[R-pkg-devel] Compiled code checks raise a WARNING in Fedora 28

Dirk Eddelbuettel edd @ending from debi@n@org
Wed May 23 19:44:14 CEST 2018 

On 23 May 2018 at 18:09, Iñaki Úcar wrote:
| 2018-05-23 17:40 GMT+02:00 Dirk Eddelbuettel <edd at debian.org>:
| >
| > On 23 May 2018 at 17:22, Iñaki Úcar wrote:
| > | Hi,
| > |
| > | For other Fedora users that may be struggling with this too...
| > |
| > | Fedora 28 introduced new hardening flags for compiled code (see [1]).
| > | Particularly, -D_GLIBCXX_ASSERTIONS is added to the default CXXFLAGS
| > | (verify the output of 'R CMD config CXXFLAGS'), which enables range
| > | checks for C++ arrays, vectors and strings. As a consequence, you may
| > | see the following after running 'R CMD check' on your package with C++
| > | code:
| > |
| > | checking compiled code ... WARNING
| > | Found ‘abort’, possibly from ‘abort’ (C)
| > | Found ‘printf’, possibly from ‘printf’ (C)
| > |
| > | I'm not sure whether this is a false positive or not. Anyway, a quick
| > | workaround is to disable this flag by including -U_GLIBCXX_ASSERTIONS
| > | in your local Makevars.
| >
| > AFAICT that has little do with Fedora, it is just R being picky. Writing R
| > Extensions told you about abort() et al for years:
| >
| >   Under no circumstances should your compiled code ever call @code{abort}
| >   or @code{exit}@footnote{or where supported the variants @code{_Exit} and
| >   @code{_exit}.}: these terminate the user's @R{} process, quite possibly
| >   including all his unsaved work.  One usage that could call @code{abort}
| >   is the @code{assert} macro in C or C++ functions, which should never be
| >   active in production code.  The normal way to ensure that is to define
| >   the macro @code{NDEBUG}, and @command{R CMD INSTALL} does so as part of
| >   the compilation flags.  If you wish to use @code{assert} during
| >   development. you can include @code{-UNDEBUG} in @code{PKG_CPPFLAGS}.
| >   Note that your own @file{src/Makefile} or makefiles in sub-directories
| >   may also need to define @code{NDEBUG}.
| >
| > (Quoted from R-release's manual source)
| 
| Yes, I know. The thing is that, with -D_GLIBCXX_ASSERTIONS, I see
| 
| $ strings src/*.o | grep abort | sort | uniq
| abort
| __builtin_abort
| __cxa_guard_abort
| 
| and without it, the first two lines go away. So it seems that those
| assertions may result in a call to 'abort'. I don't know whether R is
| right or not in its *pickiness* for this particular case.

Doh. I was dense. You are quite right, it seems -- the new instrumentation
'unmasks' more uses of abort which R's shared library symbol grep analysis
stumbles over.  I should have stayed under my rock it seems -- sorry about
the noise.

Dirk
 
| Iñaki
| 
| >
| > Also:
| >
| > edd at rob:~/deb/r-base$ ag "Found " src/library/tools/R/sotools.R
| > 481:                 c(strwrap(gettextf("Found %s, possibly from %s",
| > 702:              strwrap(paste("Found non-API calls to R:",
| > 705:          } else paste("  Found non-API call to R:", sQuote(x))
| > 716:              strwrap(paste("Found no calls to:",
| > 719:          } else paste("  Found no call to:", sQuote(x))
| > edd at rob:~/deb/r-base$
| >
| > I am kinda surprised you had not seen these before :)
| >
| > Dirk
| >
| > --
| > http://dirk.eddelbuettel.com | @eddelbuettel | edd at debian.org

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | edd at debian.org

More information about the R-package-devel mailing list