[PATCH] alloca: fix subtraction of two alloca pointers

public inbox for dtrace@lists.linux.dev
 help / color / mirror / Atom feed

* [PATCH] alloca: fix subtraction of two alloca pointers
@ 2025-08-30  5:55 Kris Van Hees
  2025-09-01 17:13 ` Eugene Loh
  0 siblings, 1 reply; 3+ messages in thread
From: Kris Van Hees @ 2025-08-30  5:55 UTC (permalink / raw)
  To: dtrace, dtrace-devel

The subtraction of two alloca pointers should not be receiving the
ALLOCA taint because it is an integer value (of type ptrdiff_t).

Signed-off-by: Kris Van Hees <kris.van.hees@oracle.com>
---
 libdtrace/dt_parser.c                         |  8 ++++-
 test/unittest/funcs/alloca/tst.alloca-arith.d | 29 +++++++++++++++++++
 test/unittest/funcs/alloca/tst.alloca-funcs.d |  3 +-
 test/unittest/funcs/alloca/tst.alloca-funcs.r |  3 +-
 4 files changed, 40 insertions(+), 3 deletions(-)
 create mode 100644 test/unittest/funcs/alloca/tst.alloca-arith.d

diff --git a/libdtrace/dt_parser.c b/libdtrace/dt_parser.c
index 65baa2603..006b4b6e1 100644
--- a/libdtrace/dt_parser.c
+++ b/libdtrace/dt_parser.c
@@ -3618,7 +3618,13 @@ dt_cook_op2(dt_node_t *dnp, uint_t idflags)
 
 		dt_node_type_assign(dnp, ctfp, type);
 		dt_node_attr_assign(dnp, dt_attr_min(lp->dn_attr, rp->dn_attr));
-		dt_node_prop_alloca(dnp, lp, rp);
+
+		/*
+		 * Only propagate ALLOCA taint if this is not a subtraction of
+		 * two pointers.
+		 */
+		if (!lp_is_ptr || !rp_is_ptr)
+			dt_node_prop_alloca(dnp, lp, rp);
 
 		if (xflags)
 			dnp->dn_flags |= xflags;
diff --git a/test/unittest/funcs/alloca/tst.alloca-arith.d b/test/unittest/funcs/alloca/tst.alloca-arith.d
new file mode 100644
index 000000000..6a7bc3354
--- /dev/null
+++ b/test/unittest/funcs/alloca/tst.alloca-arith.d
@@ -0,0 +1,29 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2025, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: Subtracting alloca pointers yields a plain integer value.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+	x = (char *)alloca(1);
+	x = (char *)alloca(10);
+	y = (char *)alloca(1);
+	z = y - x;
+	z /= 8;
+	exit(z == 2 ? 0 : 1);
+}
+
+ERROR
+{
+	exit(1);
+}
diff --git a/test/unittest/funcs/alloca/tst.alloca-funcs.d b/test/unittest/funcs/alloca/tst.alloca-funcs.d
index abeaa0463..a716d27d5 100644
--- a/test/unittest/funcs/alloca/tst.alloca-funcs.d
+++ b/test/unittest/funcs/alloca/tst.alloca-funcs.d
@@ -21,13 +21,14 @@
 
 BEGIN
 {
+	base = (char *)alloca(0);
 	x = (char *) alloca(8);
 	x[0] = 'a';
 	x[1] = '/';
 	x[2] = 'b';
 	x[3] = 0;
 	printf("%s\n", stringof(x));
-	trace(x);
+	printf("%x\n", x - base);
 }
 
 BEGIN
diff --git a/test/unittest/funcs/alloca/tst.alloca-funcs.r b/test/unittest/funcs/alloca/tst.alloca-funcs.r
index 7a618a62a..96708b76a 100644
--- a/test/unittest/funcs/alloca/tst.alloca-funcs.r
+++ b/test/unittest/funcs/alloca/tst.alloca-funcs.r
@@ -1,2 +1,3 @@
 a/b
-8b11/b/b3a/b//baba
+0
+b11/b/b3a/b//baba
-- 
2.45.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] alloca: fix subtraction of two alloca pointers
  2025-08-30  5:55 [PATCH] alloca: fix subtraction of two alloca pointers Kris Van Hees
@ 2025-09-01 17:13 ` Eugene Loh
  2025-09-11 20:42   ` Kris Van Hees
  0 siblings, 1 reply; 3+ messages in thread
From: Eugene Loh @ 2025-09-01 17:13 UTC (permalink / raw)
  To: Kris Van Hees, dtrace, dtrace-devel

Reviewed-by: Eugene Loh <eugene.loh@oracle.com>
though...

On 8/30/25 01:55, Kris Van Hees wrote:
> diff --git a/test/unittest/funcs/alloca/tst.alloca-arith.d b/test/unittest/funcs/alloca/tst.alloca-arith.d
> @@ -0,0 +1,29 @@
> +BEGIN
> +{
> +	x = (char *)alloca(1);

This is okay, but is it dead, vestigial code?

> +	x = (char *)alloca(10);
> +	y = (char *)alloca(1);
> +	z = y - x;
> +	z /= 8;

This is okay, but how about skipping the /8 and just testing for 16?  If 
you're worried about padding changes in the future(?), then the x 
alloca() could become alloca(16).

> +	exit(z == 2 ? 0 : 1);
> +}

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] alloca: fix subtraction of two alloca pointers
  2025-09-01 17:13 ` Eugene Loh
@ 2025-09-11 20:42   ` Kris Van Hees
  0 siblings, 0 replies; 3+ messages in thread
From: Kris Van Hees @ 2025-09-11 20:42 UTC (permalink / raw)
  To: Eugene Loh; +Cc: Kris Van Hees, dtrace, dtrace-devel

On Mon, Sep 01, 2025 at 01:13:49PM -0400, Eugene Loh wrote:
> Reviewed-by: Eugene Loh <eugene.loh@oracle.com>

Thanks.

> though...
> 
> On 8/30/25 01:55, Kris Van Hees wrote:
> > diff --git a/test/unittest/funcs/alloca/tst.alloca-arith.d b/test/unittest/funcs/alloca/tst.alloca-arith.d
> > @@ -0,0 +1,29 @@
> > +BEGIN
> > +{
> > +	x = (char *)alloca(1);
> 
> This is okay, but is it dead, vestigial code?

No, it is part of the logic used here and in other tests to ensure that the
alloca mgmt code ensures proper alignment.
> 
> > +	x = (char *)alloca(10);
> > +	y = (char *)alloca(1);
> > +	z = y - x;
> > +	z /= 8;
> 
> This is okay, but how about skipping the /8 and just testing for 16?  If
> you're worried about padding changes in the future(?), then the x alloca()
> could become alloca(16).

Same as above... part of the logic to also verify that alignment is done
right.  In this case, it matters in terms of the pointer subtraction code
which uses the base type size to make the subtraction give the number of
element between the two pointers rather than just bytes.

> > +	exit(z == 2 ? 0 : 1);
> > +}

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-09-11 20:43 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-30  5:55 [PATCH] alloca: fix subtraction of two alloca pointers Kris Van Hees
2025-09-01 17:13 ` Eugene Loh
2025-09-11 20:42   ` Kris Van Hees

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox