buddy-slab-allocator 0.4.0

Memory allocator with Buddy and Slab allocation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307

/// Slab page header, bitmap-based object tracking, and lock-free remote free.
///
/// Each slab page starts with a [`SlabPageHeader`] followed by the object array.
/// Local (owner-CPU) operations use a bitmap under the slab lock.
/// Remote (cross-CPU) frees use an atomic CAS stack — no lock required.
use core::ptr::NonNull;
use core::sync::atomic::{AtomicU32, AtomicUsize, Ordering};

use super::size_class::SizeClass;

/// Magic number written at the start of every slab page header.
pub const SLAB_MAGIC: u32 = 0x534C_4142; // "SLAB"

/// Maximum objects per slab page (512 = 8 × u64 bitmap words).
pub const MAX_OBJECTS_PER_SLAB: usize = 512;

/// Number of u64 words in the local bitmap.
pub const BITMAP_WORDS: usize = MAX_OBJECTS_PER_SLAB / 64; // 8

/// Maximum number of pages a slab may span.
pub const MAX_SLAB_PAGES: usize = 4;

/// Header placed at the very start of each slab page.
///
/// Object data starts at `header_end`, aligned to `size_class.size()`.
#[repr(C)]
pub struct SlabPageHeader {
    /// Magic number for integrity checks.
    pub magic: u32,
    /// Which size class this slab serves.
    pub size_class: SizeClass,
    /// Total number of objects that fit.
    pub object_count: u16,
    /// Number of objects free in `local_bitmap`.
    pub local_free_count: u16,
    /// The CPU that owns this slab page (local alloc/dealloc go through this CPU's lock).
    pub owner_cpu: u16,
    _pad: u16,
    /// Total usable bytes (slab pages × PAGE_SIZE).
    pub slab_bytes: u32,

    // --- Intrusive doubly-linked list pointers (used by SlabCache) ---
    pub list_prev: usize,
    pub list_next: usize,

    // --- Local bitmap (under slab lock, owner CPU only) ---
    // A set bit means the slot is FREE.
    pub local_bitmap: [u64; BITMAP_WORDS],

    // --- Lock-free remote free stack (any CPU) ---
    /// Head of the remote-free linked list (object virtual address, 0 = empty).
    /// Each freed object stores `next` at its start (reuses object memory).
    pub remote_free_head: AtomicUsize,
    /// Number of objects in the remote-free stack.
    pub remote_free_count: AtomicU32,
}

impl SlabPageHeader {
    /// Size of the header in bytes.
    pub const HEADER_SIZE: usize = core::mem::size_of::<Self>();

    /// Initialise a slab page header.  All objects are marked free in the bitmap.
    ///
    /// `base` is the virtual address of the page, `bytes` is the total slab size.
    pub fn init(&mut self, size_class: SizeClass, bytes: usize, owner_cpu: u16) {
        let obj_size = size_class.size();
        let data_start = Self::data_offset(obj_size);
        let usable = bytes.saturating_sub(data_start);
        let count = (usable / obj_size).min(MAX_OBJECTS_PER_SLAB);

        self.magic = SLAB_MAGIC;
        self.size_class = size_class;
        self.object_count = count as u16;
        self.local_free_count = count as u16;
        self.owner_cpu = owner_cpu;
        self._pad = 0;
        self.slab_bytes = bytes as u32;
        self.list_prev = 0;
        self.list_next = 0;
        self.local_bitmap = [0u64; BITMAP_WORDS];
        self.remote_free_head = AtomicUsize::new(0);
        self.remote_free_count = AtomicU32::new(0);

        // Mark first `count` bits as 1 (free).
        let full_words = count / 64;
        let remaining_bits = count % 64;
        for w in self.local_bitmap.iter_mut().take(full_words) {
            *w = u64::MAX;
        }
        if remaining_bits > 0 {
            self.local_bitmap[full_words] = (1u64 << remaining_bits) - 1;
        }
    }

    /// Byte offset from the start of the page to the first object.
    /// Aligned up to `obj_size` for natural alignment.
    pub fn data_offset(obj_size: usize) -> usize {
        let raw = Self::HEADER_SIZE;
        // Align to obj_size (which is always a power of two).
        (raw + obj_size - 1) & !(obj_size - 1)
    }

    /// Virtual address of the object region start (given `base` = page start).
    #[inline]
    pub fn data_start(&self, base: usize) -> usize {
        base + Self::data_offset(self.size_class.size())
    }

    /// Virtual address of object at `index`.
    #[inline]
    pub fn object_addr(&self, base: usize, index: usize) -> usize {
        self.data_start(base) + index * self.size_class.size()
    }

    /// Index of the object whose address is `addr`.
    #[inline]
    pub fn object_index(&self, base: usize, addr: usize) -> usize {
        (addr - self.data_start(base)) / self.size_class.size()
    }

    /// Base address (slab start) from an object address.
    ///
    /// Searches backward by page because the slab base may no longer have
    /// absolute `slab_bytes` alignment after metadata is carved from a region
    /// prefix by [`GlobalAllocator`](crate::GlobalAllocator).
    #[inline]
    pub fn base_from_obj_addr<const PAGE_SIZE: usize>(addr: usize, slab_bytes: usize) -> usize {
        let slab_pages = slab_bytes / PAGE_SIZE;
        debug_assert!(slab_pages > 0);

        let page_base = addr & !(PAGE_SIZE - 1);
        for page_idx in 0..slab_pages {
            let Some(candidate) = page_base.checked_sub(page_idx * PAGE_SIZE) else {
                break;
            };
            let hdr = unsafe { &*(candidate as *const SlabPageHeader) };
            if hdr.magic == SLAB_MAGIC
                && hdr.slab_bytes as usize == slab_bytes
                && addr >= candidate
                && addr < candidate + slab_bytes
            {
                return candidate;
            }
        }

        debug_assert!(false, "object address does not belong to a live slab");
        page_base
    }

    fn base_from_obj_addr_unknown_with_page_size(addr: usize, page_size: usize) -> Option<usize> {
        if page_size == 0 || !page_size.is_power_of_two() {
            return None;
        }
        let page_base = addr & !(page_size - 1);
        for page_idx in 0..MAX_SLAB_PAGES {
            let Some(candidate) = page_base.checked_sub(page_idx * page_size) else {
                break;
            };
            let hdr = unsafe { &*(candidate as *const SlabPageHeader) };
            let slab_bytes = hdr.slab_bytes as usize;
            if hdr.magic != SLAB_MAGIC
                || slab_bytes == 0
                || !slab_bytes.is_multiple_of(page_size)
                || slab_bytes / page_size > MAX_SLAB_PAGES
            {
                continue;
            }
            if addr >= candidate && addr < candidate + slab_bytes {
                return Some(candidate);
            }
        }
        None
    }

    /// Base address (slab start) from an object address without knowing the slab size.
    ///
    /// Searches backward up to [`MAX_SLAB_PAGES`] pages and validates each candidate
    /// against the header's `slab_bytes`.
    #[inline]
    pub fn base_from_obj_addr_unknown<const PAGE_SIZE: usize>(addr: usize) -> Option<usize> {
        Self::base_from_obj_addr_unknown_with_page_size(addr, PAGE_SIZE)
    }

    /// Queue the object on its owner's remote-free list.
    ///
    /// # Safety
    /// - `ptr` must point to a valid live slab object.
    /// - `owner_cpu` must match the slab header's owner CPU.
    /// - `page_size` must be the slab allocator's page size.
    pub unsafe fn remote_free_object(ptr: NonNull<u8>, owner_cpu: u16, page_size: usize) {
        let obj_addr = ptr.as_ptr() as usize;
        let Some(base) = Self::base_from_obj_addr_unknown_with_page_size(obj_addr, page_size)
        else {
            debug_assert!(false, "object address does not belong to a live slab");
            return;
        };
        let hdr = unsafe { &*(base as *const SlabPageHeader) };
        debug_assert_eq!(hdr.magic, SLAB_MAGIC);
        debug_assert_eq!(hdr.owner_cpu, owner_cpu);
        unsafe { hdr.remote_free(obj_addr) };
    }

    // ------------------------------------------------------------------
    // Local allocation (under slab lock)
    // ------------------------------------------------------------------

    /// Allocate one object from the local bitmap.  Returns the slot index or `None`.
    pub fn local_alloc(&mut self) -> Option<usize> {
        for (wi, word) in self.local_bitmap.iter_mut().enumerate() {
            if *word != 0 {
                let bit = word.trailing_zeros() as usize;
                *word &= !(1u64 << bit);
                self.local_free_count -= 1;
                return Some(wi * 64 + bit);
            }
        }
        None
    }

    /// Free an object back to the local bitmap.
    pub fn local_free(&mut self, index: usize) {
        let wi = index / 64;
        let bit = index % 64;
        debug_assert!(self.local_bitmap[wi] & (1u64 << bit) == 0, "double free");
        self.local_bitmap[wi] |= 1u64 << bit;
        self.local_free_count += 1;
    }

    /// Whether this slab has any free objects (local bitmap only).
    #[inline]
    pub fn has_local_free(&self) -> bool {
        self.local_free_count > 0
    }

    /// Whether every object in this slab is free (local bitmap only).
    #[inline]
    pub fn is_all_free(&self) -> bool {
        self.local_free_count == self.object_count
    }

    /// Whether the local bitmap is completely full (zero free objects locally).
    #[inline]
    pub fn is_local_full(&self) -> bool {
        self.local_free_count == 0
    }

    // ------------------------------------------------------------------
    // Remote free (lock-free, any CPU)
    // ------------------------------------------------------------------

    /// Push `obj_addr` onto the remote-free stack (lock-free CAS).
    ///
    /// # Safety
    /// - `obj_addr` must point to a previously allocated object within this slab.
    /// - The object's first `size_of::<usize>()` bytes will be overwritten with
    ///   the next-pointer.
    pub unsafe fn remote_free(&self, obj_addr: usize) {
        unsafe {
            loop {
                let old_head = self.remote_free_head.load(Ordering::Acquire);
                // Store "next" pointer inside the freed object.
                (obj_addr as *mut usize).write(old_head);
                if self
                    .remote_free_head
                    .compare_exchange_weak(old_head, obj_addr, Ordering::AcqRel, Ordering::Relaxed)
                    .is_ok()
                {
                    self.remote_free_count.fetch_add(1, Ordering::Relaxed);
                    return;
                }
            }
        }
    }

    /// Drain all remote frees back into the local bitmap.
    ///
    /// Must be called under the owner-CPU slab lock.
    pub fn drain_remote_frees(&mut self, base: usize) {
        let head = self.remote_free_head.swap(0, Ordering::AcqRel);
        if head == 0 {
            return;
        }
        // Also zero the count (we'll re-add to local).
        self.remote_free_count.store(0, Ordering::Relaxed);

        let mut ptr = head;
        while ptr != 0 {
            let next = unsafe { *(ptr as *const usize) };
            let idx = self.object_index(base, ptr);
            let wi = idx / 64;
            let bit = idx % 64;
            debug_assert!(
                self.local_bitmap[wi] & (1u64 << bit) == 0,
                "remote double free"
            );
            self.local_bitmap[wi] |= 1u64 << bit;
            self.local_free_count += 1;
            ptr = next;
        }
    }

    /// Whether any remote frees are pending.
    #[inline]
    pub fn has_remote_frees(&self) -> bool {
        self.remote_free_count.load(Ordering::Relaxed) > 0
    }
}