1475573 - Create --enable-fuzzing debug build job for Android x86 firefox.

Status: RESOLVED FIXED

(Firefox Build System :: Task Configuration, task)

Description

[Jesse Schwartzentruber (:truber)]

To support fuzzing on Android we need debug builds with --enable-fuzzing.

Comment 1

[Jesse Schwartzentruber (:truber)]

Attachment: Create --enable-fuzzing debug build job for Android x86 firefox.

Comment 2

[Jesse Schwartzentruber (:truber)]

Comment on attachment 8995190 [details]
Create --enable-fuzzing debug build job for Android x86 firefox.

I'm trying to add --enable-fuzzing on android, and hitting link errors like this:

 0:22.50 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:246: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.50 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:514: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.50 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:295: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.51 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:294: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.51 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:514: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.51 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:295: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.51 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:520: error: undefined reference to '__sanitizer_cov_trace_const_cmp1'
 0:22.51 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:302: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.53 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:520: error: undefined reference to '__sanitizer_cov_trace_const_cmp1'
 0:22.53 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:302: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.55 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:526: error: undefined reference to '__sanitizer_cov_trace_const_cmp1'
 0:22.58 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:246: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.58 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:514: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.58 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:295: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.58 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:294: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.58 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:558: error: undefined reference to '__sanitizer_cov_trace_const_cmp1'
 0:22.58 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:514: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.58 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:295: error: undefined reference to '__sanitizer_cov_trace_pc_guard'
 0:22.59 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:520: error: undefined reference to '__sanitizer_cov_trace_const_cmp1'
 0:22.59 /home/truber/src/m/u/obj-i386-linux-android/dist/include/js/HeapAPI.h:494: error: undefined reference to '__sanitizer_cov_trace_switch'
 0:22.59 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:302: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'
 0:22.60 /home/truber/src/m/u/obj-i386-linux-android/dist/include/mozilla/Vector.h:520: error: undefined reference to '__sanitizer_cov_trace_const_cmp1'
 0:22.60 /home/truber/src/m/u/js/src/vm/StructuredClone.cpp:302: error: undefined reference to '__sanitizer_cov_trace_const_cmp4'

I got around this in libplugin-container.so by the changes in ipc/app/moz.build, but it seems to be happening in every lib.

For desktop we only add this in browser/app/moz.build and everything seems to work, but making the change in mobile/android/moz.build or mobile/android/app/moz.build doesn't do it.

Is there a build file I can change that will affect everything for the android build?

https://treeherder.mozilla.org/#/jobs?repo=try&revision=ab0104ff986079fe7f65ae83508a99ac0ee2bee6

Comment 3

[Nathan Froyd [:froydnj]]

Comment on attachment 8995190 [details]
Create --enable-fuzzing debug build job for Android x86 firefox.

You probably want to add a USE_LIBS for fuzzer somewhere in:

https://searchfox.org/mozilla-central/source/build/gecko_templates.mozbuild#8-51

I don't think you want the explicit mozglue in USE_LIBS.

Comment 4

[Jesse Schwartzentruber (:truber)]

Thanks! Now it is building, it just won't launch.

The mozglue in ipc/app/moz.build is because otherwise I get undefined references to mozalloc.


When it launches I see the fennec GUI for an instant, then it crashes. Logcat contains:

07-26 16:41:04.176  6251  6272 E GeckoLinker: Couldn't map /data/user/0/org.mozilla.fennec_aurora/cache/libxul.so to decompress library
07-26 16:41:04.176  6251  6272 E GeckoLibLoad: Couldn't get a handle to libxul!
07-26 16:41:04.176  6251  6272 E GeckoLibLoad: Throw
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler: >>> REPORTING UNCAUGHT EXCEPTION FROM THREAD 305 ("Gecko")
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler: java.lang.Exception: Error loading gecko libraries
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler:     at org.mozilla.gecko.mozglue.GeckoLoader.loadGeckoLibsNative(Native Method)
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler:     at org.mozilla.gecko.mozglue.GeckoLoader.loadGeckoLibs(GeckoLoader.java:440)
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler:     at org.mozilla.gecko.GeckoThread.loadGeckoLibs(GeckoThread.java:282)
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler:     at org.mozilla.gecko.GeckoThread.initGeckoEnvironment(GeckoThread.java:322)
07-26 16:41:04.177  6251  6272 E GeckoCrashHandler:     at org.mozilla.gecko.GeckoThread.run(GeckoThread.java:449)


/data/user/0/org.mozilla.fennec_aurora/cache contains only 'icons/', but if I install the latest nightly and run it in the same emulator, the cache gets populated with libxul.so etc. and it launches correctly.

Comment 5

[Jesse Schwartzentruber (:truber)]

Comment on attachment 8995190 [details]
Create --enable-fuzzing debug build job for Android x86 firefox.

The apk is working now. The crash on launch I was seeing was because of my local mozconfig not stripping symbols which made the emulator OOM unpacking libxul.

As you mentioned, the change to ipc/app/moz.build seems strange, but without adding 'fuzzer' to USE_LIBS I get errors like:

ipc/app/MozillaRuntimeMainAndroid.cpp:12: error: undefined reference to '__sanitizer_cov_trace_pc_guard'

.. and without 'mozglue' I get:

obj-firefox/dist/include/mozilla/mozalloc.h:156: error: undefined reference to 'moz_xmalloc'

https://treeherder.mozilla.org/#/jobs?repo=try&revision=fe0329354bafb8f0f1b45f1c29cc3c8668e168fa

Comment 6

[Phabricator Automation]

Comment on attachment 8995190 [details]
Create --enable-fuzzing debug build job for Android x86 firefox.

Nathan Froyd [:froydnj] has approved the revision.

https://phabricator.services.mozilla.com/D2428

Comment 7

[Nathan Froyd [:froydnj]]

Comment on attachment 8995190 [details]
Create --enable-fuzzing debug build job for Android x86 firefox.

For some reason, I have another review request?  I hope this doesn't flip the flag in phab...

Comment 8

[Phabricator Automation]

Comment on attachment 8995190 [details]
Create --enable-fuzzing debug build job for Android x86 firefox.

Nick Alexander :nalexander has approved the revision.

https://phabricator.services.mozilla.com/D2428

Comment 9

[Pulsebot]

Pushed by apavel@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/acde419e016e
Create --enable-fuzzing debug build job for Android x86 firefox. r=froydnj,nalexander

Comment 10

[Noemi Erli[:noemi_erli]]

Backed out changeset acde419e016e (Bug 1475573) for breaking Android builds

Push with failures: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=acde419e016e70d8d3d80d93acfc6034beb09278&filter-resultStatus=testfailed&filter-resultStatus=busted&filter-resultStatus=exception&filter-classifiedState=unclassified&selectedJob=192017874

Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=192017874&repo=mozilla-inbound&lineNumber=1114

Backout: https://hg.mozilla.org/integration/mozilla-inbound/rev/48904c06f28c87a579f8f2c42b931982af353655

Comment 11

[Jesse Schwartzentruber (:truber)]

Missed merge with 98578393d6357aa701b062b231ed867209b9825c. Updated diff to add node toolchain.

Comment 12

[Pulsebot]

Pushed by btara@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d602a2f69ff8
Create --enable-fuzzing debug build job for Android x86 firefox. r=nalexander,froydnj

Comment 13

[Daniel Varga [:dvarga]]

https://hg.mozilla.org/mozilla-central/rev/d602a2f69ff8

Comment 14

[Pulsebot]

Backout by dluca@mozilla.com:
https://hg.mozilla.org/mozilla-central/rev/4248cea4f9a1
Backed out changeset d602a2f69ff8 on request from truber. a=backout

Comment 15

[Jesse Schwartzentruber (:truber)]

Updated try: https://treeherder.mozilla.org/#/jobs?repo=try&revision=2fea3157d1f00fdfc5ba6d1f0e9ae250be1b3b16

I've just disabled libFuzzer for Android. The linker changes shouldn't be required, so until I figure out why they are, it's better to have a fuzzing build that we can start fuzzing on Android.

Comment 16

[Pulsebot]

Pushed by ccoroiu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/b073a55c2be7
Create --enable-fuzzing debug build job for Android x86 firefox. r=nalexander,froydnj

Comment 17

[Eliza Balazs [:ebalazs_]]

https://hg.mozilla.org/mozilla-central/rev/b073a55c2be7