On Thu, Mar 24, 2016 at 4:48 AM, Nick Wellnhofer <[email protected]> wrote:
> [ ] +1 Release RC 2 as Apache Clownfish 0.5.0. > [ ] +0 > [ ] -1 Do not release RC 2 as Apache Clownfish 0.5.0 because... -0, withholding approval until an issue with Str_To_F64 is resolved, see below. Sums and sigs OK. Tests pass on OS X and Amazon Linux with Lucy's test_all.sh. I confirmed that the release tarball matches the RC git tag. I inspected the diff between RC1 and RC2 and everything looks good. The copyright date has been updated. The vast majority of the compiler warnings are gone -- yay! There are still some unused var warnings under the Perl bindings, which are addressed on master. Not a big deal. The `test_valgrind` build target passes for the Perl bindings of both CFC and the Clownfish runtime. However... A problem with a Str_To_F64 has been revealed by Lucy's `test_valgrind` target. There's a call to `strtod` in Clownfish's Str_To_F64 reads past the end of the buffer consistently now that the nul-termination is gone from Clownfish's String implementation. See here for the fix on master: https://github.com/apache/lucy-clownfish/commit/4dab61a57 This wasn't a critical problem in 0.4.x and earlier because while it was possible to read beyond the end of the String's logical content in esoteric cases (such as a substring), even then the actual C buffer was always nul-terminated and `strtod` would always stop. What's different in 0.5.x is that `strtod` can actually read into invalid memory. I think we may want to cherry-pick that commit and put up a new RC. Sorry for not flagging this earlier. Marvin Humphrey
