What do do regarding the freeze?
Martin Steghöfer
martin at steghoefer.eu
Wed Nov 5 18:21:44 UTC 2014
Hi Petter!
Petter Reinholdtsen wrote:
> No-one with comments about these questions?
Yes, I do have comments. I'm just a little busy with (paid) work right
now. I'm sorry for the delay.
> Try to get them past the release
> managers into Jessie, or hold them back and upload to experimental in
> the mean time?
In the case of "holding back" you are suggesting "experimental" instead
of "unstable", so we keep "unstable" clean of changes we won't get into
Jessie, so we can easily fix possible RC bugs via "unstable" during the
freeze?
> The changes to libvorbis is probably possible to get past the release
> managers.
I agree. An invalid memory access can crash the whole application that
uses it, so that could qualify for severity "important".
> I am more unsure about vorbis-tool, as the changes at first
> sight seem to be quite extensive. In reality, it is partly patch
> renaming and a few new patches. Martin, do you feel like trying to
> get the vorbis-tools changes past the release managers?
Not in its current shape. Not only does the patch refactoring obstruct
the view of the actual changes (and should be excluded, as you said) and
is actually something mentioned explicitly as "Don't" in the freeze
policy, but some of the actual fixes can also be seen of minor
importance. I'd do the following about the 4 commits that haven't been
released yet:
1. Patch refactoring: Should clearly be excluded.
2. Sampling rate sanity check to avoid crash: I don't think I can
justify a priority above "normal" for this one. Although the bug can
make the program crash, it only does so for files that wouldn't have
been transcoded anyway. It's also about a stand-alone application, so
the crash doesn't have an effect that goes beyond not transcoding the
file. Apart from the error message there is no difference from the user
perspective. The only reason why this got reported at all is that Mayhem
specifically looked for weaknesses.
3. Ogg123 freeze when interrupting at EOS: This has a realistic chance
to be included. The program freeze has a realistic chance to happen (it
doesn't take a very precise timing to evoke it) and although the freeze
always happens at the end of a file, there may be more files in the
current playlist. I think this qualifies for severity "important".
4. Documentation of "-f + -d": This isn't very important in itself, but
could "slip in" together with patch 3 as "documentation fixes, via TPU
when included with other TPU-applicable fixes." (criterion IV of the
freeze policy).
So I'd prepare a release for the changes 3 and 4 in a separate branch,
upload that to unstable and try to get it into testing. Does that sound
reasonable?
Cheers,
Martin
More information about the pkg-xiph-maint
mailing list