Can not access to Vivado when building the ARTIQ

FENIX

I recently changed our ARTIQ hardware config which added a zotino. And I would like to build my ARTIQ firmware to let my Kasli-SoC adapting to this change. But when I ran the command, with a local ARTIQ git repository and ARTIQ_Zynq git repository, which was:

nix build --print-build-logs --impure --expr 'let fl = builtins.getFlake "/home/ybarray/ARTIQ_repo/artiq-zynq"; in (fl.makeArtiqZynqPackage {target="kasli_soc"; variant="standalone"; json=./target.json;}).kasli_soc-standalone-sd'

We met a problem, the log showed:

kasli_soc-standalone-gateware> Sampler (EEM0) starting at RTIO channel 0x000000
kasli_soc-standalone-gateware> Urukul (EEM2) starting at RTIO channel 0x000003
kasli_soc-standalone-gateware> Urukul (EEM4) starting at RTIO channel 0x000009
kasli_soc-standalone-gateware> DIO (EEM6) starting at RTIO channel 0x00000f
kasli_soc-standalone-gateware> Zotino (EEM7) starting at RTIO channel 0x000017
kasli_soc-standalone-gateware> USER LED at RTIO channel 0x00001a
kasli_soc-standalone-gateware> USER LED at RTIO channel 0x00001b
kasli_soc-standalone-gateware> bwrap: setting up uid map: Permission denied
kasli_soc-standalone-gateware> Traceback (most recent call last):
kasli_soc-standalone-gateware>   File "/nix/store/3n7icqgb0rifw3xv988flx8wsiwzhz8b-gateware/kasli_soc.py", line 672, in <module>
kasli_soc-standalone-gateware>     main()
kasli_soc-standalone-gateware>   File "/nix/store/3n7icqgb0rifw3xv988flx8wsiwzhz8b-gateware/kasli_soc.py", line 668, in main
kasli_soc-standalone-gateware>     soc.build(build_dir=args.g)
kasli_soc-standalone-gateware>   File "/nix/store/in7qym9lxkmpdy16l15v13rq3ps1xnc7-python3-3.12.8-env/lib/python3.12/site-packages/migen_axi/integration/soc_core.py", line 169, in build
kasli_soc-standalone-gateware>     self.platform.build(self, *args, **kwargs)
kasli_soc-standalone-gateware>   File "/nix/store/in7qym9lxkmpdy16l15v13rq3ps1xnc7-python3-3.12.8-env/lib/python3.12/site-packages/migen/build/xilinx/platform.py", line 59, in build
kasli_soc-standalone-gateware>     return self.toolchain.build(self, *args, **kwargs)
kasli_soc-standalone-gateware>            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
kasli_soc-standalone-gateware>   File "/nix/store/in7qym9lxkmpdy16l15v13rq3ps1xnc7-python3-3.12.8-env/lib/python3.12/site-packages/migen/build/xilinx/vivado.py", line 249, in build
kasli_soc-standalone-gateware>     _run_vivado(build_name)
kasli_soc-standalone-gateware>   File "/nix/store/in7qym9lxkmpdy16l15v13rq3ps1xnc7-python3-3.12.8-env/lib/python3.12/site-packages/migen/build/xilinx/vivado.py", line 70, in _run_vivado
kasli_soc-standalone-gateware>     raise OSError("Subprocess failed")
kasli_soc-standalone-gateware> OSError: Subprocess failed
kasli_soc-standalone-gateware> 
error: builder for '/nix/store/sgknfl4zfw76zvhlsgzgspxsxrxg9nbf-kasli_soc-standalone-gateware.drv' failed with exit code 1
error: 1 dependencies of derivation '/nix/store/rbb064psgmd9fbvn8f5b22ld69s1gibn-kasli_soc-standalone-sd.drv' failed to build

We currently use ARTIQ and ARTIQ_Zynq release 8 and Vivado 2024.2, so how may I solve this problem to build my firmware.

Thank you for your help in advance.

fsagbuya

FENIX
Try adding the settings from:
https://m-labs.hk/artiq/manual/building_developing.html#nix-development-environment
Adjust the sandbox paths accordingly based on where your Vivado is installed.

FENIX

fsagbuya Thank you for your reply but it seems don't work, and I added the followed line to nix.conf :

experimental-features = nix-command flakes
sandbox-paths = /opt /opt/Xilinx/Vivado/2022.2
substituters = https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store https://cache.nixos.org/

I removed the Vivado 2024.2 and re-installed Vivado 2022.2, and I ran the "bulid" command again and it showed again:

ybarray@ybarray-Virtual-Machine:~/ARTIQ_repo$ nix build --print-build-logs --impure --expr 'let fl = builtins.getFlake "/home/ybarray/ARTIQ_repo/artiq-zynq"; in (fl.makeArtiqZynqPackage {target="kasli_soc"; variant="standalone"; json=./target.json;}).kasli_soc-standalone-sd'
kasli_soc-standalone-gateware> Sampler (EEM0) starting at RTIO channel 0x000000
kasli_soc-standalone-gateware> Urukul (EEM2) starting at RTIO channel 0x000003
kasli_soc-standalone-gateware> Urukul (EEM4) starting at RTIO channel 0x000009
kasli_soc-standalone-gateware> DIO (EEM6) starting at RTIO channel 0x00000f
kasli_soc-standalone-gateware> Zotino (EEM7) starting at RTIO channel 0x000017
kasli_soc-standalone-gateware> USER LED at RTIO channel 0x00001a
kasli_soc-standalone-gateware> USER LED at RTIO channel 0x00001b
kasli_soc-standalone-gateware> bwrap: setting up uid map: Permission denied
kasli_soc-standalone-gateware> Traceback (most recent call last):
kasli_soc-standalone-gateware>   File "/nix/store/3n7icqgb0rifw3xv988flx8wsiwzhz8b-gateware/kasli_soc.py", line 672, in <module>
kasli_soc-standalone-gateware>     main()
kasli_soc-standalone-gateware>   File "/nix/store/3n7icqgb0rifw3xv988flx8wsiwzhz8b-gateware/kasli_soc.py", line 668, in main
kasli_soc-standalone-gateware>     soc.build(build_dir=args.g)
kasli_soc-standalone-gateware>   File "/nix/store/kvwh1lwqadrzjzjf8kdqbnpn6jm3kgls-python3-3.12.8-env/lib/python3.12/site-packages/migen_axi/integration/soc_core.py", line 169, in build
kasli_soc-standalone-gateware>     self.platform.build(self, *args, **kwargs)
kasli_soc-standalone-gateware>   File "/nix/store/kvwh1lwqadrzjzjf8kdqbnpn6jm3kgls-python3-3.12.8-env/lib/python3.12/site-packages/migen/build/xilinx/platform.py", line 59, in build
kasli_soc-standalone-gateware>     return self.toolchain.build(self, *args, **kwargs)
kasli_soc-standalone-gateware>            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
kasli_soc-standalone-gateware>   File "/nix/store/kvwh1lwqadrzjzjf8kdqbnpn6jm3kgls-python3-3.12.8-env/lib/python3.12/site-packages/migen/build/xilinx/vivado.py", line 249, in build
kasli_soc-standalone-gateware>     _run_vivado(build_name)
kasli_soc-standalone-gateware>   File "/nix/store/kvwh1lwqadrzjzjf8kdqbnpn6jm3kgls-python3-3.12.8-env/lib/python3.12/site-packages/migen/build/xilinx/vivado.py", line 70, in _run_vivado
kasli_soc-standalone-gateware>     raise OSError("Subprocess failed")
kasli_soc-standalone-gateware> OSError: Subprocess failed
kasli_soc-standalone-gateware> 
error: builder for '/nix/store/9phc2r1f8w7brrw2rgc1lkh64h5zbmps-kasli_soc-standalone-gateware.drv' failed with exit code 1
error: 1 dependencies of derivation '/nix/store/acqd5difafc1810r6kyy2kvcrxkxf1jq-kasli_soc-standalone-sd.drv' failed to build

It is really confusing

fsagbuya

FENIX Can you run nix config show and check the sandbox and sandbox-paths fields? Also, do you have the trusted-settings.json file set up as mentioned in the previous reference?

FENIX

fsagbuya Yes, I can run nix config show command in terminal and it reported the followed text:

ybarray@ybarray-Virtual-Machine:~/ARTIQ_repo$ nix config show
abort-on-warn = false
accept-flake-config = false
access-tokens = 
allow-dirty = true
allow-dirty-locks = false
allow-import-from-derivation = true
allow-new-privileges = false
allow-symlinked-store = false
allow-unsafe-native-code-during-evaluation = false
allowed-impure-host-deps = 
allowed-uris = 
allowed-users = *
always-allow-substitutes = false
auto-optimise-store = false
bash-prompt = 
bash-prompt-prefix = 
bash-prompt-suffix = 
build-dir = 
build-hook = /nix/store/ni2gvlli2qliadpdinvqvarf89jyi291-nix-2.26.2/bin/nix __build-remote
build-poll-interval = 5
build-users-group = 
builders = @/etc/nix/machines
builders-use-substitutes = false
commit-lock-file-summary = 
compress-build-log = true
connect-timeout = 0
cores = 14
debugger-on-trace = false
debugger-on-warn = false
diff-hook = 
download-attempts = 5
download-buffer-size = 67108864
download-speed = 0
eval-cache = true
eval-system = 
experimental-features = fetch-tree flakes nix-command
extra-platforms = i686-linux x86_64-v1-linux x86_64-v2-linux x86_64-v3-linux
fallback = false
filter-syscalls = true
flake-registry = https://channels.nixos.org/flake-registry.json
fsync-metadata = true
fsync-store-paths = false
gc-reserved-space = 8388608
hashed-mirrors = 
http-connections = 25
http2 = true
id-count = 8388608
ignore-try = false
ignored-acls = security.csm security.selinux system.nfs4_acl
impersonate-linux-26 = false
keep-build-log = true
keep-derivations = true
keep-env-derivations = false
keep-failed = false
keep-going = false
keep-outputs = false
log-lines = 25
max-build-log-size = 0
max-call-depth = 10000
max-free = 9223372036854775807
max-jobs = 1
max-silent-time = 0
max-substitution-jobs = 16
min-free = 0
min-free-check-interval = 5
nar-buffer-size = 33554432
narinfo-cache-negative-ttl = 3600
narinfo-cache-positive-ttl = 2592000
netrc-file = /etc/nix/netrc
nix-path = 
nix-shell-always-looks-for-shell-nix = true
nix-shell-shebang-arguments-relative-to-script = true
plugin-files = 
post-build-hook = 
pre-build-hook = 
preallocate-contents = false
print-missing = true
pure-eval = true
require-drop-supplementary-groups = false
require-sigs = true
restrict-eval = false
run-diff-hook = false
sandbox = true
sandbox-build-dir = /build
sandbox-dev-shm-size = 50%
sandbox-fallback = true
sandbox-paths = /opt /opt/Xilinx/Vivado/2022.2
secret-key-files = 
show-trace = false
ssl-cert-file = /etc/ssl/certs/ca-certificates.crt
stalled-download-timeout = 300
start-id = 872415232
store = auto
substitute = true
substituters = https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store https://cache.nixos.org/
sync-before-registering = false
system = x86_64-linux
system-features = benchmark big-parallel nixos-test uid-range
tarball-ttl = 3600
timeout = 0
trace-function-calls = false
trace-verbose = false
trust-tarballs-from-git-forges = true
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
trusted-substituters = 
trusted-users = root
upgrade-nix-store-path-url = https://github.com/NixOS/nixpkgs/raw/master/nixos/modules/installer/tools/nix-fallback-paths.nix
use-case-hack = false
use-cgroups = false
use-registries = true
use-sqlite-wal = true
use-xdg-base-directories = false
user-agent-suffix = 
warn-dirty = true
warn-large-path-threshold = 0

and trusted-settings.json is followed:

{"extra-sandbox-paths":{"/opt":true},"extra-substituters":{"https://nixbld.m-labs.hk":true},"extra-trusted-public-keys":{"nixbld.m-labs.hk-1:5aSRVA5b320xbNvu30tqxVPXpld73bhtOeH6uAjRyHc=":true}}

Should I add /opt/Xilinx/Vivado/2022.2 to "extra-sandbox-paths":{"/opt":true}," and save trusted-settings.json with:

{"extra-sandbox-paths":{"/opt":true,"/opt/Xilinx/Vivado/2022.2":true},"extra-substituters":{"https://nixbld.m-labs.hk":true},"extra-trusted-public-keys":{"nixbld.m-labs.hk-1:5aSRVA5b320xbNvu30tqxVPXpld73bhtOeH6uAjRyHc=":true}}

fsagbuya

If you are running it in Ubuntu, you can check step 5 here:
https://git.m-labs.hk/sinara-hw/assembly/src/branch/master/src/sw_sup/setup_build_pc.md#installation

FENIX

fsagbuya Thank you for the information you have provided. I tried to disable the apparmor by using command sudo systemctl disable apparmor and restarting my ubuntu. Yet it did not works. It reported the same error and the same error report

fsagbuya

What's the output of systemctl status apparmor? If it's still active, try to run sudo systemctl stop apparmor.

FENIX

fsagbuya it reports :

ybarray@ybarray-Virtual-Machine:~/ARTIQ_repo$ systemctl status apparmor
○ apparmor.service - Load AppArmor profiles
     Loaded: loaded (/usr/lib/systemd/system/apparmor.service; disabled; preset>
     Active: inactive (dead)
       Docs: man:apparmor(7)
             https://gitlab.com/apparmor/apparmor/wikis/home/
lines 1-5/5 (END)

I guess it is already disabled

FENIX

fsagbuya Well, I think I have found the way out. The key point is that I have to totally remove apparmor using command sudo apt purge apparmor instead of disabling it partly for Nix or for the whole system.

I use the tutorial of this link

Thank you for your help