...
_Exit()
| fexecve()
| posix_trace_event()
| sigprocmask()
|
_exit()
| fork()
| pselect()
| sigqueue()
|
abort()
| fstat()
| pthread_kill()
| sigset()
|
accept()
| fstatat()
| pthread_self()
| sigsuspend()
|
access()
| fsync()
| pthread_sigmask()
| sleep()
|
aio_error()
| ftruncate()
| raise()
| sockatmark()
|
aio_return()
| futimens()
| read()
| socket()
|
aio_suspend()
| getegid()
| readlink()
| socketpair()
|
alarm()
| geteuid()
| readlinkat()
| stat()
|
bind()
| getgid()
| recv()
| symlink()
|
cfgetispeed()
| getgroups()
| recvfrom()
| symlinkat()
|
cfgetospeed()
| getpeername()
| recvmsg()
| tcdrain()
|
cfsetispeed()
| getpgrp()
| rename()
| tcflow()
|
cfsetospeed()
| getpid()
| renameat()
| tcflush()
|
chdir()
| getppid()
| rmdir()
| tcgetattr()
|
chmod()
| getsockname()
| select()
| tcgetpgrp()
|
chown()
| getsockopt()
| sem_post()
| tcsendbreak()
|
clock_gettime()
| getuid()
| send()
| tcsetattr()
|
close()
| kill()
| sendmsg()
| tcsetpgrp()
|
connect()
| link()
| sendto()
| time()
|
creat()
| linkat()
| setgid()
| timer_getoverrun()
|
dup()
| listen()
| setpgid()
| timer_gettime()
|
dup2()
| lseek()
| setsid()
| timer_settime()
|
execl()
| lstat()
| setsockopt()
| times()
|
execle()
| mkdir()
| setuid()
| umask()
|
execv()
| mkdirat()
| shutdown()
| uname()
|
execve()
| mkfifo()
| sigaction()
| unlink()
|
faccessat()
| mkfifoat()
| sigaddset()
| unlinkat()
|
fchdir()
| mknod()
| sigdelset()
| utime()
|
fchmod()
| mknodat()
| sigemptyset()
| utimensat()
|
fchmodat()
| open()
| sigfillset()
| utimes()
|
fchown()
| openat()
| sigismember()
| wait()
|
fchownat()
| pause()
| signal()
| waitpid()
|
fcntl()
| pipe()
| sigpause()
| write()
|
fdatasync()
| poll()
| sigpending()
|
|
All functions not listed in this table are considered to be unsafe with respect to signals. In the presence of signals, all POSIX functions behave as defined when called from or interrupted by a signal handler, with a single exception: when a signal interrupts an unsafe function and the signal handler calls an unsafe function, the behavior is undefined.
The C Standard, 7.14.1.1, paragraph 4 [ISO/IEC 9899:2011], states:
If the signal occurs as the result of calling the abort or raise function, the signal handler shall not call the raise function.
However, in the description of signal(), POSIX [IEEE Std 1003.1:2013] states:
This restriction does not apply to POSIX applications, as POSIX.1-2008 requires raise() to be async-signal-safe
...
The OpenBSD signal() manual page lists a few additional functions that are asynchronous-safe in OpenBSD but "probably not on other systems" [OpenBSD], including snprintf(), vsnprintf(), and syslog_r() ( but only when the syslog_data struct is initialized as a local variable).
Risk Assessment
Invoking functions that are not asynchronous-safe from within a signal handler is undefined behavior.
...
