From nobody Tue Jun 16 19:35:51 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A08CD379960 for ; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; cv=none; b=oBjINhmifuiDzSv38YLB+Te+GGvRDJ/2+IXQYleoiCKWboximWDb90U5zDBWgXdeby+GucHmE8zBIXOW+hmfEH2Px1wnoVLcuKomwl4noXebX23y6TwX7Er8klAx3HJ/LrAcsw2Wbxcn6fmlnVvZaecNcYsy18C2TUizUqmtqqU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; c=relaxed/simple; bh=Hxuog2BmUcTqw6bS9yn1IjX0sLkh6OcGVS3NvuQmjvs=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=heypuV+6BySpZUfQD8CWkfFUbbRU8Yy1OxRZXQm6GIcThr1Wl0V8qSkRXJP0Rl5XvjNBAFfhs6/tbW26wCO5N3pNQczUhN/Yssmt6nxsoEUub9iA9yrUyRL2ygocaX2di1/U9Gw9dUeQIoy9Y+MpR2pf2jDytsivTFjcywhKT2M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=POh7sWfi; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="POh7sWfi" Received: by smtp.kernel.org (Postfix) with ESMTPS id 5303BC2BCB4; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1776704239; bh=Hxuog2BmUcTqw6bS9yn1IjX0sLkh6OcGVS3NvuQmjvs=; h=From:Date:Subject:References:In-Reply-To:To:Cc:Reply-To:From; b=POh7sWfiDFTWSjGmVavICCOIcpMsIzbqU+gIe3gf0zY469ERPsvaHNxGvWFbRznF3 KV+wcwGTh0acakMVWxQIAeJzk8K6A4fTEC6Dq4D/Vbmsm8xy6fsU4clrw1IHJoqwNK 7syHajwgV7Kox9tkohxwyysj3ora02XDy6OsvyI8Fln9PlmK4r3qDW8ACwAM15Nicb u0K+xrMpBy/KNQumrxEHbmsiFDlJH9zmKh/Umm0YHY7qB6CgJM7oKG0s8Or8+7qSqt snESboYpdk6SnVxYAlYG0CwxYpVkPeYGWL9mLxgQl1u3OdJvy9UDy5SWt4U3i5ZM0E 3XYjSKCif8mZw== Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 441E3FC72A4; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) From: Shivam Kalra via B4 Relay Date: Mon, 20 Apr 2026 22:27:09 +0530 Subject: [PATCH v11 1/5] mm/vmalloc: extract vm_area_free_pages() helper from vfree() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260420-vmalloc-shrink-v11-1-cad80b00853a@zohomail.in> References: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> In-Reply-To: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> To: Andrew Morton , Uladzislau Rezki Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Alice Ryhl , Danilo Krummrich , Shivam Kalra X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1776704237; l=2828; i=shivamkalra98@zohomail.in; s=20260212; h=from:subject:message-id; bh=qdjFLARIuW0yV59j3BOJKhfJswD1cYSsPkOQAeYYcb0=; b=H+aLkKkXS5ScY3IL1HjHJWS1PLqK1I8XL1RIFNUE+1qoirXLIHM6jy2v0QeVn/yBzOfvsNyZo kiSdXB3lDfuBxdLYE7MOV6MUvzd45zLhHo9DS9BsDG25WkprwYDrrDg X-Developer-Key: i=shivamkalra98@zohomail.in; a=ed25519; pk=9Q+S1LD/xjbjL7bEaLIlwRADBwU/6LJq7lYm8LFrkQE= X-Endpoint-Received: by B4 Relay for shivamkalra98@zohomail.in/20260212 with auth_id=633 X-Original-From: Shivam Kalra Reply-To: shivamkalra98@zohomail.in From: Shivam Kalra Extract the page-freeing loop and NR_VMALLOC stat accounting from vfree() into a reusable vm_area_free_pages() helper. The helper operates on a range [start_idx, end_idx) of pages from a vm_struct, making it suitable for both full free (vfree) and partial free (upcoming vrealloc shrink). Freed page pointers in vm->pages[] are set to NULL to prevent stale references when the vm_struct outlives the free (as in vrealloc shrink). Reviewed-by: Alice Ryhl Reviewed-by: Uladzislau Rezki (Sony) Signed-off-by: Shivam Kalra Suggested-by: Danilo Krummrich --- mm/vmalloc.c | 47 +++++++++++++++++++++++++++++++++-------------- 1 file changed, 33 insertions(+), 14 deletions(-) diff --git a/mm/vmalloc.c b/mm/vmalloc.c index aa08651ec0df..f1be263fdc58 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c @@ -3416,6 +3416,38 @@ void vfree_atomic(const void *addr) schedule_work(&p->wq); } =20 +/* + * vm_area_free_pages - free a range of pages from a vmalloc allocation + * @vm: the vm_struct containing the pages + * @start_idx: first page index to free (inclusive) + * @end_idx: last page index to free (exclusive) + * + * Free pages [start_idx, end_idx) updating NR_VMALLOC stat accounting. + * Freed vm->pages[] entries are set to NULL. + * Caller is responsible for unmapping (vunmap_range) and KASAN + * poisoning before calling this. + */ +static void vm_area_free_pages(struct vm_struct *vm, unsigned int start_id= x, + unsigned int end_idx) +{ + unsigned int i; + + for (i =3D start_idx; i < end_idx; i++) { + struct page *page =3D vm->pages[i]; + + BUG_ON(!page); + /* + * High-order allocs for huge vmallocs are split, so + * can be freed as an array of order-0 allocations + */ + if (!(vm->flags & VM_MAP_PUT_PAGES)) + mod_lruvec_page_state(page, NR_VMALLOC, -1); + __free_page(page); + vm->pages[i] =3D NULL; + cond_resched(); + } +} + /** * vfree - Release memory allocated by vmalloc() * @addr: Memory base address @@ -3436,7 +3468,6 @@ void vfree_atomic(const void *addr) void vfree(const void *addr) { struct vm_struct *vm; - int i; =20 if (unlikely(in_interrupt())) { vfree_atomic(addr); @@ -3459,19 +3490,7 @@ void vfree(const void *addr) =20 if (unlikely(vm->flags & VM_FLUSH_RESET_PERMS)) vm_reset_perms(vm); - for (i =3D 0; i < vm->nr_pages; i++) { - struct page *page =3D vm->pages[i]; - - BUG_ON(!page); - /* - * High-order allocs for huge vmallocs are split, so - * can be freed as an array of order-0 allocations - */ - if (!(vm->flags & VM_MAP_PUT_PAGES)) - mod_lruvec_page_state(page, NR_VMALLOC, -1); - __free_page(page); - cond_resched(); - } + vm_area_free_pages(vm, 0, vm->nr_pages); kvfree(vm->pages); kfree(vm); } --=20 2.43.0 From nobody Tue Jun 16 19:35:51 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A09DA379EFC for ; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; cv=none; b=NUbGZX+WLh08hF6WJg2WWL5L+8AY1ziONGQuD381INB3p4aUUOTGlRwxDC+V8p5kDsNp4P8ilUHJVrG9vwsNHLsWEozEgmYXPTiAYXb6yi1UpzB1IuuiTN3qgAkv3X9kRPIHssHN4dz2Bmh5idO7oCX6el2kIeVOSLJJWPFgenU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; c=relaxed/simple; bh=w7WwPKWlE7tC0vV5+G5MIRv2zSA/nkARAEI7OpAmJ/U=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=InFQeVGsp0ZZpj6TRAlxrV0qOeC8eteUtXbdGzoOGZVowiJBgmbT013sxCrmMLVg5GYEOdQlr2d8bk0wldVqspc8KQTVN9kTp/dn0v6j83Hewg7XbEcoLmhpIyEFk/5AOA5PX+8abCbcGN1xFj/aBSY7tsnSumc1BW2eNzCaf1c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=hrutyRJK; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="hrutyRJK" Received: by smtp.kernel.org (Postfix) with ESMTPS id 6076AC2BCB8; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1776704239; bh=w7WwPKWlE7tC0vV5+G5MIRv2zSA/nkARAEI7OpAmJ/U=; h=From:Date:Subject:References:In-Reply-To:To:Cc:Reply-To:From; b=hrutyRJKsEhec8uSASXDJsTZpMceAqlVsO89RQemu51hpSAwIkbU8cSz8oZocwph7 mtj+IGFxl06nnVRMXjAgFEC/9JzHGZHXJl6j5BNbkuUoyu51Zn5eTnGyNQxu6jGmxm DqvNo/ubcq3TEZHEuDuFQ856e+KVOqlRQsilkZnLcaEdCp4tD+EU71JfnvYLJpQg1G A3cVV9KlN5A6xDBPGLyhH7TfBlH4wonOA2AVqKOT9yTqvsijaMMhjC/TBqnmAFu0K8 17kXEVwRv5K0z41Aug2G4YbhnYh5ANLmPLH6NCubbiPJ++bcqFvmBMxpQ241BK3oS/ N43MI8aciAZQA== Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52655F5A8A2; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) From: Shivam Kalra via B4 Relay Date: Mon, 20 Apr 2026 22:27:10 +0530 Subject: [PATCH v11 2/5] mm/vmalloc: use physical page count for vrealloc() grow-in-place check Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260420-vmalloc-shrink-v11-2-cad80b00853a@zohomail.in> References: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> In-Reply-To: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> To: Andrew Morton , Uladzislau Rezki Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Alice Ryhl , Danilo Krummrich , Shivam Kalra X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1776704237; l=1711; i=shivamkalra98@zohomail.in; s=20260212; h=from:subject:message-id; bh=aeGg5lwRHTMk0K+2dJ+u29myWJHCj9HiY2k+TFLXFfY=; b=O8wYeWoimURVBA+aNcK6Q7i1GzfTIJSlkRFvb7sohqALLUPWR6yNP3UmsRe5bB2fPKrNeok9p J/l3hmoIKgSBiTyTUmC50uSWCEbqYGjzGM+jwR9NleBuN1TQv8Du1Uy X-Developer-Key: i=shivamkalra98@zohomail.in; a=ed25519; pk=9Q+S1LD/xjbjL7bEaLIlwRADBwU/6LJq7lYm8LFrkQE= X-Endpoint-Received: by B4 Relay for shivamkalra98@zohomail.in/20260212 with auth_id=633 X-Original-From: Shivam Kalra Reply-To: shivamkalra98@zohomail.in From: Shivam Kalra Update the grow-in-place check in vrealloc() to compare the requested size against the actual physical page count (vm->nr_pages) rather than the virtual area size (alloced_size, derived from get_vm_area_size()). Currently both values are equivalent, but the upcoming vrealloc() shrink functionality will free pages without reducing the virtual reservation size. After such a shrink, the old alloced_size-based comparison would incorrectly allow a grow-in-place operation to succeed and attempt to access freed pages. Switch to vm->nr_pages now so the check remains correct once shrink support is added. Signed-off-by: Shivam Kalra Suggested-by: Danilo Krummrich --- mm/vmalloc.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/mm/vmalloc.c b/mm/vmalloc.c index f1be263fdc58..9e2a08c56322 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c @@ -4343,6 +4343,12 @@ void *vrealloc_node_align_noprof(const void *p, size= _t size, unsigned long align if (unlikely(flags & __GFP_THISNODE) && nid !=3D NUMA_NO_NODE && nid !=3D page_to_nid(vmalloc_to_page(p))) goto need_realloc; + } else { + /* + * If p is NULL, vrealloc behaves exactly like vmalloc. + * Skip the shrink and in-place grow paths. + */ + goto need_realloc; } =20 /* @@ -4361,7 +4367,7 @@ void *vrealloc_node_align_noprof(const void *p, size_= t size, unsigned long align /* * We already have the bytes available in the allocation; use them. */ - if (size <=3D alloced_size) { + if (size <=3D vm->nr_pages << PAGE_SHIFT) { /* * No need to zero memory here, as unused memory will have * already been zeroed at initial allocation time or during --=20 2.43.0 From nobody Tue Jun 16 19:35:51 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A0953379EF6 for ; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; cv=none; b=G8HgM5Y73bH3eRbqI9goOQ7df3QxOw3Asu/XBn+2DE57gvdKyNArXYNkiRaZvN2eaIRXR3koT2IOge9uT/WPwPRuANG7jPJj7mwy1kUH0IY/WuYjyaw88q0EREZd9QhP1FsMgwp6TiqYpt5PXFMZgoXdeQR9plIz9kzjNj/+L0M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; c=relaxed/simple; bh=SJ30GWFN4+KJwvu2SkHYFnnx3JTg7f9fYWex6LSkOx4=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Vj+HlD1tHu33vkoHW3AnzDQHGe48WaI1fdWDpaTMyK/QjJ39RE5lbv4jbptQ4lFnAbgKhFfNfpIMRo8ZERZojrg9TWhubeQHT+BW0KMUCXUnZtIaVZyZbhfC3Dz64Ac7jTT/kA0AOlA8d/bNZZ78QSxkn1Q1D32yKkV4oYua3v0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=femgGUzc; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="femgGUzc" Received: by smtp.kernel.org (Postfix) with ESMTPS id 6B359C2BCB7; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1776704239; bh=SJ30GWFN4+KJwvu2SkHYFnnx3JTg7f9fYWex6LSkOx4=; h=From:Date:Subject:References:In-Reply-To:To:Cc:Reply-To:From; b=femgGUzczKAiiwbYxS9FVIO7GW5QhRIlkPhQAkkJ4YN+7mDD+ujmDiT04eK+Z8/EG IsBoyqHJbGkz1z5Up5A/wkrzD0BYdXysRcnoM/xrSQr8L+FX+nEVKlzQcttosL5dgv XcsPUhpJ4mkyxW4xYBrYDDFZk93SNoViuJ/4wN8Gg2COfw/WYkjD6y6PEa+Su7R73y Wh3GOSW1x2cPZcrzs1SYkC+nE8EKHKAVHJnCmPq8oTBgiUTBevPFVYzGjPLJsnH6Zy g+4NqF3vzedUEDqZZ76TwNW4nDyOiW/GDkpPpN8DYcyHHa7kJON1MHWB63DlIa0lQ2 Nt+6JGce5Kyzw== Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6204CF5A8A1; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) From: Shivam Kalra via B4 Relay Date: Mon, 20 Apr 2026 22:27:11 +0530 Subject: [PATCH v11 3/5] mm/vmalloc: use physical page count in vread_iter() Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260420-vmalloc-shrink-v11-3-cad80b00853a@zohomail.in> References: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> In-Reply-To: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> To: Andrew Morton , Uladzislau Rezki Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Alice Ryhl , Danilo Krummrich , Shivam Kalra X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1776704237; l=1268; i=shivamkalra98@zohomail.in; s=20260212; h=from:subject:message-id; bh=NPDgNUyDHjfdan34PgKxqmgFCh6tKET1umIY26Q4uaY=; b=KgkDPSioYeTnR140puLbvW28CSF6EqahesvZ6SQGiBF6Fu8mF7wN2cgAz+0/jc0mU4nxKNkwC YXypTICZ8sRA8Ueh9Qfo4aEwsOSPW1rrc3NsflepG5rQ/o1cpF7KwUO X-Developer-Key: i=shivamkalra98@zohomail.in; a=ed25519; pk=9Q+S1LD/xjbjL7bEaLIlwRADBwU/6LJq7lYm8LFrkQE= X-Endpoint-Received: by B4 Relay for shivamkalra98@zohomail.in/20260212 with auth_id=633 X-Original-From: Shivam Kalra Reply-To: shivamkalra98@zohomail.in From: Shivam Kalra Update vread_iter() to derive the vm area size from vm->nr_pages rather than get_vm_area_size(). Currently both values are equivalent, but the upcoming vrealloc() shrink functionality will free pages without reducing the virtual reservation size. After such a shrink, the old get_vm_area_size() based calculation would overestimate the mapped range, causing vread_iter() to attempt reading from unmapped addresses. Switch to vm->nr_pages now so the reader remains correct once shrink support is added. Signed-off-by: Shivam Kalra Suggested-by: Danilo Krummrich --- mm/vmalloc.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/mm/vmalloc.c b/mm/vmalloc.c index 9e2a08c56322..4cae531ac0ee 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c @@ -4666,7 +4666,14 @@ long vread_iter(struct iov_iter *iter, const char *a= ddr, size_t count) smp_rmb(); =20 vaddr =3D (char *) va->va_start; - size =3D vm ? get_vm_area_size(vm) : va_size(va); + if (vm) + /* + * Cannot use get_vm_area_size() because realloc() + * may shrink the mapping and area->size may be outdated. + */ + size =3D vm->nr_pages << PAGE_SHIFT; + else + size =3D va_size(va); =20 if (addr >=3D vaddr + size) goto next_va; --=20 2.43.0 From nobody Tue Jun 16 19:35:51 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 97CA5346E67 for ; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; cv=none; b=KL6Q8jq1FrnH70XypgJAqX69eJitMzwONWE9x1FZHr3rmC1Sd3rmw8xsYMUKQwujlsfbkiwjZ6yTi0dQurQahvas/HYaqanwqWz2b1RL/wpGc847oxEsHnSuiareytxdeDcQtxgEumXb3NsciVzRsuXXqY7wWuOhfdd7KZYZ3FE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; c=relaxed/simple; bh=nbDch8qNmD2PmZstQv8hUA2t+gwg++VjJaVGcevRf6A=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=aUvPvfTYl3H3SmQzD5YsSVY3V+OJXFnq1IO+2qMJHI650G/EfOqR9NTcelwqTh2SS07S58oRWVkCTJcGqWUoo4a8JGcXnOBLmhJhKThmbiIx7/njNB5XpTfDRHoYeysJQw7spkDyO/SiZ34nR57nOqspXD7gmmEUJkhIG5qLEN0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=MGgntb/h; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="MGgntb/h" Received: by smtp.kernel.org (Postfix) with ESMTPS id 77AA8C2BCC4; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1776704239; bh=nbDch8qNmD2PmZstQv8hUA2t+gwg++VjJaVGcevRf6A=; h=From:Date:Subject:References:In-Reply-To:To:Cc:Reply-To:From; b=MGgntb/hZjyH8zFsEhoIgu0Poy50IcMReG8HeM6hf7/6DegbrUYnjK1RdFa7m819M 11BSW0bPiuJsGP8U/C2pEHC4pQ9FDxvYErFap9cMIJMSKfCZ/6PNLEjvE6tUt+7xMb CdpgJOrR+S1oPXbzYTDg1MNzm4PeqScKdv83aXUe9fG2u2UzO6Tno4Mh62MX8Z+xeW /tDT3r/NxQ/zXlUdW33IOg+3U+LV/3n7R3s3Ae+8YPSDv/NoWyLd92OzlHBmFWFli0 o3OURGAcoJLY1AiMWD+fWR/ub2QaTw6dP79rQBI6+nvsRczB9GUXqHWvRIvx4vdw+k pXNl7YNExctbw== Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 724E0F5A8A0; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) From: Shivam Kalra via B4 Relay Date: Mon, 20 Apr 2026 22:27:12 +0530 Subject: [PATCH v11 4/5] mm/vmalloc: free unused pages on vrealloc() shrink Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260420-vmalloc-shrink-v11-4-cad80b00853a@zohomail.in> References: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> In-Reply-To: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> To: Andrew Morton , Uladzislau Rezki Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Alice Ryhl , Danilo Krummrich , Shivam Kalra X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1776704237; l=4129; i=shivamkalra98@zohomail.in; s=20260212; h=from:subject:message-id; bh=Ejsyev6YtrpwqZdKS6VyLq8ONR7Vuz9iTkbUX2IIfik=; b=1ECGteSrYPla6KOiK5fuCLIGZFolTGbAggmuYhMRgyTz2b68KxaCzYCHk21qxjLyR0jk8l4Wo j7idhVf3TL1AmDu1Ct74v6u6hBrBU5exTMJfsMsVWolzBazYCHwhc2g X-Developer-Key: i=shivamkalra98@zohomail.in; a=ed25519; pk=9Q+S1LD/xjbjL7bEaLIlwRADBwU/6LJq7lYm8LFrkQE= X-Endpoint-Received: by B4 Relay for shivamkalra98@zohomail.in/20260212 with auth_id=633 X-Original-From: Shivam Kalra Reply-To: shivamkalra98@zohomail.in From: Shivam Kalra When vrealloc() shrinks an allocation and the new size crosses a page boundary, unmap and free the tail pages that are no longer needed. This reclaims physical memory that was previously wasted for the lifetime of the allocation. The heuristic is simple: always free when at least one full page becomes unused. Huge page allocations (page_order > 0) are skipped, as partial freeing would require splitting. Allocations with VM_FLUSH_RESET_PERMS are also skipped, as their direct-map permissions must be reset before pages are returned to the page allocator, which is handled by vm_reset_perms() during vfree(). Additionally, allocations with VM_USERMAP are skipped because remap_vmalloc_range_partial() validates mapping requests against the unchanged vm->size; freeing tail pages would cause vmalloc_to_page() to return NULL for the unmapped range. To protect concurrent readers, the shrink path uses Node lock to synchronize before freeing the pages. Finally, we notify kmemleak of the reduced allocation size using kmemleak_free_part() to prevent the kmemleak scanner from faulting on the newly unmapped virtual addresses. The virtual address reservation (vm->size / vmap_area) is intentionally kept unchanged, preserving the address for potential future grow-in-place support. Suggested-by: Danilo Krummrich Signed-off-by: Shivam Kalra --- mm/vmalloc.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 52 insertions(+), 4 deletions(-) diff --git a/mm/vmalloc.c b/mm/vmalloc.c index 4cae531ac0ee..8c37bdaee85b 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c @@ -4351,14 +4351,62 @@ void *vrealloc_node_align_noprof(const void *p, siz= e_t size, unsigned long align goto need_realloc; } =20 - /* - * TODO: Shrink the vm_area, i.e. unmap and free unused pages. What - * would be a good heuristic for when to shrink the vm_area? - */ if (size <=3D old_size) { + unsigned int new_nr_pages =3D PAGE_ALIGN(size) >> PAGE_SHIFT; + /* Zero out "freed" memory, potentially for future realloc. */ if (want_init_on_free() || want_init_on_alloc(flags)) memset((void *)p + size, 0, old_size - size); + + /* + * Free tail pages when shrink crosses a page boundary. + * + * Skip huge page allocations (page_order > 0) as partial + * freeing would require splitting. + * + * Skip VM_FLUSH_RESET_PERMS, as direct-map permissions must + * be reset before pages are returned to the allocator. + * + * Skip VM_USERMAP, as remap_vmalloc_range_partial() validates + * mapping requests against the unchanged vm->size; freeing + * tail pages would cause vmalloc_to_page() to return NULL for + * the unmapped range. + * + * Skip if either GFP_NOFS or GFP_NOIO are used. + * kmemleak_free_part() internally allocates with + * GFP_KERNEL, which could trigger a recursive deadlock + * if we are under filesystem or I/O reclaim. + */ + if (new_nr_pages < vm->nr_pages && !vm_area_page_order(vm) && + !(vm->flags & (VM_FLUSH_RESET_PERMS | VM_USERMAP)) && + gfp_has_io_fs(flags)) { + unsigned long addr =3D (unsigned long)kasan_reset_tag(p); + unsigned int old_nr_pages =3D vm->nr_pages; + + /* + * Use the node lock to synchronize with concurrent + * readers (vmalloc_info_show). + */ + struct vmap_node *vn =3D addr_to_node(addr); + + spin_lock(&vn->busy.lock); + vm->nr_pages =3D new_nr_pages; + spin_unlock(&vn->busy.lock); + + /* Notify kmemleak of the reduced allocation size before unmapping. */ + kmemleak_free_part( + (void *)addr + ((unsigned long)new_nr_pages + << PAGE_SHIFT), + (unsigned long)(old_nr_pages - new_nr_pages) + << PAGE_SHIFT); + + vunmap_range(addr + ((unsigned long)new_nr_pages + << PAGE_SHIFT), + addr + ((unsigned long)old_nr_pages + << PAGE_SHIFT)); + + vm_area_free_pages(vm, new_nr_pages, old_nr_pages); + } vm->requested_size =3D size; kasan_vrealloc(p, old_size, size); return (void *)p; --=20 2.43.0 From nobody Tue Jun 16 19:35:51 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BCD2937AA61 for ; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; cv=none; b=J3oh7gAMaruMppsBXy3SUrHfDU6pxnyXZOi6QntZcvB6L2m3IEI+sFrxd1QSI3ocovBiqlbi7PAe0Ki3KqssHWoGnOT1ajB+2GsTl7fZo7fxW81SX7sPZhupHXv/7UDzbZbsG2rPYeFjJaUcQIZy7I30RFrndUEuEO/q2qG3Gn0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776704239; c=relaxed/simple; bh=NgcWajqEHrBjrpmlHzE3kqeLHOp/AqP67j8VknlwGaM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ByjENm4ZA1JWF6ev8Hrw0XOyTWXMsMTZpyiUdcrhjNxKdPn5FJ4ZTgvD7b61aKGVGubZlZmYzzaqt3OejWM7TsaTf92bHJutkreoHIBdr7DZN9ZRFDd0PSa5FQOv3TMPiYLsOuxZDsfDtxCMmJLngMfBwgPdLQussX7trE7IJ08= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=e/30oac4; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="e/30oac4" Received: by smtp.kernel.org (Postfix) with ESMTPS id 8A295C2BCB3; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1776704239; bh=NgcWajqEHrBjrpmlHzE3kqeLHOp/AqP67j8VknlwGaM=; h=From:Date:Subject:References:In-Reply-To:To:Cc:Reply-To:From; b=e/30oac4n2UJ9xBcXQ3Cbq2uMnype14ch+8sacJUzO+Gqjdw06dnBtYXFejeg8as5 6hRgy1GtlH3cQUlylDRaEJqg9/FUEcRKVsz7BG4mkS52bimZTJRMkdrZ9ZV8UwHkcS 0yEzdT2305W/ZXSZ1JQylZhJD1/w+4BVBnsciH9By+VVlrCND2kyXpSwLtNGHUxcfK ve3/mTi4Io6xd/9IGIHG77aN0y2GhZzyzpFeWZ25jq75nI3a4TdvsLqqhBmEZJW0Ox bBO8yJEMQWkWK7MO/Sl0TUiXTByGVCV9zd5CT7exYghs5ENGQIvcZ80AD7ENv0gS3w vBiTJ4xSeqNsw== Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 80F13F5A8A1; Mon, 20 Apr 2026 16:57:19 +0000 (UTC) From: Shivam Kalra via B4 Relay Date: Mon, 20 Apr 2026 22:27:13 +0530 Subject: [PATCH v11 5/5] lib/test_vmalloc: add vrealloc test case Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260420-vmalloc-shrink-v11-5-cad80b00853a@zohomail.in> References: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> In-Reply-To: <20260420-vmalloc-shrink-v11-0-cad80b00853a@zohomail.in> To: Andrew Morton , Uladzislau Rezki Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Alice Ryhl , Danilo Krummrich , Shivam Kalra X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1776704237; l=2905; i=shivamkalra98@zohomail.in; s=20260212; h=from:subject:message-id; bh=yP1QXayDidKnNU2S8I7BqJprRzQI2mQyl0fytHsaqPM=; b=Vy9ocWlhJYS1DG8K4aEaxMOhv+Hl3XH7BN6FnOKgb9Y0luXZYOlCryPB/d73wBG2Jv/5l+vik LcnLvukWIrPCzPf7uflN9HMWGbjii9GLcRIxMHH6lgNgzLLy0Fo4W6K X-Developer-Key: i=shivamkalra98@zohomail.in; a=ed25519; pk=9Q+S1LD/xjbjL7bEaLIlwRADBwU/6LJq7lYm8LFrkQE= X-Endpoint-Received: by B4 Relay for shivamkalra98@zohomail.in/20260212 with auth_id=633 X-Original-From: Shivam Kalra Reply-To: shivamkalra98@zohomail.in From: Shivam Kalra Introduce a new test case "vrealloc_test" that exercises the vrealloc() shrink and in-place grow paths: - Grow beyond allocated pages (triggers full reallocation). - Shrink crossing a page boundary (frees tail pages). - Shrink within the same page (no page freeing). - Grow within the already allocated page count (in-place). Data integrity is validated after each realloc step by checking that the first byte of the original allocation is preserved. The test is gated behind run_test_mask bit 12 (id 4096). Reviewed-by: Uladzislau Rezki (Sony) Signed-off-by: Shivam Kalra Suggested-by: Danilo Krummrich --- lib/test_vmalloc.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++= ++++ 1 file changed, 62 insertions(+) diff --git a/lib/test_vmalloc.c b/lib/test_vmalloc.c index 876c72c18a0c..b23f85e8f8ca 100644 --- a/lib/test_vmalloc.c +++ b/lib/test_vmalloc.c @@ -55,6 +55,7 @@ __param(int, run_test_mask, 7, "\t\tid: 512, name: kvfree_rcu_2_arg_vmalloc_test\n" "\t\tid: 1024, name: vm_map_ram_test\n" "\t\tid: 2048, name: no_block_alloc_test\n" + "\t\tid: 4096, name: vrealloc_test\n" /* Add a new test case description here. */ ); =20 @@ -421,6 +422,66 @@ vm_map_ram_test(void) return nr_allocated !=3D map_nr_pages; } =20 +static int vrealloc_test(void) +{ + void *ptr, *tmp; + int i; + + for (i =3D 0; i < test_loop_count; i++) { + int err =3D -1; + + ptr =3D vrealloc(NULL, PAGE_SIZE, GFP_KERNEL); + if (!ptr) + return -1; + + *((__u8 *)ptr) =3D 'a'; + + /* Grow: beyond allocated pages, triggers full realloc. */ + tmp =3D vrealloc(ptr, 4 * PAGE_SIZE, GFP_KERNEL); + if (!tmp) + goto error; + ptr =3D tmp; + + if (*((__u8 *)ptr) !=3D 'a') + goto error; + + /* Shrink: crosses page boundary, frees tail pages. */ + tmp =3D vrealloc(ptr, PAGE_SIZE, GFP_KERNEL); + if (!tmp) + goto error; + ptr =3D tmp; + + if (*((__u8 *)ptr) !=3D 'a') + goto error; + + /* Shrink: within same page, no page freeing. */ + tmp =3D vrealloc(ptr, PAGE_SIZE / 2, GFP_KERNEL); + if (!tmp) + goto error; + ptr =3D tmp; + + if (*((__u8 *)ptr) !=3D 'a') + goto error; + + /* Grow: within allocated page, in-place, no realloc. */ + tmp =3D vrealloc(ptr, PAGE_SIZE, GFP_KERNEL); + if (!tmp) + goto error; + ptr =3D tmp; + + if (*((__u8 *)ptr) !=3D 'a') + goto error; + + err =3D 0; +error: + vfree(ptr); + if (err) + return err; + } + + return 0; +} + struct test_case_desc { const char *test_name; int (*test_func)(void); @@ -440,6 +501,7 @@ static struct test_case_desc test_case_array[] =3D { { "kvfree_rcu_2_arg_vmalloc_test", kvfree_rcu_2_arg_vmalloc_test, }, { "vm_map_ram_test", vm_map_ram_test, }, { "no_block_alloc_test", no_block_alloc_test, true }, + { "vrealloc_test", vrealloc_test, }, /* Add a new test case here. */ }; =20 --=20 2.43.0