As seen in issue #2860, there are some situations where a watchdog could
trigger during the debug signal handler, and where similarly the debug
signal handler may trigger during the wdt handler. This is really bad
because it could trigger some deadlocks inside inner libc code such as
dladdr() or backtrace() since the code will not protect against re-
entrance but only against concurrent accesses.
A first attempt was made using ha_sigmask() but that's not always very
convenient because the second handler is called immediately after
unblocking the signal and before returning, leaving signal cascades in
backtrace. Instead, let's mark which signals to block at registration
time. Here we're blocking wdt/dbg for both signals, and optionally
SIGRTMAX if DEBUG_DEV is used as that one may also be used in this case.
This should be backported at least to 3.1.
(cherry picked from commit
ebf1757dc26572578492d421e9905707b5e0ca7d)
Signed-off-by: Willy Tarreau <w@1wt.eu>
sa.sa_handler = NULL;
sa.sa_sigaction = debug_handler;
sigemptyset(&sa.sa_mask);
+#ifdef WDTSIG
+ sigaddset(&sa.sa_mask, WDTSIG);
+#endif
+ sigaddset(&sa.sa_mask, DEBUGSIG);
+#if defined(DEBUG_DEV)
+ sigaddset(&sa.sa_mask, SIGRTMAX);
+#endif
sa.sa_flags = SA_SIGINFO;
sigaction(DEBUGSIG, &sa, NULL);
sa.sa_handler = NULL;
sa.sa_sigaction = wdt_handler;
sigemptyset(&sa.sa_mask);
+ sigaddset(&sa.sa_mask, WDTSIG);
+#ifdef DEBUGSIG
+ sigaddset(&sa.sa_mask, DEBUGSIG);
+#endif
+#if defined(DEBUG_DEV)
+ sigaddset(&sa.sa_mask, SIGRTMAX);
+#endif
sa.sa_flags = SA_SIGINFO;
sigaction(WDTSIG, &sa, NULL);
return ERR_NONE;
projects / haproxy-3.1.git / commitdiff