Created attachment 170751 [details] Chicken updates diff The latest version of Chicken Scheme (4.11.0) has been released! The release notes are available here: http://code.call-cc.org/releases/4.11.0/NEWS-4.11.0. Here is the summary for this version from that page: 4.11.0 - Security fixes - Specialisation rules for string-{ref,set!}, bit-set? and move-memory no longer use unchecked C functions which could result in undefined behaviour, including buffer overruns (#1216). - Platform support - CHICKEN now supports the Linux X32 ABI (thanks to Sven Hartrumpf). - Runtime system: - The calling convention of CPS procedures has been changed to use "argument vectors" instead of C calling convention. - The C API of C_values(), C_do_apply() and how to invoke CPS functions has changed. The C_procN() macros have disappeared. The manual example in "Accessing external objects" for C_values has been updated. See also the "numbers" egg for examples on how to support pre- and post-4.10.1 CHICKENs simultaneously. - Apply hack is no longer used; the limitation of 128 arguments has been lifted for platforms which had no apply hack. - Increased the "binary compatibility version" to 8. - Delivery of signals in other OS-level threads is now dealt with in a more robust way (#1232) (thanks to Joerg Wittenberger). - Compiled programs with large literals won't crash on startup (#1221). - Comparisons of closures now behave in a stable way, whether or not the code was compiled with the -no-lambda-info option (#1041). - The signal handling code can no longer trigger "stack overflow" or "recursion too deep or circular data encountered" errors (#1283). - Compiler: - Specializations on implicit "or" types like "number" or "boolean" now work, removing the requirement for the inferred types to match declared types exactly. Specializations are matched from first to last to resolve ambiguities (#1214). - Compiler rewrites for char{<,>,<=,>=,=}? are now safe (#1122). - When requesting to emit import libraries that don't exist, the compiler now gives an error instead of quietly continuing (#1188). - Don't silently truncate huge literals (thanks to Claude Marinier). - Core libraries - try-compile from setup-api cleans up temporary output files (#1213). - SRFI-18: thread-join! no longer gives an error when passed a thread in the "sleeping" state (thanks to Joerg Wittenberger) - SRFI-18: mutex-lock! will not set ownership of mutexes when passed #f as the owner (#1231), not disown a mutex from owner if locking fails for timeout and not keep the last thread which held a mutex until the next lock (thanks to Joerg Wittenberger). - SRFI-39: When a parameter's "guard" procedure raises an exception, "parameterize" now correctly resets the original values of all parameters (fixes #1227, thanks to Joo ChurlSoo). - Irregex has been updated to 0.9.4, which fixes severe performance problems with {n,m} repeating patterns (thanks to Caolan McMahon). - Unit "posix": The following posix procedures now work on port objects: file-stat, file-size, file-owner, file-permissions, file-modification-time, file-access-time, file-change-time, file-type and all procedures using file-type. These are: regular-file?, symbolic-link?, block-device?, character-device? fifo? and socket?. - Unit "posix": When "file-close" is interrupted it will retry, to avoid leaking descriptors (thanks to Joerg Wittenberger). - Unit "data-structures": alist-{update[!],ref} were made consistent with srfi-1 in the argument order of comparison procedures. - Unit "lolevel": locative-ref has been fixed for locatives of u32 and s32vectors (thanks to Joerg Wittenberger for pointing this out). - string->number now signals exceptions if passed a bad base instead of segfaulting (#1272; reported by "Tilpner" on IRC). - Tools - A debugger is now available, known as "feathers", which allows basic source-level debugging of compiled Scheme code. - A statistical profiler has been added, enabling sampling-based runtime profiling of compiled programs. - "chicken-install" - When installing eggs in deploy mode, already satisfied dependencies aren't reinstalled every time (#1106). - "chicken-uninstall" - -prefix and -deploy options were added, matching chicken-install. - "chicken-status" - -prefix and -deploy options were added, matching chicken-install. - The -sudo and -s options for chicken-install and chicken-uninstall now honor a "SUDO" environment variable (thanks to Timo Myyrä). - Syntax expander - Mixed internal define/define-values are now correctly ordered, so later defines can refer to earlier define-values (#1274).
The Chicken team mentioned that there is an optional dependency on tcl/tk for one of the binaries here (feathers). Is there a good way to express that in the port?
(In reply to Phil Eaton from comment #1) > The Chicken team mentioned that there is an optional dependency on tcl/tk > for one of the binaries here (feathers). Is there a good way to express that > in the port? It depends on in what way it is optional. What is this binary, what can it do without tcl/tk, what can it do with tcl/tk? The options roughly are: - always add tcl/tk dependency - make binary and dependency optional at the same time - make just dependency optional
Thanks, Phil. Give me some time to look into the Tcl/Tk dependency (I don't have a FreeBSD desktop near me at the moment, so it may take a few days).
Created attachment 170837 [details] chicken-4.11.0.diff Here's an updated patch. It's the same as Phil made, except all the feathers-related files are now behind an option, and a dependency on the 'wish' command is added when the option is on.
Vitaly, looks good! Thanks for taking a look and figuring out a good way to deal with the optional FEATHER dependencies.
Vitaly, one last thing. The archive lib/libchicken.a should not be included in the list of files to strip in the Makefile. Try running `objdump -t /usr/local/lib/libchicken.a`. Then try running `objdump -t /usr/ports/lang/chicken/work/libchicken.a` (or wherever you're working on it). So in the Makefile, the line that reads: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libchicken* Should be two lines reading: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libchicken.so ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libchicken.so.8 If this needs to be in a separate bug report that is fine with me. You cannot statically compile chicken files without this. Thanks!
Created attachment 170854 [details] chicken-4.11.0.diff You're right, don't know what I was thinking. Here's an updated patch. (There's no need to strip libchicken.so though, as it is a symlink).
Vitaly, thanks. If your latest patch improves upon and obsoletes Phil's, please kindly mark it as maintainer-approval+ and obsolete the other one. ;)
Vitaly, great thanks! Does the port epoch need to be incremented? I'm still new to this.
Vladimir, where do I click to obsolete the first patch? Phil PORTEPOCH is for working around the rare cases when port version decreased with a new release; you must be thinking about PORTREVISION. No need to increase it now, since nothing here was committed yet.
(In reply to Vitaly Magerya from comment #10) Vitaly, when you upload a new patch, you can select to obsolete any of the existing one on the upload page. Otherwise you'd have to click Details, then Edit Details and check the Obsolete checkbox. Hope this helps.
Vladimir, I get no "edit details" for Phil's patch, only for my own.
Ah, permissions maybe. Let me do it then. Anyway I just wanted to throw some hints about future uploads. ;)
Awesome everyone! Does anything more need to happen before this patch will be accepted?
A commit references this bug: Author: riggs Date: Sat Jun 4 18:44:33 UTC 2016 New revision: 416371 URL: https://svnweb.freebsd.org/changeset/ports/416371 Log: Update to upstream version 4.11.0 Extensive changelog on http://code.call-cc.org/releases/4.11.0/NEWS-4.11.0 including security fixes for Specialisation rules for string-{ref,set!}, bit-set? and move-memory no longer use unchecked C functions which could result in undefined behaviour, including buffer overruns. While on it: Pet portlint PR: 209810 Submitted by: vmagerya@gmail.com (maintainer) Reported by: philneaton95@gmail.com MFH: 2016Q2 Changes: head/lang/chicken/Makefile head/lang/chicken/distinfo head/lang/chicken/pkg-plist
Hi, I've added ports-secteam@ to the CC list. If upstream determines "could result in undefined behaviour" is a "will result..." or this gets a CVE assigned we should document in VuXML accordingly. Until then I've approved this to be merged to quarterly on the grounds of it being a bugfix release everyone would benefit from.
A commit references this bug: Author: riggs Date: Sun Jun 5 19:43:40 UTC 2016 New revision: 416421 URL: https://svnweb.freebsd.org/changeset/ports/416421 Log: MFH: r416371 Update to upstream version 4.11.0 Extensive changelog on http://code.call-cc.org/releases/4.11.0/NEWS-4.11.0 including security fixes for Specialisation rules for string-{ref,set!}, bit-set? and move-memory no longer use unchecked C functions which could result in undefined behaviour, including buffer overruns. While on it: Pet portlint PR: 209810 Submitted by: vmagerya@gmail.com (maintainer) Reported by: philneaton95@gmail.com Approved by: ports-secteam (junovitch) Changes: _U branches/2016Q2/ branches/2016Q2/lang/chicken/Makefile branches/2016Q2/lang/chicken/distinfo branches/2016Q2/lang/chicken/pkg-plist