计算机系 信息处理实验室 Lecture 9 Memory Management(1) xlanchen@04/15/2005.
-
Upload
heriberto-axe -
Category
Documents
-
view
312 -
download
0
Transcript of 计算机系 信息处理实验室 Lecture 9 Memory Management(1) xlanchen@04/15/2005.
计算机系•信息处理实验室
Lecture 9 Memory Management(1)
xlanchen@04/15/2005
xlanchen@04/15/2005 Understanding the Inside of Windows2000
2计算机系信息处理实验室
Two primary tasks
Virtual memory physical memory
Paging
How 2K implements virtual memory?
How it manages the working set?
xlanchen@04/15/2005 Understanding the Inside of Windows2000
3计算机系信息处理实验室
Contents
Memory Manager Components
Services the Memory Manager Provides
System Memory Pools
Address Space Layout
Address Translation
Page Fault Handling
Virtual Address Descriptors
Working Sets
Page Frame Number Database
Section Objects
xlanchen@04/15/2005 Understanding the Inside of Windows2000
4计算机系信息处理实验室
xlanchen@04/15/2005 Understanding the Inside of Windows2000
5计算机系信息处理实验室
Memory Manager
In Ntoskrnl.exe
No parts of the memory manager exist in the HAL
The memory manager is
Fully reentrant
xlanchen@04/15/2005 Understanding the Inside of Windows2000
6计算机系信息处理实验室
Memory Manager Components
Components:
A set of executive system services
A translation-not-valid and access fault trap handler
Several key components that run in the context of six different kernel-mode system threads
xlanchen@04/15/2005 Understanding the Inside of Windows2000
7计算机系信息处理实验室
Six system threads
1. Working set manager (priority 16)
Called by the balance set manager
Once per second
When free memory falls below a certain threshold
Drives the overall memory management policies
Working set trimming
Aging
Modified page writing
xlanchen@04/15/2005 Understanding the Inside of Windows2000
8计算机系信息处理实验室
Six system threads
2. Process/stack swapper (priority 23)
In and out
Awakened by the balance set manager and the thread-scheduling code in the kernel
When an inswap or outswap operation needs to take place
xlanchen@04/15/2005 Understanding the Inside of Windows2000
9计算机系信息处理实验室
Six system threads
3. Modified page writer (priority 17)
Writes dirty pages on the modified list back to the appropriate paging files
Awakened when the size of the modified list needs to be reduced
xlanchen@04/15/2005 Understanding the Inside of Windows2000
10计算机系信息处理实验室
Six system threads
4. Mapped page writer (priority 17)
Writes dirty pages in mapped files to disk
Awakened when the size of the modified list needs to be reduced
or
If pages for mapped files have been on the modified list for more than 5 minutes.
xlanchen@04/15/2005 Understanding the Inside of Windows2000
11计算机系信息处理实验室
Six system threads
5. Dereference segment thread (priority 18)
Responsible for system cache and page file growth and shrinkage.
6. Zero page thread (priority 0)
xlanchen@04/15/2005 Understanding the Inside of Windows2000
12计算机系信息处理实验室
Configuring the Memory Manager HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
ClearPageFileAtShutdown
DisablePagingExecutive
IoPageLockLimit
LargePageMinimum
LargeSystemCache
NonPagedPoolQuota
NonPagedPoolSize
PagedPoolQuota
PagedPoolSize
SystemPages
xlanchen@04/15/2005 Understanding the Inside of Windows2000
13计算机系信息处理实验室
xlanchen@04/15/2005 Understanding the Inside of Windows2000
14计算机系信息处理实验室
Determine System Memory Size
Values
Small: <19 MB
Medium: 20-32 MB
Large: >32 MB if 2K Professional>64 MB if 2K Server
Kernel-mode routines
MmQuerySystemSize
Small, medium, or large
MmIsThisAnNtAsSystem
TRUE for 2K Server; FALSE for 2K Professional
xlanchen@04/15/2005 Understanding the Inside of Windows2000
15计算机系信息处理实验室
Examining Memory Usage
EXPERIMENT
Viewing System Memory Information
xlanchen@04/15/2005 Understanding the Inside of Windows2000
16计算机系信息处理实验室
Pmon.exe (in the Windows 2000 Support Tools)
Pstat.exe (in the Platform SDK)
xlanchen@04/15/2005 Understanding the Inside of Windows2000
17计算机系信息处理实验室
EXPERIMENT
Accounting for Physical Memory Use
xlanchen@04/15/2005 Understanding the Inside of Windows2000
18计算机系信息处理实验室
System services
The memory manager provides a set of system services to
Allocate/free virtual memory
Share memory between processes
Map files into memory
Flush virtual pages to disk
Retrieve information about a range of virtual pages
Change the protection of virtual pages
Lock the virtual pages into memory
xlanchen@04/15/2005 Understanding the Inside of Windows2000
19计算机系信息处理实验室
Services exposed through Win32 API
Page granularity virtual memory functions
Virtualxxx
Memory-mapped file functions
CreateFileMapping, MapViewOfFile
Heap functions
Heapxxx
the older interfaces Localxxx and Globalxxx
xlanchen@04/15/2005 Understanding the Inside of Windows2000
20计算机系信息处理实验室
Services provided by memory manager
Allocating/deallocating physical memory
Locking pages in physical memory for DMA transfers
To
Other kernel-mode components inside the executive
Device drivers
These functions begin with the prefix Mm
Other, for example Ex…
xlanchen@04/15/2005 Understanding the Inside of Windows2000
21计算机系信息处理实验室
Services in detailed
Reserving and Committing Pages
Locking Memory
Allocation Granularity
Shared Memory and Mapped Files
Protecting Memory
Copy-on-Write
Heap Functions
Address Windowing Extensions
xlanchen@04/15/2005 Understanding the Inside of Windows2000
22计算机系信息处理实验室
Reserving and Committing Pages
Reserved address space
To reserve a range of virtual addresses for future use
If accessed, an access violation will occur
Committed pages
either private and not shareable
or
mapped to a view of a section
If accessed, ultimately translate to valid pages in physical memory.
Win32 functions
VirtualAlloc and VirtualAllocEx
xlanchen@04/15/2005 Understanding the Inside of Windows2000
23计算机系信息处理实验室
Locking Memory Pages can be locked in memory in two ways
Using kernel-mode functions
MmProbeAndLockPages, MmLockPagableCodeSection, MmLockPagableDataSection, or MmLockPagableSectionByHandle.
Pages remain in memory until explicitly unlocked
Using Win32 function
VirtualLock
Lock pages in the process working set.
May paging
xlanchen@04/15/2005 Understanding the Inside of Windows2000
24计算机系信息处理实验室
Allocation Granularity
Each region begins on an integral boundary
System value: allocation granularity (e.g. 64KB)
GetSystemInfo
Not for kernel-mode code
May be a single-page granularity
The size of the region is
n X (system page size)
xlanchen@04/15/2005 Understanding the Inside of Windows2000
25计算机系信息处理实验室
Shared Memory and Mapped Files
To share memory among processes and the OS
For example:
Two processes share the same DLL
Sharing mode
Execute-only
Copy-on-write
xlanchen@04/15/2005 Understanding the Inside of Windows2000
26计算机系信息处理实验室
Section objects
File mapping objects (Win32 API)
CreateFileMapping
OpenFileMapping
…
xlanchen@04/15/2005 Understanding the Inside of Windows2000
27计算机系信息处理实验室
Protecting Memory
Kernel mode VS. user mode
Each process: a separate private address space
Hardware-controlled memory protection
Read/write, read-only, …
Standard ACLs for shared memory section objects
2K is a robust, reliable OS
xlanchen@04/15/2005 Understanding the Inside of Windows2000
28计算机系信息处理实验室
Copy-on-Write
before
after
xlanchen@04/15/2005 Understanding the Inside of Windows2000
29计算机系信息处理实验室
Heap Functions
A heap
A region of one or more pages of reserved address space that can be subdivided and allocated in smaller chunks by the heap manager.
The heap manager
A set of functions that can be used to allocate and deallocate variable amounts of memory
The functions (in Ntdll.dll/Ntoskrnl.exe)
xlanchen@04/15/2005 Understanding the Inside of Windows2000
30计算机系信息处理实验室
Address Windowing Extensions
xlanchen@04/15/2005 Understanding the Inside of Windows2000
31计算机系信息处理实验室
System Memory Pools
two types of dynamically sized memory pools
Nonpaged pool
Paged pool
Look-Aside Lists
Driver Verifier
xlanchen@04/15/2005 Understanding the Inside of Windows2000
32计算机系信息处理实验室
Address Space Layout
xlanchen@04/15/2005 Understanding the Inside of Windows2000
33计算机系信息处理实验室
User Address Space Layout
0x0 ~ 0xFFFF 64 KB No-access region to aid programmers in avoiding incorrect pointer references
0x10000 ~ 0x7FFEFFFF 2GB -192KB The private process address space.
0x7FFDE000~0x7FFDEFFF 4 KB TEB for first thread.
0x7FFDF000~0x7FFDFFFF 4 KB PEB
0x7FFE0000~0x7FFE0FFF 4 KB Shared user data page
0x7FFE1000~0x7FFEFFFF 60 KB No-access region
0x7FFF0000~0x7FFFFFFF 64 KB No-access region that prevents threads from passing buffers that straddle the user/system space boundary
xlanchen@04/15/2005 Understanding the Inside of Windows2000
34计算机系信息处理实验室
System Address Space Layout
xlanchen@04/15/2005 Understanding the Inside of Windows2000
35计算机系信息处理实验室
Address Translation
xlanchen@04/15/2005 Understanding the Inside of Windows2000
36计算机系信息处理实验室
Translating a Virtual Address
Components of a 32-bit virtual address on x86 systems
xlanchen@04/15/2005 Understanding the Inside of Windows2000
37计算机系信息处理实验室
Translating a valid virtual address (x86-specific)
xlanchen@04/15/2005 Understanding the Inside of Windows2000
38计算机系信息处理实验室
Page Directories Each process has a single page directory
The physical address of the process page directory is stored in the kernel process (KPROCESS) block
but is also mapped virtually at address 0xC0300000 on x86 systems (0xC06000000 on systems running the PAE kernel image).
All code running in kernel mode references virtual addresses, not physical ones
CR3 on x86 systems
page directory entries
xlanchen@04/15/2005 Understanding the Inside of Windows2000
39计算机系信息处理实验室
Process and System Page Tables
page table
system page table
not all processes have the same view of system space
page fault
xlanchen@04/15/2005 Understanding the Inside of Windows2000
40计算机系信息处理实验室
System & process-private page tables
xlanchen@04/15/2005 Understanding the Inside of Windows2000
41计算机系信息处理实验室
Page Table Entries
xlanchen@04/15/2005 Understanding the Inside of Windows2000
42计算机系信息处理实验室
Translation Look-Aside Buffer
xlanchen@04/15/2005 Understanding the Inside of Windows2000
43计算机系信息处理实验室
Physical Address Extension
PAE
allows access to up to 64 GB of physical memory
The third level—page directory pointer table
xlanchen@04/15/2005 Understanding the Inside of Windows2000
44计算机系信息处理实验室