= bootmem)
1858 pmap_remove(kernel_pmap, va, va + bytes);
1859 for (; bytes != 0; bytes -= PAGE_SIZE, m++) {
1860 #if defined(__aarch64__) || defined(__amd64__) || defined(__mips__) || \
1861 defined(__riscv) || defined(__powerpc64__)
1862 dump_drop_page(VM_PAGE_TO_PHYS(m));
1864 vm_page_unwire_noq(m);
1870 * Allocates a number of pages from the system
1873 * bytes The number of bytes requested
1874 * wait Shall we wait?
1877 * A pointer to the alloced memory or possibly
1878 * NULL if M_NOWAIT is set.
1881 page_alloc(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *pflag,
1884 void *p; /* Returned page */
1886 *pflag = UMA_SLAB_KERNEL;
1887 p = (void *)kmem_malloc_domainset(DOMAINSET_FIXED(domain), bytes, wait);
1893 pcpu_page_alloc(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *pflag,
1896 struct pglist alloctail;
1897 vm_offset_t addr, zkva;
1899 vm_page_t p, p_next;
1904 MPASS(bytes == (mp_maxid + 1) * PAGE_SIZE);
1906 TAILQ_INIT(&alloctail);
1907 flags = VM_ALLOC_SYSTEM | VM_ALLOC_WIRED | malloc2vm_flags(wait);
1908 *pflag = UMA_SLAB_KERNEL;
1909 for (cpu = 0; cpu <= mp_maxid; cpu++) {
1910 if (CPU_ABSENT(cpu)) {
1911 p = vm_page_alloc_noobj(flags);
1914 p = vm_page_alloc_noobj(flags);
1916 pc = pcpu_find(cpu);
1917 if (__predict_false(VM_DOMAIN_EMPTY(pc->pc_domain)))
1920 p = vm_page_alloc_noobj_domain(pc->pc_domain,
1922 if (__predict_false(p == NULL))
1923 p = vm_page_alloc_noobj(flags);
1926 if (__predict_false(p == NULL))
1928 TAILQ_INSERT_TAIL(&alloctail, p, listq);
1930 if ((addr = kva_alloc(bytes)) == 0)
1933 TAILQ_FOREACH(p, &alloctail, listq) {
1934 pmap_qenter(zkva, &p, 1);
1937 return ((void*)addr);
1939 TAILQ_FOREACH_SAFE(p, &alloctail, listq, p_next) {
1940 vm_page_unwire_noq(p);
1947 * Allocates a number of pages from within an object
1950 * bytes The number of bytes requested
1951 * wait Shall we wait?
1954 * A pointer to the alloced memory or possibly
1955 * NULL if M_NOWAIT is set.
1958 noobj_alloc(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *flags,
1961 TAILQ_HEAD(, vm_page) alloctail;
1963 vm_offset_t retkva, zkva;
1964 vm_page_t p, p_next;
1968 TAILQ_INIT(&alloctail);
1970 req = VM_ALLOC_INTERRUPT | VM_ALLOC_WIRED;
1971 if ((wait & M_WAITOK) != 0)
1972 req |= VM_ALLOC_WAITOK;
1974 npages = howmany(bytes, PAGE_SIZE);
1975 while (npages > 0) {
1976 p = vm_page_alloc_noobj_domain(domain, req);
1979 * Since the page does not belong to an object, its
1982 TAILQ_INSERT_TAIL(&alloctail, p, listq);
1987 * Page allocation failed, free intermediate pages and
1990 TAILQ_FOREACH_SAFE(p, &alloctail, listq, p_next) {
1991 vm_page_unwire_noq(p);
1996 *flags = UMA_SLAB_PRIV;
1997 zkva = keg->uk_kva +
1998 atomic_fetchadd_long(&keg->uk_offset, round_page(bytes));
2000 TAILQ_FOREACH(p, &alloctail, listq) {
2001 pmap_qenter(zkva, &p, 1);
2005 return ((void *)retkva);
2009 * Allocate physically contiguous pages.
2012 contig_alloc(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *pflag,
2016 *pflag = UMA_SLAB_KERNEL;
2017 return ((void *)kmem_alloc_contig_domainset(DOMAINSET_FIXED(domain),
2018 bytes, wait, 0, ~(vm_paddr_t)0, 1, 0, VM_MEMATTR_DEFAULT));
2022 * Frees a number of pages to the system
2025 * mem A pointer to the memory to be freed
2026 * size The size of the memory being freed
2027 * flags The original p->us_flags field
2033 page_free(void *mem, vm_size_t size, uint8_t flags)
2036 if ((flags & UMA_SLAB_BOOT) != 0) {
2037 startup_free(mem, size);
2041 KASSERT((flags & UMA_SLAB_KERNEL) != 0,
2042 ("UMA: page_free used with invalid flags %x", flags));
2044 kmem_free((vm_offset_t)mem, size);
2048 * Frees pcpu zone allocations
2051 * mem A pointer to the memory to be freed
2052 * size The size of the memory being freed
2053 * flags The original p->us_flags field
2059 pcpu_page_free(void *mem, vm_size_t size, uint8_t flags)
2061 vm_offset_t sva, curva;
2065 MPASS(size == (mp_maxid+1)*PAGE_SIZE);
2067 if ((flags & UMA_SLAB_BOOT) != 0) {
2068 startup_free(mem, size);
2072 sva = (vm_offset_t)mem;
2073 for (curva = sva; curva < sva + size; curva += PAGE_SIZE) {
2074 paddr = pmap_kextract(curva);
2075 m = PHYS_TO_VM_PAGE(paddr);
2076 vm_page_unwire_noq(m);
2079 pmap_qremove(sva, size >> PAGE_SHIFT);
2080 kva_free(sva, size);
2084 * Zero fill initializer
2086 * Arguments/Returns follow uma_init specifications
2089 zero_init(void *mem, int size, int flags)
2096 static struct noslabbits *
2097 slab_dbg_bits(uma_slab_t slab, uma_keg_t keg)
2100 return ((void *)((char *)&slab->us_free + BITSET_SIZE(keg->uk_ipers)));
2105 * Actual size of embedded struct slab (!OFFPAGE).
2108 slab_sizeof(int nitems)
2112 s = sizeof(struct uma_slab) + BITSET_SIZE(nitems) * SLAB_BITSETS;
2113 return (roundup(s, UMA_ALIGN_PTR + 1));
2116 #define UMA_FIXPT_SHIFT 31
2117 #define UMA_FRAC_FIXPT(n, d) \
2118 ((uint32_t)(((uint64_t)(n) << UMA_FIXPT_SHIFT) / (d)))
2119 #define UMA_FIXPT_PCT(f) \
2120 ((u_int)(((uint64_t)100 * (f)) >> UMA_FIXPT_SHIFT))
2121 #define UMA_PCT_FIXPT(pct) UMA_FRAC_FIXPT((pct), 100)
2122 #define UMA_MIN_EFF UMA_PCT_FIXPT(100 - UMA_MAX_WASTE)
2125 * Compute the number of items that will fit in a slab. If hdr is true, the
2126 * item count may be limited to provide space in the slab for an inline slab
2127 * header. Otherwise, all slab space will be provided for item storage.
2130 slab_ipers_hdr(u_int size, u_int rsize, u_int slabsize, bool hdr)
2135 /* The padding between items is not needed after the last item. */
2136 padpi = rsize - size;
2140 * Start with the maximum item count and remove items until
2141 * the slab header first alongside the allocatable memory.
2143 for (ipers = MIN(SLAB_MAX_SETSIZE,
2144 (slabsize + padpi - slab_sizeof(1)) / rsize);
2146 ipers * rsize - padpi + slab_sizeof(ipers) > slabsize;
2150 ipers = MIN((slabsize + padpi) / rsize, SLAB_MAX_SETSIZE);
2156 struct keg_layout_result {
2164 keg_layout_one(uma_keg_t keg, u_int rsize, u_int slabsize, u_int fmt,
2165 struct keg_layout_result *kl)
2170 kl->slabsize = slabsize;
2172 /* Handle INTERNAL as inline with an extra page. */
2173 if ((fmt & UMA_ZFLAG_INTERNAL) != 0) {
2174 kl->format &= ~UMA_ZFLAG_INTERNAL;
2175 kl->slabsize += PAGE_SIZE;
2178 kl->ipers = slab_ipers_hdr(keg->uk_size, rsize, kl->slabsize,
2179 (fmt & UMA_ZFLAG_OFFPAGE) == 0);
2181 /* Account for memory used by an offpage slab header. */
2182 total = kl->slabsize;
2183 if ((fmt & UMA_ZFLAG_OFFPAGE) != 0)
2184 total += slabzone(kl->ipers)->uz_keg->uk_rsize;
2186 kl->eff = UMA_FRAC_FIXPT(kl->ipers * rsize, total);
2190 * Determine the format of a uma keg. This determines where the slab header
2191 * will be placed (inline or offpage) and calculates ipers, rsize, and ppera.
2194 * keg The zone we should initialize
2200 keg_layout(uma_keg_t keg)
2202 struct keg_layout_result kl = {}, kl_tmp;
2211 KASSERT((keg->uk_flags & UMA_ZONE_PCPU) == 0 ||
2212 (keg->uk_size <= UMA_PCPU_ALLOC_SIZE &&
2213 (keg->uk_flags & UMA_ZONE_CACHESPREAD) == 0),
2214 ("%s: cannot configure for PCPU: keg=%s, size=%u, flags=0x%b",
2215 __func__, keg->uk_name, keg->uk_size, keg->uk_flags,
2217 KASSERT((keg->uk_flags & (UMA_ZFLAG_INTERNAL | UMA_ZONE_VM)) == 0 ||
2218 (keg->uk_flags & (UMA_ZONE_NOTOUCH | UMA_ZONE_PCPU)) == 0,
2219 ("%s: incompatible flags 0x%b", __func__, keg->uk_flags,
2222 alignsize = keg->uk_align + 1;
2225 * ASAN requires that each allocation be aligned to the shadow map
2228 if (alignsize < KASAN_SHADOW_SCALE)
2229 alignsize = KASAN_SHADOW_SCALE;
2233 * Calculate the size of each allocation (rsize) according to
2234 * alignment. If the requested size is smaller than we have
2235 * allocation bits for we round it up.
2237 rsize = MAX(keg->uk_size, UMA_SMALLEST_UNIT);
2238 rsize = roundup2(rsize, alignsize);
2240 if ((keg->uk_flags & UMA_ZONE_CACHESPREAD) != 0) {
2242 * We want one item to start on every align boundary in a page.
2243 * To do this we will span pages. We will also extend the item
2244 * by the size of align if it is an even multiple of align.
2245 * Otherwise, it would fall on the same boundary every time.
2247 if ((rsize & alignsize) == 0)
2249 slabsize = rsize * (PAGE_SIZE / alignsize);
2250 slabsize = MIN(slabsize, rsize * SLAB_MAX_SETSIZE);
2251 slabsize = MIN(slabsize, UMA_CACHESPREAD_MAX_SIZE);
2252 slabsize = round_page(slabsize);
2255 * Start with a slab size of as many pages as it takes to
2256 * represent a single item. We will try to fit as many
2257 * additional items into the slab as possible.
2259 slabsize = round_page(keg->uk_size);
2262 /* Build a list of all of the available formats for this keg. */
2265 /* Evaluate an inline slab layout. */
2266 if ((keg->uk_flags & (UMA_ZONE_NOTOUCH | UMA_ZONE_PCPU)) == 0)
2269 /* TODO: vm_page-embedded slab. */
2272 * We can't do OFFPAGE if we're internal or if we've been
2273 * asked to not go to the VM for buckets. If we do this we
2274 * may end up going to the VM for slabs which we do not want
2275 * to do if we're UMA_ZONE_VM, which clearly forbids it.
2276 * In those cases, evaluate a pseudo-format called INTERNAL
2277 * which has an inline slab header and one extra page to
2278 * guarantee that it fits.
2280 * Otherwise, see if using an OFFPAGE slab will improve our
2283 if ((keg->uk_flags & (UMA_ZFLAG_INTERNAL | UMA_ZONE_VM)) != 0)
2284 fmts[nfmt++] = UMA_ZFLAG_INTERNAL;
2286 fmts[nfmt++] = UMA_ZFLAG_OFFPAGE;
2289 * Choose a slab size and format which satisfy the minimum efficiency.
2290 * Prefer the smallest slab size that meets the constraints.
2292 * Start with a minimum slab size, to accommodate CACHESPREAD. Then,
2293 * for small items (up to PAGE_SIZE), the iteration increment is one
2294 * page; and for large items, the increment is one item.
2296 i = (slabsize + rsize - keg->uk_size) / MAX(PAGE_SIZE, rsize);
2297 KASSERT(i >= 1, ("keg %s(%p) flags=0x%b slabsize=%u, rsize=%u, i=%u",
2298 keg->uk_name, keg, keg->uk_flags, PRINT_UMA_ZFLAGS, slabsize,
2301 slabsize = (rsize <= PAGE_SIZE) ? ptoa(i) :
2302 round_page(rsize * (i - 1) + keg->uk_size);
2304 for (j = 0; j < nfmt; j++) {
2305 /* Only if we have no viable format yet. */
2306 if ((fmts[j] & UMA_ZFLAG_INTERNAL) != 0 &&
2310 keg_layout_one(keg, rsize, slabsize, fmts[j], &kl_tmp);
2311 if (kl_tmp.eff <= kl.eff)
2316 CTR6(KTR_UMA, "keg %s layout: format %#x "
2317 "(ipers %u * rsize %u) / slabsize %#x = %u%% eff",
2318 keg->uk_name, kl.format, kl.ipers, rsize,
2319 kl.slabsize, UMA_FIXPT_PCT(kl.eff));
2321 /* Stop when we reach the minimum efficiency. */
2322 if (kl.eff >= UMA_MIN_EFF)
2326 if (kl.eff >= UMA_MIN_EFF || !multipage_slabs ||
2327 slabsize >= SLAB_MAX_SETSIZE * rsize ||
2328 (keg->uk_flags & (UMA_ZONE_PCPU | UMA_ZONE_CONTIG)) != 0)
2332 pages = atop(kl.slabsize);
2333 if ((keg->uk_flags & UMA_ZONE_PCPU) != 0)
2334 pages *= mp_maxid + 1;
2336 keg->uk_rsize = rsize;
2337 keg->uk_ipers = kl.ipers;
2338 keg->uk_ppera = pages;
2339 keg->uk_flags |= kl.format;
2342 * How do we find the slab header if it is offpage or if not all item
2343 * start addresses are in the same page? We could solve the latter
2344 * case with vaddr alignment, but we don't.
2346 if ((keg->uk_flags & UMA_ZFLAG_OFFPAGE) != 0 ||
2347 (keg->uk_ipers - 1) * rsize >= PAGE_SIZE) {
2348 if ((keg->uk_flags & UMA_ZONE_NOTPAGE) != 0)
2349 keg->uk_flags |= UMA_ZFLAG_HASH;
2351 keg->uk_flags |= UMA_ZFLAG_VTOSLAB;
2354 CTR6(KTR_UMA, "%s: keg=%s, flags=%#x, rsize=%u, ipers=%u, ppera=%u",
2355 __func__, keg->uk_name, keg->uk_flags, rsize, keg->uk_ipers,
2357 KASSERT(keg->uk_ipers > 0 && keg->uk_ipers <= SLAB_MAX_SETSIZE,
2358 ("%s: keg=%s, flags=0x%b, rsize=%u, ipers=%u, ppera=%u", __func__,
2359 keg->uk_name, keg->uk_flags, PRINT_UMA_ZFLAGS, rsize,
2360 keg->uk_ipers, pages));
2364 * Keg header ctor. This initializes all fields, locks, etc. And inserts
2365 * the keg onto the global keg list.
2367 * Arguments/Returns follow uma_ctor specifications
2368 * udata Actually uma_kctor_args
2371 keg_ctor(void *mem, int size, void *udata, int flags)
2373 struct uma_kctor_args *arg = udata;
2374 uma_keg_t keg = mem;
2379 keg->uk_size = arg->size;
2380 keg->uk_init = arg->uminit;
2381 keg->uk_fini = arg->fini;
2382 keg->uk_align = arg->align;
2383 keg->uk_reserve = 0;
2384 keg->uk_flags = arg->flags;
2387 * We use a global round-robin policy by default. Zones with
2388 * UMA_ZONE_FIRSTTOUCH set will use first-touch instead, in which
2389 * case the iterator is never run.
2391 keg->uk_dr.dr_policy = DOMAINSET_RR();
2392 keg->uk_dr.dr_iter = 0;
2395 * The primary zone is passed to us at keg-creation time.
2398 keg->uk_name = zone->uz_name;
2400 if (arg->flags & UMA_ZONE_ZINIT)
2401 keg->uk_init = zero_init;
2403 if (arg->flags & UMA_ZONE_MALLOC)
2404 keg->uk_flags |= UMA_ZFLAG_VTOSLAB;
2407 keg->uk_flags &= ~UMA_ZONE_PCPU;
2413 * Use a first-touch NUMA policy for kegs that pmap_extract() will
2414 * work on. Use round-robin for everything else.
2416 * Zones may override the default by specifying either.
2419 if ((keg->uk_flags &
2420 (UMA_ZONE_ROUNDROBIN | UMA_ZFLAG_CACHE | UMA_ZONE_NOTPAGE)) == 0)
2421 keg->uk_flags |= UMA_ZONE_FIRSTTOUCH;
2422 else if ((keg->uk_flags & UMA_ZONE_FIRSTTOUCH) == 0)
2423 keg->uk_flags |= UMA_ZONE_ROUNDROBIN;
2427 * If we haven't booted yet we need allocations to go through the
2428 * startup cache until the vm is ready.
2430 #ifdef UMA_MD_SMALL_ALLOC
2431 if (keg->uk_ppera == 1)
2432 keg->uk_allocf = uma_small_alloc;
2435 if (booted < BOOT_KVA)
2436 keg->uk_allocf = startup_alloc;
2437 else if (keg->uk_flags & UMA_ZONE_PCPU)
2438 keg->uk_allocf = pcpu_page_alloc;
2439 else if ((keg->uk_flags & UMA_ZONE_CONTIG) != 0 && keg->uk_ppera > 1)
2440 keg->uk_allocf = contig_alloc;
2442 keg->uk_allocf = page_alloc;
2443 #ifdef UMA_MD_SMALL_ALLOC
2444 if (keg->uk_ppera == 1)
2445 keg->uk_freef = uma_small_free;
2448 if (keg->uk_flags & UMA_ZONE_PCPU)
2449 keg->uk_freef = pcpu_page_free;
2451 keg->uk_freef = page_free;
2454 * Initialize keg's locks.
2456 for (i = 0; i < vm_ndomains; i++)
2457 KEG_LOCK_INIT(keg, i, (arg->flags & UMA_ZONE_MTXCLASS));
2460 * If we're putting the slab header in the actual page we need to
2461 * figure out where in each page it goes. See slab_sizeof
2464 if (!(keg->uk_flags & UMA_ZFLAG_OFFPAGE)) {
2467 shsize = slab_sizeof(keg->uk_ipers);
2468 keg->uk_pgoff = (PAGE_SIZE * keg->uk_ppera) - shsize;
2470 * The only way the following is possible is if with our
2471 * UMA_ALIGN_PTR adjustments we are now bigger than
2472 * UMA_SLAB_SIZE. I haven't checked whether this is
2473 * mathematically possible for all cases, so we make
2476 KASSERT(keg->uk_pgoff + shsize <= PAGE_SIZE * keg->uk_ppera,
2477 ("zone %s ipers %d rsize %d size %d slab won't fit",
2478 zone->uz_name, keg->uk_ipers, keg->uk_rsize, keg->uk_size));
2481 if (keg->uk_flags & UMA_ZFLAG_HASH)
2482 hash_alloc(&keg->uk_hash, 0);
2484 CTR3(KTR_UMA, "keg_ctor %p zone %s(%p)", keg, zone->uz_name, zone);
2486 LIST_INSERT_HEAD(&keg->uk_zones, zone, uz_link);
2488 rw_wlock(&uma_rwlock);
2489 LIST_INSERT_HEAD(&uma_kegs, keg, uk_link);
2490 rw_wunlock(&uma_rwlock);
2495 zone_kva_available(uma_zone_t zone, void *unused)
2499 if ((zone->uz_flags & UMA_ZFLAG_CACHE) != 0)
2503 if (keg->uk_allocf == startup_alloc) {
2504 /* Switch to the real allocator. */
2505 if (keg->uk_flags & UMA_ZONE_PCPU)
2506 keg->uk_allocf = pcpu_page_alloc;
2507 else if ((keg->uk_flags & UMA_ZONE_CONTIG) != 0 &&
2509 keg->uk_allocf = contig_alloc;
2511 keg->uk_allocf = page_alloc;
2516 zone_alloc_counters(uma_zone_t zone, void *unused)
2519 zone->uz_allocs = counter_u64_alloc(M_WAITOK);
2520 zone->uz_frees = counter_u64_alloc(M_WAITOK);
2521 zone->uz_fails = counter_u64_alloc(M_WAITOK);
2522 zone->uz_xdomain = counter_u64_alloc(M_WAITOK);
2526 zone_alloc_sysctl(uma_zone_t zone, void *unused)
2528 uma_zone_domain_t zdom;
2531 struct sysctl_oid *oid, *domainoid;
2532 int domains, i, cnt;
2533 static const char *nokeg = "cache zone";
2537 * Make a sysctl safe copy of the zone name by removing
2538 * any special characters and handling dups by appending
2541 if (zone->uz_namecnt != 0) {
2542 /* Count the number of decimal digits and '_' separator. */
2543 for (i = 1, cnt = zone->uz_namecnt; cnt != 0; i++)
2545 zone->uz_ctlname = malloc(strlen(zone->uz_name) + i + 1,
2547 sprintf(zone->uz_ctlname, "%s_%d", zone->uz_name,
2550 zone->uz_ctlname = strdup(zone->uz_name, M_UMA);
2551 for (c = zone->uz_ctlname; *c != '\0'; c++)
2552 if (strchr("./\\ -", *c) != NULL)
2556 * Basic parameters at the root.
2558 zone->uz_oid = SYSCTL_ADD_NODE(NULL, SYSCTL_STATIC_CHILDREN(_vm_uma),
2559 OID_AUTO, zone->uz_ctlname, CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2561 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2562 "size", CTLFLAG_RD, &zone->uz_size, 0, "Allocation size");
2563 SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2564 "flags", CTLFLAG_RD | CTLTYPE_STRING | CTLFLAG_MPSAFE,
2565 zone, 0, sysctl_handle_uma_zone_flags, "A",
2566 "Allocator configuration flags");
2567 SYSCTL_ADD_U16(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2568 "bucket_size", CTLFLAG_RD, &zone->uz_bucket_size, 0,
2569 "Desired per-cpu cache size");
2570 SYSCTL_ADD_U16(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2571 "bucket_size_max", CTLFLAG_RD, &zone->uz_bucket_size_max, 0,
2572 "Maximum allowed per-cpu cache size");
2577 if ((zone->uz_flags & UMA_ZFLAG_HASH) == 0)
2578 domains = vm_ndomains;
2581 oid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(zone->uz_oid), OID_AUTO,
2582 "keg", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2584 if ((zone->uz_flags & UMA_ZFLAG_CACHE) == 0) {
2585 SYSCTL_ADD_CONST_STRING(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2586 "name", CTLFLAG_RD, keg->uk_name, "Keg name");
2587 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2588 "rsize", CTLFLAG_RD, &keg->uk_rsize, 0,
2589 "Real object size with alignment");
2590 SYSCTL_ADD_U16(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2591 "ppera", CTLFLAG_RD, &keg->uk_ppera, 0,
2592 "pages per-slab allocation");
2593 SYSCTL_ADD_U16(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2594 "ipers", CTLFLAG_RD, &keg->uk_ipers, 0,
2595 "items available per-slab");
2596 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2597 "align", CTLFLAG_RD, &keg->uk_align, 0,
2598 "item alignment mask");
2599 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2600 "reserve", CTLFLAG_RD, &keg->uk_reserve, 0,
2601 "number of reserved items");
2602 SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2603 "efficiency", CTLFLAG_RD | CTLTYPE_INT | CTLFLAG_MPSAFE,
2604 keg, 0, sysctl_handle_uma_slab_efficiency, "I",
2605 "Slab utilization (100 - internal fragmentation %)");
2606 domainoid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(oid),
2607 OID_AUTO, "domain", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2608 for (i = 0; i < domains; i++) {
2609 dom = &keg->uk_domain[i];
2610 oid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(domainoid),
2611 OID_AUTO, VM_DOMAIN(i)->vmd_name,
2612 CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2613 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2614 "pages", CTLFLAG_RD, &dom->ud_pages, 0,
2615 "Total pages currently allocated from VM");
2616 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2617 "free_items", CTLFLAG_RD, &dom->ud_free_items, 0,
2618 "Items free in the slab layer");
2619 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2620 "free_slabs", CTLFLAG_RD, &dom->ud_free_slabs, 0,
2624 SYSCTL_ADD_CONST_STRING(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2625 "name", CTLFLAG_RD, nokeg, "Keg name");
2628 * Information about zone limits.
2630 oid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(zone->uz_oid), OID_AUTO,
2631 "limit", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2632 SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2633 "items", CTLFLAG_RD | CTLTYPE_U64 | CTLFLAG_MPSAFE,
2634 zone, 0, sysctl_handle_uma_zone_items, "QU",
2635 "Current number of allocated items if limit is set");
2636 SYSCTL_ADD_U64(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2637 "max_items", CTLFLAG_RD, &zone->uz_max_items, 0,
2638 "Maximum number of allocated and cached items");
2639 SYSCTL_ADD_U32(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2640 "sleepers", CTLFLAG_RD, &zone->uz_sleepers, 0,
2641 "Number of threads sleeping at limit");
2642 SYSCTL_ADD_U64(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2643 "sleeps", CTLFLAG_RD, &zone->uz_sleeps, 0,
2644 "Total zone limit sleeps");
2645 SYSCTL_ADD_U64(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2646 "bucket_max", CTLFLAG_RD, &zone->uz_bucket_max, 0,
2647 "Maximum number of items in each domain's bucket cache");
2650 * Per-domain zone information.
2652 domainoid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(zone->uz_oid),
2653 OID_AUTO, "domain", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2654 for (i = 0; i < domains; i++) {
2655 zdom = ZDOM_GET(zone, i);
2656 oid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(domainoid),
2657 OID_AUTO, VM_DOMAIN(i)->vmd_name,
2658 CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2659 SYSCTL_ADD_LONG(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2660 "nitems", CTLFLAG_RD, &zdom->uzd_nitems,
2661 "number of items in this domain");
2662 SYSCTL_ADD_LONG(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2663 "imax", CTLFLAG_RD, &zdom->uzd_imax,
2664 "maximum item count in this period");
2665 SYSCTL_ADD_LONG(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2666 "imin", CTLFLAG_RD, &zdom->uzd_imin,
2667 "minimum item count in this period");
2668 SYSCTL_ADD_LONG(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2669 "bimin", CTLFLAG_RD, &zdom->uzd_bimin,
2670 "Minimum item count in this batch");
2671 SYSCTL_ADD_LONG(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2672 "wss", CTLFLAG_RD, &zdom->uzd_wss,
2673 "Working set size");
2674 SYSCTL_ADD_LONG(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2675 "limin", CTLFLAG_RD, &zdom->uzd_limin,
2676 "Long time minimum item count");
2677 SYSCTL_ADD_INT(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2678 "timin", CTLFLAG_RD, &zdom->uzd_timin, 0,
2679 "Time since zero long time minimum item count");
2683 * General statistics.
2685 oid = SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(zone->uz_oid), OID_AUTO,
2686 "stats", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
2687 SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2688 "current", CTLFLAG_RD | CTLTYPE_INT | CTLFLAG_MPSAFE,
2689 zone, 1, sysctl_handle_uma_zone_cur, "I",
2690 "Current number of allocated items");
2691 SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2692 "allocs", CTLFLAG_RD | CTLTYPE_U64 | CTLFLAG_MPSAFE,
2693 zone, 0, sysctl_handle_uma_zone_allocs, "QU",
2694 "Total allocation calls");
2695 SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2696 "frees", CTLFLAG_RD | CTLTYPE_U64 | CTLFLAG_MPSAFE,
2697 zone, 0, sysctl_handle_uma_zone_frees, "QU",
2698 "Total free calls");
2699 SYSCTL_ADD_COUNTER_U64(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2700 "fails", CTLFLAG_RD, &zone->uz_fails,
2701 "Number of allocation failures");
2702 SYSCTL_ADD_COUNTER_U64(NULL, SYSCTL_CHILDREN(oid), OID_AUTO,
2703 "xdomain", CTLFLAG_RD, &zone->uz_xdomain,
2704 "Free calls from the wrong domain");
2707 struct uma_zone_count {
2713 zone_count(uma_zone_t zone, void *arg)
2715 struct uma_zone_count *cnt;
2719 * Some zones are rapidly created with identical names and
2720 * destroyed out of order. This can lead to gaps in the count.
2721 * Use one greater than the maximum observed for this name.
2723 if (strcmp(zone->uz_name, cnt->name) == 0)
2724 cnt->count = MAX(cnt->count,
2725 zone->uz_namecnt + 1);
2729 zone_update_caches(uma_zone_t zone)
2733 for (i = 0; i <= mp_maxid; i++) {
2734 cache_set_uz_size(&zone->uz_cpu[i], zone->uz_size);
2735 cache_set_uz_flags(&zone->uz_cpu[i], zone->uz_flags);
2740 * Zone header ctor. This initializes all fields, locks, etc.
2742 * Arguments/Returns follow uma_ctor specifications
2743 * udata Actually uma_zctor_args
2746 zone_ctor(void *mem, int size, void *udata, int flags)
2748 struct uma_zone_count cnt;
2749 struct uma_zctor_args *arg = udata;
2750 uma_zone_domain_t zdom;
2751 uma_zone_t zone = mem;
2757 zone->uz_name = arg->name;
2758 zone->uz_ctor = arg->ctor;
2759 zone->uz_dtor = arg->dtor;
2760 zone->uz_init = NULL;
2761 zone->uz_fini = NULL;
2762 zone->uz_sleeps = 0;
2763 zone->uz_bucket_size = 0;
2764 zone->uz_bucket_size_min = 0;
2765 zone->uz_bucket_size_max = BUCKET_MAX;
2766 zone->uz_flags = (arg->flags & UMA_ZONE_SMR);
2767 zone->uz_warning = NULL;
2768 /* The domain structures follow the cpu structures. */
2769 zone->uz_bucket_max = ULONG_MAX;
2770 timevalclear(&zone->uz_ratecheck);
2772 /* Count the number of duplicate names. */
2773 cnt.name = arg->name;
2775 zone_foreach(zone_count, &cnt);
2776 zone->uz_namecnt = cnt.count;
2777 ZONE_CROSS_LOCK_INIT(zone);
2779 for (i = 0; i < vm_ndomains; i++) {
2780 zdom = ZDOM_GET(zone, i);
2781 ZDOM_LOCK_INIT(zone, zdom, (arg->flags & UMA_ZONE_MTXCLASS));
2782 STAILQ_INIT(&zdom->uzd_buckets);
2785 #if defined(INVARIANTS) && !defined(KASAN)
2786 if (arg->uminit == trash_init && arg->fini == trash_fini)
2787 zone->uz_flags |= UMA_ZFLAG_TRASH | UMA_ZFLAG_CTORDTOR;
2788 #elif defined(KASAN)
2789 if ((arg->flags & (UMA_ZONE_NOFREE | UMA_ZFLAG_CACHE)) != 0)
2790 arg->flags |= UMA_ZONE_NOKASAN;
2794 * This is a pure cache zone, no kegs.
2797 KASSERT((arg->flags & UMA_ZFLAG_CACHE) != 0,
2798 ("zone_ctor: Import specified for non-cache zone."));
2799 zone->uz_flags = arg->flags;
2800 zone->uz_size = arg->size;
2801 zone->uz_import = arg->import;
2802 zone->uz_release = arg->release;
2803 zone->uz_arg = arg->arg;
2806 * Cache zones are round-robin unless a policy is
2807 * specified because they may have incompatible
2810 if ((zone->uz_flags & UMA_ZONE_FIRSTTOUCH) == 0)
2811 zone->uz_flags |= UMA_ZONE_ROUNDROBIN;
2813 rw_wlock(&uma_rwlock);
2814 LIST_INSERT_HEAD(&uma_cachezones, zone, uz_link);
2815 rw_wunlock(&uma_rwlock);
2820 * Use the regular zone/keg/slab allocator.
2822 zone->uz_import = zone_import;
2823 zone->uz_release = zone_release;
2824 zone->uz_arg = zone;
2827 if (arg->flags & UMA_ZONE_SECONDARY) {
2828 KASSERT((zone->uz_flags & UMA_ZONE_SECONDARY) == 0,
2829 ("Secondary zone requested UMA_ZFLAG_INTERNAL"));
2830 KASSERT(arg->keg != NULL, ("Secondary zone on zero'd keg"));
2831 zone->uz_init = arg->uminit;
2832 zone->uz_fini = arg->fini;
2833 zone->uz_flags |= UMA_ZONE_SECONDARY;
2834 rw_wlock(&uma_rwlock);
2836 LIST_FOREACH(z, &keg->uk_zones, uz_link) {
2837 if (LIST_NEXT(z, uz_link) == NULL) {
2838 LIST_INSERT_AFTER(z, zone, uz_link);
2843 rw_wunlock(&uma_rwlock);
2844 } else if (keg == NULL) {
2845 if ((keg = uma_kcreate(zone, arg->size, arg->uminit, arg->fini,
2846 arg->align, arg->flags)) == NULL)
2849 struct uma_kctor_args karg;
2852 /* We should only be here from uma_startup() */
2853 karg.size = arg->size;
2854 karg.uminit = arg->uminit;
2855 karg.fini = arg->fini;
2856 karg.align = arg->align;
2857 karg.flags = (arg->flags & ~UMA_ZONE_SMR);
2859 error = keg_ctor(arg->keg, sizeof(struct uma_keg), &karg,
2865 /* Inherit properties from the keg. */
2867 zone->uz_size = keg->uk_size;
2868 zone->uz_flags |= (keg->uk_flags &
2869 (UMA_ZONE_INHERIT | UMA_ZFLAG_INHERIT));
2872 if (booted >= BOOT_PCPU) {
2873 zone_alloc_counters(zone, NULL);
2874 if (booted >= BOOT_RUNNING)
2875 zone_alloc_sysctl(zone, NULL);
2877 zone->uz_allocs = EARLY_COUNTER;
2878 zone->uz_frees = EARLY_COUNTER;
2879 zone->uz_fails = EARLY_COUNTER;
2882 /* Caller requests a private SMR context. */
2883 if ((zone->uz_flags & UMA_ZONE_SMR) != 0)
2884 zone->uz_smr = smr_create(zone->uz_name, 0, 0);
2886 KASSERT((arg->flags & (UMA_ZONE_MAXBUCKET | UMA_ZONE_NOBUCKET)) !=
2887 (UMA_ZONE_MAXBUCKET | UMA_ZONE_NOBUCKET),
2888 ("Invalid zone flag combination"));
2889 if (arg->flags & UMA_ZFLAG_INTERNAL)
2890 zone->uz_bucket_size_max = zone->uz_bucket_size = 0;
2891 if ((arg->flags & UMA_ZONE_MAXBUCKET) != 0)
2892 zone->uz_bucket_size = BUCKET_MAX;
2893 else if ((arg->flags & UMA_ZONE_NOBUCKET) != 0)
2894 zone->uz_bucket_size = 0;
2896 zone->uz_bucket_size = bucket_select(zone->uz_size);
2897 zone->uz_bucket_size_min = zone->uz_bucket_size;
2898 if (zone->uz_dtor != NULL || zone->uz_ctor != NULL)
2899 zone->uz_flags |= UMA_ZFLAG_CTORDTOR;
2900 zone_update_caches(zone);
2906 * Keg header dtor. This frees all data, destroys locks, frees the hash
2907 * table and removes the keg from the global list.
2909 * Arguments/Returns follow uma_dtor specifications
2913 keg_dtor(void *arg, int size, void *udata)
2916 uint32_t free, pages;
2919 keg = (uma_keg_t)arg;
2921 for (i = 0; i < vm_ndomains; i++) {
2922 free += keg->uk_domain[i].ud_free_items;
2923 pages += keg->uk_domain[i].ud_pages;
2924 KEG_LOCK_FINI(keg, i);
2927 printf("Freed UMA keg (%s) was not empty (%u items). "
2928 " Lost %u pages of memory.\n",
2929 keg->uk_name ? keg->uk_name : "",
2930 pages / keg->uk_ppera * keg->uk_ipers - free, pages);
2932 hash_free(&keg->uk_hash);
2938 * Arguments/Returns follow uma_dtor specifications
2942 zone_dtor(void *arg, int size, void *udata)
2948 zone = (uma_zone_t)arg;
2950 sysctl_remove_oid(zone->uz_oid, 1, 1);
2952 if (!(zone->uz_flags & UMA_ZFLAG_INTERNAL))
2955 rw_wlock(&uma_rwlock);
2956 LIST_REMOVE(zone, uz_link);
2957 rw_wunlock(&uma_rwlock);
2958 if ((zone->uz_flags & (UMA_ZONE_SECONDARY | UMA_ZFLAG_CACHE)) == 0) {
2960 keg->uk_reserve = 0;
2962 zone_reclaim(zone, UMA_ANYDOMAIN, M_WAITOK, true);
2965 * We only destroy kegs from non secondary/non cache zones.
2967 if ((zone->uz_flags & (UMA_ZONE_SECONDARY | UMA_ZFLAG_CACHE)) == 0) {
2969 rw_wlock(&uma_rwlock);
2970 LIST_REMOVE(keg, uk_link);
2971 rw_wunlock(&uma_rwlock);
2972 zone_free_item(kegs, keg, NULL, SKIP_NONE);
2974 counter_u64_free(zone->uz_allocs);
2975 counter_u64_free(zone->uz_frees);
2976 counter_u64_free(zone->uz_fails);
2977 counter_u64_free(zone->uz_xdomain);
2978 free(zone->uz_ctlname, M_UMA);
2979 for (i = 0; i < vm_ndomains; i++)
2980 ZDOM_LOCK_FINI(ZDOM_GET(zone, i));
2981 ZONE_CROSS_LOCK_FINI(zone);
2985 zone_foreach_unlocked(void (*zfunc)(uma_zone_t, void *arg), void *arg)
2990 LIST_FOREACH(keg, &uma_kegs, uk_link) {
2991 LIST_FOREACH(zone, &keg->uk_zones, uz_link)
2994 LIST_FOREACH(zone, &uma_cachezones, uz_link)
2999 * Traverses every zone in the system and calls a callback
3002 * zfunc A pointer to a function which accepts a zone
3009 zone_foreach(void (*zfunc)(uma_zone_t, void *arg), void *arg)
3012 rw_rlock(&uma_rwlock);
3013 zone_foreach_unlocked(zfunc, arg);
3014 rw_runlock(&uma_rwlock);
3018 * Initialize the kernel memory allocator. This is done after pages can be
3019 * allocated but before general KVA is available.
3022 uma_startup1(vm_offset_t virtual_avail)
3024 struct uma_zctor_args args;
3025 size_t ksize, zsize, size;
3026 uma_keg_t primarykeg;
3031 bootstart = bootmem = virtual_avail;
3033 rw_init(&uma_rwlock, "UMA lock");
3034 sx_init(&uma_reclaim_lock, "umareclaim");
3036 ksize = sizeof(struct uma_keg) +
3037 (sizeof(struct uma_domain) * vm_ndomains);
3038 ksize = roundup(ksize, UMA_SUPER_ALIGN);
3039 zsize = sizeof(struct uma_zone) +
3040 (sizeof(struct uma_cache) * (mp_maxid + 1)) +
3041 (sizeof(struct uma_zone_domain) * vm_ndomains);
3042 zsize = roundup(zsize, UMA_SUPER_ALIGN);
3044 /* Allocate the zone of zones, zone of kegs, and zone of zones keg. */
3045 size = (zsize * 2) + ksize;
3046 for (domain = 0; domain < vm_ndomains; domain++) {
3047 m = (uintptr_t)startup_alloc(NULL, size, domain, &pflag,
3052 zones = (uma_zone_t)m;
3054 kegs = (uma_zone_t)m;
3056 primarykeg = (uma_keg_t)m;
3058 /* "manually" create the initial zone */
3059 memset(&args, 0, sizeof(args));
3060 args.name = "UMA Kegs";
3062 args.ctor = keg_ctor;
3063 args.dtor = keg_dtor;
3064 args.uminit = zero_init;
3066 args.keg = primarykeg;
3067 args.align = UMA_SUPER_ALIGN - 1;
3068 args.flags = UMA_ZFLAG_INTERNAL;
3069 zone_ctor(kegs, zsize, &args, M_WAITOK);
3071 args.name = "UMA Zones";
3073 args.ctor = zone_ctor;
3074 args.dtor = zone_dtor;
3075 args.uminit = zero_init;
3078 args.align = UMA_SUPER_ALIGN - 1;
3079 args.flags = UMA_ZFLAG_INTERNAL;
3080 zone_ctor(zones, zsize, &args, M_WAITOK);
3082 /* Now make zones for slab headers */
3083 slabzones[0] = uma_zcreate("UMA Slabs 0", SLABZONE0_SIZE,
3084 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZFLAG_INTERNAL);
3085 slabzones[1] = uma_zcreate("UMA Slabs 1", SLABZONE1_SIZE,
3086 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZFLAG_INTERNAL);
3088 hashzone = uma_zcreate("UMA Hash",
3089 sizeof(struct slabhead *) * UMA_HASH_SIZE_INIT,
3090 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZFLAG_INTERNAL);
3096 #ifndef UMA_MD_SMALL_ALLOC
3097 extern void vm_radix_reserve_kva(void);
3101 * Advertise the availability of normal kva allocations and switch to
3102 * the default back-end allocator. Marks the KVA we consumed on startup
3103 * as used in the map.
3109 if (bootstart != bootmem) {
3110 vm_map_lock(kernel_map);
3111 (void)vm_map_insert(kernel_map, NULL, 0, bootstart, bootmem,
3112 VM_PROT_RW, VM_PROT_RW, MAP_NOFAULT);
3113 vm_map_unlock(kernel_map);
3116 #ifndef UMA_MD_SMALL_ALLOC
3117 /* Set up radix zone to use noobj_alloc. */
3118 vm_radix_reserve_kva();
3122 zone_foreach_unlocked(zone_kva_available, NULL);
3127 * Allocate counters as early as possible so that boot-time allocations are
3128 * accounted more precisely.
3131 uma_startup_pcpu(void *arg __unused)
3134 zone_foreach_unlocked(zone_alloc_counters, NULL);
3137 SYSINIT(uma_startup_pcpu, SI_SUB_COUNTER, SI_ORDER_ANY, uma_startup_pcpu, NULL);
3140 * Finish our initialization steps.
3143 uma_startup3(void *arg __unused)
3147 TUNABLE_INT_FETCH("vm.debug.divisor", &dbg_divisor);
3148 uma_dbg_cnt = counter_u64_alloc(M_WAITOK);
3149 uma_skip_cnt = counter_u64_alloc(M_WAITOK);
3151 zone_foreach_unlocked(zone_alloc_sysctl, NULL);
3152 booted = BOOT_RUNNING;
3154 EVENTHANDLER_REGISTER(shutdown_post_sync, uma_shutdown, NULL,
3155 EVENTHANDLER_PRI_FIRST);
3157 SYSINIT(uma_startup3, SI_SUB_VM_CONF, SI_ORDER_SECOND, uma_startup3, NULL);
3160 uma_startup4(void *arg __unused)
3162 TIMEOUT_TASK_INIT(taskqueue_thread, &uma_timeout_task, 0, uma_timeout,
3164 taskqueue_enqueue_timeout(taskqueue_thread, &uma_timeout_task,
3167 SYSINIT(uma_startup4, SI_SUB_TASKQ, SI_ORDER_ANY, uma_startup4, NULL);
3173 booted = BOOT_SHUTDOWN;
3177 uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit, uma_fini fini,
3178 int align, uint32_t flags)
3180 struct uma_kctor_args args;
3183 args.uminit = uminit;
3185 args.align = (align == UMA_ALIGN_CACHE) ? uma_cache_align_mask : align;
3188 return (zone_alloc_item(kegs, &args, UMA_ANYDOMAIN, M_WAITOK));
3191 /* Public functions */
3194 uma_set_cache_align_mask(int mask)
3198 /* UMA_ALIGN_CACHE is also not permitted here. */
3199 uma_cache_align_mask = mask;
3202 /* Returns the alignment mask to use to request cache alignment. */
3204 uma_get_cache_align_mask(void)
3206 return (uma_cache_align_mask);
3211 uma_zcreate(const char *name, size_t size, uma_ctor ctor, uma_dtor dtor,
3212 uma_init uminit, uma_fini fini, int align, uint32_t flags)
3215 struct uma_zctor_args args;
3218 KASSERT(powerof2(align + 1), ("invalid zone alignment %d for \"%s\"",
3221 /* This stuff is essential for the zone ctor */
3222 memset(&args, 0, sizeof(args));
3227 args.uminit = uminit;
3229 #if defined(INVARIANTS) && !defined(KASAN)
3231 * Inject procedures which check for memory use after free if we are
3232 * allowed to scramble the memory while it is not allocated. This
3233 * requires that: UMA is actually able to access the memory, no init
3234 * or fini procedures, no dependency on the initial value of the
3235 * memory, and no (legitimate) use of the memory after free. Note,
3236 * the ctor and dtor do not need to be empty.
3238 if ((!(flags & (UMA_ZONE_ZINIT | UMA_ZONE_NOTOUCH |
3239 UMA_ZONE_NOFREE))) && uminit == NULL && fini == NULL) {
3240 args.uminit = trash_init;
3241 args.fini = trash_fini;
3248 sx_xlock(&uma_reclaim_lock);
3249 res = zone_alloc_item(zones, &args, UMA_ANYDOMAIN, M_WAITOK);
3250 sx_xunlock(&uma_reclaim_lock);
3257 uma_zsecond_create(const char *name, uma_ctor ctor, uma_dtor dtor,
3258 uma_init zinit, uma_fini zfini, uma_zone_t primary)
3260 struct uma_zctor_args args;
3264 keg = primary->uz_keg;
3265 memset(&args, 0, sizeof(args));
3267 args.size = keg->uk_size;
3270 args.uminit = zinit;
3272 args.align = keg->uk_align;
3273 args.flags = keg->uk_flags | UMA_ZONE_SECONDARY;
3276 sx_xlock(&uma_reclaim_lock);
3277 res = zone_alloc_item(zones, &args, UMA_ANYDOMAIN, M_WAITOK);
3278 sx_xunlock(&uma_reclaim_lock);
3285 uma_zcache_create(const char *name, int size, uma_ctor ctor, uma_dtor dtor,
3286 uma_init zinit, uma_fini zfini, uma_import zimport, uma_release zrelease,
3287 void *arg, int flags)
3289 struct uma_zctor_args args;
3291 memset(&args, 0, sizeof(args));
3296 args.uminit = zinit;
3298 args.import = zimport;
3299 args.release = zrelease;
3302 args.flags = flags | UMA_ZFLAG_CACHE;
3304 return (zone_alloc_item(zones, &args, UMA_ANYDOMAIN, M_WAITOK));
3309 uma_zdestroy(uma_zone_t zone)
3313 * Large slabs are expensive to reclaim, so don't bother doing
3314 * unnecessary work if we're shutting down.
3316 if (booted == BOOT_SHUTDOWN &&
3317 zone->uz_fini == NULL && zone->uz_release == zone_release)
3319 sx_xlock(&uma_reclaim_lock);
3320 zone_free_item(zones, zone, NULL, SKIP_NONE);
3321 sx_xunlock(&uma_reclaim_lock);
3325 uma_zwait(uma_zone_t zone)
3328 if ((zone->uz_flags & UMA_ZONE_SMR) != 0)
3329 uma_zfree_smr(zone, uma_zalloc_smr(zone, M_WAITOK));
3330 else if ((zone->uz_flags & UMA_ZONE_PCPU) != 0)
3331 uma_zfree_pcpu(zone, uma_zalloc_pcpu(zone, M_WAITOK));
3333 uma_zfree(zone, uma_zalloc(zone, M_WAITOK));
3337 uma_zalloc_pcpu_arg(uma_zone_t zone, void *udata, int flags)
3339 void *item, *pcpu_item;
3343 MPASS(zone->uz_flags & UMA_ZONE_PCPU);
3345 item = uma_zalloc_arg(zone, udata, flags & ~M_ZERO);
3348 pcpu_item = zpcpu_base_to_offset(item);
3349 if (flags & M_ZERO) {
3351 for (i = 0; i <= mp_maxid; i++)
3352 bzero(zpcpu_get_cpu(pcpu_item, i), zone->uz_size);
3354 bzero(item, zone->uz_size);
3361 * A stub while both regular and pcpu cases are identical.
3364 uma_zfree_pcpu_arg(uma_zone_t zone, void *pcpu_item, void *udata)
3369 MPASS(zone->uz_flags & UMA_ZONE_PCPU);
3372 /* uma_zfree_pcu_*(..., NULL) does nothing, to match free(9). */
3373 if (pcpu_item == NULL)
3376 item = zpcpu_offset_to_base(pcpu_item);
3377 uma_zfree_arg(zone, item, udata);
3380 static inline void *
3381 item_ctor(uma_zone_t zone, int uz_flags, int size, void *udata, int flags,
3388 kasan_mark_item_valid(zone, item);
3391 skipdbg = uma_dbg_zskip(zone, item);
3392 if (!skipdbg && (uz_flags & UMA_ZFLAG_TRASH) != 0 &&
3393 zone->uz_ctor != trash_ctor)
3394 trash_ctor(item, size, udata, flags);
3397 /* Check flags before loading ctor pointer. */
3398 if (__predict_false((uz_flags & UMA_ZFLAG_CTORDTOR) != 0) &&
3399 __predict_false(zone->uz_ctor != NULL) &&
3400 zone->uz_ctor(item, size, udata, flags) != 0) {
3401 counter_u64_add(zone->uz_fails, 1);
3402 zone_free_item(zone, item, udata, SKIP_DTOR | SKIP_CNT);
3407 uma_dbg_alloc(zone, NULL, item);
3409 if (__predict_false(flags & M_ZERO))
3410 return (memset(item, 0, size));
3416 item_dtor(uma_zone_t zone, void *item, int size, void *udata,
3417 enum zfreeskip skip)
3422 skipdbg = uma_dbg_zskip(zone, item);
3423 if (skip == SKIP_NONE && !skipdbg) {
3424 if ((zone->uz_flags & UMA_ZONE_MALLOC) != 0)
3425 uma_dbg_free(zone, udata, item);
3427 uma_dbg_free(zone, NULL, item);
3430 if (__predict_true(skip < SKIP_DTOR)) {
3431 if (zone->uz_dtor != NULL)
3432 zone->uz_dtor(item, size, udata);
3434 if (!skipdbg && (zone->uz_flags & UMA_ZFLAG_TRASH) != 0 &&
3435 zone->uz_dtor != trash_dtor)
3436 trash_dtor(item, size, udata);
3439 kasan_mark_item_invalid(zone, item);
3444 item_domain(void *item)
3448 domain = vm_phys_domain(vtophys(item));
3449 KASSERT(domain >= 0 && domain < vm_ndomains,
3450 ("%s: unknown domain for item %p", __func__, item));
3455 #if defined(INVARIANTS) || defined(DEBUG_MEMGUARD) || defined(WITNESS)
3456 #define UMA_ZALLOC_DEBUG
3458 uma_zalloc_debug(uma_zone_t zone, void **itemp, void *udata, int flags)
3464 if (flags & M_WAITOK) {
3465 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
3466 "uma_zalloc_debug: zone \"%s\"", zone->uz_name);
3471 KASSERT((flags & M_EXEC) == 0,
3472 ("uma_zalloc_debug: called with M_EXEC"));
3473 KASSERT(curthread->td_critnest == 0 || SCHEDULER_STOPPED(),
3474 ("uma_zalloc_debug: called within spinlock or critical section"));
3475 KASSERT((zone->uz_flags & UMA_ZONE_PCPU) == 0 || (flags & M_ZERO) == 0,
3476 ("uma_zalloc_debug: allocating from a pcpu zone with M_ZERO"));
3479 #ifdef DEBUG_MEMGUARD
3480 if ((zone->uz_flags & (UMA_ZONE_SMR | UMA_ZFLAG_CACHE)) == 0 &&
3481 memguard_cmp_zone(zone)) {
3483 item = memguard_alloc(zone->uz_size, flags);
3485 error = EJUSTRETURN;
3486 if (zone->uz_init != NULL &&
3487 zone->uz_init(item, zone->uz_size, flags) != 0) {
3491 if (zone->uz_ctor != NULL &&
3492 zone->uz_ctor(item, zone->uz_size, udata,
3494 counter_u64_add(zone->uz_fails, 1);
3495 if (zone->uz_fini != NULL)
3496 zone->uz_fini(item, zone->uz_size);
3503 /* This is unfortunate but should not be fatal. */
3510 uma_zfree_debug(uma_zone_t zone, void *item, void *udata)
3512 KASSERT(curthread->td_critnest == 0 || SCHEDULER_STOPPED(),
3513 ("uma_zfree_debug: called with spinlock or critical section held"));
3515 #ifdef DEBUG_MEMGUARD
3516 if ((zone->uz_flags & (UMA_ZONE_SMR | UMA_ZFLAG_CACHE)) == 0 &&
3517 is_memguard_addr(item)) {
3518 if (zone->uz_dtor != NULL)
3519 zone->uz_dtor(item, zone->uz_size, udata);
3520 if (zone->uz_fini != NULL)
3521 zone->uz_fini(item, zone->uz_size);
3522 memguard_free(item);
3523 return (EJUSTRETURN);
3530 static inline void *
3531 cache_alloc_item(uma_zone_t zone, uma_cache_t cache, uma_cache_bucket_t bucket,
3532 void *udata, int flags)
3537 item = cache_bucket_pop(cache, bucket);
3538 size = cache_uz_size(cache);
3539 uz_flags = cache_uz_flags(cache);
3541 return (item_ctor(zone, uz_flags, size, udata, flags, item));
3544 static __noinline void *
3545 cache_alloc_retry(uma_zone_t zone, uma_cache_t cache, void *udata, int flags)
3547 uma_cache_bucket_t bucket;
3550 while (cache_alloc(zone, cache, udata, flags)) {
3551 cache = &zone->uz_cpu[curcpu];
3552 bucket = &cache->uc_allocbucket;
3553 if (__predict_false(bucket->ucb_cnt == 0))
3555 return (cache_alloc_item(zone, cache, bucket, udata, flags));
3560 * We can not get a bucket so try to return a single item.
3562 if (zone->uz_flags & UMA_ZONE_FIRSTTOUCH)
3563 domain = PCPU_GET(domain);
3565 domain = UMA_ANYDOMAIN;
3566 return (zone_alloc_item(zone, udata, domain, flags));
3571 uma_zalloc_smr(uma_zone_t zone, int flags)
3573 uma_cache_bucket_t bucket;
3576 #ifdef UMA_ZALLOC_DEBUG
3579 KASSERT((zone->uz_flags & UMA_ZONE_SMR) != 0,
3580 ("uma_zalloc_arg: called with non-SMR zone."));
3581 if (uma_zalloc_debug(zone, &item, NULL, flags) == EJUSTRETURN)
3586 cache = &zone->uz_cpu[curcpu];
3587 bucket = &cache->uc_allocbucket;
3588 if (__predict_false(bucket->ucb_cnt == 0))
3589 return (cache_alloc_retry(zone, cache, NULL, flags));
3590 return (cache_alloc_item(zone, cache, bucket, NULL, flags));
3595 uma_zalloc_arg(uma_zone_t zone, void *udata, int flags)
3597 uma_cache_bucket_t bucket;
3600 /* Enable entropy collection for RANDOM_ENABLE_UMA kernel option */
3601 random_harvest_fast_uma(&zone, sizeof(zone), RANDOM_UMA);
3603 /* This is the fast path allocation */
3604 CTR3(KTR_UMA, "uma_zalloc_arg zone %s(%p) flags %d", zone->uz_name,
3607 #ifdef UMA_ZALLOC_DEBUG
3610 KASSERT((zone->uz_flags & UMA_ZONE_SMR) == 0,
3611 ("uma_zalloc_arg: called with SMR zone."));
3612 if (uma_zalloc_debug(zone, &item, udata, flags) == EJUSTRETURN)
3617 * If possible, allocate from the per-CPU cache. There are two
3618 * requirements for safe access to the per-CPU cache: (1) the thread
3619 * accessing the cache must not be preempted or yield during access,
3620 * and (2) the thread must not migrate CPUs without switching which
3621 * cache it accesses. We rely on a critical section to prevent
3622 * preemption and migration. We release the critical section in
3623 * order to acquire the zone mutex if we are unable to allocate from
3624 * the current cache; when we re-acquire the critical section, we
3625 * must detect and handle migration if it has occurred.
3628 cache = &zone->uz_cpu[curcpu];
3629 bucket = &cache->uc_allocbucket;
3630 if (__predict_false(bucket->ucb_cnt == 0))
3631 return (cache_alloc_retry(zone, cache, udata, flags));
3632 return (cache_alloc_item(zone, cache, bucket, udata, flags));
3636 * Replenish an alloc bucket and possibly restore an old one. Called in
3637 * a critical section. Returns in a critical section.
3639 * A false return value indicates an allocation failure.
3640 * A true return value indicates success and the caller should retry.
3642 static __noinline bool
3643 cache_alloc(uma_zone_t zone, uma_cache_t cache, void *udata, int flags)
3645 uma_bucket_t bucket;
3646 int curdomain, domain;
3649 CRITICAL_ASSERT(curthread);
3652 * If we have run out of items in our alloc bucket see
3653 * if we can switch with the free bucket.
3655 * SMR Zones can't re-use the free bucket until the sequence has
3658 if ((cache_uz_flags(cache) & UMA_ZONE_SMR) == 0 &&
3659 cache->uc_freebucket.ucb_cnt != 0) {
3660 cache_bucket_swap(&cache->uc_freebucket,
3661 &cache->uc_allocbucket);
3666 * Discard any empty allocation bucket while we hold no locks.
3668 bucket = cache_bucket_unload_alloc(cache);
3671 if (bucket != NULL) {
3672 KASSERT(bucket->ub_cnt == 0,
3673 ("cache_alloc: Entered with non-empty alloc bucket."));
3674 bucket_free(zone, bucket, udata);
3678 * Attempt to retrieve the item from the per-CPU cache has failed, so
3679 * we must go back to the zone. This requires the zdom lock, so we
3680 * must drop the critical section, then re-acquire it when we go back
3681 * to the cache. Since the critical section is released, we may be
3682 * preempted or migrate. As such, make sure not to maintain any
3683 * thread-local state specific to the cache from prior to releasing
3684 * the critical section.
3686 domain = PCPU_GET(domain);
3687 if ((cache_uz_flags(cache) & UMA_ZONE_ROUNDROBIN) != 0 ||
3688 VM_DOMAIN_EMPTY(domain))
3689 domain = zone_domain_highest(zone, domain);
3690 bucket = cache_fetch_bucket(zone, cache, domain);
3691 if (bucket == NULL && zone->uz_bucket_size != 0 && !bucketdisable) {
3692 bucket = zone_alloc_bucket(zone, udata, domain, flags);
3698 CTR3(KTR_UMA, "uma_zalloc: zone %s(%p) bucket zone returned %p",
3699 zone->uz_name, zone, bucket);
3700 if (bucket == NULL) {
3706 * See if we lost the race or were migrated. Cache the
3707 * initialized bucket to make this less likely or claim
3708 * the memory directly.
3711 cache = &zone->uz_cpu[curcpu];
3712 if (cache->uc_allocbucket.ucb_bucket == NULL &&
3713 ((cache_uz_flags(cache) & UMA_ZONE_FIRSTTOUCH) == 0 ||
3714 (curdomain = PCPU_GET(domain)) == domain ||
3715 VM_DOMAIN_EMPTY(curdomain))) {
3717 atomic_add_long(&ZDOM_GET(zone, domain)->uzd_imax,
3719 cache_bucket_load_alloc(cache, bucket);
3724 * We lost the race, release this bucket and start over.
3727 zone_put_bucket(zone, domain, bucket, udata, !new);
3734 uma_zalloc_domain(uma_zone_t zone, void *udata, int domain, int flags)
3737 uma_bucket_t bucket;
3738 uma_zone_domain_t zdom;
3742 /* Enable entropy collection for RANDOM_ENABLE_UMA kernel option */
3743 random_harvest_fast_uma(&zone, sizeof(zone), RANDOM_UMA);
3745 /* This is the fast path allocation */
3746 CTR4(KTR_UMA, "uma_zalloc_domain zone %s(%p) domain %d flags %d",
3747 zone->uz_name, zone, domain, flags);
3749 if (flags & M_WAITOK) {
3750 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
3751 "uma_zalloc_domain: zone \"%s\"", zone->uz_name);
3753 KASSERT(curthread->td_critnest == 0 || SCHEDULER_STOPPED(),
3754 ("uma_zalloc_domain: called with spinlock or critical section held"));
3755 KASSERT((zone->uz_flags & UMA_ZONE_SMR) == 0,
3756 ("uma_zalloc_domain: called with SMR zone."));
3758 KASSERT((zone->uz_flags & UMA_ZONE_FIRSTTOUCH) != 0,
3759 ("uma_zalloc_domain: called with non-FIRSTTOUCH zone."));
3761 if (vm_ndomains == 1)
3762 return (uma_zalloc_arg(zone, udata, flags));
3765 * Try to allocate from the bucket cache before falling back to the keg.
3766 * We could try harder and attempt to allocate from per-CPU caches or
3767 * the per-domain cross-domain buckets, but the complexity is probably
3768 * not worth it. It is more important that frees of previous
3769 * cross-domain allocations do not blow up the cache.
3771 zdom = zone_domain_lock(zone, domain);
3772 if ((bucket = zone_fetch_bucket(zone, zdom, false)) != NULL) {
3773 item = bucket->ub_bucket[bucket->ub_cnt - 1];
3775 bucket->ub_bucket[bucket->ub_cnt - 1] = NULL;
3778 zone_put_bucket(zone, domain, bucket, udata, true);
3779 item = item_ctor(zone, zone->uz_flags, zone->uz_size, udata,
3782 KASSERT(item_domain(item) == domain,
3783 ("%s: bucket cache item %p from wrong domain",
3785 counter_u64_add(zone->uz_allocs, 1);
3790 return (zone_alloc_item(zone, udata, domain, flags));
3792 return (uma_zalloc_arg(zone, udata, flags));
3797 * Find a slab with some space. Prefer slabs that are partially used over those
3798 * that are totally full. This helps to reduce fragmentation.
3800 * If 'rr' is 1, search all domains starting from 'domain'. Otherwise check
3804 keg_first_slab(uma_keg_t keg, int domain, bool rr)
3810 KASSERT(domain >= 0 && domain < vm_ndomains,
3811 ("keg_first_slab: domain %d out of range", domain));
3812 KEG_LOCK_ASSERT(keg, domain);
3817 dom = &keg->uk_domain[domain];
3818 if ((slab = LIST_FIRST(&dom->ud_part_slab)) != NULL)
3820 if ((slab = LIST_FIRST(&dom->ud_free_slab)) != NULL) {
3821 LIST_REMOVE(slab, us_link);
3822 dom->ud_free_slabs--;
3823 LIST_INSERT_HEAD(&dom->ud_part_slab, slab, us_link);
3827 domain = (domain + 1) % vm_ndomains;
3828 } while (domain != start);
3834 * Fetch an existing slab from a free or partial list. Returns with the
3835 * keg domain lock held if a slab was found or unlocked if not.
3838 keg_fetch_free_slab(uma_keg_t keg, int domain, bool rr, int flags)
3843 /* HASH has a single free list. */
3844 if ((keg->uk_flags & UMA_ZFLAG_HASH) != 0)
3847 KEG_LOCK(keg, domain);
3848 reserve = (flags & M_USE_RESERVE) != 0 ? 0 : keg->uk_reserve;
3849 if (keg->uk_domain[domain].ud_free_items <= reserve ||
3850 (slab = keg_first_slab(keg, domain, rr)) == NULL) {
3851 KEG_UNLOCK(keg, domain);
3858 keg_fetch_slab(uma_keg_t keg, uma_zone_t zone, int rdomain, const int flags)
3860 struct vm_domainset_iter di;
3865 KASSERT((flags & (M_WAITOK | M_NOVM)) != (M_WAITOK | M_NOVM),
3866 ("%s: invalid flags %#x", __func__, flags));
3870 * Use the keg's policy if upper layers haven't already specified a
3871 * domain (as happens with first-touch zones).
3873 * To avoid races we run the iterator with the keg lock held, but that
3874 * means that we cannot allow the vm_domainset layer to sleep. Thus,
3875 * clear M_WAITOK and handle low memory conditions locally.
3877 rr = rdomain == UMA_ANYDOMAIN;
3879 aflags = (flags & ~M_WAITOK) | M_NOWAIT;
3880 vm_domainset_iter_policy_ref_init(&di, &keg->uk_dr, &domain,
3888 slab = keg_fetch_free_slab(keg, domain, rr, flags);
3893 * M_NOVM is used to break the recursion that can otherwise
3894 * occur if low-level memory management routines use UMA.
3896 if ((flags & M_NOVM) == 0) {
3897 slab = keg_alloc_slab(keg, zone, domain, flags, aflags);
3903 if ((flags & M_USE_RESERVE) != 0) {
3905 * Drain reserves from other domains before
3906 * giving up or sleeping. It may be useful to
3907 * support per-domain reserves eventually.
3909 rdomain = UMA_ANYDOMAIN;
3912 if ((flags & M_WAITOK) == 0)
3914 vm_wait_domain(domain);
3915 } else if (vm_domainset_iter_policy(&di, &domain) != 0) {
3916 if ((flags & M_WAITOK) != 0) {
3917 vm_wait_doms(&keg->uk_dr.dr_policy->ds_mask, 0);
3925 * We might not have been able to get a slab but another cpu
3926 * could have while we were unlocked. Check again before we
3929 if ((slab = keg_fetch_free_slab(keg, domain, rr, flags)) != NULL)
3936 slab_alloc_item(uma_keg_t keg, uma_slab_t slab)
3942 KEG_LOCK_ASSERT(keg, slab->us_domain);
3944 dom = &keg->uk_domain[slab->us_domain];
3945 freei = BIT_FFS(keg->uk_ipers, &slab->us_free) - 1;
3946 BIT_CLR(keg->uk_ipers, freei, &slab->us_free);
3947 item = slab_item(slab, keg, freei);
3948 slab->us_freecount--;
3949 dom->ud_free_items--;
3952 * Move this slab to the full list. It must be on the partial list, so
3953 * we do not need to update the free slab count. In particular,
3954 * keg_fetch_slab() always returns slabs on the partial list.
3956 if (slab->us_freecount == 0) {
3957 LIST_REMOVE(slab, us_link);
3958 LIST_INSERT_HEAD(&dom->ud_full_slab, slab, us_link);
3965 zone_import(void *arg, void **bucket, int max, int domain, int flags)
3979 /* Try to keep the buckets totally full */
3980 for (i = 0; i < max; ) {
3981 if ((slab = keg_fetch_slab(keg, zone, domain, flags)) == NULL)
3984 stripe = howmany(max, vm_ndomains);
3986 dom = &keg->uk_domain[slab->us_domain];
3988 bucket[i++] = slab_alloc_item(keg, slab);
3989 if (keg->uk_reserve > 0 &&
3990 dom->ud_free_items <= keg->uk_reserve) {
3992 * Avoid depleting the reserve after a
3993 * successful item allocation, even if
3994 * M_USE_RESERVE is specified.
3996 KEG_UNLOCK(keg, slab->us_domain);
4001 * If the zone is striped we pick a new slab for every
4002 * N allocations. Eliminating this conditional will
4003 * instead pick a new domain for each bucket rather
4004 * than stripe within each bucket. The current option
4005 * produces more fragmentation and requires more cpu
4006 * time but yields better distribution.
4008 if ((zone->uz_flags & UMA_ZONE_ROUNDROBIN) != 0 &&
4009 vm_ndomains > 1 && --stripe == 0)
4012 } while (slab->us_freecount != 0 && i < max);
4013 KEG_UNLOCK(keg, slab->us_domain);
4015 /* Don't block if we allocated any successfully. */
4024 zone_alloc_limit_hard(uma_zone_t zone, int count, int flags)
4026 uint64_t old, new, total, max;
4029 * The hard case. We're going to sleep because there were existing
4030 * sleepers or because we ran out of items. This routine enforces
4031 * fairness by keeping fifo order.
4033 * First release our ill gotten gains and make some noise.
4036 zone_free_limit(zone, count);
4037 zone_log_warning(zone);
4038 zone_maxaction(zone);
4039 if (flags & M_NOWAIT)
4043 * We need to allocate an item or set ourself as a sleeper
4044 * while the sleepq lock is held to avoid wakeup races. This
4045 * is essentially a home rolled semaphore.
4047 sleepq_lock(&zone->uz_max_items);
4048 old = zone->uz_items;
4050 MPASS(UZ_ITEMS_SLEEPERS(old) < UZ_ITEMS_SLEEPERS_MAX);
4051 /* Cache the max since we will evaluate twice. */
4052 max = zone->uz_max_items;
4053 if (UZ_ITEMS_SLEEPERS(old) != 0 ||
4054 UZ_ITEMS_COUNT(old) >= max)
4055 new = old + UZ_ITEMS_SLEEPER;
4057 new = old + MIN(count, max - old);
4058 } while (atomic_fcmpset_64(&zone->uz_items, &old, new) == 0);
4060 /* We may have successfully allocated under the sleepq lock. */
4061 if (UZ_ITEMS_SLEEPERS(new) == 0) {
4062 sleepq_release(&zone->uz_max_items);
4067 * This is in a different cacheline from uz_items so that we
4068 * don't constantly invalidate the fastpath cacheline when we
4069 * adjust item counts. This could be limited to toggling on
4072 atomic_add_32(&zone->uz_sleepers, 1);
4073 atomic_add_64(&zone->uz_sleeps, 1);
4076 * We have added ourselves as a sleeper. The sleepq lock
4077 * protects us from wakeup races. Sleep now and then retry.
4079 sleepq_add(&zone->uz_max_items, NULL, "zonelimit", 0, 0);
4080 sleepq_wait(&zone->uz_max_items, PVM);
4083 * After wakeup, remove ourselves as a sleeper and try
4084 * again. We no longer have the sleepq lock for protection.
4086 * Subract ourselves as a sleeper while attempting to add
4089 atomic_subtract_32(&zone->uz_sleepers, 1);
4090 old = atomic_fetchadd_64(&zone->uz_items,
4091 -(UZ_ITEMS_SLEEPER - count));
4092 /* We're no longer a sleeper. */
4093 old -= UZ_ITEMS_SLEEPER;
4096 * If we're still at the limit, restart. Notably do not
4097 * block on other sleepers. Cache the max value to protect
4098 * against changes via sysctl.
4100 total = UZ_ITEMS_COUNT(old);
4101 max = zone->uz_max_items;
4104 /* Truncate if necessary, otherwise wake other sleepers. */
4105 if (total + count > max) {
4106 zone_free_limit(zone, total + count - max);
4107 count = max - total;
4108 } else if (total + count < max && UZ_ITEMS_SLEEPERS(old) != 0)
4109 wakeup_one(&zone->uz_max_items);
4116 * Allocate 'count' items from our max_items limit. Returns the number
4117 * available. If M_NOWAIT is not specified it will sleep until at least
4118 * one item can be allocated.
4121 zone_alloc_limit(uma_zone_t zone, int count, int flags)
4126 max = zone->uz_max_items;
4130 * We expect normal allocations to succeed with a simple
4133 old = atomic_fetchadd_64(&zone->uz_items, count);
4134 if (__predict_true(old + count <= max))
4138 * If we had some items and no sleepers just return the
4139 * truncated value. We have to release the excess space
4140 * though because that may wake sleepers who weren't woken
4141 * because we were temporarily over the limit.
4144 zone_free_limit(zone, (old + count) - max);
4147 return (zone_alloc_limit_hard(zone, count, flags));
4151 * Free a number of items back to the limit.
4154 zone_free_limit(uma_zone_t zone, int count)
4161 * In the common case we either have no sleepers or
4162 * are still over the limit and can just return.
4164 old = atomic_fetchadd_64(&zone->uz_items, -count);
4165 if (__predict_true(UZ_ITEMS_SLEEPERS(old) == 0 ||
4166 UZ_ITEMS_COUNT(old) - count >= zone->uz_max_items))
4170 * Moderate the rate of wakeups. Sleepers will continue
4171 * to generate wakeups if necessary.
4173 wakeup_one(&zone->uz_max_items);
4177 zone_alloc_bucket(uma_zone_t zone, void *udata, int domain, int flags)
4179 uma_bucket_t bucket;
4180 int error, maxbucket, cnt;
4182 CTR3(KTR_UMA, "zone_alloc_bucket zone %s(%p) domain %d", zone->uz_name,
4185 /* Avoid allocs targeting empty domains. */
4186 if (domain != UMA_ANYDOMAIN && VM_DOMAIN_EMPTY(domain))
4187 domain = UMA_ANYDOMAIN;
4188 else if ((zone->uz_flags & UMA_ZONE_ROUNDROBIN) != 0)
4189 domain = UMA_ANYDOMAIN;
4191 if (zone->uz_max_items > 0)
4192 maxbucket = zone_alloc_limit(zone, zone->uz_bucket_size,
4195 maxbucket = zone->uz_bucket_size;
4199 /* Don't wait for buckets, preserve caller's NOVM setting. */
4200 bucket = bucket_alloc(zone, udata, M_NOWAIT | (flags & M_NOVM));
4201 if (bucket == NULL) {
4206 bucket->ub_cnt = zone->uz_import(zone->uz_arg, bucket->ub_bucket,
4207 MIN(maxbucket, bucket->ub_entries), domain, flags);
4210 * Initialize the memory if necessary.
4212 if (bucket->ub_cnt != 0 && zone->uz_init != NULL) {
4215 for (i = 0; i < bucket->ub_cnt; i++) {
4216 kasan_mark_item_valid(zone, bucket->ub_bucket[i]);
4217 error = zone->uz_init(bucket->ub_bucket[i],
4218 zone->uz_size, flags);
4219 kasan_mark_item_invalid(zone, bucket->ub_bucket[i]);
4225 * If we couldn't initialize the whole bucket, put the
4226 * rest back onto the freelist.
4228 if (i != bucket->ub_cnt) {
4229 zone->uz_release(zone->uz_arg, &bucket->ub_bucket[i],
4230 bucket->ub_cnt - i);
4232 bzero(&bucket->ub_bucket[i],
4233 sizeof(void *) * (bucket->ub_cnt - i));
4239 cnt = bucket->ub_cnt;
4240 if (bucket->ub_cnt == 0) {
4241 bucket_free(zone, bucket, udata);
4242 counter_u64_add(zone->uz_fails, 1);
4246 if (zone->uz_max_items > 0 && cnt < maxbucket)
4247 zone_free_limit(zone, maxbucket - cnt);
4253 * Allocates a single item from a zone.
4256 * zone The zone to alloc for.
4257 * udata The data to be passed to the constructor.
4258 * domain The domain to allocate from or UMA_ANYDOMAIN.
4259 * flags M_WAITOK, M_NOWAIT, M_ZERO.
4262 * NULL if there is no memory and M_NOWAIT is set
4263 * An item if successful
4267 zone_alloc_item(uma_zone_t zone, void *udata, int domain, int flags)
4271 if (zone->uz_max_items > 0 && zone_alloc_limit(zone, 1, flags) == 0) {
4272 counter_u64_add(zone->uz_fails, 1);
4276 /* Avoid allocs targeting empty domains. */
4277 if (domain != UMA_ANYDOMAIN && VM_DOMAIN_EMPTY(domain))
4278 domain = UMA_ANYDOMAIN;
4280 if (zone->uz_import(zone->uz_arg, &item, 1, domain, flags) != 1)
4284 * We have to call both the zone's init (not the keg's init)
4285 * and the zone's ctor. This is because the item is going from
4286 * a keg slab directly to the user, and the user is expecting it
4287 * to be both zone-init'd as well as zone-ctor'd.
4289 if (zone->uz_init != NULL) {
4292 kasan_mark_item_valid(zone, item);
4293 error = zone->uz_init(item, zone->uz_size, flags);
4294 kasan_mark_item_invalid(zone, item);
4296 zone_free_item(zone, item, udata, SKIP_FINI | SKIP_CNT);
4300 item = item_ctor(zone, zone->uz_flags, zone->uz_size, udata, flags,
4305 counter_u64_add(zone->uz_allocs, 1);
4306 CTR3(KTR_UMA, "zone_alloc_item item %p from %s(%p)", item,
4307 zone->uz_name, zone);
4312 counter_u64_add(zone->uz_fails, 1);
4314 if (zone->uz_max_items > 0)
4315 zone_free_limit(zone, 1);
4316 CTR2(KTR_UMA, "zone_alloc_item failed from %s(%p)",
4317 zone->uz_name, zone);
4324 uma_zfree_smr(uma_zone_t zone, void *item)
4327 uma_cache_bucket_t bucket;
4328 int itemdomain, uz_flags;
4330 #ifdef UMA_ZALLOC_DEBUG
4331 KASSERT((zone->uz_flags & UMA_ZONE_SMR) != 0,
4332 ("uma_zfree_smr: called with non-SMR zone."));
4333 KASSERT(item != NULL, ("uma_zfree_smr: Called with NULL pointer."));
4334 SMR_ASSERT_NOT_ENTERED(zone->uz_smr);
4335 if (uma_zfree_debug(zone, item, NULL) == EJUSTRETURN)
4338 cache = &zone->uz_cpu[curcpu];
4339 uz_flags = cache_uz_flags(cache);
4342 if ((uz_flags & UMA_ZONE_FIRSTTOUCH) != 0)
4343 itemdomain = item_domain(item);
4347 cache = &zone->uz_cpu[curcpu];
4348 /* SMR Zones must free to the free bucket. */
4349 bucket = &cache->uc_freebucket;
4351 if ((uz_flags & UMA_ZONE_FIRSTTOUCH) != 0 &&
4352 PCPU_GET(domain) != itemdomain) {
4353 bucket = &cache->uc_crossbucket;
4356 if (__predict_true(bucket->ucb_cnt < bucket->ucb_entries)) {
4357 cache_bucket_push(cache, bucket, item);
4361 } while (cache_free(zone, cache, NULL, item, itemdomain));
4365 * If nothing else caught this, we'll just do an internal free.
4367 zone_free_item(zone, item, NULL, SKIP_NONE);
4372 uma_zfree_arg(uma_zone_t zone, void *item, void *udata)
4375 uma_cache_bucket_t bucket;
4376 int itemdomain, uz_flags;
4378 /* Enable entropy collection for RANDOM_ENABLE_UMA kernel option */
4379 random_harvest_fast_uma(&zone, sizeof(zone), RANDOM_UMA);
4381 CTR2(KTR_UMA, "uma_zfree_arg zone %s(%p)", zone->uz_name, zone);
4383 #ifdef UMA_ZALLOC_DEBUG
4384 KASSERT((zone->uz_flags & UMA_ZONE_SMR) == 0,
4385 ("uma_zfree_arg: called with SMR zone."));
4386 if (uma_zfree_debug(zone, item, udata) == EJUSTRETURN)
4389 /* uma_zfree(..., NULL) does nothing, to match free(9). */
4394 * We are accessing the per-cpu cache without a critical section to
4395 * fetch size and flags. This is acceptable, if we are preempted we
4396 * will simply read another cpu's line.
4398 cache = &zone->uz_cpu[curcpu];
4399 uz_flags = cache_uz_flags(cache);
4400 if (UMA_ALWAYS_CTORDTOR ||
4401 __predict_false((uz_flags & UMA_ZFLAG_CTORDTOR) != 0))
4402 item_dtor(zone, item, cache_uz_size(cache), udata, SKIP_NONE);
4405 * The race here is acceptable. If we miss it we'll just have to wait
4406 * a little longer for the limits to be reset.
4408 if (__predict_false(uz_flags & UMA_ZFLAG_LIMIT)) {
4409 if (atomic_load_32(&zone->uz_sleepers) > 0)
4414 * If possible, free to the per-CPU cache. There are two
4415 * requirements for safe access to the per-CPU cache: (1) the thread
4416 * accessing the cache must not be preempted or yield during access,
4417 * and (2) the thread must not migrate CPUs without switching which
4418 * cache it accesses. We rely on a critical section to prevent
4419 * preemption and migration. We release the critical section in
4420 * order to acquire the zone mutex if we are unable to free to the
4421 * current cache; when we re-acquire the critical section, we must
4422 * detect and handle migration if it has occurred.
4426 if ((uz_flags & UMA_ZONE_FIRSTTOUCH) != 0)
4427 itemdomain = item_domain(item);
4431 cache = &zone->uz_cpu[curcpu];
4433 * Try to free into the allocbucket first to give LIFO
4434 * ordering for cache-hot datastructures. Spill over
4435 * into the freebucket if necessary. Alloc will swap
4436 * them if one runs dry.
4438 bucket = &cache->uc_allocbucket;
4440 if ((uz_flags & UMA_ZONE_FIRSTTOUCH) != 0 &&
4441 PCPU_GET(domain) != itemdomain) {
4442 bucket = &cache->uc_crossbucket;
4445 if (bucket->ucb_cnt == bucket->ucb_entries &&
4446 cache->uc_freebucket.ucb_cnt <
4447 cache->uc_freebucket.ucb_entries)
4448 cache_bucket_swap(&cache->uc_freebucket,
4449 &cache->uc_allocbucket);
4450 if (__predict_true(bucket->ucb_cnt < bucket->ucb_entries)) {
4451 cache_bucket_push(cache, bucket, item);
4455 } while (cache_free(zone, cache, udata, item, itemdomain));
4459 * If nothing else caught this, we'll just do an internal free.
4462 zone_free_item(zone, item, udata, SKIP_DTOR);
4467 * sort crossdomain free buckets to domain correct buckets and cache
4471 zone_free_cross(uma_zone_t zone, uma_bucket_t bucket, void *udata)
4473 struct uma_bucketlist emptybuckets, fullbuckets;
4474 uma_zone_domain_t zdom;
4481 "uma_zfree: zone %s(%p) draining cross bucket %p",
4482 zone->uz_name, zone, bucket);
4485 * It is possible for buckets to arrive here out of order so we fetch
4486 * the current smr seq rather than accepting the bucket's.
4488 seq = SMR_SEQ_INVALID;
4489 if ((zone->uz_flags & UMA_ZONE_SMR) != 0)
4490 seq = smr_advance(zone->uz_smr);
4493 * To avoid having ndomain * ndomain buckets for sorting we have a
4494 * lock on the current crossfree bucket. A full matrix with
4495 * per-domain locking could be used if necessary.
4497 STAILQ_INIT(&emptybuckets);
4498 STAILQ_INIT(&fullbuckets);
4499 ZONE_CROSS_LOCK(zone);
4500 for (; bucket->ub_cnt > 0; bucket->ub_cnt--) {
4501 item = bucket->ub_bucket[bucket->ub_cnt - 1];
4502 domain = item_domain(item);
4503 zdom = ZDOM_GET(zone, domain);
4504 if (zdom->uzd_cross == NULL) {
4505 if ((b = STAILQ_FIRST(&emptybuckets)) != NULL) {
4506 STAILQ_REMOVE_HEAD(&emptybuckets, ub_link);
4507 zdom->uzd_cross = b;
4510 * Avoid allocating a bucket with the cross lock
4511 * held, since allocation can trigger a
4512 * cross-domain free and bucket zones may
4513 * allocate from each other.
4515 ZONE_CROSS_UNLOCK(zone);
4516 b = bucket_alloc(zone, udata, M_NOWAIT);
4519 ZONE_CROSS_LOCK(zone);
4520 if (zdom->uzd_cross != NULL) {
4521 STAILQ_INSERT_HEAD(&emptybuckets, b,
4524 zdom->uzd_cross = b;
4528 b = zdom->uzd_cross;
4529 b->ub_bucket[b->ub_cnt++] = item;
4531 if (b->ub_cnt == b->ub_entries) {
4532 STAILQ_INSERT_HEAD(&fullbuckets, b, ub_link);
4533 if ((b = STAILQ_FIRST(&emptybuckets)) != NULL)
4534 STAILQ_REMOVE_HEAD(&emptybuckets, ub_link);
4535 zdom->uzd_cross = b;
4538 ZONE_CROSS_UNLOCK(zone);
4540 if (bucket->ub_cnt == 0)
4541 bucket->ub_seq = SMR_SEQ_INVALID;
4542 bucket_free(zone, bucket, udata);
4544 while ((b = STAILQ_FIRST(&emptybuckets)) != NULL) {
4545 STAILQ_REMOVE_HEAD(&emptybuckets, ub_link);
4546 bucket_free(zone, b, udata);
4548 while ((b = STAILQ_FIRST(&fullbuckets)) != NULL) {
4549 STAILQ_REMOVE_HEAD(&fullbuckets, ub_link);
4550 domain = item_domain(b->ub_bucket[0]);
4551 zone_put_bucket(zone, domain, b, udata, true);
4557 zone_free_bucket(uma_zone_t zone, uma_bucket_t bucket, void *udata,
4558 int itemdomain, bool ws)
4563 * Buckets coming from the wrong domain will be entirely for the
4564 * only other domain on two domain systems. In this case we can
4565 * simply cache them. Otherwise we need to sort them back to
4568 if ((zone->uz_flags & UMA_ZONE_FIRSTTOUCH) != 0 &&
4569 vm_ndomains > 2 && PCPU_GET(domain) != itemdomain) {
4570 zone_free_cross(zone, bucket, udata);
4576 * Attempt to save the bucket in the zone's domain bucket cache.
4579 "uma_zfree: zone %s(%p) putting bucket %p on free list",
4580 zone->uz_name, zone, bucket);
4581 /* ub_cnt is pointing to the last free item */
4582 if ((zone->uz_flags & UMA_ZONE_ROUNDROBIN) != 0)
4583 itemdomain = zone_domain_lowest(zone, itemdomain);
4584 zone_put_bucket(zone, itemdomain, bucket, udata, ws);
4588 * Populate a free or cross bucket for the current cpu cache. Free any
4589 * existing full bucket either to the zone cache or back to the slab layer.
4591 * Enters and returns in a critical section. false return indicates that
4592 * we can not satisfy this free in the cache layer. true indicates that
4593 * the caller should retry.
4595 static __noinline bool
4596 cache_free(uma_zone_t zone, uma_cache_t cache, void *udata, void *item,
4599 uma_cache_bucket_t cbucket;
4600 uma_bucket_t newbucket, bucket;
4602 CRITICAL_ASSERT(curthread);
4604 if (zone->uz_bucket_size == 0)
4607 cache = &zone->uz_cpu[curcpu];
4611 * FIRSTTOUCH domains need to free to the correct zdom. When
4612 * enabled this is the zdom of the item. The bucket is the
4613 * cross bucket if the current domain and itemdomain do not match.
4615 cbucket = &cache->uc_freebucket;
4617 if ((cache_uz_flags(cache) & UMA_ZONE_FIRSTTOUCH) != 0) {
4618 if (PCPU_GET(domain) != itemdomain) {
4619 cbucket = &cache->uc_crossbucket;
4620 if (cbucket->ucb_cnt != 0)
4621 counter_u64_add(zone->uz_xdomain,
4626 bucket = cache_bucket_unload(cbucket);
4627 KASSERT(bucket == NULL || bucket->ub_cnt == bucket->ub_entries,
4628 ("cache_free: Entered with non-full free bucket."));
4630 /* We are no longer associated with this CPU. */
4634 * Don't let SMR zones operate without a free bucket. Force
4635 * a synchronize and re-use this one. We will only degrade
4636 * to a synchronize every bucket_size items rather than every
4637 * item if we fail to allocate a bucket.
4639 if ((zone->uz_flags & UMA_ZONE_SMR) != 0) {
4641 bucket->ub_seq = smr_advance(zone->uz_smr);
4642 newbucket = bucket_alloc(zone, udata, M_NOWAIT);
4643 if (newbucket == NULL && bucket != NULL) {
4644 bucket_drain(zone, bucket);
4648 } else if (!bucketdisable)
4649 newbucket = bucket_alloc(zone, udata, M_NOWAIT);
4652 zone_free_bucket(zone, bucket, udata, itemdomain, true);
4655 if ((bucket = newbucket) == NULL)
4657 cache = &zone->uz_cpu[curcpu];
4660 * Check to see if we should be populating the cross bucket. If it
4661 * is already populated we will fall through and attempt to populate
4664 if ((cache_uz_flags(cache) & UMA_ZONE_FIRSTTOUCH) != 0) {
4665 if (PCPU_GET(domain) != itemdomain &&
4666 cache->uc_crossbucket.ucb_bucket == NULL) {
4667 cache_bucket_load_cross(cache, bucket);
4673 * We may have lost the race to fill the bucket or switched CPUs.
4675 if (cache->uc_freebucket.ucb_bucket != NULL) {
4677 bucket_free(zone, bucket, udata);
4680 cache_bucket_load_free(cache, bucket);
4686 slab_free_item(uma_zone_t zone, uma_slab_t slab, void *item)
4693 KEG_LOCK_ASSERT(keg, slab->us_domain);
4695 /* Do we need to remove from any lists? */
4696 dom = &keg->uk_domain[slab->us_domain];
4697 if (slab->us_freecount + 1 == keg->uk_ipers) {
4698 LIST_REMOVE(slab, us_link);
4699 LIST_INSERT_HEAD(&dom->ud_free_slab, slab, us_link);
4700 dom->ud_free_slabs++;
4701 } else if (slab->us_freecount == 0) {
4702 LIST_REMOVE(slab, us_link);
4703 LIST_INSERT_HEAD(&dom->ud_part_slab, slab, us_link);
4706 /* Slab management. */
4707 freei = slab_item_index(slab, keg, item);
4708 BIT_SET(keg->uk_ipers, freei, &slab->us_free);
4709 slab->us_freecount++;
4711 /* Keg statistics. */
4712 dom->ud_free_items++;
4716 zone_release(void *arg, void **bucket, int cnt)
4729 if (__predict_false((zone->uz_flags & UMA_ZFLAG_HASH) != 0))
4730 lock = KEG_LOCK(keg, 0);
4731 for (i = 0; i < cnt; i++) {
4733 if (__predict_true((zone->uz_flags & UMA_ZFLAG_VTOSLAB) != 0)) {
4734 slab = vtoslab((vm_offset_t)item);
4736 mem = (uint8_t *)((uintptr_t)item & (~UMA_SLAB_MASK));
4737 if ((zone->uz_flags & UMA_ZFLAG_HASH) != 0)
4738 slab = hash_sfind(&keg->uk_hash, mem);
4740 slab = (uma_slab_t)(mem + keg->uk_pgoff);
4742 if (lock != KEG_LOCKPTR(keg, slab->us_domain)) {
4745 lock = KEG_LOCK(keg, slab->us_domain);
4747 slab_free_item(zone, slab, item);
4754 * Frees a single item to any zone.
4757 * zone The zone to free to
4758 * item The item we're freeing
4759 * udata User supplied data for the dtor
4760 * skip Skip dtors and finis
4762 static __noinline void
4763 zone_free_item(uma_zone_t zone, void *item, void *udata, enum zfreeskip skip)
4767 * If a free is sent directly to an SMR zone we have to
4768 * synchronize immediately because the item can instantly
4769 * be reallocated. This should only happen in degenerate
4770 * cases when no memory is available for per-cpu caches.
4772 if ((zone->uz_flags & UMA_ZONE_SMR) != 0 && skip == SKIP_NONE)
4773 smr_synchronize(zone->uz_smr);
4775 item_dtor(zone, item, zone->uz_size, udata, skip);
4777 if (skip < SKIP_FINI && zone->uz_fini) {
4778 kasan_mark_item_valid(zone, item);
4779 zone->uz_fini(item, zone->uz_size);
4780 kasan_mark_item_invalid(zone, item);
4783 zone->uz_release(zone->uz_arg, &item, 1);
4785 if (skip & SKIP_CNT)
4788 counter_u64_add(zone->uz_frees, 1);
4790 if (zone->uz_max_items > 0)
4791 zone_free_limit(zone, 1);
4796 uma_zone_set_max(uma_zone_t zone, int nitems)
4800 * If the limit is small, we may need to constrain the maximum per-CPU
4801 * cache size, or disable caching entirely.
4803 uma_zone_set_maxcache(zone, nitems);
4806 * XXX This can misbehave if the zone has any allocations with
4807 * no limit and a limit is imposed. There is currently no
4808 * way to clear a limit.
4811 if (zone->uz_max_items == 0)
4812 ZONE_ASSERT_COLD(zone);
4813 zone->uz_max_items = nitems;
4814 zone->uz_flags |= UMA_ZFLAG_LIMIT;
4815 zone_update_caches(zone);
4816 /* We may need to wake waiters. */
4817 wakeup(&zone->uz_max_items);
4825 uma_zone_set_maxcache(uma_zone_t zone, int nitems)
4827 int bpcpu, bpdom, bsize, nb;
4832 * Compute a lower bound on the number of items that may be cached in
4833 * the zone. Each CPU gets at least two buckets, and for cross-domain
4834 * frees we use an additional bucket per CPU and per domain. Select the
4835 * largest bucket size that does not exceed half of the requested limit,
4836 * with the left over space given to the full bucket cache.
4841 if ((zone->uz_flags & UMA_ZONE_FIRSTTOUCH) != 0 && vm_ndomains > 1) {
4846 nb = bpcpu * mp_ncpus + bpdom * vm_ndomains;
4847 bsize = nitems / nb / 2;
4848 if (bsize > BUCKET_MAX)
4850 else if (bsize == 0 && nitems / nb > 0)
4852 zone->uz_bucket_size_max = zone->uz_bucket_size = bsize;
4853 if (zone->uz_bucket_size_min > zone->uz_bucket_size_max)
4854 zone->uz_bucket_size_min = zone->uz_bucket_size_max;
4855 zone->uz_bucket_max = nitems - nb * bsize;
4861 uma_zone_get_max(uma_zone_t zone)
4865 nitems = atomic_load_64(&zone->uz_max_items);
4872 uma_zone_set_warning(uma_zone_t zone, const char *warning)
4875 ZONE_ASSERT_COLD(zone);
4876 zone->uz_warning = warning;
4881 uma_zone_set_maxaction(uma_zone_t zone, uma_maxaction_t maxaction)
4884 ZONE_ASSERT_COLD(zone);
4885 TASK_INIT(&zone->uz_maxaction, 0, (task_fn_t *)maxaction, zone);
4890 uma_zone_get_cur(uma_zone_t zone)
4896 if (zone->uz_allocs != EARLY_COUNTER && zone->uz_frees != EARLY_COUNTER)
4897 nitems = counter_u64_fetch(zone->uz_allocs) -
4898 counter_u64_fetch(zone->uz_frees);
4900 nitems += atomic_load_64(&zone->uz_cpu[i].uc_allocs) -
4901 atomic_load_64(&zone->uz_cpu[i].uc_frees);
4903 return (nitems < 0 ? 0 : nitems);
4907 uma_zone_get_allocs(uma_zone_t zone)
4913 if (zone->uz_allocs != EARLY_COUNTER)
4914 nitems = counter_u64_fetch(zone->uz_allocs);
4916 nitems += atomic_load_64(&zone->uz_cpu[i].uc_allocs);
4922 uma_zone_get_frees(uma_zone_t zone)
4928 if (zone->uz_frees != EARLY_COUNTER)
4929 nitems = counter_u64_fetch(zone->uz_frees);
4931 nitems += atomic_load_64(&zone->uz_cpu[i].uc_frees);
4937 /* Used only for KEG_ASSERT_COLD(). */
4939 uma_keg_get_allocs(uma_keg_t keg)
4945 LIST_FOREACH(z, &keg->uk_zones, uz_link)
4946 nitems += uma_zone_get_allocs(z);
4954 uma_zone_set_init(uma_zone_t zone, uma_init uminit)
4959 KEG_ASSERT_COLD(keg);
4960 keg->uk_init = uminit;
4965 uma_zone_set_fini(uma_zone_t zone, uma_fini fini)
4970 KEG_ASSERT_COLD(keg);
4971 keg->uk_fini = fini;
4976 uma_zone_set_zinit(uma_zone_t zone, uma_init zinit)
4979 ZONE_ASSERT_COLD(zone);
4980 zone->uz_init = zinit;
4985 uma_zone_set_zfini(uma_zone_t zone, uma_fini zfini)
4988 ZONE_ASSERT_COLD(zone);
4989 zone->uz_fini = zfini;
4994 uma_zone_set_freef(uma_zone_t zone, uma_free freef)
4999 KEG_ASSERT_COLD(keg);
5000 keg->uk_freef = freef;
5005 uma_zone_set_allocf(uma_zone_t zone, uma_alloc allocf)
5010 KEG_ASSERT_COLD(keg);
5011 keg->uk_allocf = allocf;
5016 uma_zone_set_smr(uma_zone_t zone, smr_t smr)
5019 ZONE_ASSERT_COLD(zone);
5021 KASSERT(smr != NULL, ("Got NULL smr"));
5022 KASSERT((zone->uz_flags & UMA_ZONE_SMR) == 0,
5023 ("zone %p (%s) already uses SMR", zone, zone->uz_name));
5024 zone->uz_flags |= UMA_ZONE_SMR;
5026 zone_update_caches(zone);
5030 uma_zone_get_smr(uma_zone_t zone)
5033 return (zone->uz_smr);
5038 uma_zone_reserve(uma_zone_t zone, int items)
5043 KEG_ASSERT_COLD(keg);
5044 keg->uk_reserve = items;
5049 uma_zone_reserve_kva(uma_zone_t zone, int count)
5056 KEG_ASSERT_COLD(keg);
5057 ZONE_ASSERT_COLD(zone);
5059 pages = howmany(count, keg->uk_ipers) * keg->uk_ppera;
5061 #ifdef UMA_MD_SMALL_ALLOC
5062 if (keg->uk_ppera > 1) {
5066 kva = kva_alloc((vm_size_t)pages * PAGE_SIZE);
5072 MPASS(keg->uk_kva == 0);
5075 zone->uz_max_items = pages * keg->uk_ipers;
5076 #ifdef UMA_MD_SMALL_ALLOC
5077 keg->uk_allocf = (keg->uk_ppera > 1) ? noobj_alloc : uma_small_alloc;
5079 keg->uk_allocf = noobj_alloc;
5081 keg->uk_flags |= UMA_ZFLAG_LIMIT | UMA_ZONE_NOFREE;
5082 zone->uz_flags |= UMA_ZFLAG_LIMIT | UMA_ZONE_NOFREE;
5083 zone_update_caches(zone);
5090 uma_prealloc(uma_zone_t zone, int items)
5092 struct vm_domainset_iter di;
5096 int aflags, domain, slabs;
5099 slabs = howmany(items, keg->uk_ipers);
5100 while (slabs-- > 0) {
5102 vm_domainset_iter_policy_ref_init(&di, &keg->uk_dr, &domain,
5105 slab = keg_alloc_slab(keg, zone, domain, M_WAITOK,
5108 dom = &keg->uk_domain[slab->us_domain];
5110 * keg_alloc_slab() always returns a slab on the
5113 LIST_REMOVE(slab, us_link);
5114 LIST_INSERT_HEAD(&dom->ud_free_slab, slab,
5116 dom->ud_free_slabs++;
5117 KEG_UNLOCK(keg, slab->us_domain);
5120 if (vm_domainset_iter_policy(&di, &domain) != 0)
5121 vm_wait_doms(&keg->uk_dr.dr_policy->ds_mask, 0);
5127 * Returns a snapshot of memory consumption in bytes.
5130 uma_zone_memory(uma_zone_t zone)
5136 if (zone->uz_flags & UMA_ZFLAG_CACHE) {
5137 for (i = 0; i < vm_ndomains; i++)
5138 sz += ZDOM_GET(zone, i)->uzd_nitems;
5139 return (sz * zone->uz_size);
5141 for (i = 0; i < vm_ndomains; i++)
5142 sz += zone->uz_keg->uk_domain[i].ud_pages;
5144 return (sz * PAGE_SIZE);
5147 struct uma_reclaim_args {
5153 uma_reclaim_domain_cb(uma_zone_t zone, void *arg)
5155 struct uma_reclaim_args *args;
5158 if ((zone->uz_flags & UMA_ZONE_UNMANAGED) == 0)
5159 uma_zone_reclaim_domain(zone, args->req, args->domain);
5164 uma_reclaim(int req)
5166 uma_reclaim_domain(req, UMA_ANYDOMAIN);
5170 uma_reclaim_domain(int req, int domain)
5172 struct uma_reclaim_args args;
5176 args.domain = domain;
5179 sx_slock(&uma_reclaim_lock);
5181 case UMA_RECLAIM_TRIM:
5182 case UMA_RECLAIM_DRAIN:
5183 zone_foreach(uma_reclaim_domain_cb, &args);
5185 case UMA_RECLAIM_DRAIN_CPU:
5186 zone_foreach(uma_reclaim_domain_cb, &args);
5187 pcpu_cache_drain_safe(NULL);
5188 zone_foreach(uma_reclaim_domain_cb, &args);
5191 panic("unhandled reclamation request %d", req);
5195 * Some slabs may have been freed but this zone will be visited early
5196 * we visit again so that we can free pages that are empty once other
5197 * zones are drained. We have to do the same for buckets.
5199 uma_zone_reclaim_domain(slabzones[0], UMA_RECLAIM_DRAIN, domain);
5200 uma_zone_reclaim_domain(slabzones[1], UMA_RECLAIM_DRAIN, domain);
5201 bucket_zone_drain(domain);
5202 sx_sunlock(&uma_reclaim_lock);
5205 static volatile int uma_reclaim_needed;
5208 uma_reclaim_wakeup(void)
5211 if (atomic_fetchadd_int(&uma_reclaim_needed, 1) == 0)
5212 wakeup(uma_reclaim);
5216 uma_reclaim_worker(void *arg __unused)
5220 sx_xlock(&uma_reclaim_lock);
5221 while (atomic_load_int(&uma_reclaim_needed) == 0)
5222 sx_sleep(uma_reclaim, &uma_reclaim_lock, PVM, "umarcl",
5224 sx_xunlock(&uma_reclaim_lock);
5225 EVENTHANDLER_INVOKE(vm_lowmem, VM_LOW_KMEM);
5226 uma_reclaim(UMA_RECLAIM_DRAIN_CPU);
5227 atomic_store_int(&uma_reclaim_needed, 0);
5228 /* Don't fire more than once per-second. */
5229 pause("umarclslp", hz);
5235 uma_zone_reclaim(uma_zone_t zone, int req)
5237 uma_zone_reclaim_domain(zone, req, UMA_ANYDOMAIN);
5241 uma_zone_reclaim_domain(uma_zone_t zone, int req, int domain)
5244 case UMA_RECLAIM_TRIM:
5245 zone_reclaim(zone, domain, M_NOWAIT, false);
5247 case UMA_RECLAIM_DRAIN:
5248 zone_reclaim(zone, domain, M_NOWAIT, true);
5250 case UMA_RECLAIM_DRAIN_CPU:
5251 pcpu_cache_drain_safe(zone);
5252 zone_reclaim(zone, domain, M_NOWAIT, true);
5255 panic("unhandled reclamation request %d", req);
5261 uma_zone_exhausted(uma_zone_t zone)
5264 return (atomic_load_32(&zone->uz_sleepers) > 0);
5271 return (uma_kmem_limit);
5275 uma_set_limit(unsigned long limit)
5278 uma_kmem_limit = limit;
5285 return (atomic_load_long(&uma_kmem_total));
5292 return (uma_kmem_limit - uma_size());
5297 * Generate statistics across both the zone and its per-cpu cache's. Return
5298 * desired statistics if the pointer is non-NULL for that statistic.
5300 * Note: does not update the zone statistics, as it can't safely clear the
5301 * per-CPU cache statistic.
5305 uma_zone_sumstat(uma_zone_t z, long *cachefreep, uint64_t *allocsp,
5306 uint64_t *freesp, uint64_t *sleepsp, uint64_t *xdomainp)
5309 uint64_t allocs, frees, sleeps, xdomain;
5312 allocs = frees = sleeps = xdomain = 0;
5315 cache = &z->uz_cpu[cpu];
5316 cachefree += cache->uc_allocbucket.ucb_cnt;
5317 cachefree += cache->uc_freebucket.ucb_cnt;
5318 xdomain += cache->uc_crossbucket.ucb_cnt;
5319 cachefree += cache->uc_crossbucket.ucb_cnt;
5320 allocs += cache->uc_allocs;
5321 frees += cache->uc_frees;
5323 allocs += counter_u64_fetch(z->uz_allocs);
5324 frees += counter_u64_fetch(z->uz_frees);
5325 xdomain += counter_u64_fetch(z->uz_xdomain);
5326 sleeps += z->uz_sleeps;
5327 if (cachefreep != NULL)
5328 *cachefreep = cachefree;
5329 if (allocsp != NULL)
5333 if (sleepsp != NULL)
5335 if (xdomainp != NULL)
5336 *xdomainp = xdomain;
5341 sysctl_vm_zone_count(SYSCTL_HANDLER_ARGS)
5348 rw_rlock(&uma_rwlock);
5349 LIST_FOREACH(kz, &uma_kegs, uk_link) {
5350 LIST_FOREACH(z, &kz->uk_zones, uz_link)
5353 LIST_FOREACH(z, &uma_cachezones, uz_link)
5356 rw_runlock(&uma_rwlock);
5357 return (sysctl_handle_int(oidp, &count, 0, req));
5361 uma_vm_zone_stats(struct uma_type_header *uth, uma_zone_t z, struct sbuf *sbuf,
5362 struct uma_percpu_stat *ups, bool internal)
5364 uma_zone_domain_t zdom;
5368 for (i = 0; i < vm_ndomains; i++) {
5369 zdom = ZDOM_GET(z, i);
5370 uth->uth_zone_free += zdom->uzd_nitems;
5372 uth->uth_allocs = counter_u64_fetch(z->uz_allocs);
5373 uth->uth_frees = counter_u64_fetch(z->uz_frees);
5374 uth->uth_fails = counter_u64_fetch(z->uz_fails);
5375 uth->uth_xdomain = counter_u64_fetch(z->uz_xdomain);
5376 uth->uth_sleeps = z->uz_sleeps;
5378 for (i = 0; i < mp_maxid + 1; i++) {
5379 bzero(&ups[i], sizeof(*ups));
5380 if (internal || CPU_ABSENT(i))
5382 cache = &z->uz_cpu[i];
5383 ups[i].ups_cache_free += cache->uc_allocbucket.ucb_cnt;
5384 ups[i].ups_cache_free += cache->uc_freebucket.ucb_cnt;
5385 ups[i].ups_cache_free += cache->uc_crossbucket.ucb_cnt;
5386 ups[i].ups_allocs = cache->uc_allocs;
5387 ups[i].ups_frees = cache->uc_frees;
5392 sysctl_vm_zone_stats(SYSCTL_HANDLER_ARGS)
5394 struct uma_stream_header ush;
5395 struct uma_type_header uth;
5396 struct uma_percpu_stat *ups;
5401 uint32_t kfree, pages;
5402 int count, error, i;
5404 error = sysctl_wire_old_buffer(req, 0);
5407 sbuf_new_for_sysctl(&sbuf, NULL, 128, req);
5408 sbuf_clear_flags(&sbuf, SBUF_INCLUDENUL);
5409 ups = malloc((mp_maxid + 1) * sizeof(*ups), M_TEMP, M_WAITOK);
5412 rw_rlock(&uma_rwlock);
5413 LIST_FOREACH(kz, &uma_kegs, uk_link) {
5414 LIST_FOREACH(z, &kz->uk_zones, uz_link)
5418 LIST_FOREACH(z, &uma_cachezones, uz_link)
5422 * Insert stream header.
5424 bzero(&ush, sizeof(ush));
5425 ush.ush_version = UMA_STREAM_VERSION;
5426 ush.ush_maxcpus = (mp_maxid + 1);
5427 ush.ush_count = count;
5428 (void)sbuf_bcat(&sbuf, &ush, sizeof(ush));
5430 LIST_FOREACH(kz, &uma_kegs, uk_link) {
5432 for (i = 0; i < vm_ndomains; i++) {
5433 kfree += kz->uk_domain[i].ud_free_items;
5434 pages += kz->uk_domain[i].ud_pages;
5436 LIST_FOREACH(z, &kz->uk_zones, uz_link) {
5437 bzero(&uth, sizeof(uth));
5438 strlcpy(uth.uth_name, z->uz_name, UTH_MAX_NAME);
5439 uth.uth_align = kz->uk_align;
5440 uth.uth_size = kz->uk_size;
5441 uth.uth_rsize = kz->uk_rsize;
5442 if (z->uz_max_items > 0) {
5443 items = UZ_ITEMS_COUNT(z->uz_items);
5444 uth.uth_pages = (items / kz->uk_ipers) *
5447 uth.uth_pages = pages;
5448 uth.uth_maxpages = (z->uz_max_items / kz->uk_ipers) *
5450 uth.uth_limit = z->uz_max_items;
5451 uth.uth_keg_free = kfree;
5454 * A zone is secondary is it is not the first entry
5455 * on the keg's zone list.
5457 if ((z->uz_flags & UMA_ZONE_SECONDARY) &&
5458 (LIST_FIRST(&kz->uk_zones) != z))
5459 uth.uth_zone_flags = UTH_ZONE_SECONDARY;
5460 uma_vm_zone_stats(&uth, z, &sbuf, ups,
5461 kz->uk_flags & UMA_ZFLAG_INTERNAL);
5462 (void)sbuf_bcat(&sbuf, &uth, sizeof(uth));
5463 for (i = 0; i < mp_maxid + 1; i++)
5464 (void)sbuf_bcat(&sbuf, &ups[i], sizeof(ups[i]));
5467 LIST_FOREACH(z, &uma_cachezones, uz_link) {
5468 bzero(&uth, sizeof(uth));
5469 strlcpy(uth.uth_name, z->uz_name, UTH_MAX_NAME);
5470 uth.uth_size = z->uz_size;
5471 uma_vm_zone_stats(&uth, z, &sbuf, ups, false);
5472 (void)sbuf_bcat(&sbuf, &uth, sizeof(uth));
5473 for (i = 0; i < mp_maxid + 1; i++)
5474 (void)sbuf_bcat(&sbuf, &ups[i], sizeof(ups[i]));
5477 rw_runlock(&uma_rwlock);
5478 error = sbuf_finish(&sbuf);
5485 sysctl_handle_uma_zone_max(SYSCTL_HANDLER_ARGS)
5487 uma_zone_t zone = *(uma_zone_t *)arg1;
5490 max = uma_zone_get_max(zone);
5491 error = sysctl_handle_int(oidp, &max, 0, req);
5492 if (error || !req->newptr)
5495 uma_zone_set_max(zone, max);
5501 sysctl_handle_uma_zone_cur(SYSCTL_HANDLER_ARGS)
5507 * Some callers want to add sysctls for global zones that
5508 * may not yet exist so they pass a pointer to a pointer.
5511 zone = *(uma_zone_t *)arg1;
5514 cur = uma_zone_get_cur(zone);
5515 return (sysctl_handle_int(oidp, &cur, 0, req));
5519 sysctl_handle_uma_zone_allocs(SYSCTL_HANDLER_ARGS)
5521 uma_zone_t zone = arg1;
5524 cur = uma_zone_get_allocs(zone);
5525 return (sysctl_handle_64(oidp, &cur, 0, req));
5529 sysctl_handle_uma_zone_frees(SYSCTL_HANDLER_ARGS)
5531 uma_zone_t zone = arg1;
5534 cur = uma_zone_get_frees(zone);
5535 return (sysctl_handle_64(oidp, &cur, 0, req));
5539 sysctl_handle_uma_zone_flags(SYSCTL_HANDLER_ARGS)
5542 uma_zone_t zone = arg1;
5545 sbuf_new_for_sysctl(&sbuf, NULL, 0, req);
5546 if (zone->uz_flags != 0)
5547 sbuf_printf(&sbuf, "0x%b", zone->uz_flags, PRINT_UMA_ZFLAGS);
5549 sbuf_printf(&sbuf, "0");
5550 error = sbuf_finish(&sbuf);
5557 sysctl_handle_uma_slab_efficiency(SYSCTL_HANDLER_ARGS)
5559 uma_keg_t keg = arg1;
5560 int avail, effpct, total;
5562 total = keg->uk_ppera * PAGE_SIZE;
5563 if ((keg->uk_flags & UMA_ZFLAG_OFFPAGE) != 0)
5564 total += slabzone(keg->uk_ipers)->uz_keg->uk_rsize;
5566 * We consider the client's requested size and alignment here, not the
5567 * real size determination uk_rsize, because we also adjust the real
5568 * size for internal implementation reasons (max bitset size).
5570 avail = keg->uk_ipers * roundup2(keg->uk_size, keg->uk_align + 1);
5571 if ((keg->uk_flags & UMA_ZONE_PCPU) != 0)
5572 avail *= mp_maxid + 1;
5573 effpct = 100 * avail / total;
5574 return (sysctl_handle_int(oidp, &effpct, 0, req));
5578 sysctl_handle_uma_zone_items(SYSCTL_HANDLER_ARGS)
5580 uma_zone_t zone = arg1;
5583 cur = UZ_ITEMS_COUNT(atomic_load_64(&zone->uz_items));
5584 return (sysctl_handle_64(oidp, &cur, 0, req));
5589 uma_dbg_getslab(uma_zone_t zone, void *item)
5596 * It is safe to return the slab here even though the
5597 * zone is unlocked because the item's allocation state
5598 * essentially holds a reference.
5600 mem = (uint8_t *)((uintptr_t)item & (~UMA_SLAB_MASK));
5601 if ((zone->uz_flags & UMA_ZFLAG_CACHE) != 0)
5603 if (zone->uz_flags & UMA_ZFLAG_VTOSLAB)
5604 return (vtoslab((vm_offset_t)mem));
5606 if ((keg->uk_flags & UMA_ZFLAG_HASH) == 0)
5607 return ((uma_slab_t)(mem + keg->uk_pgoff));
5609 slab = hash_sfind(&keg->uk_hash, mem);
5616 uma_dbg_zskip(uma_zone_t zone, void *mem)
5619 if ((zone->uz_flags & UMA_ZFLAG_CACHE) != 0)
5622 return (uma_dbg_kskip(zone->uz_keg, mem));
5626 uma_dbg_kskip(uma_keg_t keg, void *mem)
5630 if (dbg_divisor == 0)
5633 if (dbg_divisor == 1)
5636 idx = (uintptr_t)mem >> PAGE_SHIFT;
5637 if (keg->uk_ipers > 1) {
5638 idx *= keg->uk_ipers;
5639 idx += ((uintptr_t)mem & PAGE_MASK) / keg->uk_rsize;
5642 if ((idx / dbg_divisor) * dbg_divisor != idx) {
5643 counter_u64_add(uma_skip_cnt, 1);
5646 counter_u64_add(uma_dbg_cnt, 1);
5652 * Set up the slab's freei data such that uma_dbg_free can function.
5656 uma_dbg_alloc(uma_zone_t zone, uma_slab_t slab, void *item)
5662 slab = uma_dbg_getslab(zone, item);
5664 panic("uma: item %p did not belong to zone %s",
5665 item, zone->uz_name);
5668 freei = slab_item_index(slab, keg, item);
5670 if (BIT_TEST_SET_ATOMIC(keg->uk_ipers, freei,
5671 slab_dbg_bits(slab, keg)))
5672 panic("Duplicate alloc of %p from zone %p(%s) slab %p(%d)",
5673 item, zone, zone->uz_name, slab, freei);
5677 * Verifies freed addresses. Checks for alignment, valid slab membership
5678 * and duplicate frees.
5682 uma_dbg_free(uma_zone_t zone, uma_slab_t slab, void *item)
5688 slab = uma_dbg_getslab(zone, item);
5690 panic("uma: Freed item %p did not belong to zone %s",
5691 item, zone->uz_name);
5694 freei = slab_item_index(slab, keg, item);
5696 if (freei >= keg->uk_ipers)
5697 panic("Invalid free of %p from zone %p(%s) slab %p(%d)",
5698 item, zone, zone->uz_name, slab, freei);
5700 if (slab_item(slab, keg, freei) != item)
5701 panic("Unaligned free of %p from zone %p(%s) slab %p(%d)",
5702 item, zone, zone->uz_name, slab, freei);
5704 if (!BIT_TEST_CLR_ATOMIC(keg->uk_ipers, freei,
5705 slab_dbg_bits(slab, keg)))
5706 panic("Duplicate free of %p from zone %p(%s) slab %p(%d)",
5707 item, zone, zone->uz_name, slab, freei);
5709 #endif /* INVARIANTS */
5713 get_uma_stats(uma_keg_t kz, uma_zone_t z, uint64_t *allocs, uint64_t *used,
5714 uint64_t *sleeps, long *cachefree, uint64_t *xdomain)
5719 if (kz->uk_flags & UMA_ZFLAG_INTERNAL) {
5720 *allocs = counter_u64_fetch(z->uz_allocs);
5721 frees = counter_u64_fetch(z->uz_frees);
5722 *sleeps = z->uz_sleeps;
5726 uma_zone_sumstat(z, cachefree, allocs, &frees, sleeps,
5728 for (i = 0; i < vm_ndomains; i++) {
5729 *cachefree += ZDOM_GET(z, i)->uzd_nitems;
5730 if (!((z->uz_flags & UMA_ZONE_SECONDARY) &&
5731 (LIST_FIRST(&kz->uk_zones) != z)))
5732 *cachefree += kz->uk_domain[i].ud_free_items;
5734 *used = *allocs - frees;
5735 return (((int64_t)*used + *cachefree) * kz->uk_size);
5738 DB_SHOW_COMMAND(uma, db_show_uma)
5740 const char *fmt_hdr, *fmt_entry;
5743 uint64_t allocs, used, sleeps, xdomain;
5745 /* variables for sorting */
5747 uma_zone_t cur_zone, last_zone;
5748 int64_t cur_size, last_size, size;
5751 /* /i option produces machine-parseable CSV output */
5752 if (modif[0] == 'i') {
5753 fmt_hdr = "%s,%s,%s,%s,%s,%s,%s,%s,%s\n";
5754 fmt_entry = "\"%s\",%ju,%jd,%ld,%ju,%ju,%u,%jd,%ju\n";
5756 fmt_hdr = "%18s %6s %7s %7s %11s %7s %7s %10s %8s\n";
5757 fmt_entry = "%18s %6ju %7jd %7ld %11ju %7ju %7u %10jd %8ju\n";
5760 db_printf(fmt_hdr, "Zone", "Size", "Used", "Free", "Requests",
5761 "Sleeps", "Bucket", "Total Mem", "XFree");
5763 /* Sort the zones with largest size first. */
5765 last_size = INT64_MAX;
5770 LIST_FOREACH(kz, &uma_kegs, uk_link) {
5771 LIST_FOREACH(z, &kz->uk_zones, uz_link) {
5773 * In the case of size ties, print out zones
5774 * in the order they are encountered. That is,
5775 * when we encounter the most recently output
5776 * zone, we have already printed all preceding
5777 * ties, and we must print all following ties.
5779 if (z == last_zone) {
5783 size = get_uma_stats(kz, z, &allocs, &used,
5784 &sleeps, &cachefree, &xdomain);
5785 if (size > cur_size && size < last_size + ties)
5793 if (cur_zone == NULL)
5796 size = get_uma_stats(cur_keg, cur_zone, &allocs, &used,
5797 &sleeps, &cachefree, &xdomain);
5798 db_printf(fmt_entry, cur_zone->uz_name,
5799 (uintmax_t)cur_keg->uk_size, (intmax_t)used, cachefree,
5800 (uintmax_t)allocs, (uintmax_t)sleeps,
5801 (unsigned)cur_zone->uz_bucket_size, (intmax_t)size,
5806 last_zone = cur_zone;
5807 last_size = cur_size;
5811 DB_SHOW_COMMAND(umacache, db_show_umacache)
5814 uint64_t allocs, frees;
5818 db_printf("%18s %8s %8s %8s %12s %8s\n", "Zone", "Size", "Used", "Free",
5819 "Requests", "Bucket");
5820 LIST_FOREACH(z, &uma_cachezones, uz_link) {
5821 uma_zone_sumstat(z, &cachefree, &allocs, &frees, NULL, NULL);
5822 for (i = 0; i < vm_ndomains; i++)
5823 cachefree += ZDOM_GET(z, i)->uzd_nitems;
5824 db_printf("%18s %8ju %8jd %8ld %12ju %8u\n",
5825 z->uz_name, (uintmax_t)z->uz_size,
5826 (intmax_t)(allocs - frees), cachefree,
5827 (uintmax_t)allocs, z->uz_bucket_size);
projects / FreeBSD / FreeBSD.git / blob