va_copy() problem

[Johannes Hofmann]

Hello,

I see crashes with a string handling library on DragonFly.
The problem can be reduced to the test program below. It crashes on
DragonFly when compiled with "gcc -O2 -o foo foo.c". Without -O2 it 
runs fine. No problems on Linux with or without -O2.
Can anyone spot the problem? I think its related to the use of
va_copy().

Thanks,
Johannes


#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdarg.h>

struct string {
	char *str;
	int size;
	int len;
};

void
string_resize(struct string *s, int n) {
	if (n > 0 && n > s->size) {
		if (!s->str) {
			s->str = malloc(n);
			s->str[0] = '\0';
		} else {
			s->str = realloc(s->str, n);
		}

		s->size = n;
	}
}

void
string_printfa(struct string *s, char *format, ...) {
	va_list va, va1;
	int n;

	va_start(va, format);

	for (;;) {
		va_copy(va1, va);
		n = vsnprintf(s->str + s->len, s->size - s->len, format, va);
		va_end(va1);

		if (n < s->size - s->len) {
			s->len += n;
			break;
		}

		string_resize(s, s->len + n + 1);
	}

	va_end(va);
}

int main(int argc, char **argv) {
	struct string s = {NULL, 0, 0};

	string_resize(&s, 1);
	string_printfa(&s, "%s %s ", "foo", "bar");
	string_printfa(&s, "%s %s ", "foo", "bar");
	printf("%s\n", s.str);

	return 0;
}