IcedTea6 build failed for b41a73ca64e6 (--enable-nss)

Andrew Hughes ahughes at redhat.com
Thu Aug 16 16:10:12 PDT 2012 


----- Original Message -----
> On Thu, 2012-08-16 at 07:02 -0400, Andrew Hughes wrote:
> > > Do you know what the intention is, which file should be called
> > > what
> > > and be under which directory?
> > 
> > Something about your build is borked.
> 
> Could you try to minimize the usage of "your". For some reason it
> irks
> me seeing that usage when I merrily point out that one of the
> standard
> autobuilders is failing. The autobuilders are there precisely because
> nobody can test all the arches, setups and configuration options we
> support. It is "our" build that is borked.

And the autobuilders I've setup, as well as my own builds, pass.
Whatever setup is used here (which you didn't include in the original
e-mail, hence why I'm stabbing in the dark) is not building a complete
JDK.

>From your other e-mail, it sounds like you're using the add-zero
rule which, as mentioned before, is not supported.

> 
> > It looks like your build has always been broken, but has only now
> > come to light due to recent changes.
> > Nothing new has been added.  The patching of java.security has
> > merely been moved from before the build
> > to afterwards, so that the build itself doesn't have an PKCS11
> > provider configured with a missing
> > configuration file.
> 
> Aha. Now I understand. That assumes that there is a full build
> already
> in place. That isn't always the case when we build zero additionally.

No, this is a correct assumption.  The IcedTea target is meant to build a full
JDK and this is what add-nss depends on.

> Then we "fake" a whole build and do a recursive make. See the
> add-zero.stamp target:
> 
>     : # create directories which are expected by icedtea components,
>     : # implicitly assumed to be created by the jdk build.
> 

I don't agree with this fakery.  It makes the whole build much harder
to maintain.

> Which creates just enough to make everything else just work, but
> doesn't
> bother to also add fake java.security files.
> 
> The following fixes it:
> 
> 2012-08-16  Mark Wielaard  <mark at klomp.org>
> 
>         * Makefile.am (stamps/add-nss.stamp): Only try patching the
>         security files if they actually exist.
> 
> diff -b (full commit attached, but without -b it looks pretty
> confusing):
> 
> diff -r b41a73ca64e6 Makefile.am
> --- a/Makefile.am	Thu Aug 16 01:51:50 2012 +0100
> +++ b/Makefile.am	Thu Aug 16 17:52:07 2012 +0200
> @@ -1611,12 +1611,13 @@
>  	rm -f stamps/add-pulseaudio-debug.stamp
>  
>  stamps/add-nss.stamp: stamps/icedtea.stamp
> +	if [ -d $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/security ] ; then \
>  	cp -v $(abs_top_builddir)/nss.cfg \
> -	  $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/security
> +	    $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/security; \
>  	cp -v $(abs_top_builddir)/nss.cfg \
> -	  $(BUILD_OUTPUT_DIR)/j2re-image/lib/security
> -	rm -f stamps/add-nss.stamp.tmp
> -	touch stamps/add-nss.stamp.tmp
> +	    $(BUILD_OUTPUT_DIR)/j2re-image/lib/security; \
> +	  rm -f stamps/add-nss.stamp.tmp; \
> +	  touch stamps/add-nss.stamp.tmp; \
>  	all_patches_ok=yes; \
>  	for dir in $(BUILD_OUTPUT_DIR)/{j2sdk-image/jre,j2re-image} ; \
>  	do \
> @@ -1648,6 +1649,9 @@
>  	  echo ERROR patch $${all_patches_ok} FAILED! ; \
>  	  echo WARNING make clean-add-nss before retrying a fix ; \
>  	  exit 2; \
> +	  fi \
> +	else \
> +	  echo "NO $(BUILD_OUTPUT_DIR)/j2sdk-image/jre/lib/security dir"; \
>  	fi
>  
>  clean-add-nss:
> 
> At first I tried to add more to the "fake" environment under the
> add-zero target. But that quickly became messy and it seems better to
> teach add-nss that if there is no lib/security to begin with then
> there
> is no need to patch the non-existent files under it.
> 

This seems to make the build more complicated for absolutely no gain.
For one thing, if someone has set --enable-nss, they should get NSS.
If they build with NSS, but then don't build a JDK, then the NSS
rule is correct in failing as they aren't getting what they asked for.

> Cheers,
> 
> Mark
> 
> 
> [Text Documents:add-nss.patch]
> 

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/x-patch
Size: 3810 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120816/274b8953/attachment.bin

More information about the distro-pkg-dev mailing list