Linux Memory Management

One The data structure of the Linux process in memory

An executable program is divided into sections of code, data segments, and uninitialized data segments when stored (not in memory):

1) Code snippet : A machine instruction that holds CPU execution. usually the code area is shared , that is, other executing programs can invoke it. If there are several processes in the machine running the same program, then they can use the same code snippet.
2) Data segment : holds initialized global variables, static variables (both global and local), constants. the static global variable and the static function can only be called in the current file .
3) Uninitialized data area (Uninitializeddata SEGMENT,BSS): A variable that holds the global uninitialized. BSS data is initialized to 0 or null before the program starts executing.

The code snippet has the lowest address space, which in turn is the data segment and the BSS segment , and the data segment and BSS segment are in memory next to each other.

The executable program runs with two more zones: stack and heap segment (heap).

　　4) Stack area: automatically released by the compiler, storing the function parameter values, local variables and so on. Whenever a function is called, the return type of the function and the information of some calls are stored in the stack. The called function then allocates space on the stack for its automatic variables and temporary variables. A new stack is used for each call to a function. The stack area is increased from the high address bit to the low address bit, is a contiguous inner region, the maximum capacity is pre-defined by the system, the application of the stack space beyond this threshold will prompt overflow, the user can get less space from the stack.
5) Heap segment: used to store the dynamically allocated memory segment in the process run, located in the middle of the BSS and the address bit. The programmer applies for allocation (malloc) and release (free). The heap is growing from a low address bit to a high address bit, using a chained storage structure. Frequently malloc/free causes a discontinuity in memory space, resulting in fragmentation. When applying for heap space, the library function searches for a sufficient amount of space available to the algorithm according to certain algorithms. So the heap is much less efficient than the stack.

the data segment in the 5 memory area, BSS and heaps are often stored continuously-memory locations are contiguous, and code snippets and stacks are often stored independently. Interestingly, the heap and stack of two regional relationships are "ambiguous", they are one down "long" (I386 architecture stack down, heap up), one upward "long", relative. But you don't have to worry that they will meet, because they are spaced very large (how much, you can calculate from the following example program), there are few opportunities to meet together.

A brief description of the distribution of process memory areas:

Second, address related concepts

1. Physical addresses (physical address)

Physical Memory , the size of the capacity of a memory strip that is actually plugged into the memory slot of the motherboard.

Memory is made up of several storage units, each with a number that uniquely identifies a storage unit, called a memory address (or physical address). we can think of memory as an array of storage units numbered from 0 bytes to the maximum capacity of memory, that is, each storage unit corresponds to the number of memory addresses.

2. Virtual memory (also known as virtual memory)

virtual memory addresses are address spaces that can be addressed directly by each process, and are not disturbed by other processes. Each instruction or data unit has a definite address in this virtual space.

Virtual memory is the target code in the process, the virtual space composed of the virtual address such as data

Virtual memory does not take into account the size of physical memory and the actual location of information stored, only the relative position of the interrelated information in the process. Each process has its own virtual memory, and the size of the virtual memory is determined by the address structure and addressing method of the processor.

such as direct addressing, if the effective address length of the CPU is 16 bits, then its addressing range 0-64k.

For example, 32-bit machines can directly address 4G space, meaning that each application has 4G memory space available. But obviously machine memory is so large that it can support 4G of memory per program.

　　the difference between virtual memory and physical memory: virtual memory is the opposite of physical memory, which refers to the virtual memory space from the hard disk according to the system needs, is a computer system memory management technology, belongs to the machine program, and the physical memory is hardware. Because sometimes when you deal with large programs when the system memory is not enough, this time will be the hard disk when memory to use, to exchange data to do the buffer, but the processing speed of physical memory is more than 30 times times the virtual memory.

3. Logical addresses (logical address)

After the source program is compiled or compiled, the target code is formed, each target code is addressed in 0 for the base address sequence, and the unit that originally accessed the symbol name is replaced with the specific data-unit number. This generates a target program that occupies a certain address space, called the Job's logical address space, or logical space.

The address of each instruction in the logical space and the operand address to be accessed in the instruction are collectively referred to as logical addresses . That is, the address used in the application. The physical address in memory is obtained by means of a computation or transformation that is addressed.

Very simple, the logical address is the address you use in the source program, or the source code is compiled after the compiler will be some of the label, variable to the address, or relative to the current segment offset address.

A logical address is the part of the offset address that is generated by the program that is related to the segment. For example, you can read the pointer variable itself (& operation) in the C language pointer programming, which is actually the logical address, which is relative to the address of the data segment of your current process and is not coherent with the absolute physical address. Only in Intel Real mode will the logical address be equal to the physical address (because there is no fragmentation or paging mechanism for the real mode, the CPU does not perform automatic address translation), and the logic is the offset address of the code snippet in Intel protected mode (assuming that the code snippet, the data segment is exactly the same). The application programmer only has to deal with logical addresses, and the segmentation and paging mechanisms are completely transparent to you, and are only covered by system programmers. While the application programmer can manipulate the memory directly, it will only operate on the memory segments assigned to you by the operating system.

However, some of the data is directly to the logical address as a virtual address, there is no clear boundary between the two.

　 In the Linux kernel, the virtual address is the 3G-4G address, and the physical address through the page table to map, the logical address refers to the 3g-3g+main_memory_size this virtual address, it is linear with the physical address mapping, of course, can also be mapped through the page table. So the logical address is part of the virtual address.

The logical address consists of a segment identifier plus an offset of the relative address within the specified segment, expressed as [segment identifier: offset within paragraph]

4. The linear address or Linux is also called virtual address (Vsan)

This address is very important and not easy to understand. The segmentation mechanism of the CPU addressing is two-dimensional address, namely: segment Address: Offset address , the CPU can not understand the two-dimensional address, it is necessary to convert to a one-dimensional address that is, the segment address *16+ offset address, so that the resulting address is a linear address (in the case of the paging mechanism is not turned on the physical address). What is the point of this? Or the method of calculating the one-dimensional address. Anyone who learns a computer knows it, but do you really understand what it means? To understand what it means, you need to know what the address space is, as detailed below.

A linear address is the middle tier between a logical address and a physical address transformation. The program code generates a logical address, or an offset address in a segment, and a linear address is generated with the base address of the corresponding segment. If the paging mechanism is enabled, the linear address can then be transformed to produce a physical address. If the paging mechanism is not enabled, then the linear address is directly the physical address. The Intel 80386 has a linear address space capacity of 4G (2 of 32 address bus addressing).

Similar to the logical address, it is also an unreal address, if the logical address is the corresponding hardware platform segment management conversion before the address, then the linear address corresponds to the hardware page-like memory of the pre-conversion address .

The CPU translates the address in one virtual memory space into a physical address, which requires two steps: first, given a logical address (in fact, an offset within the segment), the CPU uses its segment memory management unit to convert the logical address into a thread address and then use its page memory management unit. Converted to the final physical address.

Third, address mapping

The operating modes of the 32-bit 80386 chip, introduced by Intel, include the real address mode and the virtual address mode . The real address mode is fully compatible with 8086. Its addressing range is the address space of 1MB. Fragmentation features are limited. The privilege level cannot be distinguished. Of course, the paging mechanism is not enabled. In the virtual address mode, the segmentation mechanism is strengthened, the segment can be up to 4GB, and the paging management mechanism is provided to support the Linux virtual memory management mechanism.

The 80386 virtual address pattern uses the following segmentation and paging two-level address translation mechanism to convert virtual addresses to physical addresses.

2.1 Conversion of virtual address to linear address

The virtual address to be accessed by the user process includes a 16-bit segment selector and a 32-bit intra-segment offset, and a 80386 fragment mechanism adds the segment selector and the 32-bit offset within the segment register to the 32-bit linear address, as shown in 1. The minimum two bits of a 16-bit segment selector represent the requester's privileged level, so there can be up to 16k segments with a maximum size of 4GB per segment. But they all have to be mapped to a linear address space of 4GB.

Figure 1

2.2 Conversion of linear address to physical address

Every user process in Linux can access 4GB of linear address space, while actual physical memory may be much less than 4GB. With paging, Linux only loads a fraction of the executable image into physical memory. When you need to access a page that is not mounted, the system generates a page fault that reads the required pages into physical memory.

Figure 2

Linux uses a Level two page table structure--page Catalog table and page table to implement address mapping, the address of the page catalog table currently running the process is saved in the control register CR3. The linear address obtained by the above conversion mechanism can be divided into 3 parts, and the height 10 bits is the Dir field-the index value of the page catalog table. It calculates the physical address of the page table with the address in the CR3, and the middle 10 bits holds the index value relative to the page table, through which the required physical page number is obtained. The physical page number is combined with the low 12-bit in-page offset to get the physical address. Its structure is shown in 2.

Iv. Virtual Address Management

Each user process can have a virtual storage space of 4GB. In order to better manage this part of the virtual storage space. Linux mainly defines the following three data structures:

struct VM_AREA_STRUCT

struct VM_OPERATIONS_STRUCT
struct VMM_STRUCT

A virtual storage segment (vm_area_struct), or VMA, is a contiguous virtual space of a process that typically occupies several VMA segments. such as code snippets, data segments, stack segments, and so on. VMA not only represents a memory range, it can also correspond to a file, shared memory, or swap device.

all VMA of each process are managed by a doubly linked list. In order to improve the efficiency of the query, insert, delete and other operations of VMA. Linux makes up the VMA of all the processes in the system into an AVL tree.  This is a balanced binary tree, when the number of VMA is particularly large, the use of this AVL tree to find VMA efficiency has been significantly improved.

Different VMA may require different ways of handling the operation, but also take into account the unity of the interface. Linux uses Vm_operations_struct architecture and object-oriented thinking to define how to operate. A vm_operations_struct struct is a set of function pointers that, for different VMA, may point to different handler functions. For example, when a page fault occurs, the read-in function of shared memory and code snippet Readpage may be different.

Another very important data structure in memory management is the VMM_STRUCT structure, in which the MM members of the process Task_struct point to it. The entire virtual space of the current running process is managed and described by it. It contains not only the image information of the process, but also its Mmap member entry, which points to the list of all VMA of the process. Its MMAP_AVL member item points to the AVL tree of the entire system.

These three data structures are interrelated and collectively manage virtual memory, as shown in the relationship 3 between them.

Figure 3

This part of the related system call has the following main two :

 do_mmap ( struct  file *file, unsigned  long   addr un Signed  long   len, unsigned  long   prot, unsigned   Long   flags, unsigned  long   off); FIND_VMA ( struct   mm_struct mm, unsigned /span>long   addr);  

The Do _mmap function implements memory mapping. The function of the FIND_VMA function is to find the VMA that contains the parameter addr the specified virtual address belongs to. When you want to run an executable image, call Do_mmap to load it into the virtual address space of the process and produce a set of VMA structures, as described earlier, the entire virtual space of the process is managed by the VMM_STRUCT structure, but at this point the executable is only connected to the virtual space of the process. Only a small portion of the page is loaded into physical memory, and most of the rest is not actually loaded into physical memory. A page fault is generated during the run of the process, the operating system first calls FIND_VMA, finds the VMA of the virtual address, and then loads the pages into physical memory based on the VMA's member variable vm_ops the paging operation function in the VM_OPERATIONS_STRUCT structure.

V. Swap space

Each process of a 32-bit Linux system can have 4GB of virtual memory space, and there are multiple processes in the system. However, in fact, most computers do not have so much physical memory space, when the physical memory in the system is scarce, it is necessary to use the swap space to move a portion of the future may not be used from physical memory to the swap device or the swap file.
Linux uses two ways to save pages that are swapped out:

One is the use of an entire block device, such as a partition of a hard disk, that is, a swap device.

The other is the use of fixed-length files in the file system, that is, swap files. They are collectively referred to as swap space.

The similarities between the two approaches are that their internal format is consistent, but in terms of efficiency, the swap device is better. This is because the data blocks on the same page in the swap device are stored sequentially, and therefore can be accessed in sequential order. In the swap file, the actual physical location of the data block of the same page may be discontinuous and need to be retrieved through the inode of the swap file, which reduces the access efficiency.

Each swap file or swap device is described by the struct SWAP_INFO_ struct structure. The function of the swap device is mainly the Get _swap_ page (...). When the in-memory page needs to be swapped out, call the Get_swap_page function to request a physical page in the swap space. If successful, returns a non-0 code, otherwise returns 0.

Six, paging mechanism management

Linux uses a paging management mechanism to make more efficient use of physical memory. When a process is created, only a fraction of the current process is actually loaded into memory. When the remainder needs to be accessed, the processor generates a page fault, which is called by the paging interrupt service program to the write copy function do_wp_page, according to the address of the missing pages and the error code, the vm_ops of the VMA to which it belongs Nopage, Do_swap_page, SWAP_ The in function will swap the required pages into physical memory. As the executable image runs and the page is swapped in, the memory in the system may become insufficient, and the Linux kernel must call the KSWAPD daemon to release some of the physical memory. The KSWAPD is established by the INIT process when the system starts. During the operation of the system, it is periodically woken up to check if there is a small amount of free physical memory in the system. If it is, release some of the memory or swap some pages out of the swap space and continue to sleep.

The 
 KSWAPD Daemon is responsible for ensuring that the memory remains free of free space. It monitors the Pages_high and pages_low tags in the kernel, and if the free memory space value is less than the Pages_low value, the KSWWAPD process starts scanning and attempts to recycle 32            pages, so repeat until the free memory space is greater than the Pages_high value. The KSWAPD process performs the following actions:  * If the page does not change, it puts the page in free   l          Ist.           * * If the page changes and is not written back by the file system (The Nameless page), it writes the page contents to the swap device. 

　　Page breaks and pages swapped in
Page swapping is mainly implemented by the do_page_fault of the Missing Pages service entry function. When a page failure occurs in the system, if the virtual memory address is valid, there are two reasons why the error occurs:
the physical page that corresponds to the virtual memory address is not in memory . Then it must be in disk or swap space, if on disk, then we call the Do_no_page function, and Do_no_page call VMA a >vm_ops a >nopage () function to establish a page map. Enter the page from the swap space or disk, or call Swap_in () via the Do_swap_page () function to swap in the page.
　　the virtual address corresponds to the physical page in memory but is write-protected. If this happens on a shared page, you need the write copy function do_wp_page to swap in the page. The Do_wp_page function first calls _get_free_page to obtain a new page and then invokes the contents of the Copy_cow_page copy page. Of course, the corresponding refresh function is also called to flush the TLB and cache, and so on.

page Exchange process and page swap out
As we described above, the system uses the KSWAPD daemon to periodically swap out pages. Make enough free physical memory pages in the system.
The KSWAPD process periodically checks the number of free pages in the system. If less than a certain value, the free pages are obtained in the following three ways:

① reduce the size of buffers and page caches;

② the shared memory occupied by the page to swap space;
③ swap out or discard physical memory pages.

Linux Memory Management-Guisu, program life. Riding, behind. -Blog Channel-csdn.net

Linux Memory Management