mappedpages 0.2.0

A fixed-size page provider backed by memory mapping, intended for building higher-level allocators and storage systems
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458

//! Sub-page allocator: divides big pages from a `Pager<PARENT_SIZE>` into
//! fixed-size sub-pages of `SUB_SIZE` bytes each.
//!
//! Each big page is divided into `N = PARENT_SIZE / SUB_SIZE` sub-slots, tracked
//! with a `u64` bitmask (one bit per slot, so N ≤ 64 is required).  When all
//! sub-slots of a big page are freed the big page is returned to the inner pager.
//!
//! Sub-allocation state is **in-memory only**.  It is not persisted to disk and
//! is not reconstructed when a pager file is reopened.  Callers are responsible
//! for rebuilding their sub-allocation state after a reopen.

use crate::allocator::{BulkPageAllocator, PageAllocator, PageHandle};
use crate::error::MappedPageError;
use crate::page::{MappedPage, PageId};
use crate::pager::Pager;

// ── Private helpers ───────────────────────────────────────────────────────────

/// One big page checked out from the inner pager, together with its sub-slot
/// bitmask.  Bit `i` = 1 means sub-slot `i` is currently allocated.
struct BigPageSlot<const PARENT_SIZE: usize> {
    id: PageId<PARENT_SIZE>,
    used: u64,
}

// ── SubPageId ─────────────────────────────────────────────────────────────────

/// An opaque handle to one allocated sub-page inside a `SubPageAllocator`.
///
/// The const generics `PARENT_SIZE` and `SUB_SIZE` ensure that a
/// `SubPageId<4096, 512>` cannot be passed to a `SubPageAllocator<4096, 256>` —
/// the compiler rejects the mismatch.
///
/// Fields are private because `slot_index` encodes an implementation-internal
/// position in the allocator's slot vec, not a stable on-disk address.
#[derive(Clone, Copy, Debug, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct SubPageId<const PARENT_SIZE: usize, const SUB_SIZE: usize> {
    /// Index into `SubPageAllocator::slots`.
    pub(crate) slot_index: u32,
    /// Which sub-slot within that big page (0 .. PARENT_SIZE / SUB_SIZE).
    pub(crate) sub_index: u32,
}

#[cfg(test)]
impl<const PARENT_SIZE: usize, const SUB_SIZE: usize> SubPageId<PARENT_SIZE, SUB_SIZE> {
    /// Construct an arbitrary `SubPageId` for testing error paths.
    pub(crate) fn new_raw(slot_index: u32, sub_index: u32) -> Self {
        Self {
            slot_index,
            sub_index,
        }
    }
}

// ── SubPageAllocator ──────────────────────────────────────────────────────────

/// A sub-page allocator that divides big pages from an inner `Pager<PARENT_SIZE>`
/// into sub-pages of `SUB_SIZE` bytes each.
///
/// # Compile-time constraints
///
/// - `SUB_SIZE` must be a power of two.
/// - `PARENT_SIZE` must be divisible by `SUB_SIZE`.
/// - `SUB_SIZE` must be strictly less than `PARENT_SIZE`.
/// - `PARENT_SIZE / SUB_SIZE` must be at most 64 (fits in a `u64` bitmask).
///
/// Violating any of these is a **compile error** via `const { assert!(...) }`.
///
/// # Persistence
///
/// Sub-allocation state is in-memory only.  The inner `Pager`'s file is updated
/// when big pages are allocated or freed, but the sub-slot bitmasks are not
/// written to disk.  Reconstruct sub-allocation state after reopening the file.
pub struct SubPageAllocator<const PARENT_SIZE: usize, const SUB_SIZE: usize> {
    pager: Pager<PARENT_SIZE>,
    /// One entry per big page currently (or previously) checked out.
    /// `None` is a tombstone: the big page was fully freed and returned to the
    /// inner pager; its slot index may be reused by a future `alloc`.
    slots: Vec<Option<BigPageSlot<PARENT_SIZE>>>,
}

impl<const PARENT_SIZE: usize, const SUB_SIZE: usize> SubPageAllocator<PARENT_SIZE, SUB_SIZE> {
    /// Bitmask value when every sub-slot in a big page is in use.
    ///
    /// Handles the N = 64 edge case where `1u64 << 64` would be undefined
    /// behaviour — the branch is constant-folded away by the compiler.
    const fn full_mask() -> u64 {
        if PARENT_SIZE / SUB_SIZE == 64 {
            u64::MAX
        } else {
            (1u64 << (PARENT_SIZE / SUB_SIZE)) - 1
        }
    }

    /// Create a new `SubPageAllocator` wrapping `pager`.
    ///
    /// No pages are allocated from `pager` until the first call to [`alloc`](Self::alloc).
    pub fn new(pager: Pager<PARENT_SIZE>) -> Self {
        const {
            assert!(
                SUB_SIZE.is_power_of_two(),
                "SUB_SIZE must be a power of two"
            )
        };
        const {
            assert!(
                PARENT_SIZE.is_multiple_of(SUB_SIZE),
                "PARENT_SIZE must be divisible by SUB_SIZE"
            )
        };
        const {
            assert!(
                SUB_SIZE < PARENT_SIZE,
                "SUB_SIZE must be less than PARENT_SIZE"
            )
        };
        const {
            assert!(
                PARENT_SIZE / SUB_SIZE <= 64,
                "PARENT_SIZE / SUB_SIZE must be at most 64"
            )
        };
        Self {
            pager,
            slots: Vec::new(),
        }
    }

    /// Borrow the inner pager (e.g. to query `page_count` or `free_page_count`).
    pub fn pager(&self) -> &Pager<PARENT_SIZE> {
        &self.pager
    }

    /// Consume this allocator and return the inner pager.
    ///
    /// Any big pages that still have live sub-slots allocated remain checked out
    /// in the pager.  Callers are responsible for freeing them if needed.
    pub fn into_pager(self) -> Pager<PARENT_SIZE> {
        self.pager
    }
}

// ── PageAllocator impl ────────────────────────────────────────────────────────

impl<const PARENT_SIZE: usize, const SUB_SIZE: usize>
    PageAllocator<SubPageId<PARENT_SIZE, SUB_SIZE>> for SubPageAllocator<PARENT_SIZE, SUB_SIZE>
{
    type Error = MappedPageError;

    fn alloc(&mut self) -> Result<SubPageId<PARENT_SIZE, SUB_SIZE>, MappedPageError> {
        const {
            assert!(
                SUB_SIZE.is_power_of_two(),
                "SUB_SIZE must be a power of two"
            )
        };
        const {
            assert!(
                PARENT_SIZE.is_multiple_of(SUB_SIZE),
                "PARENT_SIZE must be divisible by SUB_SIZE"
            )
        };
        const {
            assert!(
                SUB_SIZE < PARENT_SIZE,
                "SUB_SIZE must be less than PARENT_SIZE"
            )
        };
        const {
            assert!(
                PARENT_SIZE / SUB_SIZE <= 64,
                "PARENT_SIZE / SUB_SIZE must be at most 64"
            )
        };

        let full = Self::full_mask();

        // Pass 1: find a partially-used big page with a free sub-slot.
        for (i, slot_opt) in self.slots.iter_mut().enumerate() {
            if let Some(slot) = slot_opt
                && slot.used != full
            {
                let bit = slot.used.trailing_ones();
                slot.used |= 1u64 << bit;
                return Ok(SubPageId {
                    slot_index: i as u32,
                    sub_index: bit,
                });
            }
        }

        // Pass 2: need a fresh big page; allocate it from the inner pager.
        let big_id = self.pager.alloc()?;
        let new_slot = BigPageSlot {
            id: big_id,
            used: 1u64,
        };

        // Reuse a tombstone slot if one exists.
        for (i, slot_opt) in self.slots.iter_mut().enumerate() {
            if slot_opt.is_none() {
                *slot_opt = Some(new_slot);
                return Ok(SubPageId {
                    slot_index: i as u32,
                    sub_index: 0,
                });
            }
        }

        // No tombstone; grow the vec.
        let idx = self.slots.len();
        self.slots.push(Some(new_slot));
        Ok(SubPageId {
            slot_index: idx as u32,
            sub_index: 0,
        })
    }

    fn free(&mut self, id: SubPageId<PARENT_SIZE, SUB_SIZE>) -> Result<(), MappedPageError> {
        const {
            assert!(
                SUB_SIZE.is_power_of_two(),
                "SUB_SIZE must be a power of two"
            )
        };
        const {
            assert!(
                PARENT_SIZE.is_multiple_of(SUB_SIZE),
                "PARENT_SIZE must be divisible by SUB_SIZE"
            )
        };
        const {
            assert!(
                SUB_SIZE < PARENT_SIZE,
                "SUB_SIZE must be less than PARENT_SIZE"
            )
        };
        const {
            assert!(
                PARENT_SIZE / SUB_SIZE <= 64,
                "PARENT_SIZE / SUB_SIZE must be at most 64"
            )
        };

        if id.sub_index as usize >= PARENT_SIZE / SUB_SIZE {
            return Err(MappedPageError::OutOfBounds);
        }

        let slot_opt = self
            .slots
            .get_mut(id.slot_index as usize)
            .ok_or(MappedPageError::OutOfBounds)?;

        let slot = slot_opt.as_mut().ok_or(MappedPageError::DoubleFree)?;

        let mask = 1u64 << id.sub_index;
        if slot.used & mask == 0 {
            return Err(MappedPageError::DoubleFree);
        }
        slot.used &= !mask;

        if slot.used == 0 {
            // All sub-slots free: set tombstone first, then release the big page.
            let big_id = slot.id;
            *slot_opt = None;
            self.pager.free(big_id)?;
        }
        Ok(())
    }
}

// ── BulkPageAllocator impl ──────────────────────────────────────────────────────

impl<const PARENT_SIZE: usize, const SUB_SIZE: usize>
    BulkPageAllocator<SubPageId<PARENT_SIZE, SUB_SIZE>>
    for SubPageAllocator<PARENT_SIZE, SUB_SIZE>
{
    fn alloc_bulk(
        &mut self,
        count: usize,
    ) -> Result<Vec<SubPageId<PARENT_SIZE, SUB_SIZE>>, MappedPageError> {
        if count == 0 {
            return Ok(Vec::new());
        }
        let mut ids = Vec::with_capacity(count);
        for _ in 0..count {
            match <Self as PageAllocator<SubPageId<PARENT_SIZE, SUB_SIZE>>>::alloc(self) {
                Ok(id) => ids.push(id),
                Err(e) => {
                    for id in ids.drain(..) {
                        let _ = <Self as PageAllocator<SubPageId<PARENT_SIZE, SUB_SIZE>>>::free(
                            self, id,
                        );
                    }
                    return Err(e);
                }
            }
        }
        Ok(ids)
    }

    fn free_bulk(
        &mut self,
        mut ids: Vec<SubPageId<PARENT_SIZE, SUB_SIZE>>,
    ) -> Result<(), MappedPageError> {
        if ids.is_empty() {
            return Ok(());
        }

        // Sort and detect duplicates before touching any state.
        ids.sort_unstable();
        for w in ids.windows(2) {
            if w[0] == w[1] {
                return Err(MappedPageError::DoubleFree);
            }
        }

        // Validate every id atomically: bounds check and in-use check.
        for id in &ids {
            if id.sub_index as usize >= PARENT_SIZE / SUB_SIZE {
                return Err(MappedPageError::OutOfBounds);
            }
            let slot = self
                .slots
                .get(id.slot_index as usize)
                .ok_or(MappedPageError::OutOfBounds)?;
            let slot = slot.as_ref().ok_or(MappedPageError::DoubleFree)?;
            if slot.used & (1u64 << id.sub_index) == 0 {
                return Err(MappedPageError::DoubleFree);
            }
        }

        // All ids are valid: clear their bits and collect big pages that
        // become fully free so they can be returned to the inner pager.
        let mut to_release: Vec<PageId<PARENT_SIZE>> = Vec::new();
        for id in &ids {
            let slot_opt = &mut self.slots[id.slot_index as usize];
            let slot = slot_opt.as_mut().unwrap(); // safe: validated above
            slot.used &= !(1u64 << id.sub_index);
            if slot.used == 0 {
                let big_id = slot.id;
                *slot_opt = None;
                to_release.push(big_id);
            }
        }
        for big_id in to_release {
            self.pager.free(big_id)?;
        }
        Ok(())
    }
}

// ── PageHandle impl ───────────────────────────────────────────────────────────

impl<const PARENT_SIZE: usize, const SUB_SIZE: usize>
    PageHandle<SubPageAllocator<PARENT_SIZE, SUB_SIZE>> for SubPageId<PARENT_SIZE, SUB_SIZE>
{
    type Error = MappedPageError;
    type Mut<'a>
        = &'a mut MappedPage
    where
        SubPageAllocator<PARENT_SIZE, SUB_SIZE>: 'a,
        Self: 'a;

    fn get<'a>(
        &self,
        allocator: &'a SubPageAllocator<PARENT_SIZE, SUB_SIZE>,
    ) -> Result<&'a MappedPage, MappedPageError> {
        const {
            assert!(
                SUB_SIZE.is_power_of_two(),
                "SUB_SIZE must be a power of two"
            )
        };
        const {
            assert!(
                PARENT_SIZE.is_multiple_of(SUB_SIZE),
                "PARENT_SIZE must be divisible by SUB_SIZE"
            )
        };
        const {
            assert!(
                SUB_SIZE < PARENT_SIZE,
                "SUB_SIZE must be less than PARENT_SIZE"
            )
        };
        const {
            assert!(
                PARENT_SIZE / SUB_SIZE <= 64,
                "PARENT_SIZE / SUB_SIZE must be at most 64"
            )
        };

        if self.sub_index as usize >= PARENT_SIZE / SUB_SIZE {
            return Err(MappedPageError::OutOfBounds);
        }

        let slot = allocator
            .slots
            .get(self.slot_index as usize)
            .and_then(Option::as_ref)
            .ok_or(MappedPageError::OutOfBounds)?;

        let big_page = slot.id.get(&allocator.pager)?;
        let start = self.sub_index as usize * SUB_SIZE;
        Ok(unsafe { MappedPage::from_slice(&big_page.as_bytes()[start..start + SUB_SIZE]) })
    }

    fn get_mut<'a>(
        &self,
        allocator: &'a mut SubPageAllocator<PARENT_SIZE, SUB_SIZE>,
    ) -> Result<&'a mut MappedPage, MappedPageError> {
        const {
            assert!(
                SUB_SIZE.is_power_of_two(),
                "SUB_SIZE must be a power of two"
            )
        };
        const {
            assert!(
                PARENT_SIZE.is_multiple_of(SUB_SIZE),
                "PARENT_SIZE must be divisible by SUB_SIZE"
            )
        };
        const {
            assert!(
                SUB_SIZE < PARENT_SIZE,
                "SUB_SIZE must be less than PARENT_SIZE"
            )
        };
        const {
            assert!(
                PARENT_SIZE / SUB_SIZE <= 64,
                "PARENT_SIZE / SUB_SIZE must be at most 64"
            )
        };

        if self.sub_index as usize >= PARENT_SIZE / SUB_SIZE {
            return Err(MappedPageError::OutOfBounds);
        }

        // Extract big_id (Copy) while slots is borrowed, then drop that borrow
        // before mutably borrowing pager — required to avoid overlapping field
        // borrows on the same SubPageAllocator.
        let big_id = allocator
            .slots
            .get(self.slot_index as usize)
            .and_then(Option::as_ref)
            .ok_or(MappedPageError::OutOfBounds)?
            .id;

        let big_page = big_id.get_mut(&mut allocator.pager)?;
        let start = self.sub_index as usize * SUB_SIZE;
        Ok(unsafe {
            MappedPage::from_slice_mut(&mut big_page.as_bytes_mut()[start..start + SUB_SIZE])
        })
    }
}