[UNIX] common_signal_handler calls non-async-signal-safe functions

[kbaladurin]

common_signal_handler calls non-async-signal-safe functions, for example posix_memalign and free are used to allocate and deallocate exception records. If the signal occurs in these function (for example due to heap corruption) heap will be in inconsistent state when we call them in signal handler.

For example if segmentation fault occurs in free we can get infinite recursion:

#0  common_signal_handler (code=11, siginfo=<optimized out>, sigcontext=0x45fec0, numParams=2) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:794
dotnet/coreclr#1  0xb09f047a in signal_handler_worker (code=-1073741819, siginfo=0x45fe40, context=0x100, returnPoint=0x45fc80) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:426
dotnet/coreclr#2  0xb0a18bb2 in CallSignalHandlerWrapper0 () from /Symbols/symbols/usr/share/dotnet/shared/Microsoft.NETCore.App/2.0.0/libclrjit.so
dotnet/coreclr#3  0xb61a6f18 in malloc_printerr (action=4587200, str=0xbe2132a8 "ķ'\266\344n\032\266", ptr=<optimized out>, ar_ptr=ar_ptr@entry=0xb627b7c4 <main_arena>) at /usr/src/debug/glibc-2.24/malloc/malloc.c:5139
dotnet/coreclr#4  0xb61a7eac in _int_free (av=0xb627b7c4 <main_arena>, p=0x171c6cc, have_lock=<optimized out>) at /usr/src/debug/glibc-2.24/malloc/malloc.c:3975
dotnet/coreclr#5  0xb09f0594 in FreeRecords (this=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/inc/pal.h:5832
dotnet/coreclr#6  ~PAL_SEHException (this=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/inc/pal.h:5875
dotnet/coreclr#7  common_signal_handler (code=<optimized out>, siginfo=<optimized out>, sigcontext=<optimized out>, numParams=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:847
dotnet/coreclr#8  0xb09f047a in signal_handler_worker (code=-1073741819, siginfo=0x45fe40, context=0x100, returnPoint=0x45fc80) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:426
dotnet/coreclr#9  0xb0a18bb2 in CallSignalHandlerWrapper0 () from /Symbols/symbols/usr/share/dotnet/shared/Microsoft.NETCore.App/2.0.0/libclrjit.so
dotnet/coreclr#10 0xb61a6f18 in malloc_printerr (action=4587200, str=0xbe2136c8 "ķ'\266\344n\032\266", ptr=<optimized out>, ar_ptr=ar_ptr@entry=0xb627b7c4 <main_arena>) at /usr/src/debug/glibc-2.24/malloc/malloc.c:5139
dotnet/coreclr#11 0xb61a7eac in _int_free (av=0xb627b7c4 <main_arena>, p=0x171c4dc, have_lock=<optimized out>) at /usr/src/debug/glibc-2.24/malloc/malloc.c:3975
dotnet/coreclr#12 0xb09f0594 in FreeRecords (this=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/inc/pal.h:5832
dotnet/coreclr#13 ~PAL_SEHException (this=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/inc/pal.h:5875
dotnet/coreclr#14 common_signal_handler (code=<optimized out>, siginfo=<optimized out>, sigcontext=<optimized out>, numParams=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:847
dotnet/coreclr#15 0xb09f047a in signal_handler_worker (code=-1073741819, siginfo=0x45fe40, context=0x100, returnPoint=0x45fc80) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:426
dotnet/coreclr#16 0xb0a18bb2 in CallSignalHandlerWrapper0 () from /Symbols/symbols/usr/share/dotnet/shared/Microsoft.NETCore.App/2.0.0/libclrjit.so
dotnet/coreclr#17 0xb61a6f18 in malloc_printerr (action=4587200, str=0xbe213ae8 "ķ'\266\344n\032\266", ptr=<optimized out>, ar_ptr=ar_ptr@entry=0xb627b7c4 <main_arena>) at /usr/src/debug/glibc-2.24/malloc/malloc.c:5139
dotnet/coreclr#18 0xb61a7eac in _int_free (av=0xb627b7c4 <main_arena>, p=0x171bf0c, have_lock=<optimized out>) at /usr/src/debug/glibc-2.24/malloc/malloc.c:3975
dotnet/coreclr#19 0xb09f0594 in FreeRecords (this=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/inc/pal.h:5832
dotnet/coreclr#20 ~PAL_SEHException (this=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/inc/pal.h:5875
dotnet/coreclr#21 common_signal_handler (code=<optimized out>, siginfo=<optimized out>, sigcontext=<optimized out>, numParams=<optimized out>) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:847
dotnet/coreclr#22 0xb09f047a in signal_handler_worker (code=-1073741819, siginfo=0x45fe40, context=0x100, returnPoint=0x45fc80) at /usr/src/debug/coreclr-2.0.0.12082/src/pal/src/exception/signal.cpp:426
dotnet/coreclr#23 0xb0a18bb2 in CallSignalHandlerWrapper0 () from /Symbols/symbols/usr/share/dotnet/shared/Microsoft.NETCore.App/2.0.0/libclrjit.so
...

Is it expected behavior?

Thank you!

[alpencolt]

cc @BruceForstall @jkotas @janvorli

[janvorli]

@kbaladurin the infinite loop is not due to calls to the non-safe functions. Any code that would trigger SIGSEGV from the SIGSEGV handler would have the same effect. But you are right that we should not be calling non-async-signal-safe functions in the code path above so we should fix that.