[kvm-unit-tests PATCH v2] x86/lam: Allocate test page from AREA_LOW instead of AREA_NORMAL

[kvm-unit-tests PATCH v2] x86/lam: Allocate test page from AREA_LOW instead of AREA_NORMAL

[yexun]

The lam test does not set a guest memory size in x86/unittests.cfg, so
QEMU falls back to the default of 128 MiB. AREA_NORMAL starts at PFN
BIT(36-12), i.e. physical 64 GiB, which is never initialized in a
128 MiB guest. As a result, alloc_pages_flags(0, AREA_NORMAL) returns
NULL and test_lam_user() ends up running its LAM checks against a NULL
pointer, which is semantically meaningless even if the metadata-bit
arithmetic happens to succeed.

Allocate from AREA_LOW instead. AREA_LOW_PFN is BIT(24-12) (16 MiB),
well within a 128 MiB guest, and bits 63..47 of the resulting linear
address are still zero, so the LAM48/LAM57 metadata-bit checks remain
valid. Update the adjacent comment accordingly.

Fixes: 0164d7595c85 ("x86: Add test cases for LAM_{U48,U57}")
Signed-off-by: yexun <yexun@linux.alibaba.com>
---
v2: assert vaddr instead of pfn
v1: https://lore.kernel.org/all/20260601035401.39303-1-yexun@linux.alibaba.com/

 x86/lam.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/x86/lam.c b/x86/lam.c
index 87efc5dd..33772ecb 100644
--- a/x86/lam.c
+++ b/x86/lam.c
@@ -231,13 +231,13 @@ static void test_lam_user(void)
 	bool has_lam = this_cpu_has(X86_FEATURE_LAM);
 
 	/*
-	 * The physical address of AREA_NORMAL is within 36 bits, so that using
+	 * The physical address of AREA_LOW is within 36 bits, so that using
 	 * identical mapping, the linear address will be considered as user mode
 	 * address from the view of LAM, and the metadata bits are not used as
 	 * address for both LAM48 and LAM57.
 	 */
-	vaddr = alloc_pages_flags(0, AREA_NORMAL);
-	static_assert((AREA_NORMAL_PFN & GENMASK(63, 47)) == 0UL);
+	vaddr = alloc_pages_flags(0, AREA_LOW);
+	static_assert((vaddr & GENMASK(63, 47)) == 0UL);
 
 	/*
 	 * Note, LAM doesn't have a global control bit to turn on/off LAM
-- 
2.54.0

Re: [kvm-unit-tests PATCH v2] x86/lam: Allocate test page from AREA_LOW instead of AREA_NORMAL

[Binbin Wu]

On 6/2/2026 2:01 PM, yexun wrote:
> The lam test does not set a guest memory size in x86/unittests.cfg, so
> QEMU falls back to the default of 128 MiB. AREA_NORMAL starts at PFN
> BIT(36-12), i.e. physical 64 GiB, which is never initialized in a
> 128 MiB guest. As a result, alloc_pages_flags(0, AREA_NORMAL) returns
> NULL and test_lam_user() ends up running its LAM checks against a NULL
> pointer, which is semantically meaningless even if the metadata-bit
> arithmetic happens to succeed.
> 
> Allocate from AREA_LOW instead. AREA_LOW_PFN is BIT(24-12) (16 MiB),
> well within a 128 MiB guest, and bits 63..47 of the resulting linear
> address are still zero, so the LAM48/LAM57 metadata-bit checks remain
> valid. Update the adjacent comment accordingly.
> 
> Fixes: 0164d7595c85 ("x86: Add test cases for LAM_{U48,U57}")
> Signed-off-by: yexun <yexun@linux.alibaba.com>

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>

> ---
> v2: assert vaddr instead of pfn
> v1: https://lore.kernel.org/all/20260601035401.39303-1-yexun@linux.alibaba.com/
> 
>  x86/lam.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/x86/lam.c b/x86/lam.c
> index 87efc5dd..33772ecb 100644
> --- a/x86/lam.c
> +++ b/x86/lam.c
> @@ -231,13 +231,13 @@ static void test_lam_user(void)
>  	bool has_lam = this_cpu_has(X86_FEATURE_LAM);
>  
>  	/*
> -	 * The physical address of AREA_NORMAL is within 36 bits, so that using
> +	 * The physical address of AREA_LOW is within 36 bits, so that using
>  	 * identical mapping, the linear address will be considered as user mode
>  	 * address from the view of LAM, and the metadata bits are not used as
>  	 * address for both LAM48 and LAM57.
>  	 */
> -	vaddr = alloc_pages_flags(0, AREA_NORMAL);
> -	static_assert((AREA_NORMAL_PFN & GENMASK(63, 47)) == 0UL);
> +	vaddr = alloc_pages_flags(0, AREA_LOW);
> +	static_assert((vaddr & GENMASK(63, 47)) == 0UL);
>  
>  	/*
>  	 * Note, LAM doesn't have a global control bit to turn on/off LAM