User account creation filtered due to spam.

Bug 21810 - -pg causes libexpat code to crash
Summary: -pg causes libexpat code to crash
Status: RESOLVED INVALID
Alias: None
Product: gcc
Classification: Unclassified
Component: gcov-profile (show other bugs)
Version: 3.4.2
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: wrong-code
Depends on:
Blocks:
 
Reported: 2005-05-29 23:34 UTC by Oliver Stoeneberg
Modified: 2005-07-23 22:49 UTC (History)
1 user (show)

See Also:
Host:
Target: i686-pc-mingw32
Build:
Known to work:
Known to fail:
Last reconfirmed:


Attachments
isolated source from MAME 0.96u3 (95.88 KB, application/x-zip-compressed)
2005-05-29 23:54 UTC, Oliver Stoeneberg
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Stoeneberg 2005-05-29 23:34:55 UTC
When you compile a program with "-pg" against libexpat 1.95.8 and you call
XML_ParserCreate() it does crash. this is not happening, if you don't add "-pg".

The source I used was distributed with the official MAME source code package
(http://www.mame.net/downmain.html - win32 sourcecode, but the related source
should be platform-independent). The easiest way to test it, is just to compile
the "xml2info" tool, that part is of MAME, add "-pg" to compiler and linkers
flags and run it, it will crash immediately.

Here is the backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x0040e456 in poolInit (pool=0x40e44d, ms=0x0) at src/expat/xmlparse.c:5874
5874      pool->blocks = NULL;
(gdb) bt
#0  0x0040e456 in poolInit (pool=0x40e44d, ms=0x0) at src/expat/xmlparse.c:5874
#1  0x0040d339 in dtdCreate (ms=0x3f2554) at src/expat/xmlparse.c:5428
#2  0x00403193 in parserCreate (encodingName=0x0, memsuite=0x0, nameSep=0x0,
    dtd=0x0) at src/expat/xmlparse.c:737
#3  0x00402fb7 in XML_ParserCreate_MM (encodingName=0x0, memsuite=0x0,
    nameSep=0x0) at src/expat/xmlparse.c:671
#4  0x00402f4b in XML_ParserCreate (encodingName=0x0)
    at src/expat/xmlparse.c:648
#5  0x00402b7c in process (is=0x7803a690, os=0x7803a6b0) at src/xml2info.c:766
#6  0x00402efe in main (argc=1, argv=0x3f24c8) at src/xml2info.c:835

My GCC version:

Reading specs from C:/MINGW/BIN/../lib/gcc/mingw32/3.4.2/specs
Configured with: ../gcc/configure --with-gcc --with-gnu-ld --with-gnu-as --host=
mingw32 --target=mingw32 --prefix=/mingw --enable-threads --disable-nls --enable
-languages=c,c++,f77,ada,objc,java --disable-win32-registry --disable-shared --e
nable-sjlj-exceptions --enable-libgcj --disable-java-awt --without-x --enable-ja
va-gc=boehm --disable-libgcj-debug --enable-interpreter --enable-hash-synchroniz
ation --enable-libstdcxx-debug
Thread model: win32
gcc version 3.4.2 (mingw-special)
Comment 1 Andrew Pinski 2005-05-29 23:41:11 UTC
Are you sure that this is not a newlib/cygwin bug?
Comment 2 Andrew Pinski 2005-05-29 23:41:34 UTC
Also do you have a simple testcase?
Comment 3 Oliver Stoeneberg 2005-05-29 23:52:53 UTC
I attached a stripped down version of the source. You have to call "make
maketree" and then "make xml2info.exe". The resulting executable with the
backtrace seen in the initial post.
Comment 4 Oliver Stoeneberg 2005-05-29 23:54:01 UTC
Created attachment 8988 [details]
isolated source from MAME 0.96u3

call "make maketree" and then "make xml2info.exe"
Comment 5 Andrew Pinski 2005-05-29 23:57:18 UTC
Hmm, I want to say this is a bug dealing with FASTCALL.
Comment 6 Andrew Pinski 2005-05-30 00:00:10 UTC
Could you try this testcase with -pg on cygwin?
typedef struct STRING_POOL
{
  int a;
} STRING_POOL;
typedef struct XML_Memory_Handling_Suite
{
  int t;
} XML_Memory_Handling_Suite;
#define FASTCALL __attribute__((stdcall, regparm(3)))
static void FASTCALL
poolInit(STRING_POOL *pool, const XML_Memory_Handling_Suite *ms)
{
  pool->a = 1;
}

int main(void)
{
  STRING_POOL a;
  XML_Memory_Handling_Suite d;
  poolInit(&a, &d);
}
Comment 7 Andrew Pinski 2005-05-30 00:01:26 UTC
I mean mingw32.
Comment 8 Oliver Stoeneberg 2005-05-30 00:03:05 UTC
With -pg:

Program received signal SIGSEGV, Segmentation fault.
0x00401329 in poolInit@8 ()
(gdb) bt
#0  0x00401329 in poolInit@8 ()
#1  0x00401375 in main ()

Without -pg:

Program exited with code 010577614
Comment 9 Andrew Pinski 2005-05-30 00:04:41 UTC
(In reply to comment #8)
> With -pg:

This works on i686-pc-linux-gnu.

Hopefully someone will look into this then, this is a target problem.
Comment 10 Oliver Stoeneberg 2005-05-30 00:05:46 UTC
Maybe you should add Danny Smith to the CC list.
Comment 11 Danny Smith 2005-05-30 02:55:21 UTC
Hello, this is a mingw runtime bug.  The mingw version of mcount does not take 
enough care with saving call-clobbered registers.  Please close this bug and 
submit to mingw.org. 

Danny
Comment 12 Oliver Stoeneberg 2005-05-30 07:56:52 UTC
Filed a bug report on the MinGW project page:

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=21810
Comment 13 Andrew Pinski 2005-05-30 11:36:51 UTC
The correct URL for the bug at mingw is:
<https://sourceforge.net/tracker/index.php?
func=detail&aid=1211187&group_id=2435&atid=102435>