[PATCH v2 0/2] selftests/nolibc: test the memory allocator

[PATCH v2 0/2] selftests/nolibc: test the memory allocator

[Thomas Weißschuh]

The memory allocator has not seen any testing so far.

Add a simple testcase for it.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
Changes in v2:
- Previously part of "tools/nolibc: add support for asprintf()".
- Drop already applied patches.
- Fix compilation of calloc() on arm32 clang.
- Link to v1: https://patch.msgid.link/20260401-nolibc-asprintf-v1-0-46292313439f@weissschuh.net

---
Thomas Weißschuh (2):
      tools/nolibc: check for overflow in calloc() without divisions
      selftests/nolibc: test the memory allocator

 tools/include/nolibc/stdlib.h                |  4 +-
 tools/testing/selftests/nolibc/nolibc-test.c | 55 ++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+), 2 deletions(-)
---
base-commit: dc37eb25858658c2057970749c48311faed714c0
change-id: 20260401-nolibc-asprintf-a0a8b6115dc5

Best regards,
--  
Thomas Weißschuh <linux@weissschuh.net>

[PATCH v2 1/2] tools/nolibc: check for overflow in calloc() without divisions

[Thomas Weißschuh]

On some architectures without native division instructions
the division can generate calls into libgcc/compiler-rt.
This library might not be available, so its use should be avoided.

Use the compiler builtin to check for overflows without needing a
division. The builtin has been available since GCC 3 and clang 3.8.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
 tools/include/nolibc/stdlib.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/include/nolibc/stdlib.h b/tools/include/nolibc/stdlib.h
index 2113a8e7695d..1816c2368b68 100644
--- a/tools/include/nolibc/stdlib.h
+++ b/tools/include/nolibc/stdlib.h
@@ -145,9 +145,9 @@ void *malloc(size_t len)
 static __attribute__((unused))
 void *calloc(size_t size, size_t nmemb)
 {
-	size_t x = size * nmemb;
+	size_t x;
 
-	if (__builtin_expect(size && ((x / size) != nmemb), 0)) {
+	if (__builtin_expect(__builtin_mul_overflow(size, nmemb, &x), 0)) {
 		SET_ERRNO(ENOMEM);
 		return NULL;
 	}

-- 
2.53.0

[PATCH v2 2/2] selftests/nolibc: test the memory allocator

[Thomas Weißschuh]

The memory allocator has not seen any testing so far.

Add a simple testcase for it.

Suggested-by: Willy Tarreau <w@1wt.eu>
Link: https://lore.kernel.org/lkml/adDRK8D6YBZgv36H@1wt.eu/
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>

---
This is the proposal from Willy with some improvements:
* Check that calloc() returns zeroed memory
* Test the page-based invariants for all page sizes
* Use named variables instead of hardcoded values
* Fix a segfault
---
 tools/testing/selftests/nolibc/nolibc-test.c | 55 ++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c
index 91d95a152568..dd10402267ee 100644
--- a/tools/testing/selftests/nolibc/nolibc-test.c
+++ b/tools/testing/selftests/nolibc/nolibc-test.c
@@ -1555,6 +1555,60 @@ int test_time_types(void)
 	return 0;
 }
 
+int test_malloc(void)
+{
+	size_t sz_array1, sz_array2, sz_array3;
+	int *array1, *array2, *array3;
+	int pagesize = getpagesize();
+	size_t idx;
+
+	if (pagesize < 0)
+		return 1;
+
+	/* Dependent on the page size, as that is the granularity of our allocator. */
+	sz_array1 = pagesize / 2;
+	array1 = malloc(sz_array1 * sizeof(*array1));
+	if (!array1)
+		return 2;
+
+	for (idx = 0; idx < sz_array1; idx++)
+		array1[idx] = idx;
+
+	sz_array2 = pagesize * 2;
+	array2 = calloc(sz_array2, sizeof(*array2));
+	if (!array2) {
+		free(array1);
+		return 3;
+	}
+
+	for (idx = 0; idx < sz_array2; idx++) {
+		if (array2[idx] != 0) {
+			free(array2);
+			return 4;
+		}
+		array2[idx] = idx + sz_array1;
+	}
+
+	/* Resize array1 into array3 and append array2 at the end. */
+	sz_array3 = sz_array1 + sz_array2;
+	array3 = realloc(array1, sz_array3 * sizeof(*array3));
+	if (!array3) {
+		free(array2);
+		free(array1);
+		return 5;
+	}
+	memcpy(array3 + sz_array1, array2, sizeof(*array2) * sz_array2);
+	free(array2);
+
+	/* The contents must be contiguous now. */
+	for (idx = 0; idx < sz_array3; idx++)
+		if (array3[idx] != (int)idx)
+			return 6;
+
+	free(array3);
+	return 0;
+}
+
 int run_stdlib(int min, int max)
 {
 	int test;
@@ -1687,6 +1741,7 @@ int run_stdlib(int min, int max)
 		CASE_TEST(makedev_big);             EXPECT_EQ(1, makedev(0x11223344, 0x55667788), 0x1122355667734488); break;
 		CASE_TEST(major_big);               EXPECT_EQ(1, major(0x1122355667734488), 0x11223344); break;
 		CASE_TEST(minor_big);               EXPECT_EQ(1, minor(0x1122355667734488), 0x55667788); break;
+		CASE_TEST(malloc);                  EXPECT_ZR(1, test_malloc()); break;
 
 		case __LINE__:
 			return ret; /* must be last */

-- 
2.53.0

Re: [PATCH v2 0/2] selftests/nolibc: test the memory allocator

[Willy Tarreau]

On Sat, Apr 04, 2026 at 01:50:18PM +0200, Thomas Weißschuh wrote:
> The memory allocator has not seen any testing so far.
> 
> Add a simple testcase for it.
> 
> Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
> ---
> Changes in v2:
> - Previously part of "tools/nolibc: add support for asprintf()".
> - Drop already applied patches.
> - Fix compilation of calloc() on arm32 clang.
> - Link to v1: https://patch.msgid.link/20260401-nolibc-asprintf-v1-0-46292313439f@weissschuh.net

Nice improvement, thank you Thomas!

Acked-by: Willy Tarreau <w@1wt.eu>

Willy