git: fd02eb559266 - releng/13.5 - vm_fault: only rely on PG_ZERO when the page was newly allocated
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 27 Jan 2026 19:16:35 UTC
The branch releng/13.5 has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=fd02eb5592665cbf4ae4c743e1fa52d000ff522a
commit fd02eb5592665cbf4ae4c743e1fa52d000ff522a
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2025-11-28 15:57:22 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2026-01-26 15:38:02 +0000
vm_fault: only rely on PG_ZERO when the page was newly allocated
Approved by: so
Security: FreeBSD-EN-26:03.vm
(cherry picked from commit cff67bc43df14d492ccc08ec92fddceadd069953)
(cherry picked from commit babac9d7bc05fe8ceece1710b9becc5970492f81)
---
sys/vm/vm_fault.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/sys/vm/vm_fault.c b/sys/vm/vm_fault.c
index bdde2bcc359a..605f677aecd5 100644
--- a/sys/vm/vm_fault.c
+++ b/sys/vm/vm_fault.c
@@ -137,6 +137,7 @@ struct faultstate {
vm_object_t object;
vm_pindex_t pindex;
vm_page_t m;
+ bool m_needs_zeroing;
/* Top-level map object. */
vm_object_t first_object;
@@ -242,6 +243,7 @@ static void
fault_deallocate(struct faultstate *fs)
{
+ fs->m_needs_zeroing = true;
fault_page_release(&fs->m_cow);
fault_page_release(&fs->m);
vm_object_pip_wakeup(fs->object);
@@ -1086,7 +1088,7 @@ vm_fault_zerofill(struct faultstate *fs)
/*
* Zero the page if necessary and mark it valid.
*/
- if ((fs->m->flags & PG_ZERO) == 0) {
+ if (fs->m_needs_zeroing) {
pmap_zero_page(fs->m);
} else {
VM_CNT_INC(v_ozfod);
@@ -1200,6 +1202,7 @@ vm_fault_allocate(struct faultstate *fs)
vm_waitpfault(dset, vm_pfault_oom_wait * hz);
return (FAULT_RESTART);
}
+ fs->m_needs_zeroing = (fs->m->flags & PG_ZERO) == 0;
fs->oom_started = false;
return (FAULT_CONTINUE);
@@ -1459,6 +1462,7 @@ vm_fault(vm_map_t map, vm_offset_t vaddr, vm_prot_t fault_type,
fs.fault_flags = fault_flags;
fs.map = map;
fs.lookup_still_valid = false;
+ fs.m_needs_zeroing = true;
fs.oom_started = false;
fs.nera = -1;
faultcount = 0;