When profiling a 64bit binary compiled from the following source, the resulting binary crashes in strdup() / strlen(), gcc's 64bit x86 profiling code corrupts the contents of the %rcx / %rdx register. % /tmp/gcc4/bin/gcc --version gcc (GCC) 4.5.0 20100401 (experimental) % cat test.c #include <stdio.h> #include <stdlib.h> #include <string.h> void func(char *a, char *b, char *c) { strdup(a); strdup(b); strdup(c); } int main(int argc, char **argv) { func("a", "b", "c"); exit(0); } % /tmp/gcc4/bin/gcc -m64 -pg -o test test.c % file test test: ELF 64-bit LSB executable AMD64 Version 1, dynamically linked, not stripped % ./test Memory fault(coredump) % pstack core core 'core' of 19120: ./test fffffd7fff23fb94 strlen () + 14 000000000040184c func () + 44 000000000040187d main () + 2f 0000000000401138 _start () + 98 gmon-sol2.c: 260 "\tmovq\t%rax,(%rsp)\n" 261 "\tmovq\t%rcx,0x08(%rsp)\n" 262 "\tmovq\t%rdx,0x10(%rsp)\n" ... 277 "\tmovq\t0x10(%rsp),%rdx\n" 278 "\tmovq\t0x08(%rsp),%rdx\n" <<<<<<<<<<<<<< 279 "\tmovq\t(%rsp),%rax\n" Line 278 must restore to %rcx !
Created attachment 20306 [details] SUggested fix This patch should fix the problem. % /tmp/gcc4/bin/gcc -m64 -pg -o test test.c % ./test % gprof -b test gmon.out granularity: each sample hit covers 4 byte(s) no time propagated called/total parents index %time self descendents called+self name index called/total children 0.00 0.00 1/1 main [2] [1] 0.0 0.00 0.00 1 func [1] ----------------------------------------------- 0.00 0.00 1/1 _start [16] [2] 0.0 0.00 0.00 1 main [2] 0.00 0.00 1/1 func [1] ----------------------------------------------- granularity: each sample hit covers 4 byte(s) no time accumulated % cumulative self self total time seconds seconds calls ms/call ms/call name 0.0 0.00 0.00 1 0.00 0.00 func [1] 0.0 0.00 0.00 1 0.00 0.00 main [2] Index by function name [1] func [2] main Object modules 1: test
Confirmed.
Mine.
Subject: Bug 43643 Author: ro Date: Thu Apr 8 14:48:46 2010 New Revision: 158130 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=158130 Log: gcc: PR target/43643 * config/i386/gmon-sol2.c [__x86_64__]: Properly restore %rcx. gcc/testsuite: PR target/43643 * gcc.dg/pr43643.c: New test. Added: trunk/gcc/testsuite/gcc.dg/pr43643.c Modified: trunk/gcc/ChangeLog trunk/gcc/config/i386/gmon-sol2.c trunk/gcc/testsuite/ChangeLog
Subject: Bug 43643 Author: ro Date: Thu Apr 8 14:50:56 2010 New Revision: 158131 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=158131 Log: gcc: PR target/43643 * config/i386/gmon-sol2.c [__x86_64__]: Properly restore %rcx. gcc/testsuite: PR target/43643 * gcc.dg/pr43643.c: New test. Added: branches/gcc-4_5-branch/gcc/testsuite/gcc.dg/pr43643.c Modified: branches/gcc-4_5-branch/gcc/ChangeLog branches/gcc-4_5-branch/gcc/config/i386/gmon-sol2.c branches/gcc-4_5-branch/gcc/testsuite/ChangeLog
Subject: Bug 43643 Author: ro Date: Thu Apr 8 15:09:17 2010 New Revision: 158133 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=158133 Log: gcc: PR target/43643 * config/i386/gmon-sol2.c [__x86_64__]: Properly restore %rcx. gcc/testsuite: PR target/43643 * gcc.dg/pr43643.c: New test. gcc: Backport from mainline: 2010-03-22 Rainer Orth <ro@CeBiTec.Uni-Bielefeld.DE> PR target/38085 * config/i386/i386.c (x86_function_profiler) [!NO_PROFILE_COUNTERS]: Fix typo. * config/i386/gmon-sol2.c (_mcleanup) [__x86_64__]: Use call instead of callq. libgcc: Backport from mainline: 2010-03-22 Rainer Orth <ro@CeBiTec.Uni-Bielefeld.DE> PR target/38085 * config/i386/t-sol2 ($(T)gmon.o): Use CFLAGS instead of MULTILIB_CFLAGS. ($(T)gcrt1.o): Likewise. ($(T)crt1.o): Likewise. ($(T)crti.o): Likewise. ($(T)crtn.o): Likewise. Added: branches/gcc-4_4-branch/gcc/testsuite/gcc.dg/pr43643.c Modified: branches/gcc-4_4-branch/gcc/ChangeLog branches/gcc-4_4-branch/gcc/config/i386/gmon-sol2.c branches/gcc-4_4-branch/gcc/config/i386/i386.c branches/gcc-4_4-branch/gcc/testsuite/ChangeLog branches/gcc-4_4-branch/libgcc/ChangeLog branches/gcc-4_4-branch/libgcc/config/i386/t-sol2
Fixed for 4.4.4, 4.5.0, 4.6.0.