search

ungoogled-software / ungoogled-chromium-android

Android build for ungoogled-chromium
GNU General Public License v3.0
495 stars 42 forks source link

Build failure on server #36

Closed wchen342 closed 4 years ago

wchen342 commented 4 years ago

Hi @csagan5, I was trying to build on the Gandi servers (I am using Debian 10+docker) but I am facing a strange error,

2020-11-10T03:18:23.6187247Z [48005/48343] ACTION //v8:run_mksnapshot_default(//build/toolchain/android:android_clang_x86)
2020-11-10T03:18:23.6189539Z FAILED: gen/v8/embedded.S snapshot_blob.bin 
2020-11-10T03:18:23.6204543Z python ../../v8/tools/run.py ./clang_x86/mksnapshot --turbo_instruction_scheduling --target_os=android --target_arch=x86 --embedded_src gen/v8/embedded.S --embedded_variant Default --random-seed 314159265 --startup_blob snapshot_blob.bin --no-native-code-counters
2020-11-10T03:18:23.6208357Z 
2020-11-10T03:18:23.6208969Z 
2020-11-10T03:18:23.6209790Z #
2020-11-10T03:18:23.6210683Z # Fatal error in , line 0
2020-11-10T03:18:23.6211822Z # unreachable code
2020-11-10T03:18:23.6212871Z #
2020-11-10T03:18:23.6214091Z #
2020-11-10T03:18:23.6214871Z #
2020-11-10T03:18:23.6224256Z #FailureMessage Object: 0xf72c4000
2020-11-10T03:18:23.6225317Z 
2020-11-10T03:18:23.6226160Z #
2020-11-10T03:18:23.6227217Z # Fatal error in , line 0
2020-11-10T03:18:23.6228382Z # unreachable code
2020-11-10T03:18:23.6229425Z #
2020-11-10T03:18:23.6230073Z #
2020-11-10T03:18:23.6230931Z #
2020-11-10T03:18:23.6232106Z #FailureMessage Object: 0xff8af120
2020-11-10T03:18:23.6234114Z ==== C stack trace ===============================
2020-11-10T03:18:23.6234796Z 
2020-11-10T03:18:23.6235450Z 
2020-11-10T03:18:23.6236384Z ==== C stack trace ===============================
2020-11-10T03:18:23.6237074Z 
2020-11-10T03:18:23.6238225Z     ./clang_x86/mksnapshot(+0x10f8e0f) [0x576f2e0f]
2020-11-10T03:18:23.6239634Z     ./clang_x86/mksnapshot(+0x10f8265) [0x576f2265]
2020-11-10T03:18:23.6241285Z         ./clang_x86/mksnapshot(+0x10f352f) [0x576ed52f]./clang_x86/mksnapshot(+0x10f8e0f) [0x576f2e0f]
2020-11-10T03:18:23.6242630Z 
2020-11-10T03:18:23.6243760Z     ./clang_x86/mksnapshot(+0x10f4058) [0x576ee058]    
2020-11-10T03:18:23.6245125Z ./clang_x86/mksnapshot(+0x10f8265) [0x576f2265]    
2020-11-10T03:18:23.6246506Z ./clang_x86/mksnapshot(+0x10f7d8e) [0x576f1d8e]    
2020-11-10T03:18:23.6247934Z ./clang_x86/mksnapshot(+0x10f352f) [0x576ed52f]    
2020-11-10T03:18:23.6249331Z ./clang_x86/mksnapshot(+0x10fb138) [0x576f5138]    
2020-11-10T03:18:23.6250649Z ./clang_x86/mksnapshot(+0x10f4058) [0x576ee058]    
2020-11-10T03:18:23.6252136Z ./clang_x86/mksnapshot(+0x10fada2) [0x576f4da2]    
2020-11-10T03:18:23.6254057Z ./clang_x86/mksnapshot(+0x266925) [0x56860925]    
2020-11-10T03:18:23.6255400Z ./clang_x86/mksnapshot(+0x10f7080) [0x576f1080]    
2020-11-10T03:18:23.6256899Z /lib/libc.so.6(__libc_start_main+0x10e) [0xf7cee05e]    
2020-11-10T03:18:23.6258456Z /lib/libpthread.so.0(+0x8648) [0xf7f81648]    
2020-11-10T03:18:23.6259920Z ./clang_x86/mksnapshot(_start+0x35) [0x5685dcf5]    
2020-11-10T03:18:23.6261442Z /lib/libc.so.6(clone+0x6a) [0xf7dc689a]
2020-11-10T03:18:23.6263536Z Return code is -4
2020-11-10T03:18:23.6264769Z ninja: build stopped: subcommand failed.

Did you run into this? Or do you have any idea how to solve it?

wchen342 commented 4 years ago

I think I got it. For the record:

It was Docker blocking the system call clock_gettime resulting in a EPERM. Adding a seccomp profile should solve the problem.

csagan5 commented 4 years ago

Interesting; glad you found the problem.

In general their servers are fully virtualized so you will not have any provider-specific issue there.

wchen342 commented 4 years ago

It seems the building process requires a lot more system calls then just clock_gettime cause now I am hitting some other similar errors so I have to use --add-cap SYS_ADMIN. The interesting thing is they actually build a lot of small binary tools in the middle and run them during the build.

EDIT: so obviously adding capatability is not enough to solve the problem. Even --add-cap=ALL will not work. Not sure whether it is because the host is running on a Xen hypervisor or because of the kernel. The only solution seems to be running docker with --privileged which kind of defeating the purpose of using a container.

EDIT2: seccomp=unconfined works. Not a perfect solution but better than --privileged.