build: CUDA 13 + oneAPI 2025.3 + clang-format 22 + black 26 (3/5)#7
Merged
build: CUDA 13 + oneAPI 2025.3 + clang-format 22 + black 26 (3/5)#7
Conversation
This was referenced Apr 16, 2026
lusoris
force-pushed
the
pr-stack-02-coverage-vpl-release
branch
from
6c5bd0d to
b8045b2
Compare
lusoris
changed the base branch from
pr-stack-02-coverage-vpl-release
to
master
Three defects in the VA-API readback fallback path: - malloc result was passed unchecked to vaQueryImageFormats; on OOM this was a null-deref in the libva driver. - vaMaxNumImageFormats negative/zero returns were multiplied into a size_t allocation, masking the failure. - vaQueryImageFormats return status was discarded; a partial failure would leak uninitialised stack into the format scan loop. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
oneAPI 2025.0 was an ABI-breaking release, and unversioned apt installs were pulling whatever was current — bad for reproducible builds and risky for users who pin against a built-from-CI artifact. Pin the apt meta to the 2025.3 minor and clone level-zero at v1.28.0 (current stable). Applies to libvmaf.yml, ffmpeg.yml, and the Dockerfile. Document the versions in sycl_bundling.md and note the UR_L0_USE_IMMEDIATE_COMMANDLISTS=0 escape hatch for Arc A-Series / DG2 users — 2025.3 enables L0 v2 by default on Xe2, which can regress on older hardware. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CUDA 13.0 (2025-08-04) drops support for Maxwell/Pascal/Volta (sm_50/60/70). libvmaf/src/meson.build already guards the sm_50 gencode behind a `<13` version check, so there is no source change needed. Minimum NVIDIA driver for 13.x is >= 580. Keeps Jimver/cuda-toolkit pin at v0.2.35; only the `cuda:` input bumps. CUDA 13.2 Update 1 (Apr 2026) is the absolute latest but is a point release on a fresh major — 13.0 is the conservative target. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Main Dockerfile: ubuntu:22.04 + 'nvidia-cuda-toolkit' (CUDA 11.5 from apt) -> nvidia/cuda:13.0.2-devel-ubuntu24.04, digest-pinned. Ubuntu's packaged CUDA was two major versions behind CI; the NVIDIA base gives us nvcc + cudart matching the Jimver/cuda-toolkit@13.0.0 we just pinned in libvmaf.yml, so container and CI now share a CUDA ABI. NVCC_FLAGS in Dockerfile + Dockerfile.ffmpeg: previously only sm_75 (Turing). Broadened to sm_75 + sm_80 + sm_90 + sm_120 to cover Ampere, Hopper, and consumer Blackwell, with a final compute_120 PTX for forward compat. CUDA 13 dropped sm_50/60/70, so nothing below Turing is valid anyway. mcp-server/vmaf-mcp/Dockerfile: digest-pin both ubuntu:24.04 stages. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace legacy `apt-key add -` with the signed-by keyring pattern
(apt-key was deprecated in Ubuntu 22.04+).
- Add `SHELL ["/bin/bash", "-o", "pipefail", "-c"]` before RUNs with
pipes (DL4006).
- Convert `cd && ...` patterns to WORKDIR for the nv-codec-headers,
FFmpeg, and libvmaf build stages (DL3003).
- Quote `$(nproc)` and `${SYCL_FLAG}` expansions (SC2086).
- Replace the SC2015 `A && B || C` idiom with an explicit `if`.
- Add `--no-install-recommends` to the Dockerfile.ffmpeg apt install
(DL3015) and drop /var/lib/apt/lists afterwards (DL3009).
- Suppress DL3006/DL3007 on `FROM vmaf:latest` in Dockerfile.ffmpeg
(the vmaf image is built locally from the main Dockerfile; there
is no upstream release tag to pin).
- Suppress DL3008 on apt installs: pinning every patch version breaks
on every Ubuntu security update.
All three Dockerfiles now pass hadolint with no warnings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pin floating majors on third-party actions to specific patches: - gitleaks-action @v2 -> @v2.3.9 - release-please-action @v4 -> @v4.4.1 Bump ONNX Runtime in the dnn CI job 1.20.0 -> 1.22.2. 1.24.x is current latest but fresh; 1.22 is two minors newer than what we had and stable. Migrate Sigstore signing to cosign-installer v4 + cosign v3: - cosign-installer @V3 -> @v4.1.1 - cosign-release v2.4.0 -> v3.0.6 - sign-blob now produces a single `.bundle` file (signature + cert + Rekor entry) instead of the legacy split `.sig` + `.pem` pair. - Drop the now-unused COSIGN_EXPERIMENTAL=1 env (keyless is stable). - Update README.md, SECURITY.md, docs/tiny-ai/security.md to document `cosign verify-blob --bundle <f>.bundle <f>`. GitHub-official actions (checkout, setup-python, upload-artifact, dependency-review-action, codeql-action, deploy-pages) stay on their current @vn floating majors — those are maintained by GitHub itself and have a strong compat track record. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bumps hooks that don't rewrite user code: - pre-commit-hooks v4.6.0 -> v6.0.0 (no hooks we use were removed) - ruff-pre-commit v0.6.5 -> v0.15.10 (switch id ruff -> ruff-check) - shfmt v3.9.0-1 -> v3.13.1-1 - shellcheck-py v0.10.0.1 -> v0.11.0.1 - gitleaks v8.18.4 -> v8.30.1 - conventional-pre-commit v3.4.0 -> v4.4.0 (--strict retains v3 behavior of failing on merge commits; our args still parse) Formatters (black, isort, clang-format) deliberately left pinned for now to avoid a repo-wide reformat landing in the same patch; those will move in a dedicated commit alongside any resulting format churn. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Drift accumulated as workflows were added at different times — some on v4-era actions, some on v6. Unify the low-risk ones so every workflow runs on the same Node 24 / latest-major baseline: - actions/checkout v4 -> v6 (all 7 stragglers) - actions/setup-python v5 -> v6 (lint.yml) - actions/cache v4 -> v5 (windows.yml) - actions/upload-pages-artifact v3 -> v5 (docs.yml) - actions/deploy-pages v4 -> v5 (docs.yml) - softprops/action-gh-release v2 -> v3 (supply-chain.yml; Node 24) actions/upload-artifact and download-artifact are intentionally left at @v4 — v7/v8 are brand-new and the v4 line is the well-tested floor. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pin-only bump. Do NOT mass-reformat the existing C/C++/CUDA tree: - Upstream Netflix/vmaf has no .clang-format file — the fork's config is an approximation of their manual style, not a round-trip guarantee. - Running clang-format v22 across all 305 tracked sources would rewrite 265 of them, destroying intentional manual alignment (aligned #define columns, chosen line-breaks) and adding perpetual churn to every /sync-upstream (since upstream files arrive in a non-formatter shape). - The pre-commit hook still runs per-touched-file, so any file a future commit touches will be brought to v22 style at that point. If a wholesale reformat is ever desired, it belongs in a dedicated commit that's explicitly excluded from git-blame via .git-blame-ignore-revs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The previous extra-files entry targeted libvmaf/include/libvmaf/version.h.in, but that file is a meson template — @VMAF_API_VERSION_MAJOR@ etc. are substituted at build time from libvmaf/meson.build's `version : ...` declaration. release-please's generic replacer also needs an `x-release-please-version` comment marker, which neither file had, so on every tag the version bump was silently skipped. - Add `# x-release-please-version` marker next to the version string in libvmaf/meson.build (the true source of truth for libvmaf SO version, exported into version.h.in via meson). - Retarget extra-files to libvmaf/meson.build. The three `release-type: python` packages (ai, dev-llm, mcp-server/vmaf-mcp) still declare extra-files pointing at their pyproject.toml; those are redundant (the python strategy auto-detects `version = "..."`) but harmless and left untouched to avoid behavior drift. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Run `make format` with clang-format 22.1.3. Mechanical reformat only — no semantic changes. Backfilled into .git-blame-ignore-revs in the follow-up chore commit so `git blame` continues to point at authorship. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Run `make format` with black 26.3.1 and isort 8.0.1. Mechanical reformat only — no semantic changes. Includes python/vmaf/, ai/, mcp-server/, and the cython adm_dwt2_cy.pyx file. Backfilled into .git-blame-ignore-revs in the follow-up chore commit so `git blame` continues to point at authorship. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Pin the two mechanical reformat SHAs (clang-format 22, black 26 + isort 8) so `git blame` skips them and continues to point at the original authors of each line. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
lusoris
force-pushed
the
pr-stack-03-toolchain-bumps-formatting
branch
from
c296f37 to
0d0e618
Compare
lusoris
pushed a commit
that referenced
this pull request
Apr 18, 2026
Ports the integer ADM updates from upstream Netflix/vmaf 966be8d (Apr 17, 2026, "libvmaf/feature: port adm updates"): - libvmaf/src/feature/integer_adm.{c,h} — extended ADM kernel signatures to thread Barten-CSF parameters through the call chain. - libvmaf/src/feature/x86/adm_avx2.{c,h} — AVX2 SIMD path updates. - libvmaf/src/feature/x86/adm_avx512.{c,h} — AVX-512 SIMD path updates. - libvmaf/src/feature/barten_csf_tools.h — new shared header (Netflix copyright bumped 2016-2023 -> 2016-2026 to match fork convention). - libvmaf/src/feature/alias.c — feature-name alias updates. Strategy: cherry-pick failed cleanly because PR #7 (`a7be84cb`, `build: CUDA 13 + oneAPI 2025.3 + clang-format 22 + black 26`) mass-reformatted the same 7 files via clang-format 22, putting our master and upstream out of textual alignment by 5K+ lines. Resolved by taking upstream's content wholesale (`git checkout 966be8d -- <file>`) and re-running clang-format 22 over the result, preserving fork style. Verification: - 27/27 libvmaf C unit tests pass. - Netflix golden (normal pair, 8-bit 576x324): VMAF mean 76.668904824436865 vs golden 76.66890519623612 (Δ ≈ 3.7e-7, within places=4 tolerance). Refs CLAUDE.md §10 (port-upstream-commit), CLAUDE.md §8 (Netflix golden gate as source of truth). Co-authored-by: Lusoris <lusoris@pm.me> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
3 tasks
lusoris
added a commit
that referenced
this pull request
Apr 18, 2026
* feat(libvmaf/feature): port upstream ADM updates (Netflix 966be8d) Ports the integer ADM updates from upstream Netflix/vmaf 966be8d (Apr 17, 2026, "libvmaf/feature: port adm updates"): - libvmaf/src/feature/integer_adm.{c,h} — extended ADM kernel signatures to thread Barten-CSF parameters through the call chain. - libvmaf/src/feature/x86/adm_avx2.{c,h} — AVX2 SIMD path updates. - libvmaf/src/feature/x86/adm_avx512.{c,h} — AVX-512 SIMD path updates. - libvmaf/src/feature/barten_csf_tools.h — new shared header (Netflix copyright bumped 2016-2023 -> 2016-2026 to match fork convention). - libvmaf/src/feature/alias.c — feature-name alias updates. Strategy: cherry-pick failed cleanly because PR #7 (`a7be84cb`, `build: CUDA 13 + oneAPI 2025.3 + clang-format 22 + black 26`) mass-reformatted the same 7 files via clang-format 22, putting our master and upstream out of textual alignment by 5K+ lines. Resolved by taking upstream's content wholesale (`git checkout 966be8d -- <file>`) and re-running clang-format 22 over the result, preserving fork style. Verification: - 27/27 libvmaf C unit tests pass. - Netflix golden (normal pair, 8-bit 576x324): VMAF mean 76.668904824436865 vs golden 76.66890519623612 (Δ ≈ 3.7e-7, within places=4 tolerance). Refs CLAUDE.md §10 (port-upstream-commit), CLAUDE.md §8 (Netflix golden gate as source of truth). Co-authored-by: Lusoris <lusoris@pm.me> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> * docs(rebase-notes): record upstream ADM port (entry 0012) Documents the wholesale-replace strategy used in the prior commit so that the next /sync-upstream run knows the eight ADM files are now in upstream-mirror state and the i4_adm_cm signature is the 13-arg version, not the 8-arg pre-port one. Refs ADR-0108. * fix(libvmaf/feature): MinGW build + CodeQL casts in barten_csf_tools.h Three follow-up fixes to the upstream ADM port (Netflix 966be8d) surfaced by PR #44 CI: 1. Strip trailing whitespace from the upstream copy (pre-commit's trailing-whitespace hook tripped). 2. Provide an `M_PI` fallback for MinGW (`<math.h>` only exposes `M_PI` when `_USE_MATH_DEFINES` is set before the include). Mirrors the convention already used in `adm_tools.h`, `integer_adm.h`, `ciede.c`, etc. Fixes `error: 'M_PI' undeclared` on the `build (MINGW64, mingw-w64-x86_64)` job. 3. Add `(double)` casts on four `float * float` chained-product sites (`linear_interpolate`, `barten_rod_cone_sens`, and the two `pow(... * ..., p)` calls in `barten_csf`) so the multiplications are evaluated at double precision before being widened. Silences four high-severity `cpp/integer-multiplication-cast-to-long` CodeQL alerts inherited from upstream. The casts are semantics-preserving: VMAF score on the Netflix golden normal pair (8-bit 576×324) remains 76.668904824436865, bit-identical to the prior commit. Documented as a fork-local deviation in inline comments so the next /sync-upstream run knows to keep them. Refs ADR-0108 (rebase-notes 0012), CLAUDE.md §10 (port-upstream-commit). * fix(libvmaf/feature): cast remaining float chains in barten_csf_tools.h Two more `(double)` casts to silence the last two `cpp/integer-multiplication-cast-to-long` CodeQL alerts: * `barten_mtf`: cast `barten_mtf_params_b[i]` to double inside `exp(-... * spatial_frequency)` so the inner product runs at double precision. * `barten_csf` return: cast `csf` to double so the four-term chained product `csf * barten_mtf() * barten_rod_cone_sens() * adm_csf_scale` runs at double throughout (the trailing `adm_csf_scale` is already double). Also adds braces around the `barten_mtf` for-loop body now that it spans multiple lines (Power-of-10 §3 / readability-braces-around-statements). VMAF golden score on the normal pair is unchanged: 76.668904824436865. --------- Co-authored-by: Kyle Swanson <kswanson@netflix.com> Co-authored-by: Lusoris <lusoris@pm.me> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stack position: 3 of 5 — base is `pr-stack-02-coverage-vpl-release` (#6). Merge #5 and #6 first.
Commits in this layer
Theme
Toolchain refresh + repo-wide reformat. CUDA 12.6 → 13.0, oneAPI pin to 2025.3, Level Zero 1.28.0, Docker base bumps with digest pinning, hadolint-clean Dockerfiles, third-party action SHA pins, cosign v4 bundle migration, and the big style-only commits (clang-format 22 for C/C++/CUDA; black 26 + isort 8 for Python). Blame-ignore backfill included so `git blame` skips the reformat.
Stack
Supersedes part of #3.
Test plan
🤖 Generated with Claude Code