<html>

    <head>

      <base href="https://llvm.org/bugs/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW --- - mcount inlining bug when -pg and -O2 enabled"

   href="https://llvm.org/bugs/show_bug.cgi?id=28660">28660</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>mcount inlining bug when -pg and -O2 enabled

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>LLVM Codegen

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>hong.gyu.kim@lge.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>Unclassified

          </td>

        </tr></table>

      <p>

        <div>

        <pre>See the simple example below.

$ cat mcount-test.c

int bar()

{

  return 0;

}

int foo()

{

  return bar();

}

int main()

{

  return foo();

}

If the example is compiled with -pg and -O2 options. It generates the code as

below:

$ clang -pg -O2 -S mcount-test.c

$ cat mcount-test.s

(shows assembly code only ...)

bar:

        pushq   %rbp

        movq    %rsp, %rbp

        callq   mcount

        xorl    %eax, %eax

        popq    %rbp

        retq

foo:

        pushq   %rbp

        movq    %rsp, %rbp

        callq   mcount

        callq   mcount       @ (1) calling bar is inlined with mcount

        xorl    %eax, %eax

        popq    %rbp

        retq

main:

        pushq   %rbp

        movq    %rsp, %rbp

        callq   mcount

        callq   mcount       @ (2) calling foo is inlined with mcount

        callq   mcount       @ (3) calling bar is inlined with mcount

        xorl    %eax, %eax

        popq    %rbp

        retq

As I put some comments, the problem is that function inlining is done with

mcount call.

bar() has a single mcount at the entry of function, but foo() has two mcount

calls. It's because bar is inlined with its mcount call into foo's body.  And

also main() has three mcount calls because the foo() is inlined its own mcount

and its body that has two mcount calls inside.

This is tested on the current trunk.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>