xref: /illumos-gate/usr/src/uts/common/sys/kmem_impl.h (revision 1bff1300cebf1ea8e11ce928b10e208097e67f24)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright 2018 Joyent, Inc.
25  */
26 
27 #ifndef _SYS_KMEM_IMPL_H
28 #define	_SYS_KMEM_IMPL_H
29 
30 #include <sys/kmem.h>
31 #include <sys/vmem.h>
32 #include <sys/thread.h>
33 #include <sys/t_lock.h>
34 #include <sys/time.h>
35 #include <sys/kstat.h>
36 #include <sys/cpuvar.h>
37 #include <sys/systm.h>
38 #include <vm/page.h>
39 #include <sys/avl.h>
40 #include <sys/list.h>
41 
42 #ifdef	__cplusplus
43 extern "C" {
44 #endif
45 
46 /*
47  * kernel memory allocator: implementation-private data structures
48  *
49  * Lock order:
50  * 1. cache_lock
51  * 2. cc_lock in order by CPU ID
52  * 3. cache_depot_lock
53  *
54  * Do not call kmem_cache_alloc() or taskq_dispatch() while holding any of the
55  * above locks.
56  */
57 
58 #define	KMF_AUDIT	0x00000001	/* transaction auditing */
59 #define	KMF_DEADBEEF	0x00000002	/* deadbeef checking */
60 #define	KMF_REDZONE	0x00000004	/* redzone checking */
61 #define	KMF_CONTENTS	0x00000008	/* freed-buffer content logging */
62 #define	KMF_STICKY	0x00000010	/* if set, override /etc/system */
63 #define	KMF_NOMAGAZINE	0x00000020	/* disable per-cpu magazines */
64 #define	KMF_FIREWALL	0x00000040	/* put all bufs before unmapped pages */
65 #define	KMF_LITE	0x00000100	/* lightweight debugging */
66 
67 #define	KMF_HASH	0x00000200	/* cache has hash table */
68 #define	KMF_RANDOMIZE	0x00000400	/* randomize other kmem_flags */
69 
70 #define	KMF_DUMPDIVERT	0x00001000	/* use alternate memory at dump time */
71 #define	KMF_DUMPUNSAFE	0x00002000	/* flag caches used at dump time */
72 #define	KMF_PREFILL	0x00004000	/* Prefill the slab when created. */
73 
74 #define	KMF_BUFTAG	(KMF_DEADBEEF | KMF_REDZONE)
75 #define	KMF_TOUCH	(KMF_BUFTAG | KMF_LITE | KMF_CONTENTS)
76 #define	KMF_RANDOM	(KMF_TOUCH | KMF_AUDIT | KMF_NOMAGAZINE)
77 #define	KMF_DEBUG	(KMF_RANDOM | KMF_FIREWALL)
78 
79 #define	KMEM_STACK_DEPTH	15
80 
81 #define	KMEM_FREE_PATTERN		0xdeadbeefdeadbeefULL
82 #define	KMEM_UNINITIALIZED_PATTERN	0xbaddcafebaddcafeULL
83 #define	KMEM_REDZONE_PATTERN		0xfeedfacefeedfaceULL
84 #define	KMEM_REDZONE_BYTE		0xbb
85 
86 /*
87  * Redzone size encodings for kmem_alloc() / kmem_free().  We encode the
88  * allocation size, rather than storing it directly, so that kmem_free()
89  * can distinguish frees of the wrong size from redzone violations.
90  *
91  * A size of zero is never valid.
92  */
93 #define	KMEM_SIZE_ENCODE(x)	(251 * (x) + 1)
94 #define	KMEM_SIZE_DECODE(x)	((x) / 251)
95 #define	KMEM_SIZE_VALID(x)	((x) % 251 == 1 && (x) != 1)
96 
97 
98 #define	KMEM_ALIGN		8	/* min guaranteed alignment */
99 #define	KMEM_ALIGN_SHIFT	3	/* log2(KMEM_ALIGN) */
100 #define	KMEM_VOID_FRACTION	8	/* never waste more than 1/8 of slab */
101 
102 #define	KMEM_SLAB_IS_PARTIAL(sp)		\
103 	((sp)->slab_refcnt > 0 && (sp)->slab_refcnt < (sp)->slab_chunks)
104 #define	KMEM_SLAB_IS_ALL_USED(sp)		\
105 	((sp)->slab_refcnt == (sp)->slab_chunks)
106 
107 /*
108  * The bufctl (buffer control) structure keeps some minimal information
109  * about each buffer: its address, its slab, and its current linkage,
110  * which is either on the slab's freelist (if the buffer is free), or
111  * on the cache's buf-to-bufctl hash table (if the buffer is allocated).
112  * In the case of non-hashed, or "raw", caches (the common case), only
113  * the freelist linkage is necessary: the buffer address is at a fixed
114  * offset from the bufctl address, and the slab is at the end of the page.
115  *
116  * NOTE: bc_next must be the first field; raw buffers have linkage only.
117  */
118 typedef struct kmem_bufctl {
119 	struct kmem_bufctl	*bc_next;	/* next bufctl struct */
120 	void			*bc_addr;	/* address of buffer */
121 	struct kmem_slab	*bc_slab;	/* controlling slab */
122 } kmem_bufctl_t;
123 
124 /*
125  * The KMF_AUDIT version of the bufctl structure.  The beginning of this
126  * structure must be identical to the normal bufctl structure so that
127  * pointers are interchangeable.
128  */
129 typedef struct kmem_bufctl_audit {
130 	struct kmem_bufctl	*bc_next;	/* next bufctl struct */
131 	void			*bc_addr;	/* address of buffer */
132 	struct kmem_slab	*bc_slab;	/* controlling slab */
133 	kmem_cache_t		*bc_cache;	/* controlling cache */
134 	hrtime_t		bc_timestamp;	/* transaction time */
135 	kthread_t		*bc_thread;	/* thread doing transaction */
136 	struct kmem_bufctl	*bc_lastlog;	/* last log entry */
137 	void			*bc_contents;	/* contents at last free */
138 	int			bc_depth;	/* stack depth */
139 	pc_t			bc_stack[KMEM_STACK_DEPTH];	/* pc stack */
140 } kmem_bufctl_audit_t;
141 
142 /*
143  * A kmem_buftag structure is appended to each buffer whenever any of the
144  * KMF_BUFTAG flags (KMF_DEADBEEF, KMF_REDZONE, KMF_VERIFY) are set.
145  */
146 typedef struct kmem_buftag {
147 	uint64_t		bt_redzone;	/* 64-bit redzone pattern */
148 	kmem_bufctl_t		*bt_bufctl;	/* bufctl */
149 	intptr_t		bt_bxstat;	/* bufctl ^ (alloc/free) */
150 } kmem_buftag_t;
151 
152 /*
153  * A variant of the kmem_buftag structure used for KMF_LITE caches.
154  * Previous callers are stored in reverse chronological order. (i.e. most
155  * recent first)
156  */
157 typedef struct kmem_buftag_lite {
158 	kmem_buftag_t		bt_buftag;	/* a normal buftag */
159 	pc_t			bt_history[1];	/* zero or more callers */
160 } kmem_buftag_lite_t;
161 
162 #define	KMEM_BUFTAG_LITE_SIZE(f)	\
163 	(offsetof(kmem_buftag_lite_t, bt_history[f]))
164 
165 #define	KMEM_BUFTAG(cp, buf)		\
166 	((kmem_buftag_t *)((char *)(buf) + (cp)->cache_buftag))
167 
168 #define	KMEM_BUFCTL(cp, buf)		\
169 	((kmem_bufctl_t *)((char *)(buf) + (cp)->cache_bufctl))
170 
171 #define	KMEM_BUF(cp, bcp)		\
172 	((void *)((char *)(bcp) - (cp)->cache_bufctl))
173 
174 #define	KMEM_SLAB(cp, buf)		\
175 	((kmem_slab_t *)P2END((uintptr_t)(buf), (cp)->cache_slabsize) - 1)
176 
177 /*
178  * Test for using alternate memory at dump time.
179  */
180 #define	KMEM_DUMP(cp)		((cp)->cache_flags & KMF_DUMPDIVERT)
181 #define	KMEM_DUMPCC(ccp)	((ccp)->cc_flags & KMF_DUMPDIVERT)
182 
183 /*
184  * The "CPU" macro loads a cpu_t that refers to the cpu that the current
185  * thread is running on at the time the macro is executed.  A context switch
186  * may occur immediately after loading this data structure, leaving this
187  * thread pointing at the cpu_t for the previous cpu.  This is not a problem;
188  * we'd just end up checking the previous cpu's per-cpu cache, and then check
189  * the other layers of the kmem cache if need be.
190  *
191  * It's not even a problem if the old cpu gets DR'ed out during the context
192  * switch.  The cpu-remove DR operation bzero()s the cpu_t, but doesn't free
193  * it.  So the cpu_t's cpu_cache_offset would read as 0, causing us to use
194  * cpu 0's per-cpu cache.
195  *
196  * So, there is no need to disable kernel preemption while using the CPU macro
197  * below since if we have been context switched, there will not be any
198  * correctness problem, just a momentary use of a different per-cpu cache.
199  */
200 
201 #define	KMEM_CPU_CACHE(cp)						\
202 	((kmem_cpu_cache_t *)((char *)(&cp->cache_cpu) + CPU->cpu_cache_offset))
203 
204 #define	KMEM_MAGAZINE_VALID(cp, mp)	\
205 	(((kmem_slab_t *)P2END((uintptr_t)(mp), PAGESIZE) - 1)->slab_cache == \
206 	    (cp)->cache_magtype->mt_cache)
207 
208 #define	KMEM_SLAB_OFFSET(sp, buf)	\
209 	((size_t)((uintptr_t)(buf) - (uintptr_t)((sp)->slab_base)))
210 
211 #define	KMEM_SLAB_MEMBER(sp, buf)	\
212 	(KMEM_SLAB_OFFSET(sp, buf) < (sp)->slab_cache->cache_slabsize)
213 
214 #define	KMEM_BUFTAG_ALLOC	0xa110c8edUL
215 #define	KMEM_BUFTAG_FREE	0xf4eef4eeUL
216 
217 /* slab_later_count thresholds */
218 #define	KMEM_DISBELIEF		3
219 
220 /* slab_flags */
221 #define	KMEM_SLAB_NOMOVE	0x1
222 #define	KMEM_SLAB_MOVE_PENDING	0x2
223 
224 typedef struct kmem_slab {
225 	struct kmem_cache	*slab_cache;	/* controlling cache */
226 	void			*slab_base;	/* base of allocated memory */
227 	avl_node_t		slab_link;	/* slab linkage */
228 	struct kmem_bufctl	*slab_head;	/* first free buffer */
229 	long			slab_refcnt;	/* outstanding allocations */
230 	long			slab_chunks;	/* chunks (bufs) in this slab */
231 	uint32_t		slab_stuck_offset; /* unmoved buffer offset */
232 	uint16_t		slab_later_count; /* cf KMEM_CBRC_LATER */
233 	uint16_t		slab_flags;	/* bits to mark the slab */
234 } kmem_slab_t;
235 
236 #define	KMEM_HASH_INITIAL	64
237 
238 #define	KMEM_HASH(cp, buf)	\
239 	((cp)->cache_hash_table +	\
240 	(((uintptr_t)(buf) >> (cp)->cache_hash_shift) & (cp)->cache_hash_mask))
241 
242 typedef struct kmem_magazine {
243 	void	*mag_next;
244 	void	*mag_round[1];		/* one or more rounds */
245 } kmem_magazine_t;
246 
247 /*
248  * The magazine types for fast per-cpu allocation
249  */
250 typedef struct kmem_magtype {
251 	short		mt_magsize;	/* magazine size (number of rounds) */
252 	int		mt_align;	/* magazine alignment */
253 	size_t		mt_minbuf;	/* all smaller buffers qualify */
254 	size_t		mt_maxbuf;	/* no larger buffers qualify */
255 	kmem_cache_t	*mt_cache;	/* magazine cache */
256 } kmem_magtype_t;
257 
258 #define	KMEM_CPU_CACHE_SIZE	64	/* must be power of 2 */
259 #define	KMEM_CPU_PAD		(KMEM_CPU_CACHE_SIZE - sizeof (kmutex_t) - \
260 	2 * sizeof (uint64_t) - 2 * sizeof (void *) - sizeof (int) - \
261 	5 * sizeof (short))
262 #define	KMEM_CACHE_SIZE(ncpus)	\
263 	((size_t)(&((kmem_cache_t *)0)->cache_cpu[ncpus]))
264 
265 /* Offset from kmem_cache->cache_cpu for per cpu caches */
266 #define	KMEM_CPU_CACHE_OFFSET(cpuid)					\
267 	((size_t)(&((kmem_cache_t *)0)->cache_cpu[cpuid]) -		\
268 	(size_t)(&((kmem_cache_t *)0)->cache_cpu))
269 
270 typedef struct kmem_cpu_cache {
271 	kmutex_t	cc_lock;	/* protects this cpu's local cache */
272 	uint64_t	cc_alloc;	/* allocations from this cpu */
273 	uint64_t	cc_free;	/* frees to this cpu */
274 	kmem_magazine_t	*cc_loaded;	/* the currently loaded magazine */
275 	kmem_magazine_t	*cc_ploaded;	/* the previously loaded magazine */
276 	int		cc_flags;	/* CPU-local copy of cache_flags */
277 	short		cc_rounds;	/* number of objects in loaded mag */
278 	short		cc_prounds;	/* number of objects in previous mag */
279 	short		cc_magsize;	/* number of rounds in a full mag */
280 	short		cc_dump_rounds;	/* dump time copy of cc_rounds */
281 	short		cc_dump_prounds; /* dump time copy of cc_prounds */
282 	char		cc_pad[KMEM_CPU_PAD]; /* for nice alignment */
283 } kmem_cpu_cache_t;
284 
285 /*
286  * The magazine lists used in the depot.
287  */
288 typedef struct kmem_maglist {
289 	kmem_magazine_t	*ml_list;	/* magazine list */
290 	long		ml_total;	/* number of magazines */
291 	long		ml_min;		/* min since last update */
292 	long		ml_reaplimit;	/* max reapable magazines */
293 	uint64_t	ml_alloc;	/* allocations from this list */
294 } kmem_maglist_t;
295 
296 typedef struct kmem_defrag {
297 	/*
298 	 * Statistics
299 	 */
300 	uint64_t	kmd_callbacks;		/* move callbacks */
301 	uint64_t	kmd_yes;		/* KMEM_CBRC_YES responses */
302 	uint64_t	kmd_no;			/* NO responses */
303 	uint64_t	kmd_later;		/* LATER responses */
304 	uint64_t	kmd_dont_need;		/* DONT_NEED responses */
305 	uint64_t	kmd_dont_know;		/* DONT_KNOW responses */
306 	uint64_t	kmd_slabs_freed;	/* slabs freed by moves */
307 	uint64_t	kmd_defrags;		/* kmem_cache_defrag() */
308 	uint64_t	kmd_scans;		/* kmem_cache_scan() */
309 
310 	/*
311 	 * Consolidator fields
312 	 */
313 	avl_tree_t	kmd_moves_pending;	/* buffer moves pending */
314 	list_t		kmd_deadlist;		/* deferred slab frees */
315 	size_t		kmd_deadcount;		/* # of slabs in kmd_deadlist */
316 	uint8_t		kmd_reclaim_numer;	/* slab usage threshold */
317 	uint8_t		kmd_pad1;		/* compiler padding */
318 	uint16_t	kmd_consolidate;	/* triggers consolidator */
319 	uint32_t	kmd_pad2;		/* compiler padding */
320 	size_t		kmd_slabs_sought;	/* reclaimable slabs sought */
321 	size_t		kmd_slabs_found;	/* reclaimable slabs found */
322 	size_t		kmd_tries;		/* nth scan interval counter */
323 	/*
324 	 * Fields used to ASSERT that the client does not kmem_cache_free()
325 	 * objects passed to the move callback.
326 	 */
327 	void		*kmd_from_buf;		/* object to move */
328 	void		*kmd_to_buf;		/* move destination */
329 	kthread_t	*kmd_thread;		/* thread calling move */
330 } kmem_defrag_t;
331 
332 typedef struct kmem_dump {
333 	void		*kd_freelist;		/* heap during crash dump */
334 	uint_t		kd_alloc_fails;		/* # of allocation failures */
335 	uint_t		kd_unsafe;		/* cache was used, but unsafe */
336 } kmem_dump_t;
337 
338 #define	KMEM_CACHE_NAMELEN	31
339 
340 struct kmem_cache {
341 	/*
342 	 * Statistics
343 	 */
344 	uint64_t	cache_slab_create;	/* slab creates */
345 	uint64_t	cache_slab_destroy;	/* slab destroys */
346 	uint64_t	cache_slab_alloc;	/* slab layer allocations */
347 	uint64_t	cache_slab_free;	/* slab layer frees */
348 	uint64_t	cache_alloc_fail;	/* total failed allocations */
349 	uint64_t	cache_buftotal;		/* total buffers */
350 	uint64_t	cache_bufmax;		/* max buffers ever */
351 	uint64_t	cache_bufslab;		/* buffers free in slab layer */
352 	uint64_t	cache_reap;		/* cache reaps */
353 	uint64_t	cache_rescale;		/* hash table rescales */
354 	uint64_t	cache_lookup_depth;	/* hash lookup depth */
355 	uint64_t	cache_depot_contention;	/* mutex contention count */
356 	uint64_t	cache_depot_contention_prev; /* previous snapshot */
357 
358 	/*
359 	 * Cache properties
360 	 */
361 	char		cache_name[KMEM_CACHE_NAMELEN + 1];
362 	size_t		cache_bufsize;		/* object size */
363 	size_t		cache_align;		/* object alignment */
364 	int		(*cache_constructor)(void *, void *, int);
365 	void		(*cache_destructor)(void *, void *);
366 	void		(*cache_reclaim)(void *);
367 	kmem_cbrc_t	(*cache_move)(void *, void *, size_t, void *);
368 	void		*cache_private;		/* opaque arg to callbacks */
369 	vmem_t		*cache_arena;		/* vmem source for slabs */
370 	int		cache_cflags;		/* cache creation flags */
371 	int		cache_flags;		/* various cache state info */
372 	uint32_t	cache_mtbf;		/* induced alloc failure rate */
373 	uint32_t	cache_pad1;		/* compiler padding */
374 	kstat_t		*cache_kstat;		/* exported statistics */
375 	list_node_t	cache_link;		/* cache linkage */
376 
377 	/*
378 	 * Slab layer
379 	 */
380 	kmutex_t	cache_lock;		/* protects slab layer */
381 	size_t		cache_chunksize;	/* buf + alignment [+ debug] */
382 	size_t		cache_slabsize;		/* size of a slab */
383 	size_t		cache_maxchunks;	/* max buffers per slab */
384 	size_t		cache_bufctl;		/* buf-to-bufctl distance */
385 	size_t		cache_buftag;		/* buf-to-buftag distance */
386 	size_t		cache_verify;		/* bytes to verify */
387 	size_t		cache_contents;		/* bytes of saved content */
388 	size_t		cache_color;		/* next slab color */
389 	size_t		cache_mincolor;		/* maximum slab color */
390 	size_t		cache_maxcolor;		/* maximum slab color */
391 	size_t		cache_hash_shift;	/* get to interesting bits */
392 	size_t		cache_hash_mask;	/* hash table mask */
393 	list_t		cache_complete_slabs;	/* completely allocated slabs */
394 	size_t		cache_complete_slab_count;
395 	avl_tree_t	cache_partial_slabs;	/* partial slab freelist */
396 	size_t		cache_partial_binshift;	/* for AVL sort bins */
397 	kmem_cache_t	*cache_bufctl_cache;	/* source of bufctls */
398 	kmem_bufctl_t	**cache_hash_table;	/* hash table base */
399 	kmem_defrag_t	*cache_defrag;		/* slab consolidator fields */
400 
401 	/*
402 	 * Depot layer
403 	 */
404 	kmutex_t	cache_depot_lock;	/* protects depot */
405 	kmem_magtype_t	*cache_magtype;		/* magazine type */
406 	kmem_maglist_t	cache_full;		/* full magazines */
407 	kmem_maglist_t	cache_empty;		/* empty magazines */
408 	kmem_dump_t	cache_dump;		/* used during crash dump */
409 
410 	/*
411 	 * Per-CPU layer
412 	 */
413 	kmem_cpu_cache_t cache_cpu[1];		/* max_ncpus actual elements */
414 };
415 
416 typedef struct kmem_cpu_log_header {
417 	kmutex_t	clh_lock;
418 	char		*clh_current;
419 	size_t		clh_avail;
420 	int		clh_chunk;
421 	int		clh_hits;
422 	char		clh_pad[64 - sizeof (kmutex_t) - sizeof (char *) -
423 				sizeof (size_t) - 2 * sizeof (int)];
424 } kmem_cpu_log_header_t;
425 
426 typedef struct kmem_log_header {
427 	kmutex_t	lh_lock;
428 	char		*lh_base;
429 	int		*lh_free;
430 	size_t		lh_chunksize;
431 	int		lh_nchunks;
432 	int		lh_head;
433 	int		lh_tail;
434 	int		lh_hits;
435 	kmem_cpu_log_header_t lh_cpu[1];	/* ncpus actually allocated */
436 } kmem_log_header_t;
437 
438 /* kmem_move kmm_flags */
439 #define	KMM_DESPERATE		0x1
440 #define	KMM_NOTIFY		0x2
441 #define	KMM_DEBUG		0x4
442 
443 typedef struct kmem_move {
444 	kmem_slab_t	*kmm_from_slab;
445 	void		*kmm_from_buf;
446 	void		*kmm_to_buf;
447 	avl_node_t	kmm_entry;
448 	int		kmm_flags;
449 } kmem_move_t;
450 
451 /*
452  * In order to consolidate partial slabs, it must be possible for the cache to
453  * have partial slabs.
454  */
455 #define	KMEM_IS_MOVABLE(cp)						\
456 	(((cp)->cache_chunksize * 2) <= (cp)->cache_slabsize)
457 
458 #ifdef	__cplusplus
459 }
460 #endif
461 
462 #endif	/* _SYS_KMEM_IMPL_H */
463