You may already be using icecc to compile your Chromium, either by following some instructions like the ones published by my colleague Gyuyoung or using the popular icecc-chromium set of scripts. In those cases, you will probably get in some trouble if you try to generate an official build with that configuration.

First, let me refresh what an “official build” is called in Chromium. You may know that build optimization in Chromium builds depends on two flags:

• is_debug
  Debug build. Enabling official builds automatically sets is_debug to false.

• is_official_build
  Set to enable the official build level of optimization. This has nothing
  to do with branding, but enables an additional level of optimization above
  release (!is_debug). This might be better expressed as a tri-state
  (debug, release, official) but for historical reasons there are two
  separate flags.

The GN documentation is pretty verbose about this. To sum up, to get full binary optimization you should enable is_official_build which will also disable is_debug in the background. This is what other projects would call a release build.

Back to the main topic, I was running an official build distributed via icecc and stumbled on some compilation problems:

clang: error: no such file or directory: /usr/lib/clang/7.0.0/share/cfi_blacklist.txt
clang: error: no such file or directory: ../../tools/cfi/blacklist.txt
clang: error: no such file or directory: /path/to/src/chrome/android/profiles/afdo.prof

These didn’t happen when icecc build was disabled, so I was certain to have found some limitations in the distributed compiler. The icecc-chromium set of scripts was already disabling a number of clang cleanup/sanitize tools, so I decided to take the same approach. First, I checked the GN args that could be related to these errors and identified two:

• is_cfi
  Current value (from the default) = true
  From //build/config/sanitizers/sanitizers.gni:53

  Compile with Control Flow Integrity to protect virtual calls and casts.
  See http://clang.llvm.org/docs/ControlFlowIntegrity.html

  TODO(pcc): Remove this flag if/when CFI is enabled in all official builds.

• clang_use_default_sample_profile
  Current value (from the default) = true
  From //build/config/compiler/BUILD.gn:117

  Some configurations have default sample profiles. If this is true and
  clang_sample_profile_path is empty, we’ll fall back to the default.

  We currently only have default profiles for Chromium in-tree, so we disable
  this by default for all downstream projects, since these profiles are likely
  nonsensical for said projects.

These two args were enabled, I just disabled them and got rid the compilation flags that were causing trouble: -fprofile-sample-use=/path/to/src/chrome/android/profiles/afdo.prof -fsanitize=cfi-vcall -fsanitize-blacklist=../../tools/cfi/blacklist.txt. I’ve learned that support for -fsanitize-blacklist is available in upstream icecc, but most distros don’t package it yet, so it’s safer to disable that.

To sum up, if you are using icecc and you want to run an official build, you have to add a couple more GN args:

clang_use_default_sample_profile = false
is_cfi = false