When gcc aligns stack on function entry, the argument pointer is saved
in a call-clobbered register (ecx). This causes trouble with '-pg', as
the call to 'mcount' is emitted after alignment:
000017ff <main>:
17ff: 8d 4c 24 04 lea ecx,[esp+0x4]
1803: 83 e4 f0 and esp,0xfffffff0
1806: ff 71 fc push DWORD PTR [ecx-0x4]
1809: 55 push ebp
180a: 89 e5 mov ebp,esp
180c: 56 push esi
180d: 53 push ebx
180e: 51 push ecx
180f: 83 ec 1c sub esp,0x1c
1812: ba e8 5e 01 00 mov edx,0x15ee8
1817: e8 44 3d 00 00 call 5560 <mcount>
181c: 89 cb mov ebx,ecx
...
This segfaults soon after as ecx contains garbage.
Now the question is, who is at fault: gcc or libc?
My first inclination is to say, gcc is emitting this in the wrong order.
On the other hand, 'mcount' could reasonably be expected to save all
registers. But I don't see this requirement documented anywhere.
I did find an old bug report complaining about the align/mcount order
(but for a different reason):
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42109
