Bug 1987298
Summary: | Review Request: stb - Single-file public domain libraries for C/C++ | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Ben Beasley <code> |
Component: | Package Review | Assignee: | Jerry James <loganjerry> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | loganjerry, package-review |
Target Milestone: | --- | Flags: | loganjerry:
fedora-review+
|
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-09-02 23:07:28 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ben Beasley
2021-07-29 13:03:35 UTC
> Note that there is a file conflict with mlpack-devel, which bundles and installs /usr/bin/stb_image.h and /usr/bin/stb_image_write.h.
I meant /usr/include/stb_image.h and /usr/include/stb_image_write.h, of course.
This is a note, mostly to myself, that an effort should also be made to unbundle stb libraries from existing packages CuraEngine, retroarch, SFML, and usd. There may be others, but these are the ones that were easy to find by grepping spec files. I will take this review. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated Issues: ======= - There is no architecture-specific modification of these header files, right? They're just installed exactly as they are in the souce tarball, I believe. In that case, shouldn't the *-devel packages all be noarch? - The stb_image_write-devel and stb_sprintf-devel descriptions each contain a percent sign, which should be doubled to tell RPM they aren't macros. - Some of the compiler warnings indicate real problems. This one: In file included from test_c_compilation.c:26: ../stb_include.h: In function 'stb_include_string': ../stb_include.h:208:13: warning: statement with no effect [-Wunused-value] 208 | strcmp(temp, "INJECT"); | ^~~~~~~~~~~~~~~~~~~~~~ indicates a call to strcmp that should probably be a call to strcpy. - This warning: test_c_compilation.c: In function 'stbvox_make_mesh_for_block_with_geo': ../stb_voxel_render.h:3134:46: warning: iteration 4 invokes undefined behavior [-Waggressive-loop-optimizations] 3134 | int vert = stbvox_vertex_selector[0][i]; | ~~~~~~~~~~~~~~~~~~~~~~~~~^~~ ../stb_voxel_render.h:3133:19: note: within this loop 3133 | for (i=0; i < 6*4; ++i) { | ~~^~~~~ also indicates an issue. The array stbvox_vertex_selector is declared like this (on line 2181): static unsigned char stbvox_vertex_selector[6][4] = { ... }; and similarly for the vmesh and stbvox_geometry_vheight arrays. This loop accesses array elements [0][0] through [0][23] for each of those arrays. Under a reasonable assumption about the layout of 2-dimensional arrays, that will do the right thing. But because it invokes undefined behavior, the compiler is allowed to generate code that does anything whatsoever. That code should be written like this instead: int i,j; for (i=0; i < 6; ++i) { for (j=0; j < 4; ++j) { int vert = stbvox_vertex_selector[i][j]; vert = stbvox_rotate_vertex[vert][rot]; vmesh[i][j] = stbvox_vmesh_pre_vheight[i][j] + stbvox_geometry_vheight[geo][vert]; } } A similar transformation is needed for the loops at lines 3279 and 3545. (Although, really, the loop at line 3545 should be a pair of memset calls.) Likewise for the loops at lines 1074 and 1216 of stb_tilemap_editor.h. ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. [x]: Header files in -devel subpackage, if present. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. [x]: License file installed when any subpackage combination is installed. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [!]: Macros in Summary, %description expandable at SRPM build time. Note: Macros in: stb_image_write-devel (description), stb_sprintf- devel (description) These refer to bare % symbols. They need to be doubled for RPM: %%. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [!]: Package does not generate any conflict. It does, but resolving the conflict is part of the plan for introducing this package. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [!]: Useful -debuginfo package or justification otherwise. See above about whether the packages should be noarch. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 0 bytes in 0 files. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Fully versioned dependency in subpackages if applicable. [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: stb-devel-0-0.1.20210728git3a11740.fc36.x86_64.rpm stb_c_lexer-devel-0.12-0.1.20210728git3a11740.fc36.x86_64.rpm stb_connected_components-devel-0.96-0.1.20210728git3a11740.fc36.x86_64.rpm stb_divide-devel-0.94-0.1.20210728git3a11740.fc36.x86_64.rpm stb_ds-devel-0.67-0.1.20210728git3a11740.fc36.x86_64.rpm stb_dxt-devel-1.12-0.1.20210728git3a11740.fc36.x86_64.rpm stb_easy_font-devel-1.1-0.1.20210728git3a11740.fc36.x86_64.rpm stb_herringbone_wang_tile-devel-0.7-0.1.20210728git3a11740.fc36.x86_64.rpm stb_hexwave-devel-0.5-0.1.20210728git3a11740.fc36.x86_64.rpm stb_image-devel-2.27-0.1.20210728git3a11740.fc36.x86_64.rpm stb_image_resize-devel-0.97-0.1.20210728git3a11740.fc36.x86_64.rpm stb_image_write-devel-1.16-0.1.20210728git3a11740.fc36.x86_64.rpm stb_include-devel-0.2-0.1.20210728git3a11740.fc36.x86_64.rpm stb_leakcheck-devel-0.6-0.1.20210728git3a11740.fc36.x86_64.rpm stb_perlin-devel-0.5-0.1.20210728git3a11740.fc36.x86_64.rpm stb_rect_pack-devel-1.1-0.1.20210728git3a11740.fc36.x86_64.rpm stb_sprintf-devel-1.10-0.1.20210728git3a11740.fc36.x86_64.rpm stb_textedit-devel-1.14-0.1.20210728git3a11740.fc36.x86_64.rpm stb_tilemap_editor-devel-0.42-0.1.20210728git3a11740.fc36.x86_64.rpm stb_truetype-devel-1.25-0.1.20210728git3a11740.fc36.x86_64.rpm stb_vorbis-devel-1.22-0.1.20210728git3a11740.fc36.x86_64.rpm stb_voxel_render-devel-0.89-0.1.20210728git3a11740.fc36.x86_64.rpm stb-doc-0-0.1.20210728git3a11740.fc36.noarch.rpm stb-0-0.1.20210728git3a11740.fc36.src.rpm stb-devel.x86_64: W: spelling-error %description -l en_US metapackage -> meta package, meta-package, prepackage stb-devel.x86_64: W: no-documentation stb_c_lexer-devel.x86_64: W: spelling-error Summary(en_US) parsers -> parser, parses, parers stb_c_lexer-devel.x86_64: W: spelling-error %description -l en_US parsers -> parser, parses, parers stb_c_lexer-devel.x86_64: W: no-documentation stb_connected_components-devel.x86_64: W: spelling-error %description -l en_US reachability -> reach ability, reach-ability, readability stb_connected_components-devel.x86_64: W: spelling-error %description -l en_US traversable -> traversal, traveler stb_connected_components-devel.x86_64: W: spelling-error %description -l en_US untraversable -> untranslatable, untraceable stb_connected_components-devel.x86_64: W: no-documentation stb_divide-devel.x86_64: W: no-documentation stb_ds-devel.x86_64: W: no-documentation stb_dxt-devel.x86_64: W: no-documentation stb_easy_font-devel.x86_64: W: spelling-error %description -l en_US Doesn -> Does, Does n stb_easy_font-devel.x86_64: W: no-documentation stb_herringbone_wang_tile-devel.x86_64: W: no-documentation stb_hexwave-devel.x86_64: W: spelling-error Summary(en_US) bandlimited -> band limited, band-limited, eliminated stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US bandlimited -> band limited, band-limited, eliminated stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US waveforms -> waveform, wave forms, wave-forms stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US morphable -> morph able, morph-able, memorable stb_hexwave-devel.x86_64: W: spelling-error %description -l en_US rescale -> resale, descale, re scale stb_hexwave-devel.x86_64: W: no-documentation stb_image-devel.x86_64: W: no-documentation stb_image_resize-devel.x86_64: W: spelling-error Summary(en_US) resizing -> residing, re sizing, re-sizing stb_image_resize-devel.x86_64: W: spelling-error %description -l en_US resizing -> residing, re sizing, re-sizing stb_image_resize-devel.x86_64: W: spelling-error %description -l en_US downsamples -> down samples, down-samples, downscale stb_image_resize-devel.x86_64: W: spelling-error %description -l en_US upsamples -> up samples, up-samples, samples stb_image_resize-devel.x86_64: W: no-documentation stb_image_write-devel.x86_64: W: spelling-error %description -l en_US zlib -> lib, glib, z lib stb_image_write-devel.x86_64: W: no-documentation stb_include-devel.x86_64: W: no-documentation stb_leakcheck-devel.x86_64: W: no-documentation stb_perlin-devel.x86_64: W: spelling-error Summary(en_US) Perlin -> Merlin, Berlin, Perl in stb_perlin-devel.x86_64: W: spelling-error %description -l en_US Perlin -> Merlin, Berlin, Perl in stb_perlin-devel.x86_64: W: no-documentation stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US awesomest -> awesome st, awesome-st, awesomeness stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US stb -> st, stab, stub stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US qsort -> sort, q sort stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US stdlib -> std lib, std-lib, stolid stb_rect_pack-devel.x86_64: W: spelling-error %description -l en_US init -> unit, int, nit stb_rect_pack-devel.x86_64: W: no-documentation stb_sprintf-devel.x86_64: W: spelling-error Summary(en_US) snprintf -> sprint stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US sprintf -> sprint, sprints, sprint f stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US sprintfs -> sprints, sprint's, sprint stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US ve -> be, v, e stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US va -> VA, av, Va stb_sprintf-devel.x86_64: W: spelling-error %description -l en_US args -> rags, gars, ares stb_sprintf-devel.x86_64: W: no-documentation stb_textedit-devel.x86_64: W: spelling-error %description -l en_US stb -> st, stab, stub stb_textedit-devel.x86_64: W: spelling-error %description -l en_US textedit -> text edit, text-edit, expedite stb_textedit-devel.x86_64: W: spelling-error %description -l en_US modelled -> modeled, model led, model-led stb_textedit-devel.x86_64: W: no-documentation stb_tilemap_editor-devel.x86_64: W: spelling-error Summary(en_US) Embeddable -> Embedded stb_tilemap_editor-devel.x86_64: W: spelling-error Summary(en_US) tilemap -> tile map, tile-map, dilemma stb_tilemap_editor-devel.x86_64: W: spelling-error %description -l en_US Embeddable -> Embedded stb_tilemap_editor-devel.x86_64: W: spelling-error %description -l en_US tilemap -> tile map, tile-map, dilemma stb_tilemap_editor-devel.x86_64: W: no-documentation stb_truetype-devel.x86_64: W: spelling-error %description -l en_US antialiasing -> anti aliasing, anti-aliasing, instantiating stb_truetype-devel.x86_64: W: no-documentation stb_vorbis-devel.x86_64: W: spelling-error Summary(en_US) Ogg -> Egg, Org, Gog stb_vorbis-devel.x86_64: W: spelling-error %description -l en_US Ogg -> Egg, Org, Gog stb_vorbis-devel.x86_64: W: no-documentation stb_voxel_render-devel.x86_64: W: spelling-error Summary(en_US) voxel -> vowel stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US voxel -> vowel stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US shaders -> shades, sharers, shavers stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US shader -> shared, shade, shadier stb_voxel_render-devel.x86_64: W: spelling-error %description -l en_US roadmap -> road map, road-map, roadway stb_voxel_render-devel.x86_64: W: no-documentation stb.src:692: W: macro-in-%changelog %autochangelog 24 packages and 0 specfiles checked; 0 errors, 68 warnings. Rpmlint (installed packages) ---------------------------- rpmlint: 2.0.0 configuration: /usr/lib/python3.10/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/licenses.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 23 stb_c_lexer-devel.x86_64: W: no-documentation stb_connected_components-devel.x86_64: W: no-documentation stb-devel.x86_64: W: no-documentation stb_divide-devel.x86_64: W: no-documentation stb_ds-devel.x86_64: W: no-documentation stb_dxt-devel.x86_64: W: no-documentation stb_easy_font-devel.x86_64: W: no-documentation stb_herringbone_wang_tile-devel.x86_64: W: no-documentation stb_hexwave-devel.x86_64: W: no-documentation stb_image-devel.x86_64: W: no-documentation stb_image_resize-devel.x86_64: W: no-documentation stb_image_write-devel.x86_64: W: no-documentation stb_include-devel.x86_64: W: no-documentation stb_leakcheck-devel.x86_64: W: no-documentation stb_perlin-devel.x86_64: W: no-documentation stb_rect_pack-devel.x86_64: W: no-documentation stb_sprintf-devel.x86_64: W: no-documentation stb_textedit-devel.x86_64: W: no-documentation stb_tilemap_editor-devel.x86_64: W: no-documentation stb_truetype-devel.x86_64: W: no-documentation stb_vorbis-devel.x86_64: W: no-documentation stb_voxel_render-devel.x86_64: W: no-documentation ================ 23 packages and 0 specfiles checked; 0 errors, 22 warnings, 0 badness; has taken 0.1 s ================ Source checksums ---------------- https://github.com/nothings/stb/archive/3a1174060a7dd4eb652d4e6854bc4cd98c159200/stb-3a1174060a7dd4eb652d4e6854bc4cd98c159200.tar.gz : CHECKSUM(SHA256) this package : 7e1dfff854ca68ed324f6b1fcb55f8d365d41e23e931ef16057221f305a52b1d CHECKSUM(SHA256) upstream package : 7e1dfff854ca68ed324f6b1fcb55f8d365d41e23e931ef16057221f305a52b1d Requires -------- stb-devel (rpmlib, GLIBC filtered): stb_c_lexer-devel(x86-64) stb_c_lexer-static stb_connected_components-devel(x86-64) stb_connected_components-static stb_divide-devel(x86-64) stb_divide-static stb_ds-devel(x86-64) stb_ds-static stb_dxt-devel(x86-64) stb_dxt-static stb_easy_font-devel(x86-64) stb_easy_font-static stb_herringbone_wang_tile-devel(x86-64) stb_herringbone_wang_tile-static stb_hexwave-devel(x86-64) stb_hexwave-static stb_image-devel(x86-64) stb_image-static stb_image_resize-devel(x86-64) stb_image_resize-static stb_image_write-devel(x86-64) stb_image_write-static stb_include-devel(x86-64) stb_include-static stb_leakcheck-devel(x86-64) stb_leakcheck-static stb_perlin-devel(x86-64) stb_perlin-static stb_rect_pack-devel(x86-64) stb_rect_pack-static stb_sprintf-devel(x86-64) stb_sprintf-static stb_textedit-devel(x86-64) stb_textedit-static stb_tilemap_editor-devel(x86-64) stb_tilemap_editor-static stb_truetype-devel(x86-64) stb_truetype-static stb_vorbis-devel(x86-64) stb_vorbis-static stb_voxel_render-devel(x86-64) stb_voxel_render-static stb_c_lexer-devel (rpmlib, GLIBC filtered): stb_connected_components-devel (rpmlib, GLIBC filtered): stb_divide-devel (rpmlib, GLIBC filtered): stb_ds-devel (rpmlib, GLIBC filtered): stb_dxt-devel (rpmlib, GLIBC filtered): stb_easy_font-devel (rpmlib, GLIBC filtered): stb_herringbone_wang_tile-devel (rpmlib, GLIBC filtered): stb_hexwave-devel (rpmlib, GLIBC filtered): stb_image-devel (rpmlib, GLIBC filtered): stb_image_resize-devel (rpmlib, GLIBC filtered): stb_image_write-devel (rpmlib, GLIBC filtered): stb_include-devel (rpmlib, GLIBC filtered): stb_leakcheck-devel (rpmlib, GLIBC filtered): stb_perlin-devel (rpmlib, GLIBC filtered): stb_rect_pack-devel (rpmlib, GLIBC filtered): stb_sprintf-devel (rpmlib, GLIBC filtered): stb_textedit-devel (rpmlib, GLIBC filtered): stb_tilemap_editor-devel (rpmlib, GLIBC filtered): stb_truetype-devel (rpmlib, GLIBC filtered): stb_vorbis-devel (rpmlib, GLIBC filtered): stb_voxel_render-devel (rpmlib, GLIBC filtered): stb-doc (rpmlib, GLIBC filtered): Provides -------- stb-devel: stb-devel stb-devel(x86-64) stb-static stb_c_lexer-devel: stb_c_lexer-devel stb_c_lexer-devel(x86-64) stb_c_lexer-static stb_connected_components-devel: stb_connected_components-devel stb_connected_components-devel(x86-64) stb_connected_components-static stb_divide-devel: stb_divide-devel stb_divide-devel(x86-64) stb_divide-static stb_ds-devel: stb_ds-devel stb_ds-devel(x86-64) stb_ds-static stb_dxt-devel: stb_dxt-devel stb_dxt-devel(x86-64) stb_dxt-static stb_easy_font-devel: stb_easy_font-devel stb_easy_font-devel(x86-64) stb_easy_font-static stb_herringbone_wang_tile-devel: stb_herringbone_wang_tile-devel stb_herringbone_wang_tile-devel(x86-64) stb_herringbone_wang_tile-static stb_hexwave-devel: stb_hexwave-devel stb_hexwave-devel(x86-64) stb_hexwave-static stb_image-devel: stb_image-devel stb_image-devel(x86-64) stb_image-static stb_image_resize-devel: stb_image_resize-devel stb_image_resize-devel(x86-64) stb_image_resize-static stb_image_write-devel: stb_image_write-devel stb_image_write-devel(x86-64) stb_image_write-static stb_include-devel: stb_include-devel stb_include-devel(x86-64) stb_include-static stb_leakcheck-devel: stb_leakcheck-devel stb_leakcheck-devel(x86-64) stb_leakcheck-static stb_perlin-devel: stb_perlin-devel stb_perlin-devel(x86-64) stb_perlin-static stb_rect_pack-devel: stb_rect_pack-devel stb_rect_pack-devel(x86-64) stb_rect_pack-static stb_sprintf-devel: stb_sprintf-devel stb_sprintf-devel(x86-64) stb_sprintf-static stb_textedit-devel: stb_textedit-devel stb_textedit-devel(x86-64) stb_textedit-static stb_tilemap_editor-devel: stb_tilemap_editor-devel stb_tilemap_editor-devel(x86-64) stb_tilemap_editor-static stb_truetype-devel: stb_truetype-devel stb_truetype-devel(x86-64) stb_truetype-static stb_vorbis-devel: stb_vorbis-devel stb_vorbis-devel(x86-64) stb_vorbis-static stb_voxel_render-devel: stb_voxel_render-devel stb_voxel_render-devel(x86-64) stb_voxel_render-static stb-doc: stb-doc Generated by fedora-review 0.7.6 (b083f91) last change: 2020-11-10 Command line :/usr/bin/fedora-review -b 1987298 -m fedora-rawhide-x86_64 Buildroot used: fedora-rawhide-x86_64 Active plugins: Shell-api, Generic, C/C++ Disabled plugins: Ocaml, Java, R, Python, Ruby, fonts, PHP, Haskell, SugarActivity, Perl Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH > - There is no architecture-specific modification of these header files, right? > They're just installed exactly as they are in the souce tarball, I believe. > In that case, shouldn't the *-devel packages all be noarch? This is logical, but the packaging guidelines mandate and justify otherwise: https://docs.fedoraproject.org/en-US/packaging-guidelines/#_do_not_use_noarch > - The stb_image_write-devel and stb_sprintf-devel descriptions each contain a > percent sign, which should be doubled to tell RPM they aren't macros. Thanks. I will fix this. > - Some of the compiler warnings indicate real problems. […] Thank you for the detailed analysis of particular issues. I will comb through the compiler warnings and offer patches upstream as needed. I have added a build conditional to cease packaging the stb_include library: > # We choose not to package the “stb_include” library (stb_include.h) because it > # is so rife with old-school blithe C behavior—wanton use of strcat/strcpy into > # a fixed-length buffer that is assumed (but not proven) to be large enough for > # all possible uses, ignoring possible I/O errors (possibly leading to > # undefined behavior from reading uninitialized memory), and so on. Making it > # safe to use would mean a substantial rewrite. > # > # If a request for this library arises, this decision may be revisited, or the > # necessary rewrite may be done and offered upstream. For now, we omit the > # library and expect it will not be missed. > %bcond_with stb_include I also filed https://github.com/nothings/stb/issues/1193. I have patched some of the most serious and/or most easily fixed issues highlighted by the compiler warnings: https://github.com/nothings/stb/pull/1194 https://github.com/nothings/stb/pull/1195 https://github.com/nothings/stb/pull/1196 There are still some compiler warnings. Most are unused functions or variables—most of those related to preprocessor conditionals. Those warnings that still hint at real issues are difficult to evaluate. I filed one additional issue, https://github.com/nothings/stb/issues/1197. I am leaving this alone: > In file included from /usr/include/string.h:519, > from ../stb_ds.h:395, > from test_cpp_compilation.cpp:13: > In function 'memcpy', > inlined from 'stbi__getn(stbi__context*, unsigned char*, int)' at ../stb_image.h:1653:16, > inlined from 'stbi__parse_png_file(stbi__png*, int, int) [clone .constprop.0]' at ../stb_image.h:5123:28: > /usr/include/bits/string_fortified.h:29:33: warning: 'memcpy' specified bound between 18446744071562067968 and 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] > 29 | return __builtin___memcpy_chk (__dest, __src, __len, > | ~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~ > 30 | __glibc_objsize0 (__dest)); > | ~~~~~~~~~~~~~~~~~~~~~~~~~~ which I *think* is pointing out that a sufficiently large 32-bit unsigned chunk length may be cast to a negative int, which is then interpreted as a huge positive number of bytes to memcpy; but whether this can actually happen in practice is much harder to tell. (I ignore here the possibility that int could be shorter than 32 bits on some platform…) In any case, I’m sure that looking closely and turning over a few rocks (i.e., compiling with clang-analyzer/scan-build, or trying to fuzz some of the libraries) could reveal dozens of similar issues in short order. Still, let me know if you think there’s anything else I should deal with before proceeding with the package. Updated spec URL: https://music.fedorapeople.org/20210819/stb.spec Updated SRPM URL: https://music.fedorapeople.org/20210819/stb-0-0.1.20210728git3a11740.fc34.src.rpm I think the package is fine to proceed now. This package is APPROVED. Thanks for the review! (fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/stb FEDORA-2021-4aba8cab9b has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b FEDORA-2021-6acb7e859a has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a FEDORA-EPEL-2021-7b9152ada8 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-7b9152ada8 FEDORA-EPEL-2021-6f1cdf34bf has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf FEDORA-EPEL-2021-a17f963ef3 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 FEDORA-EPEL-2021-6f1cdf34bf has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-c1924562c9 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c1924562c9 FEDORA-2021-4aba8cab9b has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-4aba8cab9b \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-6acb7e859a has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-6acb7e859a \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-a17f963ef3 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-4aba8cab9b has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b FEDORA-2021-6acb7e859a has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a FEDORA-EPEL-2021-6f1cdf34bf has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf FEDORA-EPEL-2021-a17f963ef3 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 FEDORA-EPEL-2021-a17f963ef3 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-a17f963ef3 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-6f1cdf34bf has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-6f1cdf34bf See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-4aba8cab9b has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-4aba8cab9b \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-4aba8cab9b See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2021-6acb7e859a has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf install --enablerepo=updates-testing --advisory=FEDORA-2021-6acb7e859a \*` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-6acb7e859a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2021-6f1cdf34bf has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2021-4aba8cab9b has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2021-6acb7e859a has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2021-a17f963ef3 has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report. |