From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mark@klomp.org>
Received: from gnu.wildebeest.org (wildebeest.demon.nl [212.238.236.112])
 by sourceware.org (Postfix) with ESMTPS id A49053851C16
 for <bzip2-devel@sourceware.org>; Sat, 23 May 2020 16:35:37 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org A49053851C16
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=klomp.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=mark@klomp.org
Received: from tarox.wildebeest.org (tarox.wildebeest.org [172.31.17.39])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by gnu.wildebeest.org (Postfix) with ESMTPSA id 6FD09300074D;
 Sat, 23 May 2020 18:35:36 +0200 (CEST)
Received: by tarox.wildebeest.org (Postfix, from userid 1000)
 id 42F7D413CC9A; Sat, 23 May 2020 18:35:36 +0200 (CEST)
Message-ID: <f3da210edb01a9b226e9c4122218a7728adb7078.camel@klomp.org>
Subject: Re: [PATCH] Don't call unsafe functions from SIGSEGV/SIGBUS signal
 handler.
From: Mark Wielaard <mark@klomp.org>
To: bzip2-devel@sourceware.org
Cc: David Malcolm <dmalcolm@redhat.com>
Date: Sat, 23 May 2020 18:35:36 +0200
In-Reply-To: <20200517190939.29003-1-mark@klomp.org>
References: <20200517190939.29003-1-mark@klomp.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Evolution 3.28.5 (3.28.5-8.el7) 
Mime-Version: 1.0
X-Spam-Status: No, score=-8.3 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL,
 KAM_DMARC_STATUS, KAM_SHORT, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: bzip2-devel@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Bzip2-devel mailing list <bzip2-devel.sourceware.org>
List-Unsubscribe: <http://sourceware.org/mailman/options/bzip2-devel>,
 <mailto:bzip2-devel-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/bzip2-devel/>
List-Help: <mailto:bzip2-devel-request@sourceware.org?subject=help>
List-Subscribe: <http://sourceware.org/mailman/listinfo/bzip2-devel>,
 <mailto:bzip2-devel-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Sat, 23 May 2020 16:35:39 -0000

Hi,

On Sun, 2020-05-17 at 21:09 +0200, Mark Wielaard wrote:
> GCC10 -fanalyzer notices that we try to call functions that are not
> signal safe from our fatal signal handler:
>=20
> bzip2.c: In function =E2=80=98mySIGSEGVorSIGBUScatcher=E2=80=99:
> bzip2.c:819:7: warning: call to =E2=80=98fprintf=E2=80=99 from within sig=
nal handler
>                [CWE-479] [-Wanalyzer-unsafe-call-within-signal-
> handler]
>=20
> It also notices we then call showFileNames and cleanupAndFail which
> also call possibly not signal safe functions.
>=20
> Just write out the error message directly to STDERR and exit without
> trying to clean up any files.

I pushed this to master now.

Note GCC11 will also warn about the previous usage of exit() (which is
also not signal safe and was replaced with _exit() in this patch):
https://gcc.gnu.org/pipermail/gcc-patches/2020-May/546189.html

Cheers,

Mark