Possible segfault when a new domain is signalled before it can initialize the domain_state

[abbysmal]

There is a potential issue where a domain (create through Domain.spawn) can receive a signal before it can reach its main entrypoint and initialize its thread local data. (namely, Caml_state)

Such signal would cause the thread to enter caml_record_signal and then run caml_interrupt_self, which would try to access the domain_state data and produce a segfault.

One possible solution would be to mask signals going in pthread_create, and re-establish the mask on the parent thread once the call is done.
The child would need to re-establish the previous mask as well once it is correctly initialized. We can also specify that the child does not inherit the parent's thread mask and skip the last step.

This issue likely also affects systhreads: they do not have a proper access to domain_state data until they reach their main entrypoint. We also need to fix Thread.create in the same way.

[xavierleroy]

Could it be that thread-local data reads as NULL in a newly-created thread, until explicitly set by the thread? (IIRC that's how it works in POSIX threads.) In this case, you could just harden caml_record_signal and have it do nothing if there is no domain state...

[abbysmal]

This is an option, but @sadiqj and I were thinking that the idea of potentially throwing away signals was not optimal.

With the described approach, we are less likely to would not lose signals?
(because while the calling domain and resulting thread would block everything, another domain would still be able to record the said signals, assuming it does not block them explicitly.)