From f177663631c25d59643b4a75036586d90c6c25de Mon Sep 17 00:00:00 2001
From: David Lamparter <equinox@opensourcerouting.org>
Date: Fri, 26 Jul 2024 16:50:20 -0700
Subject: [PATCH] lib: do not log_memstats() in crash handler

`log_memstats()` is not AS-safe.  It can hang the crash handler (or set
your PC on fire, or cause the sun to go supernova - according to POSIX
specs, anyway.)

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
---
 lib/sigevent.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/lib/sigevent.c b/lib/sigevent.c
index 3e69f280da..7c465bfcec 100644
--- a/lib/sigevent.c
+++ b/lib/sigevent.c
@@ -237,8 +237,18 @@ core_handler(int signo, siginfo_t *siginfo, void *context)
 
 	zlog_signal(signo, "aborting...", siginfo, pc);
 
-	/* dump memory stats on core */
-	log_memstats(stderr, "core_handler");
+	/* there used to be a log_memstats() call here, to dump MTYPE counters
+	 * on a coredump.  This is not possible since log_memstats is not
+	 * AS-Safe, as it calls fopen(), fprintf(), and cousins.  This can
+	 * lead to a deadlock depending on where we crashed - very much not a
+	 * good thing if the process just hangs there after a crash.
+	 *
+	 * The alarm(1) above tries to alleviate this, but that's really a
+	 * last resort recovery.  Stick with AS-safe calls here.
+	 *
+	 * If the fprintf() calls are removed from log_memstats(), this can be
+	 * added back in, since writing to log with zlog_sigsafe() is AS-safe.
+	 */
 
 	/*
 	 * This is a buffer flush because FRR is going down