[PATCH RFC v4 15/22] mm: page_alloc: clear PG_zeroed on buddy merge if not both zero

Linux virtualization list
 help / color / mirror / Atom feed

From: "Michael S. Tsirkin" <mst@redhat.com>
To: linux-kernel@vger.kernel.org
Cc: Andrew Morton <akpm@linux-foundation.org>,
	David Hildenbrand <david@kernel.org>,
	Vlastimil Babka <vbabka@kernel.org>,
	Brendan Jackman <jackmanb@google.com>,
	Michal Hocko <mhocko@suse.com>,
	Suren Baghdasaryan <surenb@google.com>,
	Jason Wang <jasowang@redhat.com>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Gregory Price <gourry@gourry.net>,
	linux-mm@kvack.org, virtualization@lists.linux.dev,
	Johannes Weiner <hannes@cmpxchg.org>, Zi Yan <ziy@nvidia.com>
Subject: [PATCH RFC v4 15/22] mm: page_alloc: clear PG_zeroed on buddy merge if not both zero
Date: Sun, 26 Apr 2026 17:48:19 -0400	[thread overview]
Message-ID: <cf13854ffba899df37f25e9dca05c6ed9efc1a64.1777223007.git.mst@redhat.com> (raw)
In-Reply-To: <cover.1777223007.git.mst@redhat.com>

When two buddy pages merge in __free_one_page(), preserve
PG_zeroed on the merged page only if both buddies have the
flag set.  Otherwise clear it.

Without this, a zeroed page (freed via free_frozen_pages_zeroed
from balloon deflate) could merge with a non-zero buddy.  The merged
page would inherit PG_zeroed, and a later __GFP_ZERO allocation
would skip zeroing stale data in the non-zero half.

The page reporting path is not affected: it sets PG_zeroed during
allocation (page_del_and_expand), not on free list pages.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Assisted-by: Claude:claude-opus-4-6
Assisted-by: cursor-agent:GPT-5.4-xhigh
---
 mm/page_alloc.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/mm/page_alloc.c b/mm/page_alloc.c
index eff01a819744..1183ef3e91c9 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -984,10 +984,14 @@ static inline void __free_one_page(struct page *page,
 	unsigned long buddy_pfn = 0;
 	unsigned long combined_pfn;
 	struct page *buddy;
+	bool buddy_zeroed;
+	bool page_zeroed;
 	bool to_tail;
 
 	VM_BUG_ON(!zone_is_initialized(zone));
-	VM_BUG_ON_PAGE(page->flags.f & PAGE_FLAGS_CHECK_AT_PREP, page);
+	/* PG_zeroed (aliased to PG_private) is valid on free-list pages */
+	VM_BUG_ON_PAGE(page->flags.f &
+		       (PAGE_FLAGS_CHECK_AT_PREP & ~__PG_ZEROED), page);
 
 	VM_BUG_ON(migratetype == -1);
 	VM_BUG_ON_PAGE(pfn & ((1 << order) - 1), page);
@@ -1022,6 +1026,8 @@ static inline void __free_one_page(struct page *page,
 				goto done_merging;
 		}
 
+		buddy_zeroed = PageZeroed(buddy);
+
 		/*
 		 * Our buddy is free or it is CONFIG_DEBUG_PAGEALLOC guard page,
 		 * merge with it and move up one order.
@@ -1040,10 +1046,17 @@ static inline void __free_one_page(struct page *page,
 			change_pageblock_range(buddy, order, migratetype);
 		}
 
+		page_zeroed = PageZeroed(page);
+		__ClearPageZeroed(page);
+		__ClearPageZeroed(buddy);
+
 		combined_pfn = buddy_pfn & pfn;
 		page = page + (combined_pfn - pfn);
 		pfn = combined_pfn;
 		order++;
+
+		if (page_zeroed && buddy_zeroed)
+			__SetPageZeroed(page);
 	}
 
 done_merging:
-- 
MST

next prev parent reply	other threads:[~2026-04-26 21:48 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-26 21:47 [PATCH RFC v4 00/22] mm/virtio: skip redundant zeroing of host-zeroed reported pages Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 01/22] mm: move vma_alloc_folio to page_alloc.c Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 02/22] mm: add vma_alloc_folio_user_addr Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 03/22] mm: thread user_addr through page allocator for cache-friendly zeroing Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 04/22] mm: add folio_zero_user stub for configs without THP/HUGETLBFS Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 05/22] mm: page_alloc: move prep_compound_page before post_alloc_hook Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 06/22] mm: use folio_zero_user for user pages in post_alloc_hook Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 07/22] mm: use __GFP_ZERO in vma_alloc_zeroed_movable_folio Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 08/22] mm: use __GFP_ZERO in alloc_anon_folio Michael S. Tsirkin
2026-04-26 21:47 ` [PATCH RFC v4 09/22] mm: use __GFP_ZERO in vma_alloc_anon_folio_pmd Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 10/22] mm: hugetlb: use __GFP_ZERO and skip zeroing for zeroed pages Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 11/22] mm: memfd: skip zeroing for zeroed hugetlb pool pages Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 12/22] mm: remove arch vma_alloc_zeroed_movable_folio overrides Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 13/22] mm: page_alloc: propagate PageReported flag across buddy splits Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 14/22] mm: page_reporting: skip redundant zeroing of host-zeroed reported pages Michael S. Tsirkin
2026-04-27 15:13   ` Zi Yan
2026-04-27 15:18     ` Michael S. Tsirkin
2026-04-27 15:43     ` David Hildenbrand (Arm)
2026-04-26 21:48 ` Michael S. Tsirkin [this message]
2026-04-26 21:48 ` [PATCH RFC v4 16/22] mm: page_alloc: preserve PG_zeroed in page_del_and_expand Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 17/22] mm: page_reporting: add per-page zeroed bitmap for host feedback Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 18/22] virtio_balloon: a hack to enable host-zeroed page optimization Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 19/22] mm: page_reporting: add flush parameter with page budget Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 20/22] mm: add free_frozen_pages_zeroed Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 21/22] mm: add put_page_zeroed and folio_put_zeroed Michael S. Tsirkin
2026-04-26 21:48 ` [PATCH RFC v4 22/22] virtio_balloon: mark deflated pages as zeroed Michael S. Tsirkin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:eff01a81974 dfblob:1183ef3e91c )
 OR (
bs:"[PATCH RFC v4 15/22] mm: page_alloc: clear PG_zeroed on buddy merge if not both zero" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cf13854ffba899df37f25e9dca05c6ed9efc1a64.1777223007.git.mst@redhat.com \
    --to=mst@redhat.com \
    --cc=aarcange@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=david@kernel.org \
    --cc=gourry@gourry.net \
    --cc=hannes@cmpxchg.org \
    --cc=jackmanb@google.com \
    --cc=jasowang@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=mhocko@suse.com \
    --cc=surenb@google.com \
    --cc=vbabka@kernel.org \
    --cc=virtualization@lists.linux.dev \
    --cc=ziy@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox