blob: 4bfe0148139c738a263904aacd0a0d8ca7de00f5 [file] [log] [blame]
Willy Tarreau50e608d2007-05-13 18:26:08 +02001/*
2 * Memory management functions.
3 *
4 * Copyright 2000-2007 Willy Tarreau <w@1wt.eu>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
Willy Tarreauf14d1902021-10-05 18:14:11 +020012
13#include <sys/mman.h>
Willy Tarreau7107c8b2018-11-26 11:44:35 +010014#include <errno.h>
Willy Tarreau50e608d2007-05-13 18:26:08 +020015
Willy Tarreau5d9ddc52021-10-06 19:54:09 +020016#include <haproxy/activity.h>
Willy Tarreau4c7e4b72020-05-27 12:58:42 +020017#include <haproxy/api.h>
Willy Tarreaub2551052020-06-09 09:07:15 +020018#include <haproxy/applet-t.h>
Willy Tarreau6be78492020-06-05 00:00:29 +020019#include <haproxy/cfgparse.h>
Willy Tarreauf1d32c42020-06-04 21:07:02 +020020#include <haproxy/channel.h>
Willy Tarreau83487a82020-06-04 20:19:54 +020021#include <haproxy/cli.h>
Willy Tarreau36979d92020-06-05 17:27:29 +020022#include <haproxy/errors.h>
Willy Tarreauf268ee82020-06-04 17:05:57 +020023#include <haproxy/global.h>
Willy Tarreau853b2972020-05-27 18:01:47 +020024#include <haproxy/list.h>
Willy Tarreaub2551052020-06-09 09:07:15 +020025#include <haproxy/pool.h>
Willy Tarreau2eec9b52020-06-04 19:58:55 +020026#include <haproxy/stats-t.h>
Willy Tarreau5e539c92020-06-04 20:45:39 +020027#include <haproxy/stream_interface.h>
Willy Tarreaub2551052020-06-09 09:07:15 +020028#include <haproxy/thread.h>
Willy Tarreau48fbcae2020-06-03 18:09:46 +020029#include <haproxy/tools.h>
Willy Tarreau50e608d2007-05-13 18:26:08 +020030
Willy Tarreau50e608d2007-05-13 18:26:08 +020031
Willy Tarreau2d6f6282021-04-15 16:24:00 +020032#ifdef CONFIG_HAP_POOLS
Willy Tarreau7f0165e2018-11-26 17:09:46 +010033/* These ones are initialized per-thread on startup by init_pools() */
Willy Tarreaue18db9e2018-10-16 10:28:54 +020034THREAD_LOCAL size_t pool_cache_bytes = 0; /* total cache size */
35THREAD_LOCAL size_t pool_cache_count = 0; /* #cache objects */
Willy Tarreaued891fd2020-06-01 19:00:28 +020036#endif
Willy Tarreaue18db9e2018-10-16 10:28:54 +020037
Willy Tarreau50e608d2007-05-13 18:26:08 +020038static struct list pools = LIST_HEAD_INIT(pools);
Willy Tarreau067ac9f2015-10-08 14:12:13 +020039int mem_poison_byte = -1;
Willy Tarreau50e608d2007-05-13 18:26:08 +020040
Olivier Houcharddc21ff72019-01-29 15:20:16 +010041#ifdef DEBUG_FAIL_ALLOC
42static int mem_fail_rate = 0;
Olivier Houcharddc21ff72019-01-29 15:20:16 +010043#endif
44
Willy Tarreauea3323f2021-09-15 10:38:21 +020045#if defined(HA_HAVE_MALLOC_TRIM)
Willy Tarreau157e3932021-09-15 10:05:48 +020046static int using_libc_allocator = 0;
47
Willy Tarreauea3323f2021-09-15 10:38:21 +020048/* ask the allocator to trim memory pools */
49static void trim_all_pools(void)
50{
51 if (using_libc_allocator)
52 malloc_trim(0);
53}
54
Willy Tarreau157e3932021-09-15 10:05:48 +020055/* check if we're using the same allocator as the one that provides
56 * malloc_trim() and mallinfo(). The principle is that on glibc, both
57 * malloc_trim() and mallinfo() are provided, and using mallinfo() we
58 * can check if malloc() is performed through glibc or any other one
59 * the executable was linked against (e.g. jemalloc).
60 */
61static void detect_allocator(void)
62{
Willy Tarreauc2afb862021-09-16 09:18:21 +020063#ifdef HA_HAVE_MALLINFO2
64 struct mallinfo2 mi1, mi2;
65#else
Willy Tarreau157e3932021-09-15 10:05:48 +020066 struct mallinfo mi1, mi2;
Willy Tarreauc2afb862021-09-16 09:18:21 +020067#endif
Willy Tarreau157e3932021-09-15 10:05:48 +020068 void *ptr;
69
Willy Tarreauc2afb862021-09-16 09:18:21 +020070#ifdef HA_HAVE_MALLINFO2
71 mi1 = mallinfo2();
72#else
Willy Tarreau157e3932021-09-15 10:05:48 +020073 mi1 = mallinfo();
Willy Tarreauc2afb862021-09-16 09:18:21 +020074#endif
Willy Tarreau157e3932021-09-15 10:05:48 +020075 ptr = DISGUISE(malloc(1));
Willy Tarreauc2afb862021-09-16 09:18:21 +020076#ifdef HA_HAVE_MALLINFO2
77 mi2 = mallinfo2();
78#else
Willy Tarreau157e3932021-09-15 10:05:48 +020079 mi2 = mallinfo();
Willy Tarreauc2afb862021-09-16 09:18:21 +020080#endif
Willy Tarreau157e3932021-09-15 10:05:48 +020081 free(DISGUISE(ptr));
82
83 using_libc_allocator = !!memcmp(&mi1, &mi2, sizeof(mi1));
84}
Willy Tarreau845b5602021-09-15 10:41:24 +020085
86static int is_trim_enabled(void)
87{
88 return using_libc_allocator;
89}
Willy Tarreauea3323f2021-09-15 10:38:21 +020090#else
91
92static void trim_all_pools(void)
93{
94}
Willy Tarreau157e3932021-09-15 10:05:48 +020095
96static void detect_allocator(void)
97{
Willy Tarreau845b5602021-09-15 10:41:24 +020098}
99
100static int is_trim_enabled(void)
101{
102 return 0;
Willy Tarreau157e3932021-09-15 10:05:48 +0200103}
Willy Tarreauea3323f2021-09-15 10:38:21 +0200104#endif
105
Willy Tarreau50e608d2007-05-13 18:26:08 +0200106/* Try to find an existing shared pool with the same characteristics and
107 * returns it, otherwise creates this one. NULL is returned if no memory
Willy Tarreau581bf812016-01-25 02:19:13 +0100108 * is available for a new creation. Two flags are supported :
109 * - MEM_F_SHARED to indicate that the pool may be shared with other users
110 * - MEM_F_EXACT to indicate that the size must not be rounded up
Willy Tarreau50e608d2007-05-13 18:26:08 +0200111 */
112struct pool_head *create_pool(char *name, unsigned int size, unsigned int flags)
113{
114 struct pool_head *pool;
Willy Tarreau7dcd46d2007-05-14 00:16:13 +0200115 struct pool_head *entry;
116 struct list *start;
Willy Tarreau50e608d2007-05-13 18:26:08 +0200117 unsigned int align;
Willy Tarreau9f3129e2021-04-17 00:31:38 +0200118 int thr __maybe_unused;
Willy Tarreau50e608d2007-05-13 18:26:08 +0200119
Willy Tarreauac421112015-10-28 15:09:29 +0100120 /* We need to store a (void *) at the end of the chunks. Since we know
Willy Tarreau50e608d2007-05-13 18:26:08 +0200121 * that the malloc() function will never return such a small size,
122 * let's round the size up to something slightly bigger, in order to
123 * ease merging of entries. Note that the rounding is a power of two.
Willy Tarreauac421112015-10-28 15:09:29 +0100124 * This extra (void *) is not accounted for in the size computation
125 * so that the visible parts outside are not affected.
Willy Tarreau30f931e2018-10-23 14:40:23 +0200126 *
127 * Note: for the LRU cache, we need to store 2 doubly-linked lists.
Willy Tarreau50e608d2007-05-13 18:26:08 +0200128 */
129
Willy Tarreau581bf812016-01-25 02:19:13 +0100130 if (!(flags & MEM_F_EXACT)) {
Willy Tarreau30f931e2018-10-23 14:40:23 +0200131 align = 4 * sizeof(void *); // 2 lists = 4 pointers min
Willy Tarreau581bf812016-01-25 02:19:13 +0100132 size = ((size + POOL_EXTRA + align - 1) & -align) - POOL_EXTRA;
133 }
Willy Tarreau50e608d2007-05-13 18:26:08 +0200134
Christopher Fauletb349e482017-08-29 09:52:38 +0200135 /* TODO: thread: we do not lock pool list for now because all pools are
136 * created during HAProxy startup (so before threads creation) */
Willy Tarreau7dcd46d2007-05-14 00:16:13 +0200137 start = &pools;
Willy Tarreau50e608d2007-05-13 18:26:08 +0200138 pool = NULL;
Willy Tarreau7dcd46d2007-05-14 00:16:13 +0200139
140 list_for_each_entry(entry, &pools, list) {
141 if (entry->size == size) {
142 /* either we can share this place and we take it, or
Ilya Shipitsin47d17182020-06-21 21:42:57 +0500143 * we look for a shareable one or for the next position
Willy Tarreau7dcd46d2007-05-14 00:16:13 +0200144 * before which we will insert a new one.
145 */
Willy Tarreau1ab6c0b2021-05-05 07:29:01 +0200146 if ((flags & entry->flags & MEM_F_SHARED)
147#ifdef DEBUG_DONT_SHARE_POOLS
148 && strcmp(name, entry->name) == 0
149#endif
150 ) {
Willy Tarreau7dcd46d2007-05-14 00:16:13 +0200151 /* we can share this one */
Willy Tarreau50e608d2007-05-13 18:26:08 +0200152 pool = entry;
Krzysztof Piotr Oledzkia643baf2008-05-29 23:53:44 +0200153 DPRINTF(stderr, "Sharing %s with %s\n", name, pool->name);
Willy Tarreau50e608d2007-05-13 18:26:08 +0200154 break;
155 }
156 }
Willy Tarreau7dcd46d2007-05-14 00:16:13 +0200157 else if (entry->size > size) {
158 /* insert before this one */
159 start = &entry->list;
160 break;
161 }
Willy Tarreau50e608d2007-05-13 18:26:08 +0200162 }
163
164 if (!pool) {
Willy Tarreau0a93b642018-10-16 07:58:39 +0200165 if (!pool)
166 pool = calloc(1, sizeof(*pool));
167
Willy Tarreau50e608d2007-05-13 18:26:08 +0200168 if (!pool)
169 return NULL;
170 if (name)
171 strlcpy2(pool->name, name, sizeof(pool->name));
172 pool->size = size;
173 pool->flags = flags;
Willy Tarreau2b718102021-04-21 07:32:39 +0200174 LIST_APPEND(start, &pool->list);
Christopher Faulet2f6d3c02019-06-25 21:45:59 +0200175
Willy Tarreau2d6f6282021-04-15 16:24:00 +0200176#ifdef CONFIG_HAP_POOLS
Christopher Faulet2f6d3c02019-06-25 21:45:59 +0200177 /* update per-thread pool cache if necessary */
Willy Tarreau9f3129e2021-04-17 00:31:38 +0200178 for (thr = 0; thr < MAX_THREADS; thr++) {
179 LIST_INIT(&pool->cache[thr].list);
Christopher Faulet2f6d3c02019-06-25 21:45:59 +0200180 }
Willy Tarreaued891fd2020-06-01 19:00:28 +0200181#endif
Olivier Houchard8af97eb2020-02-01 17:45:32 +0100182 }
183 pool->users++;
Willy Tarreau50e608d2007-05-13 18:26:08 +0200184 return pool;
185}
Olivier Houchardcf975d42018-01-24 18:38:31 +0100186
Willy Tarreau13843642021-04-17 16:57:25 +0200187/* Tries to allocate an object for the pool <pool> using the system's allocator
188 * and directly returns it. The pool's allocated counter is checked and updated,
Willy Tarreau8715dec2021-06-10 17:31:48 +0200189 * but no other checks are performed.
Willy Tarreau13843642021-04-17 16:57:25 +0200190 */
191void *pool_get_from_os(struct pool_head *pool)
192{
193 if (!pool->limit || pool->allocated < pool->limit) {
194 void *ptr = pool_alloc_area(pool->size + POOL_EXTRA);
195 if (ptr) {
196 _HA_ATOMIC_INC(&pool->allocated);
197 return ptr;
198 }
199 _HA_ATOMIC_INC(&pool->failed);
200 }
201 activity[tid].pool_fail++;
202 return NULL;
203
204}
205
Willy Tarreau45e4e282021-04-17 17:48:40 +0200206/* Releases a pool item back to the operating system and atomically updates
207 * the allocation counter.
208 */
209void pool_put_to_os(struct pool_head *pool, void *ptr)
210{
Willy Tarreau9a7aa3b2021-06-10 17:20:19 +0200211#ifdef DEBUG_UAF
212 /* This object will be released for real in order to detect a use after
213 * free. We also force a write to the area to ensure we crash on double
214 * free or free of a const area.
215 */
216 *(uint32_t *)ptr = 0xDEADADD4;
217#endif /* DEBUG_UAF */
218
Willy Tarreau45e4e282021-04-17 17:48:40 +0200219 pool_free_area(ptr, pool->size + POOL_EXTRA);
220 _HA_ATOMIC_DEC(&pool->allocated);
221}
222
Willy Tarreau8fe726f2021-04-15 18:20:12 +0200223/* Tries to allocate an object for the pool <pool> using the system's allocator
224 * and directly returns it. The pool's counters are updated but the object is
225 * never cached, so this is usable with and without local or shared caches.
Willy Tarreau8fe726f2021-04-15 18:20:12 +0200226 */
227void *pool_alloc_nocache(struct pool_head *pool)
Willy Tarreau0bae0752021-03-02 20:05:09 +0100228{
Willy Tarreau0bae0752021-03-02 20:05:09 +0100229 void *ptr = NULL;
230
Willy Tarreau13843642021-04-17 16:57:25 +0200231 ptr = pool_get_from_os(pool);
232 if (!ptr)
Willy Tarreau0bae0752021-03-02 20:05:09 +0100233 return NULL;
Willy Tarreau0bae0752021-03-02 20:05:09 +0100234
Willy Tarreau13843642021-04-17 16:57:25 +0200235 swrate_add_scaled(&pool->needed_avg, POOL_AVG_SAMPLES, pool->used, POOL_AVG_SAMPLES/4);
Willy Tarreau4781b152021-04-06 13:53:36 +0200236 _HA_ATOMIC_INC(&pool->used);
Willy Tarreau0bae0752021-03-02 20:05:09 +0100237
238#ifdef DEBUG_MEMORY_POOLS
239 /* keep track of where the element was allocated from */
240 *POOL_LINK(pool, ptr) = (void *)pool;
241#endif
242 return ptr;
243}
244
Willy Tarreau45e4e282021-04-17 17:48:40 +0200245/* Release a pool item back to the OS and keeps the pool's counters up to date.
246 * This is always defined even when pools are not enabled (their usage stats
247 * are maintained).
248 */
249void pool_free_nocache(struct pool_head *pool, void *ptr)
250{
251 _HA_ATOMIC_DEC(&pool->used);
252 swrate_add(&pool->needed_avg, POOL_AVG_SAMPLES, pool->used);
253 pool_put_to_os(pool, ptr);
254}
255
Willy Tarreaub8498e92021-04-18 10:23:02 +0200256
257#ifdef CONFIG_HAP_POOLS
258
Willy Tarreau87212032021-04-19 08:14:03 +0200259/* Evicts some of the oldest objects from one local cache, until its number of
260 * objects is no more than 16+1/8 of the total number of locally cached objects
261 * or the total size of the local cache is no more than 75% of its maximum (i.e.
262 * we don't want a single cache to use all the cache for itself). For this, the
263 * list is scanned in reverse.
264 */
265void pool_evict_from_local_cache(struct pool_head *pool)
266{
267 struct pool_cache_head *ph = &pool->cache[tid];
268 struct pool_cache_item *item;
Willy Tarreau87212032021-04-19 08:14:03 +0200269
270 while (ph->count >= 16 + pool_cache_count / 8 &&
271 pool_cache_bytes > CONFIG_HAP_POOL_CACHE_SIZE * 3 / 4) {
272 item = LIST_NEXT(&ph->list, typeof(item), by_pool);
273 ph->count--;
274 pool_cache_bytes -= pool->size;
275 pool_cache_count--;
Willy Tarreau2b718102021-04-21 07:32:39 +0200276 LIST_DELETE(&item->by_pool);
277 LIST_DELETE(&item->by_lru);
Willy Tarreau87212032021-04-19 08:14:03 +0200278 pool_put_to_shared_cache(pool, item);
279 }
280}
281
Willy Tarreaub8498e92021-04-18 10:23:02 +0200282/* Evicts some of the oldest objects from the local cache, pushing them to the
283 * global pool.
284 */
285void pool_evict_from_local_caches()
286{
287 struct pool_cache_item *item;
288 struct pool_cache_head *ph;
289 struct pool_head *pool;
290
291 do {
292 item = LIST_PREV(&ti->pool_lru_head, struct pool_cache_item *, by_lru);
293 /* note: by definition we remove oldest objects so they also are the
294 * oldest in their own pools, thus their next is the pool's head.
295 */
296 ph = LIST_NEXT(&item->by_pool, struct pool_cache_head *, list);
297 pool = container_of(ph - tid, struct pool_head, cache);
Willy Tarreau2b718102021-04-21 07:32:39 +0200298 LIST_DELETE(&item->by_pool);
299 LIST_DELETE(&item->by_lru);
Willy Tarreaub8498e92021-04-18 10:23:02 +0200300 ph->count--;
301 pool_cache_count--;
302 pool_cache_bytes -= pool->size;
303 pool_put_to_shared_cache(pool, item);
304 } while (pool_cache_bytes > CONFIG_HAP_POOL_CACHE_SIZE * 7 / 8);
305}
Willy Tarreau0bae0752021-03-02 20:05:09 +0100306
Willy Tarreaub2a853d2021-04-19 11:49:26 +0200307/* Frees an object to the local cache, possibly pushing oldest objects to the
308 * shared cache, which itself may decide to release some of them to the OS.
309 * While it is unspecified what the object becomes past this point, it is
310 * guaranteed to be released from the users' perpective.
311 */
312void pool_put_to_cache(struct pool_head *pool, void *ptr)
313{
314 struct pool_cache_item *item = (struct pool_cache_item *)ptr;
315 struct pool_cache_head *ph = &pool->cache[tid];
316
Willy Tarreau2b718102021-04-21 07:32:39 +0200317 LIST_INSERT(&ph->list, &item->by_pool);
318 LIST_INSERT(&ti->pool_lru_head, &item->by_lru);
Willy Tarreaub2a853d2021-04-19 11:49:26 +0200319 ph->count++;
320 pool_cache_count++;
321 pool_cache_bytes += pool->size;
322
323 if (unlikely(pool_cache_bytes > CONFIG_HAP_POOL_CACHE_SIZE * 3 / 4)) {
324 if (ph->count >= 16 + pool_cache_count / 8)
325 pool_evict_from_local_cache(pool);
326 if (pool_cache_bytes > CONFIG_HAP_POOL_CACHE_SIZE)
327 pool_evict_from_local_caches();
328 }
329}
330
Willy Tarreaueb3cc292021-04-15 18:13:13 +0200331#if defined(CONFIG_HAP_NO_GLOBAL_POOLS)
332
Willy Tarreau0bae0752021-03-02 20:05:09 +0100333/* legacy stuff */
334void pool_flush(struct pool_head *pool)
335{
336}
337
338/* This function might ask the malloc library to trim its buffers. */
339void pool_gc(struct pool_head *pool_ctx)
340{
Willy Tarreauea3323f2021-09-15 10:38:21 +0200341 trim_all_pools();
Willy Tarreau0bae0752021-03-02 20:05:09 +0100342}
343
Willy Tarreau9b3ed512021-06-10 10:21:35 +0200344#else /* CONFIG_HAP_NO_GLOBAL_POOLS */
345
Olivier Houchardcf975d42018-01-24 18:38:31 +0100346/*
347 * This function frees whatever can be freed in pool <pool>.
348 */
349void pool_flush(struct pool_head *pool)
350{
Willy Tarreau2a4523f2021-06-09 18:59:58 +0200351 void *next, *temp;
Olivier Houchardcf975d42018-01-24 18:38:31 +0100352
353 if (!pool)
354 return;
Willy Tarreau2a4523f2021-06-09 18:59:58 +0200355
356 /* The loop below atomically detaches the head of the free list and
357 * replaces it with a NULL. Then the list can be released.
358 */
359 next = pool->free_list;
Olivier Houchardcf975d42018-01-24 18:38:31 +0100360 do {
Willy Tarreau2a4523f2021-06-09 18:59:58 +0200361 while (unlikely(next == POOL_BUSY)) {
362 __ha_cpu_relax();
363 next = _HA_ATOMIC_LOAD(&pool->free_list);
364 }
365 if (next == NULL)
366 return;
367 } while (unlikely((next = _HA_ATOMIC_XCHG(&pool->free_list, POOL_BUSY)) == POOL_BUSY));
368 _HA_ATOMIC_STORE(&pool->free_list, NULL);
Olivier Houchard20872762019-03-08 18:53:35 +0100369 __ha_barrier_atomic_store();
Willy Tarreau2a4523f2021-06-09 18:59:58 +0200370
Olivier Houchardcf975d42018-01-24 18:38:31 +0100371 while (next) {
372 temp = next;
373 next = *POOL_LINK(pool, temp);
Willy Tarreau45e4e282021-04-17 17:48:40 +0200374 pool_put_to_os(pool, temp);
Olivier Houchardcf975d42018-01-24 18:38:31 +0100375 }
Willy Tarreauc239cde2021-06-10 06:54:22 +0200376 /* here, we should have pool->allocated == pool->used */
Olivier Houchardcf975d42018-01-24 18:38:31 +0100377}
378
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200379/*
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200380 * This function frees whatever can be freed in all pools, but respecting
Willy Tarreauc0e2ff22020-04-24 06:15:24 +0200381 * the minimum thresholds imposed by owners. It makes sure to be alone to
382 * run by using thread_isolate(). <pool_ctx> is unused.
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200383 */
Willy Tarreaubafbe012017-11-24 17:34:44 +0100384void pool_gc(struct pool_head *pool_ctx)
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200385{
386 struct pool_head *entry;
Willy Tarreauc0e2ff22020-04-24 06:15:24 +0200387 int isolated = thread_isolated();
Willy Tarreaub7f9d122009-04-21 02:17:45 +0200388
Willy Tarreauc0e2ff22020-04-24 06:15:24 +0200389 if (!isolated)
390 thread_isolate();
Willy Tarreaub7f9d122009-04-21 02:17:45 +0200391
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200392 list_for_each_entry(entry, &pools, list) {
Olivier Houchard51d93392020-03-12 19:05:39 +0100393 void *temp;
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200394 //qfprintf(stderr, "Flushing pool %s\n", entry->name);
Olivier Houchard51d93392020-03-12 19:05:39 +0100395 while (entry->free_list &&
Willy Tarreau57767b82014-12-22 21:40:55 +0100396 (int)(entry->allocated - entry->used) > (int)entry->minavail) {
Olivier Houchard51d93392020-03-12 19:05:39 +0100397 temp = entry->free_list;
398 entry->free_list = *POOL_LINK(entry, temp);
Willy Tarreau45e4e282021-04-17 17:48:40 +0200399 pool_put_to_os(entry, temp);
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200400 }
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200401 }
Christopher Fauletb349e482017-08-29 09:52:38 +0200402
Willy Tarreauea3323f2021-09-15 10:38:21 +0200403 trim_all_pools();
Willy Tarreau26ed1832021-06-10 08:40:16 +0200404
Willy Tarreauc0e2ff22020-04-24 06:15:24 +0200405 if (!isolated)
406 thread_release();
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200407}
Willy Tarreau9b3ed512021-06-10 10:21:35 +0200408#endif /* CONFIG_HAP_NO_GLOBAL_POOLS */
Willy Tarreaub8498e92021-04-18 10:23:02 +0200409
410#else /* CONFIG_HAP_POOLS */
411
412/* legacy stuff */
413void pool_flush(struct pool_head *pool)
414{
415}
416
417/* This function might ask the malloc library to trim its buffers. */
418void pool_gc(struct pool_head *pool_ctx)
419{
Willy Tarreauea3323f2021-09-15 10:38:21 +0200420 trim_all_pools();
Willy Tarreaub8498e92021-04-18 10:23:02 +0200421}
422
423#endif /* CONFIG_HAP_POOLS */
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200424
Willy Tarreauf14d1902021-10-05 18:14:11 +0200425
426#ifdef DEBUG_UAF
427
428/************* use-after-free allocator *************/
429
430/* allocates an area of size <size> and returns it. The semantics are similar
431 * to those of malloc(). However the allocation is rounded up to 4kB so that a
432 * full page is allocated. This ensures the object can be freed alone so that
433 * future dereferences are easily detected. The returned object is always
434 * 16-bytes aligned to avoid issues with unaligned structure objects. In case
435 * some padding is added, the area's start address is copied at the end of the
436 * padding to help detect underflows.
437 */
438void *pool_alloc_area_uaf(size_t size)
439{
440 size_t pad = (4096 - size) & 0xFF0;
441 int isolated;
442 void *ret;
443
444 isolated = thread_isolated();
445 if (!isolated)
446 thread_harmless_now();
447 ret = mmap(NULL, (size + 4095) & -4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
448 if (ret != MAP_FAILED) {
449 /* let's dereference the page before returning so that the real
450 * allocation in the system is performed without holding the lock.
451 */
452 *(int *)ret = 0;
453 if (pad >= sizeof(void *))
454 *(void **)(ret + pad - sizeof(void *)) = ret + pad;
455 ret += pad;
456 } else {
457 ret = NULL;
458 }
459 if (!isolated)
460 thread_harmless_end();
461 return ret;
462}
463
464/* frees an area <area> of size <size> allocated by pool_alloc_area(). The
465 * semantics are identical to free() except that the size must absolutely match
466 * the one passed to pool_alloc_area(). In case some padding is added, the
467 * area's start address is compared to the one at the end of the padding, and
468 * a segfault is triggered if they don't match, indicating an underflow.
469 */
470void pool_free_area_uaf(void *area, size_t size)
471{
472 size_t pad = (4096 - size) & 0xFF0;
473
474 if (pad >= sizeof(void *) && *(void **)(area - sizeof(void *)) != area)
475 ABORT_NOW();
476
477 thread_harmless_now();
478 munmap(area - pad, (size + 4095) & -4096);
479 thread_harmless_end();
480}
481
482#endif /* DEBUG_UAF */
483
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200484/*
Willy Tarreaudae4aa82007-06-16 23:19:53 +0200485 * This function destroys a pool by freeing it completely, unless it's still
486 * in use. This should be called only under extreme circumstances. It always
487 * returns NULL if the resulting pool is empty, easing the clearing of the old
488 * pointer, otherwise it returns the pool.
489 * .
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200490 */
Willy Tarreaubafbe012017-11-24 17:34:44 +0100491void *pool_destroy(struct pool_head *pool)
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200492{
Willy Tarreau4d2d0982007-05-14 00:39:29 +0200493 if (pool) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100494 pool_flush(pool);
Willy Tarreaudae4aa82007-06-16 23:19:53 +0200495 if (pool->used)
496 return pool;
497 pool->users--;
498 if (!pool->users) {
Willy Tarreau2b718102021-04-21 07:32:39 +0200499 LIST_DELETE(&pool->list);
Willy Tarreau9f3129e2021-04-17 00:31:38 +0200500 /* note that if used == 0, the cache is empty */
501 free(pool);
Willy Tarreaudae4aa82007-06-16 23:19:53 +0200502 }
Willy Tarreau4d2d0982007-05-14 00:39:29 +0200503 }
504 return NULL;
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200505}
506
Willy Tarreau2455ceb2018-11-26 15:57:34 +0100507/* This destroys all pools on exit. It is *not* thread safe. */
508void pool_destroy_all()
509{
510 struct pool_head *entry, *back;
511
512 list_for_each_entry_safe(entry, back, &pools, list)
513 pool_destroy(entry);
514}
515
Willy Tarreau12833bb2014-01-28 16:49:56 +0100516/* This function dumps memory usage information into the trash buffer. */
517void dump_pools_to_trash()
Willy Tarreau50e608d2007-05-13 18:26:08 +0200518{
519 struct pool_head *entry;
520 unsigned long allocated, used;
521 int nbpools;
522
523 allocated = used = nbpools = 0;
Willy Tarreau12833bb2014-01-28 16:49:56 +0100524 chunk_printf(&trash, "Dumping pools usage. Use SIGQUIT to flush them.\n");
Willy Tarreau50e608d2007-05-13 18:26:08 +0200525 list_for_each_entry(entry, &pools, list) {
Willy Tarreau9f3129e2021-04-17 00:31:38 +0200526 chunk_appendf(&trash, " - Pool %s (%u bytes) : %u allocated (%u bytes), %u used, needed_avg %u, %u failures, %u users, @%p%s\n",
Willy Tarreaue6ce59d2007-05-13 19:38:49 +0200527 entry->name, entry->size, entry->allocated,
Willy Tarreaua1e4f8c2020-05-08 08:31:56 +0200528 entry->size * entry->allocated, entry->used,
Willy Tarreau606135a2020-06-01 12:35:03 +0200529 swrate_avg(entry->needed_avg, POOL_AVG_SAMPLES), entry->failed,
Willy Tarreau9f3129e2021-04-17 00:31:38 +0200530 entry->users, entry,
Willy Tarreau0a93b642018-10-16 07:58:39 +0200531 (entry->flags & MEM_F_SHARED) ? " [SHARED]" : "");
Willy Tarreau50e608d2007-05-13 18:26:08 +0200532
533 allocated += entry->allocated * entry->size;
534 used += entry->used * entry->size;
535 nbpools++;
536 }
Willy Tarreau12833bb2014-01-28 16:49:56 +0100537 chunk_appendf(&trash, "Total: %d pools, %lu bytes allocated, %lu used.\n",
Willy Tarreau50e608d2007-05-13 18:26:08 +0200538 nbpools, allocated, used);
539}
540
Willy Tarreau12833bb2014-01-28 16:49:56 +0100541/* Dump statistics on pools usage. */
542void dump_pools(void)
543{
544 dump_pools_to_trash();
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200545 qfprintf(stderr, "%s", trash.area);
Willy Tarreau12833bb2014-01-28 16:49:56 +0100546}
547
Willy Tarreau58102cf2015-10-28 16:24:21 +0100548/* This function returns the total number of failed pool allocations */
549int pool_total_failures()
550{
551 struct pool_head *entry;
552 int failed = 0;
553
554 list_for_each_entry(entry, &pools, list)
555 failed += entry->failed;
556 return failed;
557}
558
559/* This function returns the total amount of memory allocated in pools (in bytes) */
560unsigned long pool_total_allocated()
561{
562 struct pool_head *entry;
563 unsigned long allocated = 0;
564
565 list_for_each_entry(entry, &pools, list)
566 allocated += entry->allocated * entry->size;
567 return allocated;
568}
569
570/* This function returns the total amount of memory used in pools (in bytes) */
571unsigned long pool_total_used()
572{
573 struct pool_head *entry;
574 unsigned long used = 0;
575
576 list_for_each_entry(entry, &pools, list)
577 used += entry->used * entry->size;
578 return used;
579}
580
William Lallemande7ed8852016-11-19 02:25:36 +0100581/* This function dumps memory usage information onto the stream interface's
582 * read buffer. It returns 0 as long as it does not complete, non-zero upon
583 * completion. No state is used.
584 */
585static int cli_io_handler_dump_pools(struct appctx *appctx)
586{
587 struct stream_interface *si = appctx->owner;
588
589 dump_pools_to_trash();
Willy Tarreau06d80a92017-10-19 14:32:15 +0200590 if (ci_putchk(si_ic(si), &trash) == -1) {
Willy Tarreaudb398432018-11-15 11:08:52 +0100591 si_rx_room_blk(si);
William Lallemande7ed8852016-11-19 02:25:36 +0100592 return 0;
593 }
594 return 1;
595}
596
Willy Tarreau7107c8b2018-11-26 11:44:35 +0100597/* callback used to create early pool <name> of size <size> and store the
598 * resulting pointer into <ptr>. If the allocation fails, it quits with after
599 * emitting an error message.
600 */
601void create_pool_callback(struct pool_head **ptr, char *name, unsigned int size)
602{
603 *ptr = create_pool(name, size, MEM_F_SHARED);
604 if (!*ptr) {
605 ha_alert("Failed to allocate pool '%s' of size %u : %s. Aborting.\n",
606 name, size, strerror(errno));
607 exit(1);
608 }
609}
610
Willy Tarreau7f0165e2018-11-26 17:09:46 +0100611/* Initializes all per-thread arrays on startup */
612static void init_pools()
613{
Willy Tarreau2d6f6282021-04-15 16:24:00 +0200614#ifdef CONFIG_HAP_POOLS
Willy Tarreau9f3129e2021-04-17 00:31:38 +0200615 int thr;
Willy Tarreau7f0165e2018-11-26 17:09:46 +0100616
617 for (thr = 0; thr < MAX_THREADS; thr++) {
Willy Tarreau20dc3cd2020-06-28 00:54:27 +0200618 LIST_INIT(&ha_thread_info[thr].pool_lru_head);
Willy Tarreau7f0165e2018-11-26 17:09:46 +0100619 }
Willy Tarreaued891fd2020-06-01 19:00:28 +0200620#endif
Willy Tarreau157e3932021-09-15 10:05:48 +0200621 detect_allocator();
Willy Tarreau7f0165e2018-11-26 17:09:46 +0100622}
623
624INITCALL0(STG_PREPARE, init_pools);
Willy Tarreau7107c8b2018-11-26 11:44:35 +0100625
Willy Tarreau845b5602021-09-15 10:41:24 +0200626/* Report in build options if trim is supported */
627static void pools_register_build_options(void)
628{
629 if (is_trim_enabled()) {
630 char *ptr = NULL;
631 memprintf(&ptr, "Support for malloc_trim() is enabled.");
632 hap_register_build_opts(ptr, 1);
633 }
634}
635INITCALL0(STG_REGISTER, pools_register_build_options);
636
William Lallemande7ed8852016-11-19 02:25:36 +0100637/* register cli keywords */
638static struct cli_kw_list cli_kws = {{ },{
Willy Tarreaub205bfd2021-05-07 11:38:37 +0200639 { { "show", "pools", NULL }, "show pools : report information about the memory pools usage", NULL, cli_io_handler_dump_pools },
William Lallemande7ed8852016-11-19 02:25:36 +0100640 {{},}
641}};
642
Willy Tarreau0108d902018-11-25 19:14:37 +0100643INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
William Lallemande7ed8852016-11-19 02:25:36 +0100644
Olivier Houcharddc21ff72019-01-29 15:20:16 +0100645#ifdef DEBUG_FAIL_ALLOC
Olivier Houcharddc21ff72019-01-29 15:20:16 +0100646
647int mem_should_fail(const struct pool_head *pool)
648{
Olivier Houchard9c4f08a2019-02-01 16:28:04 +0100649 int ret = 0;
Olivier Houcharddc21ff72019-01-29 15:20:16 +0100650
651 if (mem_fail_rate > 0 && !(global.mode & MODE_STARTING)) {
Willy Tarreau20f88ab2021-04-17 15:50:28 +0200652 if (mem_fail_rate > statistical_prng_range(100))
Olivier Houcharddc21ff72019-01-29 15:20:16 +0100653 ret = 1;
654 else
655 ret = 0;
656 }
Olivier Houcharddc21ff72019-01-29 15:20:16 +0100657 return ret;
658
659}
660
661/* config parser for global "tune.fail-alloc" */
662static int mem_parse_global_fail_alloc(char **args, int section_type, struct proxy *curpx,
Amaury Denoyelle3b1c9a32021-03-22 11:21:36 +0100663 const struct proxy *defpx, const char *file, int line,
664 char **err)
Olivier Houcharddc21ff72019-01-29 15:20:16 +0100665{
666 if (too_many_args(1, args, err, NULL))
667 return -1;
668 mem_fail_rate = atoi(args[1]);
669 if (mem_fail_rate < 0 || mem_fail_rate > 100) {
670 memprintf(err, "'%s' expects a numeric value between 0 and 100.", args[0]);
671 return -1;
672 }
673 return 0;
674}
675#endif
676
677/* register global config keywords */
678static struct cfg_kw_list mem_cfg_kws = {ILH, {
679#ifdef DEBUG_FAIL_ALLOC
680 { CFG_GLOBAL, "tune.fail-alloc", mem_parse_global_fail_alloc },
681#endif
682 { 0, NULL, NULL }
683}};
684
685INITCALL1(STG_REGISTER, cfg_register_keywords, &mem_cfg_kws);
686
Willy Tarreau50e608d2007-05-13 18:26:08 +0200687/*
688 * Local variables:
689 * c-indent-level: 8
690 * c-basic-offset: 8
691 * End:
692 */