Fix return address hijack in probing loop (#28119)

When return address hijacking occurs when the target thread is running
in the stack probing loop in a method with large frame, the unwinder cannot
unwind to the caller frame correctly. That results in a wrong stack slot
being patched by the modified return address, leading to corruption of
locals of the method being executed.

This change fixes the problem by not attempting to hijack a method that's
running in prolog.

Author: janvorli

src/vm/threadsuspend.cpp

@@ -6727,6 +6727,17 @@ void HandleGCSuspensionForInterruptedThread(CONTEXT *interruptedContext)
 
         BOOL unused;
 
+#if defined(FEATURE_PAL) && (defined(_TARGET_AMD64_) || defined(_TARGET_X86_))
+        // Stack probing loop that JIT generates in prolog on x64 / x86 Unix for methods with
+        // large frame is not unwindable, so it is not possible to get the return address location
+        // for hijacking.
+        // This is a hotfix for release/3.1 only.
+        if (IsIPInProlog(&codeInfo) && codeInfo.GetFixedStackSize() >= 0x3000)
+        {
+            return;
+        }
+#endif // _TARGET_UNIX_ && (TARGET_AMD64 || TARGET_X86)
+
         if (IsIPInEpilog(interruptedContext, &codeInfo, &unused))
             return;