I am seeing a curious error in an ASAN package check which is not reproducible in the r-debug containers (https://github.com/wch/r-debug), and which I'm suspecting might be a compiler bug.
Wanted to ask for a second opinion on whether this could actually be a compiler bug or a real bug in the package, and if the former, how should I reply to the email from CRAN about fixing the issues from the checks in the package. In more detail, in the ASAN logs here: https://cran.r-project.org/web/checks/check_results_isotree.html It mentions detecting a global-buffer-overflow during a read, which happens in the contents of a string literal that's used as constructor for 'std::regex': https://github.com/david-cortes/isotree/blob/1f84128a03bb6fc5eecd1de7aebf4b745b54fa1e/src/formatted_exporters.cpp#L332C13-L332C31 std::regex_replace(s, std::regex("\""), "\\\"") I'm not understanding how it could possibly cause an overflow from either constructing an 'std::regex' with a string literal, or from passing the result of it to 'std::regex_replace' with C++ strings - it looks like it should be an impossible situation. The values for argument 's' (the 'std::string' where to make replacements in the 'std::regex_replace' call which receives the 'std::regex' object) which are seen during the example that gets flagged by ASAN do not have anything special - their contents are one of the following: "column_1", "column_2", "column_3" - and they are all obtained from a call to 'Rcpp::as<std::vector<std::string>>' on an R character vector, which should rule out issues with e.g. missing null termination, wrong size, and similar: https://github.com/david-cortes/isotree/blob/1f84128a03bb6fc5eecd1de7aebf4b745b54fa1e/src/Rwrapper.cpp#L1975 Help here would be appreciated. Best, David Cortes ______________________________________________ R-package-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-package-devel
