bugprone-signal-handler¶
Finds specific constructs in signal handler functions that can cause undefined behavior. The rules for what is allowed differ between C++ language versions.
Checked signal handler rules for C:
- Calls to non-asynchronous-safe functions are not allowed. 
Checked signal handler rules for up to and including C++14:
- Calls to non-asynchronous-safe functions are not allowed. 
- C++-specific code constructs are not allowed in signal handlers. In other words, only the common subset of C and C++ is allowed to be used. 
- Calls to functions with non-C linkage are not allowed (including the signal handler itself). 
The check is disabled on C++17 and later.
Asynchronous-safety is determined by comparing the function’s name against a set of known functions. In addition, the function must come from a system header include and in a global namespace. The (possible) arguments passed to the function are not checked. Any function that cannot be determined to be asynchronous-safe is assumed to be non-asynchronous-safe by the check, including user functions for which only the declaration is visible. Calls to user-defined functions with visible definitions are checked recursively.
This check implements the CERT C Coding Standard rule
SIG30-C. Call only asynchronous-safe functions within signal handlers
and the rule
MSC54-CPP. A signal handler must be a plain old function.
It has the alias names cert-sig30-c and cert-msc54-cpp.
Options¶
- AsyncSafeFunctionSet¶
- Selects which set of functions is considered as asynchronous-safe (and therefore allowed in signal handlers). It can be set to the following values: - minimal
- Selects a minimal set that is defined in the CERT SIG30-C rule. and includes functions - abort(),- _Exit(),- quick_exit()and- signal().
- POSIX
- Selects a larger set of functions that is listed in POSIX.1-2017 (see this link for more information). The following functions are included: - _Exit,- _exit,- abort,- accept,- access,- aio_error,- aio_return,- aio_suspend,- alarm,- bind,- cfgetispeed,- cfgetospeed,- cfsetispeed,- cfsetospeed,- chdir,- chmod,- chown,- clock_gettime,- close,- connect,- creat,- dup,- dup2,- execl,- execle,- execv,- execve,- faccessat,- fchdir,- fchmod,- fchmodat,- fchown,- fchownat,- fcntl,- fdatasync,- fexecve,- ffs,- fork,- fstat,- fstatat,- fsync,- ftruncate,- futimens,- getegid,- geteuid,- getgid,- getgroups,- getpeername,- getpgrp,- getpid,- getppid,- getsockname,- getsockopt,- getuid,- htonl,- htons,- kill,- link,- linkat,- listen,- longjmp,- lseek,- lstat,- memccpy,- memchr,- memcmp,- memcpy,- memmove,- memset,- mkdir,- mkdirat,- mkfifo,- mkfifoat,- mknod,- mknodat,- ntohl,- ntohs,- open,- openat,- pause,- pipe,- poll,- posix_trace_event,- pselect,- pthread_kill,- pthread_self,- pthread_sigmask,- quick_exit,- raise,- read,- readlink,- readlinkat,- recv,- recvfrom,- recvmsg,- rename,- renameat,- rmdir,- select,- sem_post,- send,- sendmsg,- sendto,- setgid,- setpgid,- setsid,- setsockopt,- setuid,- shutdown,- sigaction,- sigaddset,- sigdelset,- sigemptyset,- sigfillset,- sigismember,- siglongjmp,- signal,- sigpause,- sigpending,- sigprocmask,- sigqueue,- sigset,- sigsuspend,- sleep,- sockatmark,- socket,- socketpair,- stat,- stpcpy,- stpncpy,- strcat,- strchr,- strcmp,- strcpy,- strcspn,- strlen,- strncat,- strncmp,- strncpy,- strnlen,- strpbrk,- strrchr,- strspn,- strstr,- strtok_r,- symlink,- symlinkat,- tcdrain,- tcflow,- tcflush,- tcgetattr,- tcgetpgrp,- tcsendbreak,- tcsetattr,- tcsetpgrp,- time,- timer_getoverrun,- timer_gettime,- timer_settime,- times,- umask,- uname,- unlink,- unlinkat,- utime,- utimensat,- utimes,- wait,- waitpid,- wcpcpy,- wcpncpy,- wcscat,- wcschr,- wcscmp,- wcscpy,- wcscspn,- wcslen,- wcsncat,- wcsncmp,- wcsncpy,- wcsnlen,- wcspbrk,- wcsrchr,- wcsspn,- wcsstr,- wcstok,- wmemchr,- wmemcmp,- wmemcpy,- wmemmove,- wmemset,- write- The function - quick_exitis not included in the POSIX list but it is included here in the set of safe functions.
 - The default value is - POSIX.