Build of webkitgtk-2.24.2 fails on Alpine on 32 bit arm (armhf/armv6 and armv7): [ 80%] Built target LLIntOffsetsExtractor [ 80%] Building CXX object Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/llint/LowLevelInterpreter.cpp.o cc1plus: out of memory allocating 65536 bytes after a total of 3492622336 bytes make[3]: *** [Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/build.make:2054: Source/JavaScriptCore/CMakeFiles/JavaS criptCore.dir/llint/LowLevelInterpreter.cpp.o] Error 1 The build machine runs in a 32 bit LXC environment on 64 bit kernel. It has 128G ram. webktigtk-2.20.x builds fine. It is a bit unfortunate because we need to do the build for our stable branches to fix security vulnerabilities: CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-11070, CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8615, CVE-2019-8611, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623 Is there some way to disable the unified sources build so we can push out the security fix in timely manner? Would it be possible to get a 2.20.x release with all the above CVEs fixed?
(In reply to Natanael from comment #0) > Build of webkitgtk-2.24.2 fails on Alpine on 32 bit arm (armhf/armv6 and > armv7): > > [ 80%] Built target LLIntOffsetsExtractor > [ 80%] Building CXX object > Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/llint/ > LowLevelInterpreter.cpp.o > > cc1plus: out of memory allocating 65536 bytes after a total of 3492622336 > bytes > make[3]: *** > [Source/JavaScriptCore/CMakeFiles/JavaScriptCore.dir/build.make:2054: > Source/JavaScriptCore/CMakeFiles/JavaS > criptCore.dir/llint/LowLevelInterpreter.cpp.o] Error 1 > > The build machine runs in a 32 bit LXC environment on 64 bit kernel. > > It has 128G ram. Normally -g1 should suffice to reduce required memory. I'd try that first. You can also try using lower -j to reduce the number of parallel processes, but it sounds like that's not your problem here. -Wl,--no-keep-memory and -Wl,--reduce-memory-overheads are also good to try, but again, looks like that's not your problem here. > webktigtk-2.20.x builds fine. > > It is a bit unfortunate because we need to do the build for our stable > branches to fix security vulnerabilities: > > CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, > CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, > CVE-2019-11070, CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, > CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, > CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, > CVE-2019-8610, CVE-2019-8615, CVE-2019-8611, CVE-2019-8619, CVE-2019-8622, > CVE-2019-8623 > > Is there some way to disable the unified sources build so we can push out > the security fix in timely manner? You can try -DENABLE_UNIFIED_BUILDS=OFF, but it's usually broken, so you'll usually have to fight some number of build failures. I think it *might* work with 2.24.2 if you add this patch: http://trac.webkit.org/changeset/246259/webkit/releases/WebKitGTK/webkit-2.24?format=diff&new=246259. Worth a try. (Manually remove the ChangeLog entry from the patch to get it to apply and use -p3.) If there are more build failures than that, patches welcome. > Would it be possible to get a 2.20.x release with all the above CVEs fixed? Definitely not, we only support one stable branch at a time because there's way too many vulnerabilities and they become very difficult to backport as the branch ages. Support for the 2.20 branch ended September last year.