CrOS GN toolchain builds don't work w/ clang |
||||||||||
Issue descriptionCurrently the way the GN //build files are set up, if you have is_clang=true set in your args, we assume you're not using the CrOS toolchains, which means that the CrOS team can't actually work on switching to clang. This should be fixed.
,
Jun 30 2016
Update: ignore that CL. I think all you need to do is set 'custom_toolchain = "//build/toolchain/cros:target"' in your GN_ARGS, which you should be doing unconditionally (i.e., regardless of whether you're using clang or not). I always meant for you to be doing this, but forgot to tell you in the midst of getting all of the other stuff working. Assuming we can confirm that that works, let me know when you have set that, and I can clean up some other things.
,
Jul 6 2016
Issue 626058 has been merged into this issue.
,
Jul 6 2016
This is affecting the chromeos ASAN builders, so we need this sooner than later: https://build.chromium.org/p/chromiumos.chromium/builders/x86-generic-tot-asan-informational/builds/11156
,
Jul 8 2016
setting custom_toolchain as in #2 seems to fix the simple chrome workflow. I am testing that. However when trying this in the ebuild, I get the error about RPATH which was fixed a couple of weeks ago. The patches needed to reach this point are: https://chromium-review.googlesource.com/#/c/358921/ https://chromium-review.googlesource.com/#/c/358770/ and the failure can be seen in this try server ttps://uberchromegw.corp.google.com/i/chromiumos.tryserver/builders/asan/builds/86 follow the build packages stdio link and ignore the "chaps" failures. The problem as reported: chromeos-chrome-54.0.2790.0_rc-r1: scanelf: rpath_security_checks(): Security problem with DT_RPATH='$ORIGIN/.' in /build/amd64-generic/tmp/portage/chromeos-base/chromeos-chrome-54.0.2790.0_rc-r1/image/opt/google/chrome/chrome-sandbox with mode set of 4755 chromeos-chrome-54.0.2790.0_rc-r1: scanelf: rpath_security_checks(): Security problem with DT_RPATH='$ORIGIN/.' in /build/amd64-generic/tmp/portage/chromeos-base/chromeos-chrome-54.0.2790.0_rc-r1/image/opt/google/chrome/chrome-sandbox with mode set of 4755 chromeos-chrome-54.0.2790.0_rc-r1: chromeos-chrome-54.0.2790.0_rc-r1: * QA Notice: The following files contain insecure RUNPATHs chromeos-chrome-54.0.2790.0_rc-r1: * Please file a bug about this at http://bugs.gentoo.org/ chromeos-chrome-54.0.2790.0_rc-r1: * with the maintaining herd of the package. chromeos-chrome-54.0.2790.0_rc-r1: * $ORIGIN/. /build/amd64-generic/tmp/portage/chromeos-base/chromeos-chrome-54.0.2790.0_rc-r1/image/opt/google/chrome/chrome-sandbox chromeos-chrome-54.0.2790.0_rc-r1: chromeos-chrome-54.0.2790.0_rc-r1: * ERROR: chromeos-base/chromeos-chrome-54.0.2790.0_rc-r1::chromiumos failed: chromeos-chrome-54.0.2790.0_rc-r1: * Aborting due to serious QA concerns with RUNPATH/RPATH chromeos-chrome-54.0.2790.0_rc-r1: * chromeos-chrome-54.0.2790.0_rc-r1: * Call stack: chromeos-chrome-54.0.2790.0_rc-r1: * misc-functions.sh, line 1347: Called install_qa_check chromeos-chrome-54.0.2790.0_rc-r1: * misc-functions.sh, line 445: Called die chromeos-chrome-54.0.2790.0_rc-r1: * The specific snippet of code: chromeos-chrome-54.0.2790.0_rc-r1: * die "Aborting due to serious QA concerns with RUNPATH/RPATH" chromeos-chrome-54.0.2790.0_rc-r1: *
,
Jul 8 2016
,
Jul 8 2016
,
Jul 8 2016
to summarize, we currently have the following problems: - chromium:626240 - chromium:626241 - RPATH issue described above And 2 fixes in flight: https://chromium-review.googlesource.com/#/c/358921/ https://chromium-review.googlesource.com/#/c/358770/ I think at this point is better if dpranke owns this issue since the 2 unresolved problems are on his side.
,
Jul 8 2016
Okay, in this case the problem w/ rpath is that, as the GN build is written, chrome_sandbox is linked w/ the sanitizer libraries, and so they need rpath to be set. The GYP build explicitly turns off the sanitizer libraries (and flags) for the binary. Arguably, we could just turn off the RPATH check, since it's not like we're going to actually ship the sandbox binary built w/ ASAN, but I'd rather not have to even make that argument, so I'll see if I can turn off the sanitizer configs instead.
,
Jul 9 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/83a4db66297839d765616356e7bc34e18473a73a commit 83a4db66297839d765616356e7bc34e18473a73a Author: Luis Lozano <llozano@chromium.org> Date: Thu Jul 07 21:51:12 2016 GN: Fix GN builds so that we can use our own version of Clang/LLVM. Need to set "custom_toolchain" GN var for this to work. BUG= chromium:624901 TEST=cbuildbot falco-release daisy-release amd64-generic-asan Change-Id: Id734f20f55619dbdebba7ee97918aa71b737fb4a Reviewed-on: https://chromium-review.googlesource.com/358921 Commit-Ready: Luis Lozano <llozano@chromium.org> Tested-by: Luis Lozano <llozano@chromium.org> Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Reviewed-by: Dirk Pranke <dpranke@chromium.org> [modify] https://crrev.com/83a4db66297839d765616356e7bc34e18473a73a/chromeos-base/chromeos-chrome/chromeos-chrome-9999.ebuild
,
Jul 13 2016
Should this be fixed now, or is there anything else that needs to be done?
,
Jul 13 2016
The problem listed in comment #5 is still an issue. I should have a fix for it later today.
,
Jul 13 2016
OK, cheers!
,
Jul 14 2016
please dont forget 626240 and 626241 (marked as dependencies for this bug)
,
Jul 15 2016
Proposed fix: https://codereview.chromium.org/2152153002/ (I posted fixes for the other two issues as well, so hopefully we can unblock things soon).
,
Jul 15 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/651705fee413b0e84bddbf65ae563c7c6e7e2868 commit 651705fee413b0e84bddbf65ae563c7c6e7e2868 Author: dpranke <dpranke@chromium.org> Date: Fri Jul 15 03:58:47 2016 Fix rpath dependencies in ASAN builds of chrome_sandbox. chrome_sandbox is a setuid binary, so we don't want it to pick up -Wl,-rpath=$ORIGIN. Binaries built with sanitizers might need that flag in order to pick up the instrumented libraries properly, so the fix for this is to just not build chrome_sandbox with any of the sanitizer flags. R=rickyz@chromium.org, llozano@chromium.org BUG= 624901 Review-Url: https://codereview.chromium.org/2152153002 Cr-Commit-Position: refs/heads/master@{#405692} [modify] https://crrev.com/651705fee413b0e84bddbf65ae563c7c6e7e2868/sandbox/linux/BUILD.gn
,
Jul 17 2016
,
Jul 18 2016
Looks like the chromeos ASAN builders cycled green, hooray! Thanks!
,
Jul 18 2016
I think all of the known issues on this bug have landed (there is still also bug 618346 ). I'm going to bounce this back to llozano at this point. I really shouldn't be the owner of "make clang work", so maybe we can use sub-bugs instead next time?
,
Jul 22 2016
I think the issues reported in this bug have been fixed.
,
Aug 15 2016
Issue 628384 has been merged into this issue. |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by dpranke@chromium.org
, Jun 30 2016