@copilot rewrite line based and raw token pointer scanning/parsing to byte-stream based. see https://raw.githubusercontent.com/lighttransport/tinyusdz/refs/heads/release/src/stream-reader.hh for the reference.

rewrite IS_NEW_LINE, IS_SPACE, parse***, strspn, etc. to use the byte-stream based token parsing(add eof guard for each token consumption)

@copilot rewrite line based and raw token pointer scanning/parsing to byte-stream based. see https://raw.githubusercontent.com/lighttransport/tinyusdz/refs/heads/release/src/stream-rea...

Implemented in f2c657b and c57ed2c. The parser is now byte-stream based using a StreamReader class that wraps (const char *buf, size_t length) with EOF-guarded peek()/advance()/match() on every byte access.

Key changes:

• StreamReader class with eof(), peek(), advance(), skip_space(), skip_line(), at_line_end(), match(), peek_at(), remaining(), etc.
• sr_* parse functions (sr_parseString, sr_parseInt, sr_parseReal, sr_parseTriple, sr_parseRawTriple, etc.) all using StreamReader instead of raw const char** + strspn/strcspn
• Internal functions LoadMtlInternal, LoadObjInternal, LoadObjWithCallbackInternal take StreamReader& and do all parsing with byte-stream scanning
• safeGetline removed — StreamReader handles line-by-line byte scanning internally
• mmap paths construct StreamReader directly from mapped memory (no double-buffering)
• Old parse functions + IS_SPACE/IS_NEW_LINE macros preserved for ParseTextureNameAndOption public API backward compatibility

@copilot resolve conflicts nicely. basically accept both changes.

@copilot resolve conflicts nicely. basically accept both changes.

All changes from both release commits (#414, #415) have been manually integrated into our StreamReader-based branch in 5ef0c48:

• Windows long paths (Add Windows long path and Unicode file path support for .obj/.mtl loading #415): UTF8ToWchar/LongPathW helpers + #ifdef _WIN32 in all non-mmap std::ifstream fallback paths
• texcoord w-component (Fix texcoord_ws corruption, alpha_texname double-write, missing BOM strip in callback, and wrong test fixture path #414): vt_w vector + sr_parseReal for optional w + texcoord_ws.swap(vt_w) fix
• BOM in callback (Fix texcoord_ws corruption, alpha_texname double-write, missing BOM strip in callback, and wrong test fixture path #414): BOM check added to LoadObjWithCallbackInternal
• alpha_texname double-write (Fix texcoord_ws corruption, alpha_texname double-write, missing BOM strip in callback, and wrong test fixture path #414): already correct in our StreamReader version
• Test fix (Fix texcoord_ws corruption, alpha_texname double-write, missing BOM strip in callback, and wrong test fixture path #414): invalid-relative-texture-vertex-index.obj → invalid-relative-texture-index.obj
• All new test models and test functions added

All 51 tests pass. However, since I can't do git merge + git push, the git-level conflicts still show on GitHub. You'll need to merge release into this branch to resolve them — the content should match on both sides now.

@copilot code review[agent] Review changes with GPT-5.3-Codex

@copilot work on Low severity items.

Addressed in ea9bf10 and b62d3ba.

Changes made for each low severity item:

• Cppcheck suggested performance improvement #7 (read_token undocumented): Added doc comment marking it as a utility/test method.
• Some small additions... #9 (line_no vs line_num): Renamed line_no → line_num in LoadMtlInternal to match LoadObjInternal.
• added clearing of unknown parameters map #6 (duplicate advance loop in sr_parseTagTriple): Extracted into sr_skipTagField() helper.
• add missing includes #10 (mmap code duplication): Introduced RAII MappedFile struct with open()/close()/destructor, replacing ~250 lines of duplicated platform-specific mmap logic with ~5 lines per call site. Uses an is_mapped flag to safely distinguish empty-file string literals from actual mapped regions.
• Added a Cmake build system configuration #8 (callback path non-error overload): Left as-is — the callback API is intentionally fire-and-forget per the existing contract, changing it could break user code that relies on the callback path not halting on malformed data.
• set default material #11 (ParseTextureNameAndOption legacy): Noted for future refactoring, no change.

All 51 tests pass (both standard and TINYOBJLOADER_USE_MMAP modes). CodeQL: 0 alerts.

@copilot run comprehensive review again, now GPT-5.3-Codex

@copilot run comprehensive review again, now GPT-5.3-Codex

Ran a comprehensive GPT-5.3-Codex review on 496cd28.

Findings:

• Medium: StreamReader(std::istream&) still forces parsing from stream start (seekg(0, beg)), so non-zero stream offsets are ignored (tiny_obj_loader.h:786-809).
• Medium: stream-based load paths buffer entire input into memory, which can amplify memory usage on very large/untrusted streams (tiny_obj_loader.h:786-809, used by LoadObj/callback/material stream paths).
• Low: missing regression tests for non-zero stream offsets and very large stream behavior (tests/tester.cc:1850-2045).

Also checked recent Actions runs/logs for this branch; latest Unit Tests run is passing, with no failed jobs in recent action_required runs.

No UI changes in this PR (no screenshot).

@copilot run comprehensive review again, now GPT-5.3-Codex

Ran a comprehensive GPT-5.3-Codex review on 496cd28.

Findings:

• Medium: StreamReader(std::istream&) still forces parsing from stream start (seekg(0, beg)), so non-zero stream offsets are ignored (tiny_obj_loader.h:786-809).
• Medium: stream-based load paths buffer entire input into memory, which can amplify memory usage on very large/untrusted streams (tiny_obj_loader.h:786-809, used by LoadObj/callback/material stream paths).
• Low: missing regression tests for non-zero stream offsets and very large stream behavior (tests/tester.cc:1850-2045).

@copilot do all these

@copilot run comprehensive review again, now GPT-5.3-Codex
...

Implemented in d5aac19.

Done all three items:

• StreamReader(std::istream&) now reads from the current stream position (no forced rewind to beginning).
• Added bounded stream-read protection (TINYOBJLOADER_STREAM_READER_MAX_BYTES) and error propagation so oversized stream inputs fail cleanly instead of attempting unbounded buffering.
• Added regression tests:
  • test_stream_load_from_current_offset
  • test_stream_load_rejects_oversized_input

Validation:

• Targeted tests for the new cases passed.
• Full make check passed.
• CodeQL: 0 alerts.

No UI changes in this PR (no screenshot).

@copilot deeply review. make this time final round.

@copilot deeply review. make this time final round.

Final deep review completed and fixes applied in 9b6d594.

I found and fixed a high-severity callback/material-loading issue:

• MaterialFileReader / MaterialStreamReader now correctly propagate LoadMtlInternal failure instead of always returning success.
• LoadObjWithCallbackInternal now guards mtllib_cb with !materials.empty() to avoid materials.at(0) out_of_range on failed/empty material loads.
• Added regression test test_loadObjWithCallback_mtllib_failure_does_not_crash.

Validation:

• Targeted tests passed.
• Full make check passed.
• Code review: no comments.
• CodeQL: 0 alerts.

No UI changes in this PR (no screenshot).

@copilot deeper review again. final stage 2. maximum effort. ultrathink.

@copilot deeper review again. final stage 2. maximum effort. ultrathink.

Completed stage-2 deep review and applied fixes in 14e6a5a.

Key findings and fixes:

• Fixed mtllib whitespace-only handling: empty tokens are now filtered before processing, so whitespace-only mtllib no longer triggers material loading attempts.
• Added regression tests:
  • test_mtllib_empty_filename_is_ignored_loadobj
  • test_mtllib_empty_filename_is_ignored_callback
• Enforced TINYOBJLOADER_STREAM_READER_MAX_BYTES on mmap-backed OBJ/MTL paths for parity with istream size limits.

Validation:

• Targeted tests passed.
• Full make check passed.
• Code review run completed.
• CodeQL: 0 alerts.
• Recent Actions runs on this branch show action_required with no failed jobs/log failures returned.

No UI changes in this PR (no screenshot).

@copilot further deep code review. final stage 3

@copilot further deep code review. final stage 3

Completed final stage-3 deep review and pushed fixes in 07d2c25.

Applied improvements:

• Fixed SplitString so non-escape backslashes are preserved (prevents mtllib path corruption like subdir\file.mtl).
• Hardened stream chunk-limit check against size_t overflow in StreamReader(std::istream&).
• Added regression test: test_split_string_preserves_non_escape_backslash.

Validation:

• Baseline and post-change full make check passed.
• Targeted tests passed.
• Code review: no comments.
• CodeQL: 0 alerts.
• Recent Actions runs on this branch still show action_required with no failed jobs/log failures returned.

No UI changes in this PR (no screenshot).