GraphicsMagick fix for 10.7

[thomas.kotzian@…]

GraphicsMagick doesn't compile on 10.7 GM I have a quick fix for GraphicsMagick to make it work with 10.7 10.6 not tested

[thomas.kotzian@…]

Portfile changes

[jmr@…]

Please remember to cc the maintainer.

[thomas.kotzian@…]

Cc Me!

[ryandesign@…]

Has duplicate #30273.

[ryandesign@…]

Thank you; committing untested in r80964 since I don't have Lion yet.

[jmr@…]

Any reason we would want unfortified source on 10.6 and earlier?

[ryandesign@…]

I don't have a clue what fortification means. All I know is the build seemed to succeed on Snow Leopard with the change so I committed it.

jeremyhu already suggested on the mailing list that we use clang instead of llvm-gcc-4.2 so I'll do that instead.

[ryandesign@…]

r80979

[jmr@…]

Replying to ryandesign@…:

I don't have a clue what fortification means.

It's extra bounds checking. See for example /usr/include/secure/_string.h.

[lpancescu@…]

Replying to ryandesign@…:

I don't have a clue what fortification means. All I know is the build seemed to succeed on Snow Leopard with the change so I committed it.

jeremyhu already suggested on the mailing list that we use clang instead of llvm-gcc-4.2 so I'll do that instead.

The problem with using clang is that clang doesn't support ​OpenMP, and AFAIK there are no plans for implementing that. For GraphicsMagick, that means that only one processor core is used, making it almost two times slower on my dual-core Mac Mini (more for people with quad-core or eight-core).

Instead of overriding the compiler when the user specified gcc, we can use the following:

if {${configure.compiler} == "llvm-gcc-4.2"} {
    configure.cflags-append "-D_FORTIFY_SOURCE=0"
}

I already tested here (10.8 Mountain Lion), it compiles with llvm-gcc-4.2 and works correctly - I got a run time of 0m:50s instead of 1m:44s when I processed some scans for taxes. The best way would be to append those CFLAGS to any gcc variant, not just Apple's llvm-gcc-4.2 (gcc-4.7 generates faster code than both llvm-gcc-4.2.1 and current clang).

A few words about "source fortifying": some functions from the standard C library are very fast, but can be used in an unsafe manner, like memcpy or strcpy. If you copy more data than there's place in the destination buffer, you'll get a buffer overflow if the destination buffer is on the stack, or heap overflow if dynamically allocated. Both are bad, and can result in execution of arbitrary code. In some cases, the size of the destination buffer is known at compile time, and the compiler is able to insert a check in the generated code, causing a segmentation fault (rather than arbitrary code execution) at run time, if more data is being copied than the buffer size would allow. This is controlled by the _FORTIFY_SOURCE macro, with possible values of 0, 1 and 2; 0 means disabled, and 2 is the strongest protection (this is what many "hardened" Linux distributions use). However, this check needs support in the C runtime library, otherwise you'll get that link error about __builtin_object_size missing. The support was there until Snow Leopard, and disappeared since Lion. In general, on Lion+ one needs to disable source fortification for compiling C code with any variant of gcc.