Bug 2144864
| Summary: | Review Request: safeint - Class library for C++ that manages integer overflows | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Diego Herrera <dherrera> |
| Component: | Package Review | Assignee: | Alejandro Alvarez <a.alvarezayllon> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | a.alvarezayllon, package-review |
| Target Milestone: | --- | Flags: | a.alvarezayllon:
fedora-review+
|
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-12-13 01:43:10 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2021459 | ||
|
Description
Diego Herrera
2022-11-22 15:30:36 UTC
Hi,
Unfortunately, safe_math.h conflicts with a file identically named provided by csmith-devel. They are not the same.
They could be installed into /usr/include/SafeInt
As for %check, tests are compiled but they are not run with %ctest. This is only a "should".
MUST
[!]: Package does not generate any conflict.
SHOULD
[!]: %check is present and all tests pass.
Package Review
==============
Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed
===== MUST items =====
C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: If your application is a C or C++ application you must list a
BuildRequires against gcc, gcc-c++ or clang.
[x]: Header files in -devel subpackage, if present.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.
Generic:
[x]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[x]: License field in the package spec file matches the actual license.
[x]: %build honors applicable compiler flags or justifies otherwise.
[x]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[x]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
names).
[x]: Package is named according to the Package Naming Guidelines.
[!]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
license(s) in its own file, then that file, containing the text of the
license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package must not depend on deprecated() packages.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local
===== SHOULD items =====
Generic:
[-]: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: Sources are verified with gpgverify first in %prep if upstream
publishes signatures.
Note: gpgverify is not used.
[-]: Package should compile and build into binary rpms on all supported
architectures.
[!]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed
files.
[x]: Spec use %global instead of %define unless justified.
Note: %define requiring justification: %define autorelease(e:s:pb:n)
%{?-p:0.}%{lua:
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Sources can be downloaded from URI in Source: tag
[x]: SourceX is a working URL.
===== EXTRA items =====
Generic:
[x]: Rpmlint is run on all installed packages.
Note: No rpmlint messages.
[x]: Large data in /usr/share should live in a noarch subpackage if package
is arched.
Rpmlint
-------
Cannot parse rpmlint output:
Rpmlint (installed packages)
----------------------------
============================ rpmlint session starts ============================
rpmlint: 2.4.0
configuration:
/usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml
/etc/xdg/rpmlint/fedora-legacy-licenses.toml
/etc/xdg/rpmlint/fedora-spdx-licenses.toml
/etc/xdg/rpmlint/fedora.toml
/etc/xdg/rpmlint/scoring.toml
/etc/xdg/rpmlint/users-groups.toml
/etc/xdg/rpmlint/warn-on-functions.toml
checks: 31, packages: 1
1 packages and 0 specfiles checked; 0 errors, 0 warnings, 0 badness; has taken 0.0 s
Source checksums
----------------
https://github.com/dcleblanc/SafeInt/archive/3.0.27/SafeInt-3.0.27.tar.gz :
CHECKSUM(SHA256) this package : 489abb253514f819adb7e3aab3273b184c484dfe082fbe2166de2fd3a88dfb2b
CHECKSUM(SHA256) upstream package : 489abb253514f819adb7e3aab3273b184c484dfe082fbe2166de2fd3a88dfb2b
Requires
--------
safeint-devel (rpmlib, GLIBC filtered):
Provides
--------
safeint-devel:
safeint-devel
safeint-devel(x86-64)
safeint-static
Generated by fedora-review 0.9.0 (6761b6c) last change: 2022-08-23
Command line :/usr/bin/fedora-review -n safeint
Buildroot used: fedora-rawhide-x86_64
Active plugins: C/C++, Shell-api, Generic
Disabled plugins: Ocaml, Java, SugarActivity, R, Perl, Python, PHP, fonts, Haskell
Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH
Spec URL: https://download.copr.fedorainfracloud.org/results/dherrera/SafeInt/fedora-37-x86_64/05078231-safeint/safeint.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/dherrera/SafeInt/fedora-37-x86_64/05078231-safeint/safeint-3.0.27-3.fc37.src.rpm Solved both reported issues. Here is the spec file diff https://gitlab.com/dherrera_rpms/safeint/-/compare/14ca2c6f...main?from_project_id=41257346&straight=false Hello, The spec file is missing a %dir /usr/include/SafeInt Spec URL: https://download.copr.fedorainfracloud.org/results/dherrera/SafeInt/fedora-rawhide-aarch64/05089023-safeint/safeint.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/dherrera/SafeInt/fedora-rawhide-aarch64/05089023-safeint/safeint-3.0.27-4.fc38.src.rpm fixed :)! Mmmm, unfortunately the tests fail with an abort on i686. I have spent a bit debugging, and it seems the compilation flag -ftrapv set by Fedora steps on SafeInt handling of overflows. With that flag, gcc calls __mulvdi3 when using __builtin_smulll_overflow, which aborts the execution on overflow. SafeInt expects a boolean flagging the overflow [1]. I would override the build flags and drop this one on i686 [2], justifying why. [1] https://github.com/dcleblanc/SafeInt/blob/92b8e813ab944c767f4b30b80d3eeb79e3b0c999/SafeInt.hpp#L1770 [2] https://fedoraproject.org/wiki/User:Tibbs/SensitiveSpecs#Compiler_flags For the record: https://koji.fedoraproject.org/koji/taskinfo?taskID=95059203 On second thought, maybe the execution of the tests could be skipped for i686. The flag does not affect the resulting rpm itself. I knew the thing about i686, but didn't do anything about it since it's not a supported arch on Fedora. I can still mark the test not to run on i686 though. * https://docs.fedoraproject.org/en-US/packaging-guidelines/#_architecture_support * https://fedoraproject.org/wiki/Architectures#Primary_Architectures They are still built for i686 (multilib), so a release would fail if the build for i686 fails.
IIRC, there was some discussion about stopping to do this by default. Maybe just add an ExcludeArch: %{ix86}? I agree it does not make much sense to ship it for 32 bits.
Spec URL: https://download.copr.fedorainfracloud.org/results/dherrera/SafeInt/fedora-rawhide-aarch64/05112768-safeint/safeint.spec SRPM URL: https://download.copr.fedorainfracloud.org/results/dherrera/SafeInt/fedora-rawhide-aarch64/05112768-safeint/safeint-3.0.27-5.fc38.src.rpm Added ExcludeArch: %{ix86} to the spec file Looks good now! Build: https://koji.fedoraproject.org/koji/taskinfo?taskID=95101798 Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. [x]: Header files in -devel subpackage, if present. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. [-]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [-]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. i686 excluded, but this is acceptable since multilib support is not relevant [-]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 10240 bytes in 1 files. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [-]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [x]: Packages should try to preserve timestamps of original installed files. [x]: Spec use %global instead of %define unless justified. Note: %define requiring justification: %define autorelease(e:s:pb:n) %{?-p:0.}%{lua: [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: No rpmlint messages. [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Cannot parse rpmlint output: Rpmlint (installed packages) ---------------------------- ============================ rpmlint session starts ============================ rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 1 1 packages and 0 specfiles checked; 0 errors, 0 warnings, 0 badness; has taken 0.0 s Source checksums ---------------- https://github.com/dcleblanc/SafeInt/archive/3.0.27/SafeInt-3.0.27.tar.gz : CHECKSUM(SHA256) this package : 489abb253514f819adb7e3aab3273b184c484dfe082fbe2166de2fd3a88dfb2b CHECKSUM(SHA256) upstream package : 489abb253514f819adb7e3aab3273b184c484dfe082fbe2166de2fd3a88dfb2b Requires -------- safeint-devel (rpmlib, GLIBC filtered): Provides -------- safeint-devel: safeint-devel safeint-devel(x86-64) safeint-static Generated by fedora-review 0.9.0 (6761b6c) last change: 2022-08-23 Command line :/usr/bin/fedora-review -b 2144864 Buildroot used: fedora-rawhide-x86_64 Active plugins: Generic, C/C++, Shell-api Disabled plugins: Perl, Ocaml, SugarActivity, R, PHP, Haskell, Java, Python, fonts Disabled flags: EPEL6, EPEL7, DISTTAG, BATCH, EXARCH (fedscm-admin): The Pagure repository was created at https://src.fedoraproject.org/rpms/safeint FEDORA-2022-5c4e9e7871 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2022-5c4e9e7871 FEDORA-2022-5c4e9e7871 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report. |