https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95188
Bug ID: 95188 Summary: analyzer-unsafe-call-within-signal-handler shows wrong statement for signal registration event Product: gcc Version: 10.1.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: mark at gcc dot gnu.org Target Milestone: --- Reproducer: wget https://sourceware.org/ftp/bzip2/bzip2-1.0.8.tar.gz tar zxf bzip2-1.0.8.tar.gz cd bzip2-1.0.8/ gcc -g -O2 -fanalyzer -c bzip2.c In function ‘showFileNames.part.0’: bzip2.c:677:4: warning: call to ‘fprintf’ from within signal handler [CWE-479] [-Wanalyzer-unsafe-call-within-signal-handler] 677 | fprintf ( | ^~~~~~~~~ 678 | stderr, | ~~~~~~~ 679 | "\tInput file = %s, output file = %s\n", | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 680 | inName, outName | ~~~~~~~~~~~~~~~ 681 | ); | ~ ‘main’: events 1-2 | | 1776 | IntNative main ( IntNative argc, Char *argv[] ) | | ^~~~ | | | | | (1) entry to ‘main’ |...... | 1792 | smallMode = False; | | ~~~~~~~~~ | | | | | (2) registering ‘mySIGSEGVorSIGBUScatcher’ as signal handler | event 3 | |cc1: | (3): later on, when the signal is delivered to the process | +--> ‘mySIGSEGVorSIGBUScatcher’: events 4-5 | | 676 | if (noisy) | | ~ | | | | | (5) following ‘true’ branch... |...... | 816 | void mySIGSEGVorSIGBUScatcher ( IntNative n ) | | ^~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (4) entry to ‘mySIGSEGVorSIGBUScatcher’ | ‘mySIGSEGVorSIGBUScatcher’: event 6 | |cc1: | (6): ...to here | ‘mySIGSEGVorSIGBUScatcher’: event 7 | |cc1: | (7): calling ‘showFileNames.part.0’ from ‘mySIGSEGVorSIGBUScatcher’ | +--> ‘showFileNames.part.0’: events 8-9 | | 674 | void showFileNames ( void ) | | ^~~~~~~~~~~~~ | | | | | (8) entry to ‘showFileNames.part.0’ |...... | 677 | fprintf ( | | ~~~~~~~~~ | | | | | (9) call to ‘fprintf’ from within signal handler | 678 | stderr, | | ~~~~~~~ | 679 | "\tInput file = %s, output file = %s\n", | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | 680 | inName, outName | | ~~~~~~~~~~~~~~~ | 681 | ); | | ~ | Note that the signal handler registration points to the wrong instruction: | 1792 | smallMode = False; | | ~~~~~~~~~ | | | | | (2) registering ‘mySIGSEGVorSIGBUScatcher’ as signal handler A workaround is to add -fanalyzer-fine-grained, then it does show to correct signal registration event: | 1808 | signal (SIGSEGV, mySIGSEGVorSIGBUScatcher); | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (2) registering ‘mySIGSEGVorSIGBUScatcher’ as signal handler