Help/advice on building ports for my home PC with poudriere

[cracauer@]

Hi, I thought that the work directory would be automatically cleaned up before each build since I'm using poudriere, but I will definitely check into that.
I tried reducing max ARC size to 4g as you had suggested but a different timeout was reached and I didn't manage to get past the extraction point:

===>  Extracting for chromium-135.0.7049.114
=> SHA256 Checksum OK for chromium-135.0.7049.114.tar.xz.
=> SHA256 Checksum OK for pulseaudio-16.1.tar.gz.
=>> Killing timed out build after 3600 seconds
=>> Cleaning up wrkdir
===>  Cleaning for chromium-135.0.7049.114
rm: /wrkdirs/usr/ports/www/chromium/work: Directory not empty
*** Error code 1 (continuing)

Stop.
make[1]: stopped in /usr/ports/www/chromium
*** Error code 1 (continuing)
`clean' not remade because of errors.

Stop.
make: stopped in /usr/ports/www/chromium
build of www/chromium | chromium-135.0.7049.114 ended at Tue May 13 02:36:05 CEST 2025
build time: 01:20:49
!!! build failure encountered !!!

I don't feel as if in my specific situation ARC is the problem because by oberving top output it seems as if when there is need for memory ARC reduces it's size drastically, passing from 10g for example to just under 500m, relativily quickly.

I'm beginning to think that it might just be best to increase the amount of memory but I was hoping to be able to do without since I feel that 16g is a "normal minimum" amount of memory for any computer.

If extracting takes more than an hour your disk is very slow.

 

[SirDice]

I was hoping to be able to do without since I feel that 16g is a "normal minimum" amount of memory for any computer.

For a long time I used an old Core i5-3470 with 16GB memory (and 16G of swap). Took forever to build packages, but it worked. You'll want to set MUTUALLY_EXCLUSIVE_BUILD_PACKAGES="llvm* rust* gcc*" in poudriere.conf though. Or else you will eventually end up building rust, llvm and gcc at the same time, and this will certainly burn down the entire host.

My current build server has a dual Xeon E5-2667 (12 cores/24 threads total) and 192GB ECC memory. Have set USE_TMPFS=all, PARALLEL_JOBS=6 and ALLOW_MAKE_JOBS=yes. This thing builds packages lightning fast compared to that old i5.

 

[T-Aoki]

For a long time I used an old Core i5-3470 with 16GB memory (and 16G of swap). Took forever to build packages, but it worked. You'll want to set MUTUALLY_EXCLUSIVE_BUILD_PACKAGES="llvm* rust* gcc*" in poudriere.conf though. Or else you will eventually end up building rust, llvm and gcc at the same time, and this will certainly burn down the entire host.

For those memory pressures are concern and swap is small and/or slow, webkit*, *chromium*, iridium*, qt*-webengine* would be wanted to be in the list. These are quite heavy-loaded, too.

 

[SirDice]

I'm happy to see there's an option for this nowadays, I had to resort to building those heavy hitters separately and do multiple, consecutive, bulk runs with different sets of packages to get everything to build without burning down the server.

 

[T-Aoki]

And to avoid too-heavy leaf ports NOT to be (re)built among others at the same bulk run, I'm using the script here to generate the list of installed ports, excluding unwanted leaves to be built for later standalone builds.
Note that I have some more uncommon ones in the BLOCKLISTS dropped on uploading.

 

[vieron]

well it says:
rm: /wrkdirs/usr/ports/www/chromium/work: Directory not empty

You need to get rid of the port's work directory to be able to start a build again from scratch

I found the wrkdir which is apparently recreated from scratch for each poudriere build, so in my specific case the presence of pre-existing wrkdir files shouldnt be the issue.
I noticed that as soon as the build ends the work folder of the specific port that was being built is no longer present, but thank you for pointing that out anyways.

[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]# ls
.configure_done.chromium._usr_local     .license-catalog.mk                     .license_done.chromium._usr_local       BSD3CLAUSE
                           chromium-135.0.7049.114
.extract_done.chromium._usr_local       .license-report                         .patch_done.chromium._usr_local         chrome
                           chromium-browser.desktop
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]#
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]#
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]# ls
ls: .: Not a directory
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]#

It is quite likely that you had memory exhaustion and massive swap usage during build. It is not possible to judge without reading whole log of build process. build failure encountered is very uninformative. scroll all the way back in log and there you can find real error.

During these last build attempts in which I only specified USE_TMPFS=data I no longer experienced swap issues. Thank you for insisting on reading the logs by scrolling backwards to find the real error. I actually keep seeing the following error which I think might be related to this recently discovered bug.

gen/third_party/blink/renderer/core/css/css_property_names.cc:154:7: error: fallthrough annotation does not directly precede switch label
  154 |       [[fallthrough]];
      |       ^
fatal error: too many errors emitted, stopping now [-ferror-limit=]

If extracting takes more than an hour your disk is very slow.

I think it was only due to the fact that I had limited ARC to 4g. By restoring the default setting I get past the extraction point without issues.

For a long time I used an old Core i5-3470 with 16GB memory (and 16G of swap). Took forever to build packages, but it worked. You'll want to set MUTUALLY_EXCLUSIVE_BUILD_PACKAGES="llvm* rust* gcc*" in poudriere.conf though. Or else you will eventually end up building rust, llvm and gcc at the same time, and this will certainly burn down the entire host.

My current build server has a dual Xeon E5-2667 (12 cores/24 threads total) and 192GB ECC memory. Have set USE_TMPFS=all, PARALLEL_JOBS=6 and ALLOW_MAKE_JOBS=yes. This thing builds packages lightning fast compared to that old i5.

Thank you very much for sharing this information. It's useful to know about the extra options but even more useful to hear about your personal experience and way of building software.

And to avoid too-heavy leaf ports NOT to be (re)built among others at the same bulk run, I'm using the script here to generate the list of installed ports, excluding unwanted leaves to be built for later standalone builds.
Note that I have some more uncommon ones in the BLOCKLISTS dropped on uploading.

Thanks for the link to the script, it seems like it could be very useful.

 

[T-Aoki]

I found the wrkdir which is apparently recreated from scratch for each poudriere build, so in my specific case the presence of pre-existing wrkdir files shouldnt be the issue.
I noticed that as soon as the build ends the work folder of the specific port that was being built is no longer present, but thank you for pointing that out anyways.

[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]# ls
.configure_done.chromium._usr_local     .license-catalog.mk                     .license_done.chromium._usr_local       BSD3CLAUSE
                           chromium-135.0.7049.114
.extract_done.chromium._usr_local       .license-report                         .patch_done.chromium._usr_local         chrome
                           chromium-browser.desktop
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]#
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]#
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]# ls
ls: .: Not a directory
[root@homebsd /usr/local/poudriere/data/.m/13amd64-local/01/wrkdirs/usr/ports/www/chromium/work]#

During these last build attempts in which I only specified USE_TMPFS=data I no longer experienced swap issues. Thank you for insisting on reading the logs by scrolling backwards to find the real error. I actually keep seeing the following error which I think might be related to this recently discovered bug.

gen/third_party/blink/renderer/core/css/css_property_names.cc:154:7: error: fallthrough annotation does not directly precede switch label
  154 |       [[fallthrough]];
      |       ^
fatal error: too many errors emitted, stopping now [-ferror-limit=]

I think it was only due to the fact that I had limited ARC to 4g. By restoring the default setting I get past the extraction point without issues.


Thank you very much for sharing this information. It's useful to know about the extra options but even more useful to hear about your personal experience and way of building software.


Thanks for the link to the script, it seems like it could be very useful.

I've created (and made it faster thanks to DutchDaemon) this script because with -a option for bulk builds sometimes caused, for example, www/chromiun to be built in the middle (near the last, though) and the finish time of whole builds is delayed 12+ hours even though there was some security fixes of fundamental ports that I wanted to update ASAP.

Note that it doesn't help for something dependended upon by multiple ports like www/webkit* and www/qt*-webengine*.

IMHO, logics to determine which ports to be updated should 100% match between pkg and poudriere. There are toooooo many cases that poudriere rebuilt but pkg didn't upgraded. Tooooo much a pain, as many of these cases rebuild heavy www/webkit* and www/qt*-webengine* but not upgraded by pkg. Not sure it's possible or not, though.

 

[drsnx60]

HI

Its Possible that ARC MAXsize of 4 GB is too small in your situation .
maybe you need 8GB ARC MAXsize.
AN unlimited arcsize quickly ramped up to 17 GB when I complied chromium.

 

[T-Aoki]

To know how plenty www/chromium requires to build, read its Makefile, especially pre-everything: target.
Then search for variables WANTSPACE and WANTMEM in it.

I strongly want the day that we can laugh, on reading above, "What?! How tiny it is! It should built under milliseconds! Haha!!!" comes in several years, less than $1000 in costs and size in mobile notebooks. Just a dream.

 

[astyle]

To know how plenty www/chromium requires to build, read its Makefile, especially pre-everything: target.
Then search for variables WANTSPACE and WANTMEM in it.

I strongly want the day that we can laugh, on reading above, "What?! How tiny it is! It should built under milliseconds! Haha!!!" comes in several years, less than $1000 in costs and size in mobile notebooks. Just a dream.

WANTSPACE=35GB of SSD storage
WANTMEM=8GB of RAM

Not too bad for even low-end $350 USD machines that are brand-new.

 

[T-Aoki]

WANTSPACE=35GB of SSD storage
WANTMEM=8GB of RAM

Not too bad for even low-end $350 USD machines that are brand-new.

Yeah, if we disregard the build time.
Under a millisecond is just a joke unfortunately, but currently it requires 12+ hours on i7-8750H CPU @ 2.20GHz with 32GB of RAM + NVMe SSD (PCIe Gen3).

 

[cracauer@]

WANTSPACE=35GB of SSD storage
WANTMEM=8GB of RAM

Not too bad for even low-end $350 USD machines that are brand-new.

Except those values are both wrong.

 

[astyle]

Except those values are both wrong.

So, who's gonna file the PR and get the makefile edited to reflect correct values? Those values were for a non-debug build. The Makefile also included different values for a build with debugging symbols compiled in - like 240 GB of SSD storage, iirc.

 

[T-Aoki]

So, who's gonna file the PR and get the makefile edited to reflect correct values? Those values were for a non-debug build. The Makefile also included different values for a build with debugging symbols compiled in - like 240 GB of SSD storage, iirc.

And was updated relatively recently.

 

[cracauer@]

So, who's gonna file the PR and get the makefile edited to reflect correct values? Those values were for a non-debug build. The Makefile also included different values for a build with debugging symbols compiled in - like 240 GB of SSD storage, iirc.

I plan to address that shortly. The trick is of course to gather better numbers

 

[drsnx60]

the build of ungoogled chromium I did maxed out at about 14-16 GB ZFS ARC size and 6 GB active and 4 GB inactive RAM.
ofcoursse KDE6/Plasma6 was also active at the time. using 6core/12 threads I7-10850H cpu. so basicallly "make -j12"
With more cores more memory would be used.

 

[vieron]

Hi guys, I finally managed to build chromium last night. Sorry for giving an update this late.

So I guess the main issue was this bug, and issuing git pull sorted that.

(For this final build I initially used USE_TMPFS=yes and when I reached the final chromium port then used USE_TMPFS=data. I still don't know exactly why I couldn't get past the extract part for chromium just before the actual build. This wasn't an issue I had encountered when I started this thread but occured after many build attempts. Maybe freeing some space on the ZFS pool helped? I honestly don't know).

Regarding poudriere build options, there are several of them that some of you mentioned that I didn't find in the man pages or in the poudriere.conf file. Is there some other specific source I can consult?

Other than that I was just wondering how often do you guys usually update the downloaded ports tree and rebuild? Once a month? Is there a specific moment in which it is usually best to update the tree (on Saturdays etc.)? Is it a recurring theme to encounter bugs during the build process and then just issue git pull and rebuild like in my case? (I had to issue git pull twice, not only for chromium but also to fix an issue with the libxslt port).

And one last question. When the time will come to update to another major FreeBSD release how can I build from ports beforehand? Do I need to build inside a bhyve VM running the newer version of FreeBSD?

Thanks once again for all the feedback, help, advice and personal experience you all shared!

 

[astyle]

Other than that I was just wondering how often do you guys usually update the downloaded ports tree and rebuild?

I actually don't do that... A few years ago, I was working on a Poudriere-based project that includes this step, but had to set that project aside, as other things IRL demanded my attention. What I end up doing is basically grabbing a fresh copy of ports whenever I do a fresh install of FreeBSD. I compile Firefox on the spot, and then wait until it says no more, then I rinse and repeat.

Regarding poudriere build options, there are several of them that some of you mentioned that I didn't find in the man pages or in the poudriere.conf file. Is there some other specific source I can consult?

Well, most of Poudriere-specific options are definitely found in the manpages. Poudriere does a pretty good job of respecting the Makefile flags that are set using the Ports system. Sometimes, it's a matter of figuring out if an option was set by Poudriere or make.conf or a jail or by some other component.

 

[Erichans]

Ummm.. the real issue is that your i5 is 10th gen. Intel 10th gen processors did not play well with FreeBSD.

There have been complaints on these Forums in the past about that, especially in regards to port compilation.

I have a intel 10th gen i5-10500T. I tried to find relevant information about 'port compilation' problems, I couldn't find any. Could you elaborate on that?
Aren't you perhaps referring to the later intel generations that have 'efficiency' or E-cores in addition to usual P-cores?

 

[drsnx60]

HI,
I did one more trial run of building ungoogled-chromium from ports ( not poudriere ) on a larger deskside workstation , ( 24 threads, I7-13700K , 64 GB ram )
Compile time shrank to about 3 hours.
still using about 10GB Ram for processes and 15 GB Zfs ARC.
Ninja tool did the compile run with -j24 using all the threads in the machine.

This time I had selected to build with Link Time Optimization , LTO.
After having done compiling for 3 hrs . the LINKER (lld) ran for 4 minutes using all 24 threads doing the LTO optimization in parallel.
system was 2400% busy running lld !
I think this is great , when there is some hardware that can make it happen.

 

[vieron]

I compile Firefox on the spot, and then wait until it says no more

Don't you risk having many vulnerabilities like that? I have recently compiled chromium and firefox and pkg audit -F already shows vulnerabilities for both.

Sometimes, it's a matter of figuring out if an option was set by Poudriere or make.conf or a jail or by some other component.

Thanks for that. I probably just need time then to understand how those components work together.

I have another question regarding building packages with poudriere: after having built and installed all the previously installed packages with poudriere, when I issue pkg check -nd I see the following:

aaron@homebsd ~ % pkg check -nd
Checking all packages: 100%
cinnamon is missing a required shared library: libmuffin-clutter-0.so.0
cinnamon is missing a required shared library: libmuffin-cogl-0.so.0
cinnamon is missing a required shared library: libmuffin-cogl-pango-0.so.0
cinnamon is missing a required shared library: libmuffin-cogl-path-0.so.0
aaron@homebsd ~ %

Shouldn't poudriere not have allowed me to complete the build of all the packages since there are missing shared libraries? I can actually use cinnamon and haven't noticed any issues so far, but I didn't expect to see warnings from pkg check -nd regarding missing libraries since I installed all my packages from the poudriere repository which I imagine is some sort of an "all consistent whole".

(To be sure that I didn't have any leftover issues with packages that were installed before the ones from my new poudriere repository I even issued
pkg delete '*', checked to make sure there were no remaining packages and then issued pkg install `pkg search -g \* | awk '{print $1}'` to install all the packages contained in the new poudriere repository).

to update to another major FreeBSD release how can I build from ports beforehand? Do I need to build inside a bhyve VM running the newer version of FreeBSD?

And still if and when possible could someone please let me know if this is the correct way to build packages beforehand for another major release of FreeBSD?

 

[astyle]

Don't you risk having many vulnerabilities like that? I have recently compiled chromium and firefox and pkg audit -F already shows vulnerabilities for both.


Thanks for that. I probably just need time then to understand how those components work together.

I have another question regarding building packages with poudriere: after having built and installed all the previously installed packages with poudriere, when I issue pkg check -nd I see the following:

aaron@homebsd ~ % pkg check -nd
Checking all packages: 100%
cinnamon is missing a required shared library: libmuffin-clutter-0.so.0
cinnamon is missing a required shared library: libmuffin-cogl-0.so.0
cinnamon is missing a required shared library: libmuffin-cogl-pango-0.so.0
cinnamon is missing a required shared library: libmuffin-cogl-path-0.so.0
aaron@homebsd ~ %

Shouldn't poudriere not have allowed me to complete the build of all the packages since there are missing shared libraries? I can actually use cinnamon and haven't noticed any issues so far, but I didn't expect to see warnings from pkg check -nd regarding missing libraries since I installed all my packages from the poudriere repository which I imagine is some sort of an "all consistent whole".

(To be sure that I didn't have any leftover issues with packages that were installed before the ones from my new poudriere repository I even issued
pkg delete '*', checked to make sure there were no remaining packages and then issued pkg install `pkg search -g \* | awk '{print $1}'` to install all the packages contained in the new poudriere repository).


And still if and when possible could someone please let me know if this is the correct way to build packages beforehand for another major release of FreeBSD?

Well, for vulnerabilities, I have to ask myself what it means in practice for me. Exactly what needs to happen for that particular issue to actually mess up my FreeBSD machine or my offline functioning? I usually try to avoid running stuff as root if I can help it. And thing is, if I were curious enough about that, I'd try to do penetration testing on my own network just to see how much effort it would take to see the veracity of that particular CVE, and how applicable it would be in my particular case.

If you can use cinnamon just fine without that libmuffin, then I probably would not worry too much about it. But if that bothers you, you can always manually add libmuffin to the list of packages that you feed to Poudriere.

Poudriere uses a jail to build the ports. On the basis of that simple fact, I'd discourage using a bhyve VM - that really means double-nested virtualization, which takes away the processor cycles that would otherwise be used for compiling, and makes the overall compilation slower.

 

[vieron]

Thank you astyle for the prompt response.

I have to ask myself what it means in practice for me.

That is reasonable. The only issue is that specific software CVEs pkg audit reports are too difficult for me to really understand. So I prefer just updating the affected software. In contrast, I find FreeBSD's Security Advisories awesome because they summarize in a very exemplificative way the "Problem" and "Impact" of the vulnerabilities, which really helps me make an informed decision. But when it comes to reading the Chromium or Firefox vulnerabilities, I get quite lost.

you can always manually add libmuffin to the list of packages that you feed to Poudriere.

I only just realized that poudriere had correctly built libmuffin, so I'm guessing that as you mentioned what I see isn't a real issue. It definitely makes me want to start reading Porter's Handbook to start to understand how dependencies are handled (LIB_DEPENDS, RUN_DEPENDSetc.).

Regarding bhyve I guess you're right. Thinking about it a bit better, going from one major version to another isn't something that happens often, so I guess I could just upgrade to the new FreeBSD version and just install the main software I need from the official repositories while I start rebuilding from my own ports directory with poudriere.