I'm trying to do fuzz sample test using libfuzzer, facing errors. Help me to resolve

[sai manikanta]

I Synched and compiled AOSP build and followed the steps below

https://source.android.com/devices/tech/debug/libfuzzer

While compiling I'm facing this error,

First I got this error :

ninja: no work to do.

[1/1] out/soong/.bootstrap/bin/soong_build out/soong/build.ninja

FAILED: out/soong/build.ninja

out/soong/.bootstrap/bin/soong_build -t -l out/.module_paths/Android.bp.list -b out/soong -n out -d out/soong/build.ninja.d -o out/soong/build.ninja Android.bp

error: vendor/fuzz_me_fuzzer/Android.bp:1:1: unrecognized module type "cc_fuzz"

ninja: build stopped: subcommand failed.

17:33:57 soong bootstrap failed with: exit status 1

#### failed to build some targets (1 seconds) ####

sai@sai:/local/mnt2/workspace/builds/PQ2A.190205.001_P3XL$

I added Updated ./build/soong/cc/fuzz.go

Now I'm getting 

[1/1] out/soong/.minibootstrap/minibp out/soong/.bootstrap/build.ninja

[1/15] compile out/soong/.bootstrap/soong-cc/pkg/android/soong/cc.a

FAILED: out/soong/.bootstrap/soong-cc/pkg/android/soong/cc.a

GOROOT='prebuilts/go/linux-x86' prebuilts/go/linux-x86/pkg/tool/linux_amd64/compile -c 8 -o out/soong/.bootstrap/soong-cc/pkg/android/soong/cc.a -p android/soong/cc -complete -I out/soong/.bootstrap/blueprint-parser/pkg -I out/soong/.bootstrap/blueprint-deptools/pkg -I out/soong/.bootstrap/blueprint-pathtools/pkg -I out/soong/.bootstrap/blueprint-proptools/pkg -I out/soong/.bootstrap/blueprint/pkg -I out/soong/.bootstrap/soong/pkg -I out/soong/.bootstrap/blueprint-bootstrap-bpdoc/pkg -I out/soong/.bootstrap/blueprint-bootstrap/pkg -I out/soong/.bootstrap/soong-env/pkg -I out/soong/.bootstrap/soong-android/pkg -I out/soong/.bootstrap/soong-cc-config/pkg -I out/soong/.bootstrap/soong-shared/pkg -I out/soong/.bootstrap/soong-genrule/pkg -pack build/soong/cc/androidmk.go build/soong/cc/builder.go build/soong/cc/cc.go build/soong/cc/check.go build/soong/cc/coverage.go build/soong/cc/gen.go build/soong/cc/lto.go build/soong/cc/makevars.go build/soong/cc/pgo.go build/soong/cc/prebuilt.go build/soong/cc/proto.go build/soong/cc/relocation_packer.go build/soong/cc/rs.go build/soong/cc/sanitize.go build/soong/cc/sabi.go build/soong/cc/stl.go build/soong/cc/strip.go build/soong/cc/tidy.go build/soong/cc/util.go build/soong/cc/vndk.go build/soong/cc/vndk_prebuilt.go build/soong/cc/cmakelists.go build/soong/cc/compiler.go build/soong/cc/installer.go build/soong/cc/linker.go build/soong/cc/binary.go build/soong/cc/fuzz.go build/soong/cc/library.go build/soong/cc/object.go build/soong/cc/test.go build/soong/cc/toolchain_library.go build/soong/cc/ndk_prebuilt.go build/soong/cc/ndk_headers.go build/soong/cc/ndk_library.go build/soong/cc/ndk_sysroot.go build/soong/cc/llndk_library.go build/soong/cc/kernel_headers.go build/soong/cc/genrule.go build/soong/cc/vendor_public_library.go

build/soong/cc/fuzz.go:14:9: package fuzz; expected cc

[2/15] compile out/soong/.bootstrap/soong-cc/test/android/soong/cc.a

FAILED: out/soong/.bootstrap/soong-cc/test/android/soong/cc.a

GOROOT='prebuilts/go/linux-x86' prebuilts/go/linux-x86/pkg/tool/linux_amd64/compile -c 8 -o out/soong/.bootstrap/soong-cc/test/android/soong/cc.a -p android/soong/cc -complete -I out/soong/.bootstrap/blueprint-parser/pkg -I out/soong/.bootstrap/blueprint-deptools/pkg -I out/soong/.bootstrap/blueprint-pathtools/pkg -I out/soong/.bootstrap/blueprint-proptools/pkg -I out/soong/.bootstrap/blueprint/pkg -I out/soong/.bootstrap/soong/pkg -I out/soong/.bootstrap/blueprint-bootstrap-bpdoc/pkg -I out/soong/.bootstrap/blueprint-bootstrap/pkg -I out/soong/.bootstrap/soong-env/pkg -I out/soong/.bootstrap/soong-android/pkg -I out/soong/.bootstrap/soong-cc-config/pkg -I out/soong/.bootstrap/soong-shared/pkg -I out/soong/.bootstrap/soong-genrule/pkg -pack build/soong/cc/androidmk.go build/soong/cc/builder.go build/soong/cc/cc.go build/soong/cc/check.go build/soong/cc/coverage.go build/soong/cc/gen.go build/soong/cc/lto.go build/soong/cc/makevars.go build/soong/cc/pgo.go build/soong/cc/prebuilt.go build/soong/cc/proto.go build/soong/cc/relocation_packer.go build/soong/cc/rs.go build/soong/cc/sanitize.go build/soong/cc/sabi.go build/soong/cc/stl.go build/soong/cc/strip.go build/soong/cc/tidy.go build/soong/cc/util.go build/soong/cc/vndk.go build/soong/cc/vndk_prebuilt.go build/soong/cc/cmakelists.go build/soong/cc/compiler.go build/soong/cc/installer.go build/soong/cc/linker.go build/soong/cc/binary.go build/soong/cc/fuzz.go build/soong/cc/library.go build/soong/cc/object.go build/soong/cc/test.go build/soong/cc/toolchain_library.go build/soong/cc/ndk_prebuilt.go build/soong/cc/ndk_headers.go build/soong/cc/ndk_library.go build/soong/cc/ndk_sysroot.go build/soong/cc/llndk_library.go build/soong/cc/kernel_headers.go build/soong/cc/genrule.go build/soong/cc/vendor_public_library.go build/soong/cc/cc_test.go build/soong/cc/gen_test.go build/soong/cc/library_test.go build/soong/cc/test_data_test.go

build/soong/cc/fuzz.go:14:9: package fuzz; expected cc

ninja: build stopped: subcommand failed.

17:35:20 soong bootstrap failed with: exit status 1

#### failed to build some targets (1 seconds) ####

Can anyone help me with how to configure the setup in AOSP?

[hiimmitc...@gmail.com]

Hi Sai,

I see you're using PQ2A.190205.001_P3XL. The cc_fuzz build target was added in Android Q/R-timeframe, and as such you'll need to have an up-to-date AOSP checkout for cc_fuzz to work.

Unfortunately, simply adding build/soong/cc/fuzz.go won't be sufficient here, you'll need to update your whole AOSP directory (or create a new one) in order to use cc_fuzz effectively.

- Mitch

[jrw]

Hi Mitch,

i'm facing the same problem on QQ2A.200305.002 on the Pixel 2XL (Tag: android-10.0.0_r30)

what is the best way to update my source tree to the latest working codebase for my device?

Thanks for your help,

Hannes

[hiimmitc...@gmail.com]

Hi Hannes,

Is that the build number of your device or the sync point of your source code checkout?

The instructions to download the newest version of the AOSP source code is at: https://source.android.com/setup/build/downloading

If you see //tools/security/fuzzing/example_fuzzer in your source tree, you should have cc_fuzz and the related build infrastructure.

Thanks,

Mitch.

[jrw]

Hi Mitch,

yes it's the build number which was refered to in the list.  i used the following tag for the repo init:

repo init -u https://android.googlesource.com/platform/manifest -b android-10.0.0_r30

which refers to build QQ2A.200305.002

for me, there is no fuzz.go after i do an 'repo sync' but thanks for poointing to the example_fuzzer directory, i completely missed that -- thank you!
the Android Q branch i checked out, has indeed the fuzz.go file in the source tree.
for now i used 'cc_binary' and added libFuzxer as static libs and "external/llvm/lib/Fuzzer" to the include dirs.


Thanks for your fast response,
Hannes

[hiimmitc...@gmail.com]

Oh, I misread the build number.

cc_fuzz was added in R (https://android-review.googlesource.com/c/platform/build/soong/+/1040276). Your Q checkout unfortunately won't have cc_fuzz.

Glad to hear that adding the static lib works okay, but bearing in mind cc_fuzz does some other things to make it much easier to deploy targets to your devices, and ensures that dependencies get sancov instrumentation properly. Much harder to achieve manually unfortuantely, I'd recommend upgrading to master if possible. For example, the last update on master was yesterday: https://android-review.googlesource.com/c/platform/build/soong/+/1252144

I can't make any guarantees when you're not on tip-of-tree unfortunately. Good news, you have a Pixel 2XL, so you can get a nice fresh Android master build trivially through Android Flash: https://flash.android.com :)

[hiimmitc...@gmail.com]

Oh, also, I forgot to mention. The libFuzzer documentation on the AOSP docs recently got updated and is worth a skim: https://source.android.com/devices/tech/debug/libfuzzer. It'll run you through everything from device setup (minimal) -> building -> deploying -> fuzzing.

[jrw]

Hi Mitch,

yes, i checked the android documentation about the libfuzzer but due to the update of the examples, it introduced the 'cc_fuzz' which did not work.

So the Android 10 branch for Pixel 2XL will not have cc_fuzz in any branch right?

Can you tell me what the recommended {way/branch/repo} is to get a most recent branch of android 10/11 which is buildable for the pixel2xl?

the https://flash.android.com is usable for flashing a recent build to my phone, but i aslo need a buildable codebase to build my fuzzers right?

Sorry for all the dumb questions and thank's for your patience,

Hannes

[jrw]

I just initialized a new repo without a tag parameter and added the beta vendor binarys. now i got the fuzz.go in the repo and i think that's what you tried to tell me :)

[hiimmitc...@gmail.com]

> So the Android 10 branch for Pixel 2XL will not have cc_fuzz in any branch right?

Unfortunately not, no. cc_fuzz was first introduced sometime in the Android 11 development stage.

> Can you tell me what the recommended {way/branch/repo} is to get a most recent branch of android 10/11 which is buildable for the pixel2xl?

There should be two builds on the flash tool (titled aosp-master-with-phones[-throttled] or something like that). One of the builds will be a taimen-userdebug (vanilla AOSP variant), one should be a taimen_hwasan-userdebug (HWAddressSanitizer) variant. Either one should work for fuzzing on Android (although you may as well sanitize the entire device with the taimen_hwasan build.

> the https://flash.android.com is usable for flashing a recent build to my phone, but i aslo need a buildable codebase to build my fuzzers right?

The builds on flashstation should be fresh, tip-of-tree builds (usually less than a day old). Using them in conjunction with a tip-of-tree AOSP checkout should bring your codebase and device in sync, and should allow you to fuzz using the previous libFuzzer-on-Android instructions :)

[jrw]

Perfect, that explains everything -- thanks a lot for your answers!

[hiimmitc...@gmail.com]

You're welcome! If you end up authoring some fuzz targets, please feel free to submit them to AOSP!