Bug 1987298
| Summary: | Review Request: stb - Single-file public domain libraries for C/C++ | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ben Beasley <code> |
| Component: | Package Review | Assignee: | Jerry James <loganjerry> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | loganjerry, package-review |
| Target Milestone: | --- | Flags: | loganjerry:
fedora-review+
|
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-09-02 23:07:28 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Ben Beasley
2021-07-29 13:03:35 UTC
> Note that there is a file conflict with mlpack-devel, which bundles and installs /usr/bin/stb_image.h and /usr/bin/stb_image_write.h.
I meant /usr/include/stb_image.h and /usr/include/stb_image_write.h, of course.
This is a note, mostly to myself, that an effort should also be made to unbundle stb libraries from existing packages CuraEngine, retroarch, SFML, and usd. There may be others, but these are the ones that were easy to find by grepping spec files. I will take this review. Package Review
==============
Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
Issues:
=======
- There is no architecture-specific modification of these header files, right?
They're just installed exactly as they are in the souce tarball, I believe.
In that case, shouldn't the *-devel packages all be noarch?
- The stb_image_write-devel and stb_sprintf-devel descriptions each contain a
percent sign, which should be doubled to tell RPM they aren't macros.
- Some of the compiler warnings indicate real problems. This one:
In file included from test_c_compilation.c:26:
../stb_include.h: In function 'stb_include_string':
../stb_include.h:208:13: warning: statement with no effect [-Wunused-value]
208 | strcmp(temp, "INJECT");
| ^~~~~~~~~~~~~~~~~~~~~~
indicates a call to strcmp that should probably be a call to strcpy.
- This warning:
test_c_compilation.c: In function 'stbvox_make_mesh_for_block_with_geo':
../stb_voxel_render.h:3134:46: warning: iteration 4 invokes undefined behavior [-Waggressive-loop-optimizations]
3134 | int vert = stbvox_vertex_selector[0][i];
| ~~~~~~~~~~~~~~~~~~~~~~~~~^~~
../stb_voxel_render.h:3133:19: note: within this loop
3133 | for (i=0; i < 6*4; ++i) {
| ~~^~~~~
also indicates an issue. The array stbvox_vertex_selector is declared like
this (on line 2181):
static unsigned char stbvox_vertex_selector[6][4] = { ... };
and similarly for the vmesh and stbvox_geometry_vheight arrays. This loop
accesses array elements [0][0] through [0][23] for each of those arrays.
Under a reasonable assumption about the layout of 2-dimensional arrays, that
will do the right thing. But because it invokes undefined behavior, the
compiler is allowed to generate code that does anything whatsoever. That
code should be written like this instead:
int i,j;
for (i=0; i < 6; ++i) {
for (j=0; j < 4; ++j) {
int vert = stbvox_vertex_selector[i][j];
vert = stbvox_rotate_vertex[vert][rot];
vmesh[i][j] = stbvox_vmesh_pre_vheight[i][j]
+ stbvox_geometry_vheight[geo][vert];
}
}
A similar transformation is needed for the loops at lines 3279 and 3545.
(Although, really, the loop at line 3545 should be a pair of memset calls.)
Likewise for the loops at lines 1074 and 1216 of stb_tilemap_editor.h.
===== MUST items =====
C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: If your application is a C or C++ application you must list a
BuildRequires against gcc, gcc-c++ or clang.
[x]: Header files in -devel subpackage, if present.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.
Generic:
[x]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[x]: License field in the package spec file matches the actual license.
[x]: License file installed when any subpackage combination is installed.
[x]: If the package is under multiple licenses, the licensing breakdown
must be documented in the spec.
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[!]: Macros in Summary, %description expandable at SRPM build time.
Note: Macros in: stb_image_write-devel (description), stb_sprintf-
devel (description)
These refer to bare % symbols. They need to be doubled for RPM: %%.
[-]: Package contains desktop file if it is a GUI application.
[x]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
names).
[x]: Package is named according to the Package Naming Guidelines.
[!]: Package does not generate any conflict.
It does, but resolving the conflict is part of the plan for introducing
this package.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[!]: Useful -debuginfo package or justification otherwise.
See above about whether the packages should be noarch.
[x]: Package is not known to require an ExcludeArch tag.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
license(s) in its own file, then that file, containing the text of the
license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[x]: File names are valid UTF-8.
[x]: Large documentation must go in a -doc subpackage. Large could be size
(~1MB) or number of files.
Note: Documentation size is 0 bytes in 0 files.
[x]: Packages must not store files under /srv, /opt or /usr/local
===== SHOULD items =====
Generic:
[-]: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Fully versioned dependency in subpackages if applicable.
[?]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Sources are verified with gpgverify first in %prep if upstream
publishes signatures.
Note: gpgverify is not used.
[-]: Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
files.
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.
===== EXTRA items =====
Generic:
[x]: Rpmlint is run on all installed packages.
Note: There are rpmlint messages (see attachment).
[x]: Large data in /usr/share should live in a noarch subpackage if package
is arched.
[x]: Spec file according to URL is the same as in SRPM.
Rpmlint
-------
Checking: stb-devel-0-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_c_lexer-devel-0.12-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_connected_components-devel-0.96-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_divide-devel-0.94-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_ds-devel-0.67-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_dxt-devel-1.12-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_easy_font-devel-1.1-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_herringbone_wang_tile-devel-0.7-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_hexwave-devel-0.5-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_image-devel-2.27-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_image_resize-devel-0.97-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_image_write-devel-1.16-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_include-devel-0.2-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_leakcheck-devel-0.6-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_perlin-devel-0.5-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_rect_pack-devel-1.1-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_sprintf-devel-1.10-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_textedit-devel-1.14-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_tilemap_editor-devel-0.42-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_truetype-devel-1.25-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_vorbis-devel-1.22-0.1.20210728git3a11740.fc36.x86_64.rpm
stb_voxel_render-devel-0.89-0.1.20210728git3a11740.fc36.x86_64.rpm
stb-doc-0-0.1.20210728git3a11740.fc36.noarch.rpm
stb-0-0.1.20210728git3a11740.fc36.src.rpm
stb-devel.x86_64: W: spelling-error %description -l en_US metapackage -> meta package, meta-package, prepackage
stb-devel.x86_64: W: no-documentation
stb_c_lexer-devel.x86_64: W: spelling-error Summary(en_US) parsers -> parser, parses, parers
stb_c_lexer-devel.x86_64: W: spelling-error %description -l en_US parsers -> parser, parses, parers
stb_c_lexer-devel.x86_64: W: no-documentation
stb_connected_components-devel.x86_64: W: spelling-error %description -l en_US reachability -> reach ability, reach-ability, readability
stb_connected_components-devel.x86_64: W: spelling-error %description -l en_US traversable -> traversal, traveler
stb_connected_components-devel.x86_64: W: spelling-error %description -l en_US untraversable -> untranslatable, untraceable
stb_connected_components-devel.x86_64: W: no-documentation
stb_divide-devel.x86_64: W: no-documentation
stb_ds-devel.x86_64: W: no-documentation
stb_dxt-devel.x86_64: W: no-documentation
stb_easy_font-devel.x86_64: W: spelling-error %description -l en_US Doesn -> Does, Does n
stb_easy_font-devel.x86_64: W: no-documentation
stb_herringbone_wang_tile-devel.x86_64: W: no-documentation
stb_hexwave-devel.x86_64: W: spelling-error Summary(en_US) bandlimited -> band limited, band-limited, eliminated
stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US bandlimited -> band limited, band-limited, eliminated
stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US waveforms -> waveform, wave forms, wave-forms
stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US morphable -> morph able, morph-able, memorable
stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US rescale -> resale, descale, re scale
stb_hexwave-devel.x86_64: W: no-documentation
stb_image-devel.x86_64: W: no-documentation
stb_image_resize-devel.x86_64: W: spelling-error Summary(en_US) resizing -> residing, re sizing, re-sizing
stb_image_resize-devel.x86_64: W: spelling-error %description -l en_US resizing -> residing, re sizing, re-sizing
stb_image_resize-devel.x86_64: W: spelling-error %description -l en_US downsamples -> down samples, down-samples, downscale
stb_image_resize-devel.x86_64: W: spelling-error %description -l en_US upsamples -> up samples, up-samples, samples
stb_image_resize-devel.x86_64: W: no-documentation
stb_image_write-devel.x86_64: W: spelling-error %description -l en_US zlib -> lib, glib, z lib
stb_image_write-devel.x86_64: W: no-documentation
stb_include-devel.x86_64: W: no-documentation
stb_leakcheck-devel.x86_64: W: no-documentation
stb_perlin-devel.x86_64: W: spelling-error Summary(en_US) Perlin -> Merlin, Berlin, Perl in
stb_perlin-devel.x86_64: W: spelling-error %description -l en_US Perlin -> Merlin, Berlin, Perl in
stb_perlin-devel.x86_64: W: no-documentation
stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US awesomest -> awesome st, awesome-st, awesomeness
stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US stb -> st, stab, stub
stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US qsort -> sort, q sort
stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US stdlib -> std lib, std-lib, stolid
stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US init -> unit, int, nit
stb_rect_pack-devel.x86_64: W: no-documentation
stb_sprintf-devel.x86_64: W: spelling-error Summary(en_US) snprintf -> sprint
stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US sprintf -> sprint, sprints, sprint f
stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US sprintfs -> sprints, sprint's, sprint
stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US ve -> be, v, e
stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US va -> VA, av, Va
stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US args -> rags, gars, ares
stb_sprintf-devel.x86_64: W: no-documentation
stb_textedit-devel.x86_64: W: spelling-error %description -l en_US stb -> st, stab, stub
stb_textedit-devel.x86_64: W: spelling-error %description -l en_US textedit -> text edit, text-edit, expedite
stb_textedit-devel.x86_64: W: spelling-error %description -l en_US modelled -> modeled, model led, model-led
stb_textedit-devel.x86_64: W: no-documentation
stb_tilemap_editor-devel.x86_64: W: spelling-error Summary(en_US) Embeddable -> Embedded
stb_tilemap_editor-devel.x86_64: W: spelling-error Summary(en_US) tilemap -> tile map, tile-map, dilemma
stb_tilemap_editor-devel.x86_64: W: spelling-error %description -l en_US Embeddable -> Embedded
stb_tilemap_editor-devel.x86_64: W: spelling-error %description -l en_US tilemap -> tile map, tile-map, dilemma
stb_tilemap_editor-devel.x86_64: W: no-documentation
stb_truetype-devel.x86_64: W: spelling-error %description -l en_US antialiasing -> anti aliasing, anti-aliasing, instantiating
stb_truetype-devel.x86_64: W: no-documentation
stb_vorbis-devel.x86_64: W: spelling-error Summary(en_US) Ogg -> Egg, Org, Gog
stb_vorbis-devel.x86_64: W: spelling-error %description -l en_US Ogg -> Egg, Org, Gog
stb_vorbis-devel.x86_64: W: no-documentation
stb_voxel_render-devel.x86_64: W: spelling-error Summary(en_US) voxel -> vowel
stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US voxel -> vowel
stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US shaders -> shades, sharers, shavers
stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US shader -> shared, shade, shadier
stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US roadmap -> road map, road-map, roadway
stb_voxel_render-devel.x86_64: W: no-documentation
stb.src:692: W: macro-in-%changelog %autochangelog
24 packages and 0 specfiles checked; 0 errors, 68 warnings.
Rpmlint (installed packages)
----------------------------
rpmlint: 2.0.0
configuration:
/usr/lib/python3.10/site-packages/rpmlint/configdefaults.toml
/etc/xdg/rpmlint/fedora.toml
/etc/xdg/rpmlint/licenses.toml
/etc/xdg/rpmlint/scoring.toml
/etc/xdg/rpmlint/users-groups.toml
/etc/xdg/rpmlint/warn-on-functions.toml
checks: 31, packages: 23
stb_c_lexer-devel.x86_64: W: no-documentation
stb_connected_components-devel.x86_64: W: no-documentation
stb-devel.x86_64: W: no-documentation
stb_divide-devel.x86_64: W: no-documentation
stb_ds-devel.x86_64: W: no-documentation
stb_dxt-devel.x86_64: W: no-documentation
stb_easy_font-devel.x86_64: W: no-documentation
stb_herringbone_wang_tile-devel.x86_64: W: no-documentation
stb_hexwave-devel.x86_64: W: no-documentation
stb_image-devel.x86_64: W: no-documentation
stb_image_resize-devel.x86_64: W: no-documentation
stb_image_write-devel.x86_64: W: no-documentation
stb_include-devel.x86_64: W: no-documentation
stb_leakcheck-devel.x86_64: W: no-documentation
stb_perlin-devel.x86_64: W: no-documentation
stb_rect_pack-devel.x86_64: W: no-documentation
stb_sprintf-devel.x86_64: W: no-documentation
stb_textedit-devel.x86_64: W: no-documentation
stb_tilemap_editor-devel.x86_64: W: no-documentation
stb_truetype-devel.x86_64: W: no-documentation
stb_vorbis-devel.x86_64: W: no-documentation
stb_voxel_render-devel.x86_64: W: no-documentation
================ 23 packages and 0 specfiles checked; 0 errors, 22 warnings, 0 badness; has taken 0.1 s ================
Source checksums
----------------
https://github.com/nothings/stb/archive/3a1174060a7dd4eb652d4e6854bc4cd98c159200/stb-3a1174060a7dd4eb652d4e6854bc4cd98c159200.tar.gz :
CHECKSUM(SHA256) this package : 7e1dfff854ca68ed324f6b1fcb55f8d365d41e23e931ef16057221f305a52b1d
CHECKSUM(SHA256) upstream package : 7e1dfff854ca68ed324f6b1fcb55f8d365d41e23e931ef16057221f305a52b1d
Requires
--------
stb-devel (rpmlib, GLIBC filtered):
stb_c_lexer-devel(x86-64)
stb_c_lexer-static
stb_connected_components-devel(x86-64)
stb_connected_components-static
stb_divide-devel(x86-64)
stb_divide-static
stb_ds-devel(x86-64)
stb_ds-static
stb_dxt-devel(x86-64)
stb_dxt-static
stb_easy_font-devel(x86-64)
stb_easy_font-static
stb_herringbone_wang_tile-devel(x86-64)
stb_herringbone_wang_tile-static
stb_hexwave-devel(x86-64)
stb_hexwave-static
stb_image-devel(x86-64)
stb_image-static
stb_image_resize-devel(x86-64)
stb_image_resize-static
stb_image_write-devel(x86-64)
stb_image_write-static
stb_include-devel(x86-64)
stb_include-static
stb_leakcheck-devel(x86-64)
stb_leakcheck-static
stb_perlin-devel(x86-64)
stb_perlin-static
stb_rect_pack-devel(x86-64)
stb_rect_pack-static
stb_sprintf-devel(x86-64)
stb_sprintf-static
stb_textedit-devel(x86-64)
stb_textedit-static
stb_tilemap_editor-devel(x86-64)
stb_tilemap_editor-static
stb_truetype-devel(x86-64)
stb_truetype-static
stb_vorbis-devel(x86-64)
stb_vorbis-static
stb_voxel_render-devel(x86-64)
stb_voxel_render-static
stb_c_lexer-devel (rpmlib, GLIBC filtered):
stb_connected_components-devel (rpmlib, GLIBC filtered):
stb_divide-devel (rpmlib, GLIBC filtered):
stb_ds-devel (rpmlib, GLIBC filtered):
stb_dxt-devel (rpmlib, GLIBC filtered):
stb_easy_font-devel (rpmlib, GLIBC filtered):
stb_herringbone_wang_tile-devel (rpmlib, GLIBC filtered):
stb_hexwave-devel (rpmlib, GLIBC filtered):
stb_image-devel (rpmlib, GLIBC filtered):
stb_image_resize-devel (rpmlib, GLIBC filtered):
stb_image_write-devel (rpmlib, GLIBC filtered):
stb_include-devel (rpmlib, GLIBC filtered):
stb_leakcheck-devel (rpmlib, GLIBC filtered):
stb_perlin-devel (rpmlib, GLIBC filtered):
stb_rect_pack-devel (rpmlib, GLIBC filtered):
stb_sprintf-devel (rpmlib, GLIBC filtered):
stb_textedit-devel (rpmlib, GLIBC filtered):
stb_tilemap_editor-devel (rpmlib, GLIBC filtered):
stb_truetype-devel (rpmlib, GLIBC filtered):
stb_vorbis-devel (rpmlib, GLIBC filtered):
stb_voxel_render-devel (rpmlib, GLIBC filtered):
stb-doc (rpmlib, GLIBC filtered):
Provides
--------
stb-devel:
stb-devel
stb-devel(x86-64)
stb-static
stb_c_lexer-devel:
stb_c_lexer-devel
stb_c_lexer-devel(x86-64)
stb_c_lexer-static
stb_connected_components-devel:
stb_connected_components-devel
stb_connected_components-devel(x86-64)
stb_connected_components-static
stb_divide-devel:
stb_divide-devel
stb_divide-devel(x86-64)
stb_divide-static
stb_ds-devel:
stb_ds-devel
stb_ds-devel(x86-64)
stb_ds-static
stb_dxt-devel:
stb_dxt-devel
stb_dxt-devel(x86-64)
stb_dxt-static
stb_easy_font-devel:
stb_easy_font-devel
stb_easy_font-devel(x86-64)
stb_easy_font-static
stb_herringbone_wang_tile-devel:
stb_herringbone_wang_tile-devel
stb_herringbone_wang_tile-devel(x86-64)
stb_herringbone_wang_tile-static
stb_hexwave-devel:
stb_hexwave-devel
stb_hexwave-devel(x86-64)
stb_hexwave-static
stb_image-devel:
stb_image-devel
stb_image-devel(x86-64)
stb_image-static
stb_image_resize-devel:
stb_image_resize-devel
stb_image_resize-devel(x86-64)
stb_image_resize-static
stb_image_write-devel:
stb_image_write-devel
stb_image_write-devel(x86-64)
stb_image_write-static
stb_include-devel:
stb_include-devel
stb_include-devel(x86-64)
stb_include-static
stb_leakcheck-devel:
stb_leakcheck-devel
stb_leakcheck-devel(x86-64)
stb_leakcheck-static
stb_perlin-devel:
stb_perlin-devel
stb_perlin-devel(x86-64)
stb_perlin-static
stb_rect_pack-devel:
stb_rect_pack-devel
stb_rect_pack-devel(x86-64)
stb_rect_pack-static
stb_sprintf-devel:
stb_sprintf-devel
stb_sprintf-devel(x86-64)
stb_sprintf-static
stb_textedit-devel:
stb_textedit-devel
stb_textedit-devel(x86-64)
stb_textedit-static
stb_tilemap_editor-devel:
stb_tilemap_editor-devel
stb_tilemap_editor-devel(x86-64)
stb_tilemap_editor-static
stb_truetype-devel:
stb_truetype-devel
stb_truetype-devel(x86-64)
stb_truetype-static
stb_vorbis-devel:
stb_vorbis-devel
stb_vorbis-devel(x86-64)
stb_vorbis-static
stb_voxel_render-devel:
stb_voxel_render-devel
stb_voxel_render-devel(x86-64)
stb_voxel_render-static
stb-doc:
stb-doc
Generated by fedora-review 0.7.6 (b083f91) last change: 2020-11-10
Command line :/usr/bin/fedora-review -b 1987298 -m fedora-rawhide-x86_64
Buildroot used: fedora-rawhide-x86_64
Active plugins: Shell-api, Generic, C/C++
Disabled plugins: Ocaml, Java, R, Python, Ruby, fonts, PHP, Haskell, SugarActivity, Perl
Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH
> - There is no architecture-specific modification of these header files, right? > They're just installed exactly as they are in the souce tarball, I believe. > In that case, shouldn't the *-devel packages all be noarch? This is logical, but the packaging guidelines mandate and justify otherwise: https://docs.fedoraproject.org/en-US/packaging-guidelines/#_do_not_use_noarch > - The stb_image_write-devel and stb_sprintf-devel descriptions each contain a > percent sign, which should be doubled to tell RPM they aren't macros. Thanks. I will fix this. > - Some of the compiler warnings indicate real problems. […] Thank you for the detailed analysis of particular issues. I will comb through the compiler warnings and offer patches upstream as needed. I have added a build conditional to cease packaging the stb_include library: > # We choose not to package the “stb_include” library (stb_include.h) because it > # is so rife with old-school blithe C behavior—wanton use of strcat/strcpy into > # a fixed-length buffer that is assumed (but not proven) to be large enough for > # all possible uses, ignoring possible I/O errors (possibly leading to > # undefined behavior from reading uninitialized memory), and so on. Making it > # safe to use would mean a substantial rewrite. > # > # If a request for this library arises, this decision may be revisited, or the > # necessary rewrite may be done and offered upstream. For now, we omit the > # library and expect it will not be missed. > %bcond_with stb_include I also filed https://github.com/nothings/stb/issues/1193. I have patched some of the most serious and/or most easily fixed issues highlighted by the compiler warnings: https://github.com/nothings/stb/pull/1194 https://github.com/nothings/stb/pull/1195 https://github.com/nothings/stb/pull/1196 There are still some compiler warnings. Most are unused functions or variables—most of those related to preprocessor conditionals. Those warnings that still hint at real issues are difficult to evaluate. I filed one additional issue, https://github.com/nothings/stb/issues/1197. I am leaving this alone: > In file included from /usr/include/string.h:519, > from ../stb_ds.h:395, > from test_cpp_compilation.cpp:13: > In function 'memcpy', > inlined from 'stbi__getn(stbi__context*, unsigned char*, int)' at ../stb_image.h:1653:16, > inlined from 'stbi__parse_png_file(stbi__png*, int, int) [clone .constprop.0]' at ../stb_image.h:5123:28: > /usr/include/bits/string_fortified.h:29:33: warning: 'memcpy' specified bound between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] > 29 | return __builtin___memcpy_chk (__dest, __src, __len, > | ~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~ > 30 | __glibc_objsize0 (__dest)); > | ~~~~~~~~~~~~~~~~~~~~~~~~~~ which I *think* is pointing out that a sufficiently large 32-bit unsigned chunk length may be cast to a negative int, which is then interpreted as a huge positive number of bytes to memcpy; but whether this can actually happen in practice is much harder to tell. (I ignore here the possibility that int could be shorter than 32 bits on some platform…) In any case, I’m sure that looking closely and turning over a few rocks (i.e., compiling with clang-analyzer/scan-build, or trying to fuzz some of the libraries) could reveal dozens of similar issues in short order. Still, let me know if you think there’s anything else I should deal with before proceeding with the package. Updated spec URL: https://music.fedorapeople.org/20210819/stb.spec Updated SRPM URL: https://music.fedorapeople.org/20210819/stb-0-0.1.20210728git3a11740.fc34.src.rpm I think the package is fine to proceed now. This package is APPROVED. Thanks for the review! (fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/stb FEDORA-2021-4aba8cab9b has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b FEDORA-2021-6acb7e859a has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a FEDORA-EPEL-2021-7b9152ada8 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-7b9152ada8 FEDORA-EPEL-2021-6f1cdf34bf has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf FEDORA-EPEL-2021-a17f963ef3 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 FEDORA-EPEL-2021-6f1cdf34bf has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-c1924562c9 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c1924562c9 FEDORA-2021-4aba8cab9b has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-4aba8cab9b \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-6acb7e859a has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-6acb7e859a \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-a17f963ef3 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-4aba8cab9b has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b FEDORA-2021-6acb7e859a has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a FEDORA-EPEL-2021-6f1cdf34bf has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf FEDORA-EPEL-2021-a17f963ef3 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 FEDORA-EPEL-2021-a17f963ef3 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-6f1cdf34bf has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-4aba8cab9b has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-4aba8cab9b \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-6acb7e859a has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-6acb7e859a \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-6f1cdf34bf has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2021-4aba8cab9b has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2021-6acb7e859a has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2021-a17f963ef3 has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report. |