The following reply was made to PR toolchain/34497; it has been noted by GNATS.

From: "Valeriy E. Ushakov" <uwe@ptc.spbu.ru>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: toolchain/34497
Date: Sun, 3 Dec 2006 04:05:24 +0300

 sys/arch/i386/include/profile.h defines __mcount trampoline as a C
 function that calls real _mcount in common/lib/libc/gmon/mcount.c
 
 The __mcount trampoline as a C function trick used to work before, b/c
 we emit call __mcount right after function prologue and the code in
 prologue used to be simple one that only touched well known
 callee-saved regs.
 
 gcc4 is more smart and agressive.  Compare ix86_expand_prologue in
 gnu/dist/gcc{,4}/gcc/config/i386/i386.c - the gcc4 version now
 performs the force_align_arg_pointer dance in prologue and code
 generator ends up using %ecx for that (caller saved).  That
 profile_function() in final.c emits call to FUNCTION_PROFILER, but it
 has no clue as to what side effects does that have.  Than when gcc
 proceeds compiling the function body, i guess that it notices that
 %ecx should already contain the address it needs and so uses %ecx.
 
 To fix that we should rewrite __mcount trampoline in assembler and
 save the caller-saved registers just to be on the safe side.
 
 We should also pull that to maintained branches so that gcc4 (from
 pkgsrc) could be used with -pg there.
 
 -uwe