[R-pkg-devel] How to identify what flags "Additional Issues" for UBSAN

Tomas Kalibera tom@@@k@||ber@ @end|ng |rom gm@||@com
Thu Mar 23 12:12:53 CET 2023 

On 3/22/23 16:51, Kenny, Christopher wrote:
> Hi folks,
>
> I'm the maintainer of the redist package (https://cran.r-project.org/web/checks/check_results_redist.html) which was flagged for additional issues with clang-UBSAN and gcc-UBSAN. Both of the 00check.log files say that the status is "OK" at the bottom.
>
> Is there an easy way to identify what is causing the flag? I see things that it could be, for example in the tests Rout files, there are sanitizer errors like:
> wilson.cpp:165:34: runtime error: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'
> However, my understanding is that these errors should be expected, as the input is controlled from within the package and checking for these types of errors in every loop would push against the purpose of using C++ for performance here.

UBSAN reports runtime errors, which means that the overflow has really 
happened, so this clearly should be narrowed down and fixed. I would 
restructure the code to avoid the overflow and only worry about a 
possible slowdown if that happens.

In the code pointed to by the stacktrace

     int max_try = 50 * remaining * ((int) std::log(remaining));
     while (remaining > 0) {

perhaps the problem is when "remaining" is 0 (but I am guessing, I don't 
know the code). Right, the overflow is benign because the value isn't 
used, but one should fix this anyway and it should be easy, e.g.

if (remaining > 0) {

   int max_try = ...
   while(remaining > 0)

}

this extra condition would not have a measurable overhead in this code.

> That leads me to believe that either I'm looking past the seriousness of one of these sanitizer warnings or I am missing something else that is being flagged.  I've looked at Writing R Extensions part 4.3, but do not see any specific additional information on this. Does anyone have advice or any guidance on figuring out exactly what causes the "Additional Issues" flag and subsequent email about fixing it?

 From the stack traces these are all instances of the same problem. If I 
were you I would simply fix that and submit.

Best
Tomas

>
> Thank you,
> Chris
>
> ckenny using g.harvard.edu - christopherkenny using fas.harvard.edu
> V.O. Key Fellow - Department of Government - Harvard University
> Ashford Fellow - Graduate School of Arts and Sciences - Harvard University
>
>
> 	[[alternative HTML version deleted]]
>
> ______________________________________________
> R-package-devel using r-project.org mailing list
> https://stat.ethz.ch/mailman/listinfo/r-package-devel

More information about the R-package-devel mailing list