From nobody Sun Jun 14 17:36:54 2026 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B5B72777FC for ; Sat, 4 Apr 2026 11:50:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=159.69.126.157 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775303429; cv=none; b=iDSVHQR2oES8UUhPgwPXba3hkW0AvSiuKC6bV9gvftp6TA4eCgYdQtLAEQZVUYlMfcpQIXEiQkhmWeRHUqRbko8B6gzTPLqT9av2IBoDDaUYWk0V5g/QCCetsKPe6/VUEjv3Iszfj9Fw0UdJOUMDx/Gl7QWqYFLPw0CkhSYoh34= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775303429; c=relaxed/simple; bh=wo/0USU44xB3nKCEEThLUh0rOm8wv4hnJLxtV1ao/Pk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Ef5d3DPL1k2n+BLSNI+HPLXns6XNUa3yzc2BJt6Y/+9PGtUY5ITRq817X7XYPMg1kwun8cit4mYF6XiK5G6LYHcZn4XhoSIAfVORISyf+X0bzBBG58JZLDjItsDlsMFI5Bp4YtndiK/hoN7po5wyojiqkTuuPT4KwBcTORzF+Zg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net; spf=pass smtp.mailfrom=weissschuh.net; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b=kbHilrDz; arc=none smtp.client-ip=159.69.126.157 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=weissschuh.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="kbHilrDz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1775303426; bh=wo/0USU44xB3nKCEEThLUh0rOm8wv4hnJLxtV1ao/Pk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=kbHilrDzoxL6yzVuVnam6LlfXJZ0VW+pQu4tqe9i7CP49uslo6R7G/HLJddFzCdci 4QZzCYGEGGw/0i19WgoyuUd1b173tqnlC9uYibmRDtcyCqOe2Bvj8UiHXdtM0sZJGt ANg+ueBco8JOxpqXj+k0pM+GhPm1uvayqM0Qzcj8= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Sat, 04 Apr 2026 13:50:19 +0200 Subject: [PATCH v2 1/2] tools/nolibc: check for overflow in calloc() without divisions Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260404-nolibc-asprintf-v2-1-17d2d0df9763@weissschuh.net> References: <20260404-nolibc-asprintf-v2-0-17d2d0df9763@weissschuh.net> In-Reply-To: <20260404-nolibc-asprintf-v2-0-17d2d0df9763@weissschuh.net> To: Willy Tarreau Cc: linux-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.15.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1775303426; l=1033; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=wo/0USU44xB3nKCEEThLUh0rOm8wv4hnJLxtV1ao/Pk=; b=FtqTZia/B7AuJhukxpL1FYZFywO6e9m6PlCWWi8nTVj/o/rzDveGoCYDPp95btpyV+pEPfhdX B0Tj+J47MRlBmHUPaaxpg0ayUFqwT6CnPcUjtXqQOogfq302Mx9bYui X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= On some architectures without native division instructions the division can generate calls into libgcc/compiler-rt. This library might not be available, so its use should be avoided. Use the compiler builtin to check for overflows without needing a division. The builtin has been available since GCC 3 and clang 3.8. Signed-off-by: Thomas Wei=C3=9Fschuh Acked-by: Willy Tarreau --- tools/include/nolibc/stdlib.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/include/nolibc/stdlib.h b/tools/include/nolibc/stdlib.h index 2113a8e7695d..1816c2368b68 100644 --- a/tools/include/nolibc/stdlib.h +++ b/tools/include/nolibc/stdlib.h @@ -145,9 +145,9 @@ void *malloc(size_t len) static __attribute__((unused)) void *calloc(size_t size, size_t nmemb) { - size_t x =3D size * nmemb; + size_t x; =20 - if (__builtin_expect(size && ((x / size) !=3D nmemb), 0)) { + if (__builtin_expect(__builtin_mul_overflow(size, nmemb, &x), 0)) { SET_ERRNO(ENOMEM); return NULL; } --=20 2.53.0 From nobody Sun Jun 14 17:36:54 2026 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4784831AAAA for ; Sat, 4 Apr 2026 11:50:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=159.69.126.157 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775303430; cv=none; b=uoC1uhB+eCPztdBIXPCbQ4F9S5M9uio7CPFClSj3VxmuRBLJagR8TEUwCtzhZKNIZgbHTBDHXwoJXDt8gUfmcDSkAR3G++Odq6ENPj4hQ5d6nV0uNqljrwapPApY32fL+J+tjx74mUdX3WLwDZIKn+y6ZACpzpNYVi8tH0L96i0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775303430; c=relaxed/simple; bh=x/wIBalD2W3BPQ4yRds2YCOElZH8yOw2wGZl0nT0dhU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=AP96M0N9IU8OnPNrTvHQWHqli2d5lAx1b2uVOEEtrj2dtqJsvcvepg+eZBuMgID1B/QKr4u/8vqfSTfvqsBuzDRgDKGrpf9o/CdnWz6DhXCkmL2U5wnjX1Nioe4cw2DQbrY4RO0akcM0103/BQz0kLCm1tNCP0FGD7kZo7DBuL0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net; spf=pass smtp.mailfrom=weissschuh.net; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b=Z9JLb79x; arc=none smtp.client-ip=159.69.126.157 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=weissschuh.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="Z9JLb79x" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1775303426; bh=x/wIBalD2W3BPQ4yRds2YCOElZH8yOw2wGZl0nT0dhU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Z9JLb79xx6CKX350bieHGZAgreBk3oC0XcOv3r3NjfJhjoScyDnOBbYJsd7ma7/l+ pdYpr8+Jn3cbOHO0rFC4fo3cIjWaR3nGha29nboocWEL7rlZa1ZjGDpUJncevh69bE EeLkG1o/BBlAPGbL5FsYZFS2Ma1btyaelHo6nDLk= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Sat, 04 Apr 2026 13:50:20 +0200 Subject: [PATCH v2 2/2] selftests/nolibc: test the memory allocator Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260404-nolibc-asprintf-v2-2-17d2d0df9763@weissschuh.net> References: <20260404-nolibc-asprintf-v2-0-17d2d0df9763@weissschuh.net> In-Reply-To: <20260404-nolibc-asprintf-v2-0-17d2d0df9763@weissschuh.net> To: Willy Tarreau Cc: linux-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.15.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1775303426; l=2734; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=x/wIBalD2W3BPQ4yRds2YCOElZH8yOw2wGZl0nT0dhU=; b=Zg0XbIJjhArMg6VU/Zr9A65f8nk8vi0YLLggcKpCuvxjTwTqxSYK5Vj2OkMIXwJOJrnheF7yu mBGVlidK7XvDcecbMD/t35bH+5oiLWnqXZEFxBpF5yyFk0ttWOe9qUq X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= The memory allocator has not seen any testing so far. Add a simple testcase for it. Suggested-by: Willy Tarreau Link: https://lore.kernel.org/lkml/adDRK8D6YBZgv36H@1wt.eu/ Signed-off-by: Thomas Wei=C3=9Fschuh Acked-by: Willy Tarreau --- This is the proposal from Willy with some improvements: * Check that calloc() returns zeroed memory * Test the page-based invariants for all page sizes * Use named variables instead of hardcoded values * Fix a segfault --- tools/testing/selftests/nolibc/nolibc-test.c | 55 ++++++++++++++++++++++++= ++++ 1 file changed, 55 insertions(+) diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/s= elftests/nolibc/nolibc-test.c index 91d95a152568..dd10402267ee 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -1555,6 +1555,60 @@ int test_time_types(void) return 0; } =20 +int test_malloc(void) +{ + size_t sz_array1, sz_array2, sz_array3; + int *array1, *array2, *array3; + int pagesize =3D getpagesize(); + size_t idx; + + if (pagesize < 0) + return 1; + + /* Dependent on the page size, as that is the granularity of our allocato= r. */ + sz_array1 =3D pagesize / 2; + array1 =3D malloc(sz_array1 * sizeof(*array1)); + if (!array1) + return 2; + + for (idx =3D 0; idx < sz_array1; idx++) + array1[idx] =3D idx; + + sz_array2 =3D pagesize * 2; + array2 =3D calloc(sz_array2, sizeof(*array2)); + if (!array2) { + free(array1); + return 3; + } + + for (idx =3D 0; idx < sz_array2; idx++) { + if (array2[idx] !=3D 0) { + free(array2); + return 4; + } + array2[idx] =3D idx + sz_array1; + } + + /* Resize array1 into array3 and append array2 at the end. */ + sz_array3 =3D sz_array1 + sz_array2; + array3 =3D realloc(array1, sz_array3 * sizeof(*array3)); + if (!array3) { + free(array2); + free(array1); + return 5; + } + memcpy(array3 + sz_array1, array2, sizeof(*array2) * sz_array2); + free(array2); + + /* The contents must be contiguous now. */ + for (idx =3D 0; idx < sz_array3; idx++) + if (array3[idx] !=3D (int)idx) + return 6; + + free(array3); + return 0; +} + int run_stdlib(int min, int max) { int test; @@ -1687,6 +1741,7 @@ int run_stdlib(int min, int max) CASE_TEST(makedev_big); EXPECT_EQ(1, makedev(0x11223344, 0x5= 5667788), 0x1122355667734488); break; CASE_TEST(major_big); EXPECT_EQ(1, major(0x112235566773448= 8), 0x11223344); break; CASE_TEST(minor_big); EXPECT_EQ(1, minor(0x112235566773448= 8), 0x55667788); break; + CASE_TEST(malloc); EXPECT_ZR(1, test_malloc()); break; =20 case __LINE__: return ret; /* must be last */ --=20 2.53.0