Re: [PATCH] KVM: guest_memfd: Disable VMA merging with VM_DONTEXPAND

From: David Hildenbrand (Arm)

Date: Mon Feb 09 2026 - 14:38:17 EST


On 2/9/26 19:24, Ackerley Tng wrote:
"David Hildenbrand (Arm)" <david@xxxxxxxxxx> writes:

On 2/8/26 18:34, Ackerley Tng wrote:
Ackerley Tng <ackerleytng@xxxxxxxxxx> writes:


I trimmed the repro to this:

static void test_guest_memfd_repro(void)
{
struct kvm_vcpu *vcpu;
uint8_t *unaligned_mem;
struct kvm_vm *vm;
uint8_t *mem;
int fd;

vm = __vm_create_shape_with_one_vcpu(VM_SHAPE_DEFAULT, &vcpu, 1, guest_code);

fd = vm_create_guest_memfd(vm, SZ_2M * 2, GUEST_MEMFD_FLAG_MMAP |
GUEST_MEMFD_FLAG_INIT_SHARED);

unaligned_mem = mmap(NULL, SZ_2M + SZ_2M, PROT_READ | PROT_WRITE,
MAP_FIXED | MAP_SHARED, fd, 0);
mem = align_ptr_up(unaligned_mem, SZ_2M);
TEST_ASSERT(((unsigned long)mem & (SZ_2M - 1)) == 0, "returned
address must be aligned to SZ_2M");

TEST_ASSERT_EQ(madvise(mem, SZ_2M, MADV_HUGEPAGE), 0);

for (int i = 0; i < SZ_2M; i += SZ_4K)
READ_ONCE(mem[i]);

TEST_ASSERT_EQ(madvise(mem, SZ_2M, MADV_COLLAPSE), 0);

TEST_ASSERT_EQ(madvise(mem, SZ_2M, MADV_DONTNEED), 0);

/* This triggers the WARNing. */
READ_ONCE(mem[0]);

munmap(unaligned_mem, SZ_2M * 2);

close(fd);
kvm_vm_free(vm);
}

And tried to replace the fd creation the secretmem equivalent

fd = syscall(__NR_memfd_secret, 0);
TEST_ASSERT(fd >= 0, "Couldn't create secretmem fd.");
TEST_ASSERT_EQ(ftruncate(fd, SZ_2M * 2), 0);

Should a guest_memfd selftest be added to cover this?

MADV_COLLAPSE fails with EINVAL, but it does go through to
hpage_collapse_scan_file() -> collapse_file(), before failing because
when collapsing the page, copy_mc_highpage() returns > 0.

Just what I suspected. :)

Thanks for digging into the details!


Happy to help :)

In general, do we want the reproducers added as selftests? Should this
be added as part of tools/testing/selftests/kvm/guest_memfd_test.c

I guess adding it to guest_memfd_test.c and asserting that MADV_COLLAPSE fails as expected could be a reasonable test case. It's not a lot of code and easy to verify.

--
Cheers,

David