c628123952
inlining resulted in constant propagation to the extend that cmpval was known to the compiler to be URWLOCK_WRITE_OWNER (= 0x80000000U). Unfortunately, instead of zero-extending the unsigned constant, it was sign-extended. As such, the cmpxchg instruction was comparing 0x0000000080000000LU to 0xffffffff80000000LU and obviously didn't perform the exchange. But, since the value returned by cmpxhg equalled cmpval (when zero- extended), the _thr_rtld_lock_release() function thought the exchange did happen and as such returned as if having released the lock. This was not the case. Subsequent locking requests found rw_state non-zero and the thread in question entered the kernel and block indefinitely. The work-around is to zero-extend by casting to uint64_t.