[Bug middle-end/101996] New: libatomic: RISC-V 64: Infinite recursion in __atomic_compare_exchange_1

Fri, 20 Aug 2021 05:50:35 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101996

            Bug ID: 101996
           Summary: libatomic: RISC-V 64: Infinite recursion in
                    __atomic_compare_exchange_1
           Product: gcc
           Version: 10.3.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: middle-end
          Assignee: unassigned at gcc dot gnu.org
          Reporter: bqq3z3afgj at bcco4 dot anonbox.net
  Target Milestone: ---

On Alpine Linux Edge, we noticed a stack overflow in
__atomic_compare_exchange_1 in libatomic.so. The generated RV64
assembler for the __atomic_compare_exchange_1 symbol looks as follows:

        0000000000001e40 <__atomic_compare_exchange_1@plt>:
            1e40:       00003e17                auipc   t3,0x3
            1e44:       2a0e3e03                ld      t3,672(t3) # 50e0
<__atomic_compare_exchange_1+0x2312>
            1e48:       000e0367                jalr    t1,t3
            1e4c:       00000013                nop

        0000000000002dce <__atomic_compare_exchange_1>:
            2dce:       1141                    addi    sp,sp,-16
            2dd0:       4701                    li      a4,0
            2dd2:       4695                    li      a3,5
            2dd4:       e406                    sd      ra,8(sp)
            2dd6:       86aff0ef                jal     ra,1e40
<__atomic_compare_exchange_1@plt>
            2dda:       60a2                    ld      ra,8(sp)
            2ddc:       0141                    addi    sp,sp,16
            2dde:       8082                    ret

It seems to me that __atomic_compare_exchange_1 calls itself recursively
via __atomic_compare_exchange_1@plt each time adding a new stackframe in
2dce, 2ddc (which pops the stack frame) is never reached due to the
recursive invocation in 2dd6. Thus ultimatly causing a stack overflow.

One theory on the #gcc IRC was that riscv claims to have atomic_*
builtins but ends up not generating them thus causing the infinite
recursion.

        $ gcc -v
        Using built-in specs.
        COLLECT_GCC=gcc
       
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/riscv64-alpine-linux-musl/10.3.1/lto-wrapper
        Target: riscv64-alpine-linux-musl
        Configured with:
/home/buildozer/aports-dev/main/gcc/src/gcc-10.3.1_git20210625/configure
--prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info
--build=riscv64-alpine-linux-musl --host=riscv64-alpine-linux-musl
--target=riscv64-alpine-linux-musl --with-pkgversion='Alpine
10.3.1_git20210625' --enable-checking=release --disable-fixed-point
--disable-libstdcxx-pch --disable-multilib --disable-nls --disable-werror
--disable-symvers --enable-__cxa_atexit --enable-default-pie
--enable-default-ssp --enable-cloog-backend
--enable-languages=c,c++,objc,go,fortran --with-arch=rv64gc --with-abi=lp64d
--enable-autolink-libatomic --disable-libquadmath --disable-libssp
--disable-libmpx --disable-libmudflap --disable-libsanitizer --enable-shared
--enable-threads --enable-tls --disable-libitm --with-system-zlib
--with-linker-hash-style=gnu
        Thread model: posix
        Supported LTO compression algorithms: zlib
        gcc version 10.3.1 20210625 (Alpine 10.3.1_git20210625)

Downstream bug report:
https://gitlab.alpinelinux.org/alpine/aports/-/issues/12817

Reply via email to