[valgrind] [Bug 497977] New: valgrind thinks that size_t is signed

Sat, 28 Dec 2024 03:20:51 -0800 

https://bugs.kde.org/show_bug.cgi?id=497977

            Bug ID: 497977
           Summary: valgrind thinks that size_t is signed
    Classification: Developer tools
           Product: valgrind
           Version: 3.19.0
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: jsew...@acm.org
          Reporter: vincent-...@vinc17.net
  Target Milestone: ---

SUMMARY
When outputting a message about a large size_t value, valgrind thinks that this
type is signed, while it is always unsigned according to the C standard.

STEPS TO REPRODUCE
1. Consider the following C program:

#include <stdlib.h>
int main (void)
{
  void *p = malloc ((size_t) -1);
  return p != NULL;
}

2. Compile it.
3. Run the executable with valgrind.

OBSERVED RESULT
qaa% valgrind ./tst
[...]
==1153312== Argument 'size' of function malloc has a fishy (possibly negative)
value: -1
==1153312==    at 0x48437B4: malloc (vg_replace_malloc.c:381)
==1153312==    by 0x401139: main (in /home/vinc17/tst)
[...]

Note the "possibly negative" and the output value "-1".

As a comparison, GCC is correct by regarding this value as positive when
outputting its warning:

qaa% gcc-snapshot tst.c -o tst
tst.c: In function 'main':
tst.c:4:13: warning: argument 1 value '18446744073709551615' exceeds maximum
object size 9223372036854775807 [-Walloc-size-larger-than=]
    4 |   void *p = malloc ((size_t) -1);
      |             ^~~~~~~~~~~~~~~~~~~~
In file included from tst.c:1:
/usr/include/stdlib.h:672:14: note: in a call to allocation function 'malloc'
declared here
  672 | extern void *malloc (size_t __size) __THROW __attribute_malloc__
      |              ^~~~~~

EXPECTED RESULT
The message must not say that the value is possibly negative and must not show
a negative value.

SOFTWARE/OS VERSIONS
valgrind-3.19.0 (valgrind 1:3.19.0-1 Debian package under Debian/unstable)

ADDITIONAL INFORMATION
I had reported the following Debian bug in 2020:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962772
where this issue showed up with GNU MPFR's tabort_defalloc1 and
tabort_defalloc2 tests from its testsuite (these tests are now disabled when
they are run under valgrind, but the above simple testcase allows one to
reproduce the wrong output). The goal of these MPFR tests is to test the
allocation functions with a huge positive value, such as "(size_t) -1".

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to