The testing scenario is a ping to come IP and ctr+C are called from a script alternatively.
Seems like when the signal handler invoked, the ping was inside the malloc. The signal handler also called the malloc and the malloc returned with the warning below. in malloc(): warning: recursive call
But still I could not find how it can cause a crash, could somebody please explain
Ah, the dreaded signal handler using non-reentrant functions issue.
The problem is that the *BSD ping
's feature-adding-maintainers punted on doing things securely right from the beginning.
FreeBSD added this problem in 1994, noticed it in 1996 and began what should have been a much shorter path to fix the problem than it turned out to be, with the final fix sometime in 1998.
OpenBSD added this problem in 1997, noticed it in 2002 but completely missed the nature of the problem and didn't fix it properly and completely until 2015.
NetBSD added this problem in 1996 but, as you've discovered, it has not yet been fixed. NetBSD should probably import the OpenBSD ping.
The problem is neither malloc()
nor any of STDIO (including printf()
) are reentrant, a necessity of all code that is used in a signal handler.
There are dozens of better places to find descriptions of reentrancy, signal handler issues, and so on, but perhaps this question and its accepted answer (and some of the related questions) would be a good start: