[Bug gcov-profile/82614] GCOV crashes while parsing gcda file

marxin at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Tue Nov 7 11:51:00 GMT 2017


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82614

--- Comment #12 from Martin Liška <marxin at gcc dot gnu.org> ---
So problem is quite simple, there's a branch counter that has negative value:

$ ./gcov-dump  -l Unified_cpp_js_src31.gcda
...
Unified_cpp_js_src31.gcda:  01000000:   3:FUNCTION ident=642196265,
lineno_checksum=0xca05d7bd, cfg_checksum=0xa9867a71
Unified_cpp_js_src31.gcda:    01a10000:  46:COUNTERS arcs 23 counts
Unified_cpp_js_src31.gcda:                   0: 37 37 37 0 0 0 0 0 
Unified_cpp_js_src31.gcda:                   8: 0 0 0 0 0 0 0 0 
Unified_cpp_js_src31.gcda:                  16: 7650095318414917635
-5852759779117600487 128876347392 0 0 0 0 

Which is very suspicious. I points to following function:
https://github.com/servo/mozjs/blob/master/mozjs/js/src/jsweakmap.h#L153

Note that first arcs counter has value 37, which should be number of execution
of entry basic block. Thus counters at offset 16, 17, 18 look somehow skewed.
Note that these counters at very end of *.gcda file and thus maybe somehow
corrupted.

We can obviously add some validation of such numbers, but it would be more
interesting to find where these numbers come from.


More information about the Gcc-bugs mailing list