https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93693
Bug ID: 93693 Summary: [GCOV] incorrect coverage when compiled with option '-fsanitize=undefined' for function defined inside other function Product: gcc Version: 9.2.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: gcov-profile Assignee: unassigned at gcc dot gnu.org Reporter: yangyibiao at hust dot edu.cn CC: marxin at gcc dot gnu.org Target Milestone: --- $ gdb -v GNU gdb (GDB) 9.0.50.20191210-git Copyright (C) 2019 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. $ gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/lto-wrapper Target: x86_64-pc-linux-gnu Configured with: /build/gcc/src/gcc/configure --prefix=/usr --libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/ --enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++,d --enable-shared --enable-threads=posix --with-system-zlib --with-isl --enable-__cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu --disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object --enable-linker-build-id --enable-lto --enable-plugin --enable-install-libiberty --with-linker-hash-style=gnu --enable-gnu-indirect-function --enable-multilib --disable-werror --enable-checking=release --enable-default-pie --enable-default-ssp --enable-cet=auto gdc_include_dir=/usr/include/dlang/gdc Thread model: posix gcc version 9.2.0 (GCC) $ cat small.c int N1 = 0; int foo(char a[2][++N1]) { N1 += 4; return sizeof(a[0]); } int bar(int N2) { int foo1(char a[2][++N2]) { N2 += 4; return sizeof(a[0]); } foo1(0); } int main() { foo(0); bar(0); } $ gcc -O0 --coverage -fsanitize=undefined small.c; ./a.out; gcov small.c; cat small.c.gcov File 'small.c' Lines executed:100.00% of 9 Creating 'small.c.gcov' -: 0:Source:small.c -: 0:Graph:small.gcno -: 0:Data:small.gcda -: 0:Runs:1 -: 1:int N1 = 0; -: 2: 1: 3:int foo(char a[2][++N1]) -: 4:{ 1: 5: N1 += 4; return sizeof(a[0]); -: 6:} -: 7: 1: 8:int bar(int N2) -: 9:{ 2: 10: int foo1(char a[2][++N2]) -: 11: { 1: 12: N2 += 4; return sizeof(a[0]); -: 13: } -: 14: 1: 15: foo1(0); 1: 16:} -: 17: 1: 18:int main() -: 19:{ 1: 20: foo(0); bar(0); -: 21:} ################################################################################ ### We can find that: Line #3 is executed 1 times. foo is executed one time. ### When function foo is defined inside other function, the coverage is incorrect with compilation option "-fsanitize=undefined". (Line #10 is executed 2 times.) ### While removing compilation option "-fsanitize=undefined", the coverage will be correct. ################################################################################