|  | ======================================== | 
|  | GENERIC ASSOCIATIVE ARRAY IMPLEMENTATION | 
|  | ======================================== | 
|  |  | 
|  | Contents: | 
|  |  | 
|  | - Overview. | 
|  |  | 
|  | - The public API. | 
|  | - Edit script. | 
|  | - Operations table. | 
|  | - Manipulation functions. | 
|  | - Access functions. | 
|  | - Index key form. | 
|  |  | 
|  | - Internal workings. | 
|  | - Basic internal tree layout. | 
|  | - Shortcuts. | 
|  | - Splitting and collapsing nodes. | 
|  | - Non-recursive iteration. | 
|  | - Simultaneous alteration and iteration. | 
|  |  | 
|  |  | 
|  | ======== | 
|  | OVERVIEW | 
|  | ======== | 
|  |  | 
|  | This associative array implementation is an object container with the following | 
|  | properties: | 
|  |  | 
|  | (1) Objects are opaque pointers.  The implementation does not care where they | 
|  | point (if anywhere) or what they point to (if anything). | 
|  |  | 
|  | [!] NOTE: Pointers to objects _must_ be zero in the least significant bit. | 
|  |  | 
|  | (2) Objects do not need to contain linkage blocks for use by the array.  This | 
|  | permits an object to be located in multiple arrays simultaneously. | 
|  | Rather, the array is made up of metadata blocks that point to objects. | 
|  |  | 
|  | (3) Objects require index keys to locate them within the array. | 
|  |  | 
|  | (4) Index keys must be unique.  Inserting an object with the same key as one | 
|  | already in the array will replace the old object. | 
|  |  | 
|  | (5) Index keys can be of any length and can be of different lengths. | 
|  |  | 
|  | (6) Index keys should encode the length early on, before any variation due to | 
|  | length is seen. | 
|  |  | 
|  | (7) Index keys can include a hash to scatter objects throughout the array. | 
|  |  | 
|  | (8) The array can iterated over.  The objects will not necessarily come out in | 
|  | key order. | 
|  |  | 
|  | (9) The array can be iterated over whilst it is being modified, provided the | 
|  | RCU readlock is being held by the iterator.  Note, however, under these | 
|  | circumstances, some objects may be seen more than once.  If this is a | 
|  | problem, the iterator should lock against modification.  Objects will not | 
|  | be missed, however, unless deleted. | 
|  |  | 
|  | (10) Objects in the array can be looked up by means of their index key. | 
|  |  | 
|  | (11) Objects can be looked up whilst the array is being modified, provided the | 
|  | RCU readlock is being held by the thread doing the look up. | 
|  |  | 
|  | The implementation uses a tree of 16-pointer nodes internally that are indexed | 
|  | on each level by nibbles from the index key in the same manner as in a radix | 
|  | tree.  To improve memory efficiency, shortcuts can be emplaced to skip over | 
|  | what would otherwise be a series of single-occupancy nodes.  Further, nodes | 
|  | pack leaf object pointers into spare space in the node rather than making an | 
|  | extra branch until as such time an object needs to be added to a full node. | 
|  |  | 
|  |  | 
|  | ============== | 
|  | THE PUBLIC API | 
|  | ============== | 
|  |  | 
|  | The public API can be found in <linux/assoc_array.h>.  The associative array is | 
|  | rooted on the following structure: | 
|  |  | 
|  | struct assoc_array { | 
|  | ... | 
|  | }; | 
|  |  | 
|  | The code is selected by enabling CONFIG_ASSOCIATIVE_ARRAY. | 
|  |  | 
|  |  | 
|  | EDIT SCRIPT | 
|  | ----------- | 
|  |  | 
|  | The insertion and deletion functions produce an 'edit script' that can later be | 
|  | applied to effect the changes without risking ENOMEM.  This retains the | 
|  | preallocated metadata blocks that will be installed in the internal tree and | 
|  | keeps track of the metadata blocks that will be removed from the tree when the | 
|  | script is applied. | 
|  |  | 
|  | This is also used to keep track of dead blocks and dead objects after the | 
|  | script has been applied so that they can be freed later.  The freeing is done | 
|  | after an RCU grace period has passed - thus allowing access functions to | 
|  | proceed under the RCU read lock. | 
|  |  | 
|  | The script appears as outside of the API as a pointer of the type: | 
|  |  | 
|  | struct assoc_array_edit; | 
|  |  | 
|  | There are two functions for dealing with the script: | 
|  |  | 
|  | (1) Apply an edit script. | 
|  |  | 
|  | void assoc_array_apply_edit(struct assoc_array_edit *edit); | 
|  |  | 
|  | This will perform the edit functions, interpolating various write barriers | 
|  | to permit accesses under the RCU read lock to continue.  The edit script | 
|  | will then be passed to call_rcu() to free it and any dead stuff it points | 
|  | to. | 
|  |  | 
|  | (2) Cancel an edit script. | 
|  |  | 
|  | void assoc_array_cancel_edit(struct assoc_array_edit *edit); | 
|  |  | 
|  | This frees the edit script and all preallocated memory immediately.  If | 
|  | this was for insertion, the new object is _not_ released by this function, | 
|  | but must rather be released by the caller. | 
|  |  | 
|  | These functions are guaranteed not to fail. | 
|  |  | 
|  |  | 
|  | OPERATIONS TABLE | 
|  | ---------------- | 
|  |  | 
|  | Various functions take a table of operations: | 
|  |  | 
|  | struct assoc_array_ops { | 
|  | ... | 
|  | }; | 
|  |  | 
|  | This points to a number of methods, all of which need to be provided: | 
|  |  | 
|  | (1) Get a chunk of index key from caller data: | 
|  |  | 
|  | unsigned long (*get_key_chunk)(const void *index_key, int level); | 
|  |  | 
|  | This should return a chunk of caller-supplied index key starting at the | 
|  | *bit* position given by the level argument.  The level argument will be a | 
|  | multiple of ASSOC_ARRAY_KEY_CHUNK_SIZE and the function should return | 
|  | ASSOC_ARRAY_KEY_CHUNK_SIZE bits.  No error is possible. | 
|  |  | 
|  |  | 
|  | (2) Get a chunk of an object's index key. | 
|  |  | 
|  | unsigned long (*get_object_key_chunk)(const void *object, int level); | 
|  |  | 
|  | As the previous function, but gets its data from an object in the array | 
|  | rather than from a caller-supplied index key. | 
|  |  | 
|  |  | 
|  | (3) See if this is the object we're looking for. | 
|  |  | 
|  | bool (*compare_object)(const void *object, const void *index_key); | 
|  |  | 
|  | Compare the object against an index key and return true if it matches and | 
|  | false if it doesn't. | 
|  |  | 
|  |  | 
|  | (4) Diff the index keys of two objects. | 
|  |  | 
|  | int (*diff_objects)(const void *object, const void *index_key); | 
|  |  | 
|  | Return the bit position at which the index key of the specified object | 
|  | differs from the given index key or -1 if they are the same. | 
|  |  | 
|  |  | 
|  | (5) Free an object. | 
|  |  | 
|  | void (*free_object)(void *object); | 
|  |  | 
|  | Free the specified object.  Note that this may be called an RCU grace | 
|  | period after assoc_array_apply_edit() was called, so synchronize_rcu() may | 
|  | be necessary on module unloading. | 
|  |  | 
|  |  | 
|  | MANIPULATION FUNCTIONS | 
|  | ---------------------- | 
|  |  | 
|  | There are a number of functions for manipulating an associative array: | 
|  |  | 
|  | (1) Initialise an associative array. | 
|  |  | 
|  | void assoc_array_init(struct assoc_array *array); | 
|  |  | 
|  | This initialises the base structure for an associative array.  It can't | 
|  | fail. | 
|  |  | 
|  |  | 
|  | (2) Insert/replace an object in an associative array. | 
|  |  | 
|  | struct assoc_array_edit * | 
|  | assoc_array_insert(struct assoc_array *array, | 
|  | const struct assoc_array_ops *ops, | 
|  | const void *index_key, | 
|  | void *object); | 
|  |  | 
|  | This inserts the given object into the array.  Note that the least | 
|  | significant bit of the pointer must be zero as it's used to type-mark | 
|  | pointers internally. | 
|  |  | 
|  | If an object already exists for that key then it will be replaced with the | 
|  | new object and the old one will be freed automatically. | 
|  |  | 
|  | The index_key argument should hold index key information and is | 
|  | passed to the methods in the ops table when they are called. | 
|  |  | 
|  | This function makes no alteration to the array itself, but rather returns | 
|  | an edit script that must be applied.  -ENOMEM is returned in the case of | 
|  | an out-of-memory error. | 
|  |  | 
|  | The caller should lock exclusively against other modifiers of the array. | 
|  |  | 
|  |  | 
|  | (3) Delete an object from an associative array. | 
|  |  | 
|  | struct assoc_array_edit * | 
|  | assoc_array_delete(struct assoc_array *array, | 
|  | const struct assoc_array_ops *ops, | 
|  | const void *index_key); | 
|  |  | 
|  | This deletes an object that matches the specified data from the array. | 
|  |  | 
|  | The index_key argument should hold index key information and is | 
|  | passed to the methods in the ops table when they are called. | 
|  |  | 
|  | This function makes no alteration to the array itself, but rather returns | 
|  | an edit script that must be applied.  -ENOMEM is returned in the case of | 
|  | an out-of-memory error.  NULL will be returned if the specified object is | 
|  | not found within the array. | 
|  |  | 
|  | The caller should lock exclusively against other modifiers of the array. | 
|  |  | 
|  |  | 
|  | (4) Delete all objects from an associative array. | 
|  |  | 
|  | struct assoc_array_edit * | 
|  | assoc_array_clear(struct assoc_array *array, | 
|  | const struct assoc_array_ops *ops); | 
|  |  | 
|  | This deletes all the objects from an associative array and leaves it | 
|  | completely empty. | 
|  |  | 
|  | This function makes no alteration to the array itself, but rather returns | 
|  | an edit script that must be applied.  -ENOMEM is returned in the case of | 
|  | an out-of-memory error. | 
|  |  | 
|  | The caller should lock exclusively against other modifiers of the array. | 
|  |  | 
|  |  | 
|  | (5) Destroy an associative array, deleting all objects. | 
|  |  | 
|  | void assoc_array_destroy(struct assoc_array *array, | 
|  | const struct assoc_array_ops *ops); | 
|  |  | 
|  | This destroys the contents of the associative array and leaves it | 
|  | completely empty.  It is not permitted for another thread to be traversing | 
|  | the array under the RCU read lock at the same time as this function is | 
|  | destroying it as no RCU deferral is performed on memory release - | 
|  | something that would require memory to be allocated. | 
|  |  | 
|  | The caller should lock exclusively against other modifiers and accessors | 
|  | of the array. | 
|  |  | 
|  |  | 
|  | (6) Garbage collect an associative array. | 
|  |  | 
|  | int assoc_array_gc(struct assoc_array *array, | 
|  | const struct assoc_array_ops *ops, | 
|  | bool (*iterator)(void *object, void *iterator_data), | 
|  | void *iterator_data); | 
|  |  | 
|  | This iterates over the objects in an associative array and passes each one | 
|  | to iterator().  If iterator() returns true, the object is kept.  If it | 
|  | returns false, the object will be freed.  If the iterator() function | 
|  | returns true, it must perform any appropriate refcount incrementing on the | 
|  | object before returning. | 
|  |  | 
|  | The internal tree will be packed down if possible as part of the iteration | 
|  | to reduce the number of nodes in it. | 
|  |  | 
|  | The iterator_data is passed directly to iterator() and is otherwise | 
|  | ignored by the function. | 
|  |  | 
|  | The function will return 0 if successful and -ENOMEM if there wasn't | 
|  | enough memory. | 
|  |  | 
|  | It is possible for other threads to iterate over or search the array under | 
|  | the RCU read lock whilst this function is in progress.  The caller should | 
|  | lock exclusively against other modifiers of the array. | 
|  |  | 
|  |  | 
|  | ACCESS FUNCTIONS | 
|  | ---------------- | 
|  |  | 
|  | There are two functions for accessing an associative array: | 
|  |  | 
|  | (1) Iterate over all the objects in an associative array. | 
|  |  | 
|  | int assoc_array_iterate(const struct assoc_array *array, | 
|  | int (*iterator)(const void *object, | 
|  | void *iterator_data), | 
|  | void *iterator_data); | 
|  |  | 
|  | This passes each object in the array to the iterator callback function. | 
|  | iterator_data is private data for that function. | 
|  |  | 
|  | This may be used on an array at the same time as the array is being | 
|  | modified, provided the RCU read lock is held.  Under such circumstances, | 
|  | it is possible for the iteration function to see some objects twice.  If | 
|  | this is a problem, then modification should be locked against.  The | 
|  | iteration algorithm should not, however, miss any objects. | 
|  |  | 
|  | The function will return 0 if no objects were in the array or else it will | 
|  | return the result of the last iterator function called.  Iteration stops | 
|  | immediately if any call to the iteration function results in a non-zero | 
|  | return. | 
|  |  | 
|  |  | 
|  | (2) Find an object in an associative array. | 
|  |  | 
|  | void *assoc_array_find(const struct assoc_array *array, | 
|  | const struct assoc_array_ops *ops, | 
|  | const void *index_key); | 
|  |  | 
|  | This walks through the array's internal tree directly to the object | 
|  | specified by the index key.. | 
|  |  | 
|  | This may be used on an array at the same time as the array is being | 
|  | modified, provided the RCU read lock is held. | 
|  |  | 
|  | The function will return the object if found (and set *_type to the object | 
|  | type) or will return NULL if the object was not found. | 
|  |  | 
|  |  | 
|  | INDEX KEY FORM | 
|  | -------------- | 
|  |  | 
|  | The index key can be of any form, but since the algorithms aren't told how long | 
|  | the key is, it is strongly recommended that the index key includes its length | 
|  | very early on before any variation due to the length would have an effect on | 
|  | comparisons. | 
|  |  | 
|  | This will cause leaves with different length keys to scatter away from each | 
|  | other - and those with the same length keys to cluster together. | 
|  |  | 
|  | It is also recommended that the index key begin with a hash of the rest of the | 
|  | key to maximise scattering throughout keyspace. | 
|  |  | 
|  | The better the scattering, the wider and lower the internal tree will be. | 
|  |  | 
|  | Poor scattering isn't too much of a problem as there are shortcuts and nodes | 
|  | can contain mixtures of leaves and metadata pointers. | 
|  |  | 
|  | The index key is read in chunks of machine word.  Each chunk is subdivided into | 
|  | one nibble (4 bits) per level, so on a 32-bit CPU this is good for 8 levels and | 
|  | on a 64-bit CPU, 16 levels.  Unless the scattering is really poor, it is | 
|  | unlikely that more than one word of any particular index key will have to be | 
|  | used. | 
|  |  | 
|  |  | 
|  | ================= | 
|  | INTERNAL WORKINGS | 
|  | ================= | 
|  |  | 
|  | The associative array data structure has an internal tree.  This tree is | 
|  | constructed of two types of metadata blocks: nodes and shortcuts. | 
|  |  | 
|  | A node is an array of slots.  Each slot can contain one of four things: | 
|  |  | 
|  | (*) A NULL pointer, indicating that the slot is empty. | 
|  |  | 
|  | (*) A pointer to an object (a leaf). | 
|  |  | 
|  | (*) A pointer to a node at the next level. | 
|  |  | 
|  | (*) A pointer to a shortcut. | 
|  |  | 
|  |  | 
|  | BASIC INTERNAL TREE LAYOUT | 
|  | -------------------------- | 
|  |  | 
|  | Ignoring shortcuts for the moment, the nodes form a multilevel tree.  The index | 
|  | key space is strictly subdivided by the nodes in the tree and nodes occur on | 
|  | fixed levels.  For example: | 
|  |  | 
|  | Level:	0		1		2		3 | 
|  | ===============	===============	===============	=============== | 
|  | NODE D | 
|  | NODE B		NODE C	+------>+---+ | 
|  | +------>+---+	+------>+---+	|	| 0 | | 
|  | NODE A	|	| 0 |	|	| 0 |	|	+---+ | 
|  | +---+	|	+---+	|	+---+	|	:   : | 
|  | | 0 |	|	:   :	|	:   :	|	+---+ | 
|  | +---+	|	+---+	|	+---+	|	| f | | 
|  | | 1 |---+	| 3 |---+	| 7 |---+	+---+ | 
|  | +---+		+---+		+---+ | 
|  | :   :		:   :		| 8 |---+ | 
|  | +---+		+---+		+---+	|	NODE E | 
|  | | e |---+	| f |		:   :   +------>+---+ | 
|  | +---+	|	+---+		+---+		| 0 | | 
|  | | f |	|			| f |		+---+ | 
|  | +---+	|			+---+		:   : | 
|  | |	NODE F				+---+ | 
|  | +------>+---+				| f | | 
|  | | 0 |		NODE G		+---+ | 
|  | +---+	+------>+---+ | 
|  | :   :	|	| 0 | | 
|  | +---+	|	+---+ | 
|  | | 6 |---+	:   : | 
|  | +---+		+---+ | 
|  | :   :		| f | | 
|  | +---+		+---+ | 
|  | | f | | 
|  | +---+ | 
|  |  | 
|  | In the above example, there are 7 nodes (A-G), each with 16 slots (0-f). | 
|  | Assuming no other meta data nodes in the tree, the key space is divided thusly: | 
|  |  | 
|  | KEY PREFIX	NODE | 
|  | ==========	==== | 
|  | 137*		D | 
|  | 138*		E | 
|  | 13[0-69-f]*	C | 
|  | 1[0-24-f]*	B | 
|  | e6*		G | 
|  | e[0-57-f]*	F | 
|  | [02-df]*	A | 
|  |  | 
|  | So, for instance, keys with the following example index keys will be found in | 
|  | the appropriate nodes: | 
|  |  | 
|  | INDEX KEY	PREFIX	NODE | 
|  | ===============	=======	==== | 
|  | 13694892892489	13	C | 
|  | 13795289025897	137	D | 
|  | 13889dde88793	138	E | 
|  | 138bbb89003093	138	E | 
|  | 1394879524789	12	C | 
|  | 1458952489	1	B | 
|  | 9431809de993ba	-	A | 
|  | b4542910809cd	-	A | 
|  | e5284310def98	e	F | 
|  | e68428974237	e6	G | 
|  | e7fffcbd443	e	F | 
|  | f3842239082	-	A | 
|  |  | 
|  | To save memory, if a node can hold all the leaves in its portion of keyspace, | 
|  | then the node will have all those leaves in it and will not have any metadata | 
|  | pointers - even if some of those leaves would like to be in the same slot. | 
|  |  | 
|  | A node can contain a heterogeneous mix of leaves and metadata pointers. | 
|  | Metadata pointers must be in the slots that match their subdivisions of key | 
|  | space.  The leaves can be in any slot not occupied by a metadata pointer.  It | 
|  | is guaranteed that none of the leaves in a node will match a slot occupied by a | 
|  | metadata pointer.  If the metadata pointer is there, any leaf whose key matches | 
|  | the metadata key prefix must be in the subtree that the metadata pointer points | 
|  | to. | 
|  |  | 
|  | In the above example list of index keys, node A will contain: | 
|  |  | 
|  | SLOT	CONTENT		INDEX KEY (PREFIX) | 
|  | ====	===============	================== | 
|  | 1	PTR TO NODE B	1* | 
|  | any	LEAF		9431809de993ba | 
|  | any	LEAF		b4542910809cd | 
|  | e	PTR TO NODE F	e* | 
|  | any	LEAF		f3842239082 | 
|  |  | 
|  | and node B: | 
|  |  | 
|  | 3	PTR TO NODE C	13* | 
|  | any	LEAF		1458952489 | 
|  |  | 
|  |  | 
|  | SHORTCUTS | 
|  | --------- | 
|  |  | 
|  | Shortcuts are metadata records that jump over a piece of keyspace.  A shortcut | 
|  | is a replacement for a series of single-occupancy nodes ascending through the | 
|  | levels.  Shortcuts exist to save memory and to speed up traversal. | 
|  |  | 
|  | It is possible for the root of the tree to be a shortcut - say, for example, | 
|  | the tree contains at least 17 nodes all with key prefix '1111'.  The insertion | 
|  | algorithm will insert a shortcut to skip over the '1111' keyspace in a single | 
|  | bound and get to the fourth level where these actually become different. | 
|  |  | 
|  |  | 
|  | SPLITTING AND COLLAPSING NODES | 
|  | ------------------------------ | 
|  |  | 
|  | Each node has a maximum capacity of 16 leaves and metadata pointers.  If the | 
|  | insertion algorithm finds that it is trying to insert a 17th object into a | 
|  | node, that node will be split such that at least two leaves that have a common | 
|  | key segment at that level end up in a separate node rooted on that slot for | 
|  | that common key segment. | 
|  |  | 
|  | If the leaves in a full node and the leaf that is being inserted are | 
|  | sufficiently similar, then a shortcut will be inserted into the tree. | 
|  |  | 
|  | When the number of objects in the subtree rooted at a node falls to 16 or | 
|  | fewer, then the subtree will be collapsed down to a single node - and this will | 
|  | ripple towards the root if possible. | 
|  |  | 
|  |  | 
|  | NON-RECURSIVE ITERATION | 
|  | ----------------------- | 
|  |  | 
|  | Each node and shortcut contains a back pointer to its parent and the number of | 
|  | slot in that parent that points to it.  None-recursive iteration uses these to | 
|  | proceed rootwards through the tree, going to the parent node, slot N + 1 to | 
|  | make sure progress is made without the need for a stack. | 
|  |  | 
|  | The backpointers, however, make simultaneous alteration and iteration tricky. | 
|  |  | 
|  |  | 
|  | SIMULTANEOUS ALTERATION AND ITERATION | 
|  | ------------------------------------- | 
|  |  | 
|  | There are a number of cases to consider: | 
|  |  | 
|  | (1) Simple insert/replace.  This involves simply replacing a NULL or old | 
|  | matching leaf pointer with the pointer to the new leaf after a barrier. | 
|  | The metadata blocks don't change otherwise.  An old leaf won't be freed | 
|  | until after the RCU grace period. | 
|  |  | 
|  | (2) Simple delete.  This involves just clearing an old matching leaf.  The | 
|  | metadata blocks don't change otherwise.  The old leaf won't be freed until | 
|  | after the RCU grace period. | 
|  |  | 
|  | (3) Insertion replacing part of a subtree that we haven't yet entered.  This | 
|  | may involve replacement of part of that subtree - but that won't affect | 
|  | the iteration as we won't have reached the pointer to it yet and the | 
|  | ancestry blocks are not replaced (the layout of those does not change). | 
|  |  | 
|  | (4) Insertion replacing nodes that we're actively processing.  This isn't a | 
|  | problem as we've passed the anchoring pointer and won't switch onto the | 
|  | new layout until we follow the back pointers - at which point we've | 
|  | already examined the leaves in the replaced node (we iterate over all the | 
|  | leaves in a node before following any of its metadata pointers). | 
|  |  | 
|  | We might, however, re-see some leaves that have been split out into a new | 
|  | branch that's in a slot further along than we were at. | 
|  |  | 
|  | (5) Insertion replacing nodes that we're processing a dependent branch of. | 
|  | This won't affect us until we follow the back pointers.  Similar to (4). | 
|  |  | 
|  | (6) Deletion collapsing a branch under us.  This doesn't affect us because the | 
|  | back pointers will get us back to the parent of the new node before we | 
|  | could see the new node.  The entire collapsed subtree is thrown away | 
|  | unchanged - and will still be rooted on the same slot, so we shouldn't | 
|  | process it a second time as we'll go back to slot + 1. | 
|  |  | 
|  | Note: | 
|  |  | 
|  | (*) Under some circumstances, we need to simultaneously change the parent | 
|  | pointer and the parent slot pointer on a node (say, for example, we | 
|  | inserted another node before it and moved it up a level).  We cannot do | 
|  | this without locking against a read - so we have to replace that node too. | 
|  |  | 
|  | However, when we're changing a shortcut into a node this isn't a problem | 
|  | as shortcuts only have one slot and so the parent slot number isn't used | 
|  | when traversing backwards over one.  This means that it's okay to change | 
|  | the slot number first - provided suitable barriers are used to make sure | 
|  | the parent slot number is read after the back pointer. | 
|  |  | 
|  | Obsolete blocks and leaves are freed up after an RCU grace period has passed, | 
|  | so as long as anyone doing walking or iteration holds the RCU read lock, the | 
|  | old superstructure should not go away on them. |