https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121896
Bug ID: 121896
Summary: "Then" clause is reported to have the same execution
counter as the whole "if" statements triggered by
function with pointer arguments
Product: gcc
Version: 16.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: gcov-profile
Assignee: unassigned at gcc dot gnu.org
Reporter: wentaoz5 at illinois dot edu
Target Milestone: ---
Hit the issue when measuring:
https://sources.debian.org/src/mawk/1.3.4.20200120-3.1/rexp2.c#L179
The original report says:
2370: 178: if (m->s_type == M_STR && (m + 1)->s_type == M_ACCEPT) {
branch 0 taken 549 (fallthrough)
branch 1 taken 1821
branch 2 taken 335 (fallthrough)
branch 3 taken 214
condition outcomes covered 4/4
2370: 179: return str_str(s, len, m->s_data.str, (size_t)
m->s_len) != (char *) 0;
call 0 returned 335
The "then" clause at line 179 is reported to have executed 2370 times which
contradicts the branch coverage report.
How to reproduce with a small example:
$ gcc --version | head -1
gcc (GCC) 16.0.0 20250907 (experimental)
$ cat > test.c << 'EOF'
int foo(int *p) { return 0; }
int bar(int a) {
int t;
int *p = &t;
if (a)
return 1;
return 2;
foo(p);
}
int main() {
for (int i = 0; i < 10; i++)
bar(i % 2);
}
EOF
$ rm -f *.gcda *.gcno *.gcov && gcc --coverage test.c -o test && ./test && \
gcov test && grep -A7 'int bar' test.c.gcov
10: 3:int bar(int a) {
-: 4: int t;
10: 5: int *p = &t;
10: 6: if (a)
10: 7: return 1;
5: 8: return 2;
-: 9: foo(p);
-: 10:}
Line 7 is executed 5 times (10 - 5) but is wrongly reported to have
executed 10 times.
