I am trying to submit a package on CRAN, and everything passes ok on all platforms but Debian, where CRAN responds with an automatic "significant" warning: * checking whether package ?QCA? can be installed ... [35s/35s] WARNING Found the following significant warnings: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning: ?__builtin_strncpy? output may be truncated copying 12 bytes from a string of length 79 [-Wstringop-truncation] See ?/srv/hornik/tmp/CRAN/QCA.Rcheck/00install.out? for details. I know the cause of this: using a cursomized version of some external C library, coupled with <SystemRequirements: GNU make> in the Description. But I do not know hot to get past this warning, since it refers to a builtin GCC function strncpy. As far as I read, this should be solved by a simple GCC upgrade to the newest version, but that is something outside my code base, since GCC resides on the CRAN servers. In the meantime, to get the package published, did anyone encountered a similar problem? If so, is there a workaround? ? Adrian Dusa University of Bucharest Romanian Social Data Archive Soseaua Panduri nr. 90-92 050663 Bucharest sector 5 Romania https://adriandusa.eu
Adrian, newer compilers are better at finding bugs - you may want to read the full trace of the error, it tells you that you likely have a memory overflow when using strncpy() in your package. You should check whether it is right. Unfortunately we can?t help you more specifically, because I don't see any link to what you submitted so can?t look at the code involved. Cheers, Simon> On May 22, 2020, at 7:25 PM, Adrian Du?a <dusa.adrian at gmail.com> wrote: > > I am trying to submit a package on CRAN, and everything passes ok on all platforms but Debian, where CRAN responds with an automatic "significant" warning: > > * checking whether package ?QCA? can be installed ... [35s/35s] WARNING > Found the following significant warnings: > /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning: ?__builtin_strncpy? output may be truncated copying 12 bytes from a string of length 79 [-Wstringop-truncation] > See ?/srv/hornik/tmp/CRAN/QCA.Rcheck/00install.out? for details. > > > I know the cause of this: using a cursomized version of some external C library, coupled with <SystemRequirements: GNU make> in the Description. > > But I do not know hot to get past this warning, since it refers to a builtin GCC function strncpy. As far as I read, this should be solved by a simple GCC upgrade to the newest version, but that is something outside my code base, since GCC resides on the CRAN servers. > > In the meantime, to get the package published, did anyone encountered a similar problem? If so, is there a workaround? > > ? > Adrian Dusa > University of Bucharest > Romanian Social Data Archive > Soseaua Panduri nr. 90-92 > 050663 Bucharest sector 5 > Romania > https://adriandusa.eu > > ______________________________________________ > R-devel at r-project.org mailing list > https://stat.ethz.ch/mailman/listinfo/r-devel >
On 23/05/2020 07:38, Simon Urbanek wrote:> Adrian, > > newer compilers are better at finding bugs - you may want to read the full trace of the error, it tells you that you likely have a memory overflow when using strncpy() in your package. You should check whether it is right. Unfortunately we can?t help you more specifically, because I don't see any link to what you submitted so can?t look at the code involved.NB: debian-gcc on CRAN does have the latest version of gcc (10.1) and the link would likely have given fuller details (such links are provided on CRAN report pages but I do not know for submissions). gcc does sometimes give false alarms here (there is one for R with gcc >= 9 and another for gcc >= 10) but see https://developers.redhat.com/blog/2018/05/24/detecting-string-truncation-with-gcc-8/ . Most can easily be workaround by cleaner code.> > Cheers, > Simon > > > >> On May 22, 2020, at 7:25 PM, Adrian Du?a <dusa.adrian at gmail.com> wrote: >> >> I am trying to submit a package on CRAN, and everything passes ok on all platforms but Debian, where CRAN responds with an automatic "significant" warning: >> >> * checking whether package ?QCA? can be installed ... [35s/35s] WARNING >> Found the following significant warnings: >> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning: ?__builtin_strncpy? output may be truncated copying 12 bytes from a string of length 79 [-Wstringop-truncation] >> See ?/srv/hornik/tmp/CRAN/QCA.Rcheck/00install.out? for details. >> >> >> I know the cause of this: using a cursomized version of some external C library, coupled with <SystemRequirements: GNU make> in the Description. >> >> But I do not know hot to get past this warning, since it refers to a builtin GCC function strncpy. As far as I read, this should be solved by a simple GCC upgrade to the newest version, but that is something outside my code base, since GCC resides on the CRAN servers. >> >> In the meantime, to get the package published, did anyone encountered a similar problem? If so, is there a workaround? >> >> ? >> Adrian Dusa >> University of Bucharest >> Romanian Social Data Archive >> Soseaua Panduri nr. 90-92 >> 050663 Bucharest sector 5 >> Romania >> https://adriandusa.eu-- Brian D. Ripley, ripley at stats.ox.ac.uk Emeritus Professor of Applied Statistics, University of Oxford