Bug 1330655 - Make NSS build within OSS-Fuzz r=franziskus
authorTim Taubert <ttaubert@mozilla.com>
Fri, 20 Jan 2017 14:45:55 +0100
changeset 13040 ff2afbfc0f9776dd7b6f8896e314721e2483d2a1
parent 13039 c188b719789ddbc847c5c69d6feab1386fbf333a
child 13041 0dc67f1e4c21c4cd2c138408a89adedb1e602fbc
push id1942
push userttaubert@mozilla.com
push dateFri, 20 Jan 2017 14:19:08 +0000
reviewersfranziskus
bugs1330655
Bug 1330655 - Make NSS build within OSS-Fuzz r=franziskus Differential Revision: https://nss-review.dev.mozaws.net/D161
.gitignore
.hgignore
automation/taskcluster/graph/src/extend.js
automation/taskcluster/scripts/fuzz.sh
build.sh
coreconf/config.gypi
coreconf/fuzz.sh
coreconf/nspr.sh
coreconf/sanitizers.py
coreconf/sanitizers.sh
fuzz/fuzz.gyp
fuzz/warning.txt
gtests/common/gtest.gypi
lib/freebl/freebl.gyp
lib/ssl/ssl.gyp
nss.gyp
--- a/.gitignore
+++ b/.gitignore
@@ -12,8 +12,9 @@ out/*
 GPATH
 GRTAGS
 GTAGS
 #*
 .#*
 .ycm_extra_conf.py*
 fuzz/libFuzzer/*
 fuzz/corpus
+fuzz/out
--- a/.hgignore
+++ b/.hgignore
@@ -12,8 +12,9 @@ out/*
 GPATH
 GRTAGS
 GTAGS
 #*
 .#*
 .ycm_extra_conf.py*
 fuzz/libFuzzer/*
 fuzz/corpus
+fuzz/out
--- a/automation/taskcluster/graph/src/extend.js
+++ b/automation/taskcluster/graph/src/extend.js
@@ -280,17 +280,17 @@ async function scheduleFuzzing() {
   };
 
   // Build base definition.
   let build_base = merge({
     command: [
       "/bin/bash",
       "-c",
       "bin/checkout.sh && " +
-      "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz"
+      "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz=tls"
     ],
     artifacts: {
       public: {
         expires: 24 * 7,
         type: "directory",
         path: "/home/worker/artifacts"
       }
     },
--- a/automation/taskcluster/scripts/fuzz.sh
+++ b/automation/taskcluster/scripts/fuzz.sh
@@ -13,9 +13,9 @@ fetch_dist
 
 # Ensure we have a directory.
 mkdir -p nss/fuzz/corpus/$type
 
 # Fetch objdir name.
 objdir=$(cat dist/latest)
 
 # Run nssfuzz.
-LD_LIBRARY_PATH=$LD_LIBRARY_PATH:dist/$objdir/lib dist/$objdir/bin/nssfuzz-"$type" "$@"
+dist/$objdir/bin/nssfuzz-"$type" "$@"
--- a/build.sh
+++ b/build.sh
@@ -10,19 +10,19 @@ cwd=$(cd $(dirname $0); pwd -P)
 source "$cwd"/coreconf/nspr.sh
 source "$cwd"/coreconf/sanitizers.sh
 
 # Usage info
 show_help()
 {
     cat << EOF
 Usage: ${0##*/} [-hcv] [-j <n>] [--nspr] [--gyp|-g] [--opt|-o] [-m32]
-                [--test] [--fuzz] [--pprof] [--scan-build[=output]]
+                [--test] [--pprof] [--scan-build[=output]] [--ct-verif]
                 [--asan] [--ubsan] [--msan] [--sancov[=edge|bb|func|...]]
-                [--ct-verif] [--disable-tests]
+                [--disable-tests] [--fuzz[=tls|oss]]
 
 This script builds NSS with gyp and ninja.
 
 This build system is still under development.  It does not yet support all
 the features or platforms that NSS supports.
 
 NSS build tool options:
 
@@ -30,17 +30,19 @@ NSS build tool options:
     -c               clean before build
     -v               verbose build
     -j <n>           run at most <n> concurrent jobs
     --nspr           force a rebuild of NSPR
     --gyp|-g         force a rerun of gyp
     --opt|-o         do an opt build
     -m32             do a 32-bit build on a 64-bit system
     --test           ignore map files and export everything we have
-    --fuzz           enable fuzzing mode. this always enables test builds
+    --fuzz           build fuzzing targets (this always enables test builds)
+                     --fuzz=tls to enable TLS fuzzing mode
+                     --fuzz=oss to build for OSS-Fuzz
     --pprof          build with gperftool support
     --ct-verif       build with valgrind for ct-verif
     --scan-build     run the build with scan-build (scan-build has to be in the path)
                      --scan-build=/out/path sets the output path for scan-build
     --asan           do an asan build
     --ubsan          do an ubsan build
                      --ubsan=bool,shift,... sets specific UB sanitizers
     --msan           do an msan build
@@ -69,16 +71,18 @@ fi
 opt_build=0
 build_64=0
 clean=0
 rebuild_gyp=0
 rebuild_nspr=0
 target=Debug
 verbose=0
 fuzz=0
+fuzz_tls=0
+fuzz_oss=0
 
 gyp_params=(--depth="$cwd" --generator-output=".")
 nspr_params=()
 ninja_params=()
 
 # try to guess sensible defaults
 arch=$(python "$cwd"/coreconf/detect_host_arch.py)
 if [ "$arch" = "x64" -o "$arch" = "aarch64" ]; then
@@ -90,29 +94,32 @@ while [ $# -gt 0 ]; do
     case $1 in
         -c) clean=1 ;;
         --gyp|-g) rebuild_gyp=1 ;;
         --nspr) nspr_clean; rebuild_nspr=1 ;;
         -j) ninja_params+=(-j "$2"); shift ;;
         -v) ninja_params+=(-v); verbose=1 ;;
         --test) gyp_params+=(-Dtest_build=1) ;;
         --fuzz) fuzz=1 ;;
+        --fuzz=oss) fuzz=1; fuzz_oss=1 ;;
+        --fuzz=tls) fuzz=1; fuzz_tls=1 ;;
         --scan-build) enable_scanbuild  ;;
         --scan-build=?*) enable_scanbuild "${1#*=}" ;;
         --opt|-o) opt_build=1 ;;
         -m32|--m32) build_64=0 ;;
         --asan) enable_sanitizer asan ;;
         --msan) enable_sanitizer msan ;;
         --ubsan) enable_ubsan ;;
         --ubsan=?*) enable_ubsan "${1#*=}" ;;
         --sancov) enable_sancov ;;
         --sancov=?*) enable_sancov "${1#*=}" ;;
         --pprof) gyp_params+=(-Duse_pprof=1) ;;
         --ct-verif) gyp_params+=(-Dct_verif=1) ;;
         --disable-tests) gyp_params+=(-Ddisable_tests=1) ;;
+        --no-zdefs) gyp_params+=(-Dno_zdefs=1) ;;
         *) show_help; exit 2 ;;
     esac
     shift
 done
 
 if [ "$opt_build" = 1 ]; then
     target=Release
 else
@@ -147,16 +154,17 @@ fi
 # e.g., "-e 2 -f 1" and "-e 1 -f 2" canonicalize the same.
 check_config()
 {
     local newconf="$1".new oldconf="$1"
     shift
     mkdir -p $(dirname "$newconf")
     echo CC="$CC" >"$newconf"
     echo CCC="$CCC" >>"$newconf"
+    echo CXX="$CXX" >>"$newconf"
     for i in "$@"; do echo $i; done | sort >>"$newconf"
 
     # Note: The following diff fails if $oldconf isn't there as well, which
     # happens if we don't have a previous successful build.
     ! diff -q "$newconf" "$oldconf" >/dev/null 2>&1
 }
 
 gyp_config="$cwd"/out/gyp_config
@@ -165,23 +173,31 @@ nspr_config="$cwd"/out/$target/nspr_conf
 # If we don't have a build directory make sure that we rebuild.
 if [ ! -d "$target_dir" ]; then
     rebuild_nspr=1
     rebuild_gyp=1
 elif [ ! -d "$dist_dir"/$target ]; then
     rebuild_nspr=1
 fi
 
+# Update NSPR ${C,CXX,LD}FLAGS.
+nspr_set_flags $sanitizer_flags
+
 if check_config "$nspr_config" "${nspr_params[@]}" \
                  nspr_cflags="$nspr_cflags" \
                  nspr_cxxflags="$nspr_cxxflags" \
                  nspr_ldflags="$nspr_ldflags"; then
     rebuild_nspr=1
 fi
 
+# Forward sanitizer flags.
+if [ ! -z "$sanitizer_flags" ]; then
+    gyp_params+=(-Dsanitizer_flags="$sanitizer_flags")
+fi
+
 if check_config "$gyp_config" "${gyp_params[@]}"; then
     rebuild_gyp=1
 fi
 
 # save the chosen target
 mkdir -p "$dist_dir"
 echo $target > "$dist_dir"/latest
 
--- a/coreconf/config.gypi
+++ b/coreconf/config.gypi
@@ -92,22 +92,21 @@
     'disable_chachapoly%': 0,
     'disable_dbm%': 0,
     'disable_libpkix%': 1,
     'disable_werror%': 0,
     'mozilla_client%': 0,
     'moz_fold_libs%': 0,
     'moz_folded_library_name%': '',
     'ssl_enable_zlib%': 1,
-    'use_asan%': 0,
-    'use_ubsan%': 0,
-    'use_msan%': 0,
-    'use_sancov%': 0,
+    'sanitizer_flags%': 0,
     'test_build%': 0,
+    'no_zdefs%': 0,
     'fuzz%': 0,
+    'fuzz_tls%': 0,
     'sign_libs%': 1,
     'use_pprof%': 0,
     'ct_verif%': 0,
     'nss_public_dist_dir%': '<(nss_dist_dir)/public',
     'nss_private_dist_dir%': '<(nss_dist_dir)/private',
   },
   'target_defaults': {
     # Settings specific to targets should go here.
@@ -130,17 +129,17 @@
         ],
       }],
       [ 'OS=="linux"', {
         'libraries': [
           '-ldl',
           '-lc',
         ],
       }],
-      [ 'use_asan==1 or use_ubsan!=0 or fuzz==1', {
+      [ 'fuzz==1', {
         'variables': {
           'debug_optimization_level%': '1',
         },
       }],
     ],
     'target_conditions': [
       # If we want to properly export a static library, and copy it to lib,
       # we need to mark it as a 'standalone_static_library'. Otherwise,
@@ -211,25 +210,29 @@
         ],
       }],
       # Shared library specific settings.
       [ '_type=="shared_library"', {
         'conditions': [
           [ 'cc_use_gnu_ld==1', {
             'ldflags': [
               '-Wl,--gc-sections',
-              '-Wl,-z,defs',
             ],
             'conditions': [
               ['OS=="dragonfly" or OS=="freebsd" or OS=="netbsd" or OS=="openbsd"', {
                 # Bug 1321317 - unix_rand.c:880: undefined reference to `environ'
                 'ldflags': [
                   '-Wl,--warn-unresolved-symbols',
                 ],
               }],
+              ['no_zdefs==0', {
+                'ldflags': [
+                  '-Wl,-z,defs',
+                ],
+              }],
             ],
           }],
         ],
         'xcode_settings': {
           'DYLIB_INSTALL_NAME_BASE': '@executable_path',
           'DYLIB_COMPATIBILITY_VERSION': '1',
           'DYLIB_CURRENT_VERSION': '1',
           'OTHER_LDFLAGS': [
@@ -343,83 +346,32 @@
               }],
             ],
           }],
           [ 'disable_werror==0 and OS!="android" and OS!="win"', {
             'cflags': [
               '<!@(<(python) <(DEPTH)/coreconf/werror.py)',
             ],
           }],
-          [ 'fuzz==1', {
+          [ 'fuzz_tls==1', {
             'cflags': [
               '-Wno-unused-function',
-            ]
+            ],
           }],
-          [ 'use_asan==1', {
-            'variables': {
-              'asan_flags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py asan)',
-              'no_ldflags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py ld)',
-            },
-            'cflags': ['<@(asan_flags)'],
-            'ldflags': ['<@(asan_flags)'],
-            'ldflags!': ['<@(no_ldflags)'],
+          [ 'sanitizer_flags!=0', {
+            'cflags': ['<@(sanitizer_flags)'],
+            'ldflags': ['<@(sanitizer_flags)'],
             'xcode_settings': {
-              'OTHER_CFLAGS': ['<@(asan_flags)'],
-              'OTHER_LDFLAGS!': ['<@(no_ldflags)'],
+              'OTHER_CFLAGS': ['<@(sanitizer_flags)'],
               # We want to pass -fsanitize=... to our final link call,
               # but not to libtool. OTHER_LDFLAGS is passed to both.
               # To trick GYP into doing what we want, we'll piggyback on
               # LIBRARY_SEARCH_PATHS, producing "-L/usr/lib -fsanitize=...".
               # The -L/usr/lib is redundant but innocuous: it's a default path.
-              'LIBRARY_SEARCH_PATHS': ['/usr/lib <(asan_flags)'],
-            },
-          }],
-          [ 'use_ubsan!=0', {
-            'variables': {
-              'ubsan_flags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py ubsan <(use_ubsan))',
-              'no_ldflags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py ld)',
-            },
-            'cflags': ['<@(ubsan_flags)'],
-            'ldflags': ['<@(ubsan_flags)'],
-            'ldflags!': ['<@(no_ldflags)'],
-            'xcode_settings': {
-              'OTHER_CFLAGS': ['<@(ubsan_flags)'],
-              'OTHER_LDFLAGS!': ['<@(no_ldflags)'],
-              # See comment above.
-              'LIBRARY_SEARCH_PATHS': ['/usr/lib <(ubsan_flags)'],
-            },
-          }],
-          [ 'use_msan==1', {
-            'variables': {
-              'msan_flags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py msan)',
-              'no_ldflags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py ld)',
-            },
-            'cflags': ['<@(msan_flags)'],
-            'ldflags': ['<@(msan_flags)'],
-            'ldflags!': ['<@(no_ldflags)'],
-            'xcode_settings': {
-              'OTHER_CFLAGS': ['<@(msan_flags)'],
-              'OTHER_LDFLAGS!': ['<@(no_ldflags)'],
-              # See comment above.
-              'LIBRARY_SEARCH_PATHS': ['/usr/lib <(msan_flags)'],
-            },
-          }],
-          [ 'use_sancov!=0', {
-            'variables': {
-              'sancov_flags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py sancov <(use_sancov))',
-              'no_ldflags': '<!(<(python) <(DEPTH)/coreconf/sanitizers.py ld)',
-            },
-            'cflags': ['<@(sancov_flags)'],
-            'ldflags': ['<@(sancov_flags)'],
-            'ldflags!': ['<@(no_ldflags)'],
-            'xcode_settings': {
-              'OTHER_CFLAGS': ['<@(sancov_flags)'],
-              'OTHER_LDFLAGS!': ['<@(no_ldflags)'],
-              # See comment above.
-              'LIBRARY_SEARCH_PATHS': ['/usr/lib <(sancov_flags)'],
+              'LIBRARY_SEARCH_PATHS': ['/usr/lib <(sanitizer_flags)'],
             },
           }],
           [ 'OS=="android" and mozilla_client==0', {
             'defines': [
               'NO_SYSINFO',
               'NO_FORK_CHECK',
               'ANDROID',
             ],
--- a/coreconf/fuzz.sh
+++ b/coreconf/fuzz.sh
@@ -1,16 +1,24 @@
 #!/usr/bin/env bash
 # This file is used by build.sh to setup fuzzing.
 
 gyp_params+=(-Dtest_build=1 -Dfuzz=1)
-enable_sanitizer asan
-enable_ubsan
-enable_sancov
 
 # Add debug symbols even for opt builds.
 nspr_params+=(--enable-debug-symbols)
 
-echo "fuzz [1/2] Cloning libFuzzer files ..."
-run_verbose "$cwd"/fuzz/clone_libfuzzer.sh
+if [ "$fuzz_oss" = 1 ]; then
+  gyp_params+=(-Dno_zdefs=1)
+else
+  enable_sanitizer asan
+  enable_ubsan
+  enable_sancov
+fi
 
-echo "fuzz [2/2] Cloning fuzzing corpus ..."
-run_verbose  "$cwd"/fuzz/clone_corpus.sh
+if [ "$fuzz_tls" = 1 ]; then
+  gyp_params+=(-Dfuzz_tls=1)
+fi
+
+if [ ! -f "/usr/lib/libFuzzingEngine.a" ]; then
+  echo "Cloning libFuzzer files ..."
+  run_verbose "$cwd"/fuzz/clone_libfuzzer.sh
+fi
--- a/coreconf/nspr.sh
+++ b/coreconf/nspr.sh
@@ -9,22 +9,21 @@ nspr_cflags=
 nspr_cxxflags=
 nspr_ldflags=
 
 # Try to avoid bmake on OS X and BSD systems
 if hash gmake 2>/dev/null; then
     make() { command gmake "$@"; }
 fi
 
-nspr_sanitizer()
+nspr_set_flags()
 {
-    local extra=$(python $cwd/coreconf/sanitizers.py "$@")
-    nspr_cflags="$nspr_cflags $extra"
-    nspr_cxxflags="$nspr_cxxflags $extra"
-    nspr_ldflags="$nspr_ldflags $extra"
+    nspr_cflags="$CFLAGS $@"
+    nspr_cxxflags="$CXXFLAGS $@"
+    nspr_ldflags="$LDFLAGS $@"
 }
 
 nspr_build()
 {
     local nspr_dir="$cwd"/../nspr/$target
     mkdir -p "$nspr_dir"
 
     # These NSPR options are directory-specific, so they don't need to be
--- a/coreconf/sanitizers.py
+++ b/coreconf/sanitizers.py
@@ -1,16 +1,16 @@
 #!/usr/bin/env python2
 
 from __future__ import print_function
 import sys
 
 def main():
     if len(sys.argv) < 2:
-        raise Exception('Specify either "ld", asan", "msan", "sancov" or "ubsan" as argument.')
+        raise Exception('Specify either "asan", "msan", "sancov" or "ubsan" as argument.')
 
     sanitizer = sys.argv[1]
     if sanitizer == "ubsan":
         if len(sys.argv) < 3:
             raise Exception('ubsan requires another argument.')
         print('-fsanitize='+sys.argv[2]+' -fno-sanitize-recover=undefined ', end='')
         return
     if sanitizer == "asan":
@@ -22,17 +22,12 @@ def main():
         print('-fno-omit-frame-pointer -fno-optimize-sibling-calls ', end='')
         return
     if sanitizer == "sancov":
         if len(sys.argv) < 3:
             raise Exception('sancov requires another argument (edge|bb|func).')
         print('-fsanitize-coverage='+sys.argv[2]+' ', end='')
         return
 
-    # We have to remove this from the ld flags when building asan.
-    if sanitizer == "ld":
-        print('-Wl,-z,defs ', end='')
-        return
-
-    raise Exception('Specify either "ld", asan", "msan", "sancov" or "ubsan" as argument.')
+    raise Exception('Specify either "asan", "msan", "sancov" or "ubsan" as argument.')
 
 if __name__ == '__main__':
     main()
--- a/coreconf/sanitizers.sh
+++ b/coreconf/sanitizers.sh
@@ -1,20 +1,27 @@
 #!/usr/bin/env bash
 # This file is used by build.sh to setup sanitizers.
 
+sanitizer_flags=""
+
 # This tracks what sanitizers are enabled, and their options.
 declare -A sanitizers
 enable_sanitizer()
 {
     local san="$1"
     [ -n "${sanitizers[$san]}" ] && return
     sanitizers[$san]="${2:-1}"
-    gyp_params+=(-Duse_"$san"="${2:-1}")
-    nspr_sanitizer "$san" "$2"
+
+    if [ -z "$sanitizer_flags" ]; then
+        gyp_params+=(-Dno_zdefs=1)
+    fi
+
+    local cflags=$(python $cwd/coreconf/sanitizers.py "$@")
+    sanitizer_flags="$sanitizer_flags $cflags"
 }
 
 enable_sancov()
 {
     local clang_version=$($CC --version | grep -oE 'clang version (3\.9\.|4\.)')
     if [ -z "$clang_version" ]; then
         echo "Need at least clang-3.9 (better 4.0) for sancov." 1>&2
         exit 1
--- a/fuzz/fuzz.gyp
+++ b/fuzz/fuzz.gyp
@@ -1,106 +1,137 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 {
   'includes': [
     '../coreconf/config.gypi',
-    '../cmd/platlibs.gypi'
   ],
+  'variables': {
+    'use_fuzzing_engine': '<!(test -f /usr/lib/libFuzzingEngine.a && echo 1 || echo 0)',
+  },
+  'target_defaults': {
+    'variables': {
+      'debug_optimization_level': '2',
+    },
+    'target_conditions': [
+      [ '_type=="executable"', {
+        'libraries!': [
+          '<@(nspr_libs)',
+        ],
+        'libraries': [
+          '<(nss_dist_obj_dir)/lib/libplds4.a',
+          '<(nss_dist_obj_dir)/lib/libnspr4.a',
+          '<(nss_dist_obj_dir)/lib/libplc4.a',
+        ],
+      }],
+    ],
+  },
   'targets': [
     {
-      'target_name': 'libFuzzer',
-      'type': 'static_library',
-      'sources': [
-        'libFuzzer/FuzzerCrossOver.cpp',
-        'libFuzzer/FuzzerDriver.cpp',
-        'libFuzzer/FuzzerExtFunctionsDlsym.cpp',
-        'libFuzzer/FuzzerExtFunctionsWeak.cpp',
-        'libFuzzer/FuzzerExtFunctionsWeakAlias.cpp',
-        'libFuzzer/FuzzerIO.cpp',
-        'libFuzzer/FuzzerIOPosix.cpp',
-        'libFuzzer/FuzzerIOWindows.cpp',
-        'libFuzzer/FuzzerLoop.cpp',
-        'libFuzzer/FuzzerMain.cpp',
-        'libFuzzer/FuzzerMerge.cpp',
-        'libFuzzer/FuzzerMutate.cpp',
-        'libFuzzer/FuzzerSHA1.cpp',
-        'libFuzzer/FuzzerTracePC.cpp',
-        'libFuzzer/FuzzerTraceState.cpp',
-        'libFuzzer/FuzzerUtil.cpp',
-        'libFuzzer/FuzzerUtilDarwin.cpp',
-        'libFuzzer/FuzzerUtilLinux.cpp',
-        'libFuzzer/FuzzerUtilPosix.cpp',
-        'libFuzzer/FuzzerUtilWindows.cpp',
+      'target_name': 'fuzz_base',
+      'dependencies': [
+        '<(DEPTH)/lib/certdb/certdb.gyp:certdb',
+        '<(DEPTH)/lib/certhigh/certhigh.gyp:certhi',
+        '<(DEPTH)/lib/cryptohi/cryptohi.gyp:cryptohi',
+        '<(DEPTH)/lib/base/base.gyp:nssb',
+        '<(DEPTH)/lib/dev/dev.gyp:nssdev',
+        '<(DEPTH)/lib/pki/pki.gyp:nsspki',
+        '<(DEPTH)/lib/util/util.gyp:nssutil',
+        '<(DEPTH)/lib/nss/nss.gyp:nss_static',
+        '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap',
       ],
-      'direct_dependent_settings': {
-        'include_dirs': [
-          'libFuzzer',
-        ],
-      }
+      'conditions': [
+        ['use_fuzzing_engine==0', {
+          'type': 'static_library',
+          'sources': [
+            'libFuzzer/FuzzerCrossOver.cpp',
+            'libFuzzer/FuzzerDriver.cpp',
+            'libFuzzer/FuzzerExtFunctionsDlsym.cpp',
+            'libFuzzer/FuzzerExtFunctionsWeak.cpp',
+            'libFuzzer/FuzzerExtFunctionsWeakAlias.cpp',
+            'libFuzzer/FuzzerIO.cpp',
+            'libFuzzer/FuzzerIOPosix.cpp',
+            'libFuzzer/FuzzerIOWindows.cpp',
+            'libFuzzer/FuzzerLoop.cpp',
+            'libFuzzer/FuzzerMain.cpp',
+            'libFuzzer/FuzzerMerge.cpp',
+            'libFuzzer/FuzzerMutate.cpp',
+            'libFuzzer/FuzzerSHA1.cpp',
+            'libFuzzer/FuzzerTracePC.cpp',
+            'libFuzzer/FuzzerTraceState.cpp',
+            'libFuzzer/FuzzerUtil.cpp',
+            'libFuzzer/FuzzerUtilDarwin.cpp',
+            'libFuzzer/FuzzerUtilLinux.cpp',
+            'libFuzzer/FuzzerUtilPosix.cpp',
+            'libFuzzer/FuzzerUtilWindows.cpp',
+          ],
+          'cflags/': [
+            ['exclude', '-fsanitize-coverage'],
+          ],
+          'xcode_settings': {
+            'OTHER_CFLAGS/': [
+              ['exclude', '-fsanitize-coverage'],
+            ],
+          },
+          'direct_dependent_settings': {
+            'include_dirs': [
+              'libFuzzer',
+            ],
+          },
+        }, {
+          'type': 'none',
+          'direct_dependent_settings': {
+            'libraries': ['-lFuzzingEngine'],
+          }
+        }]
+      ],
     },
     {
       'target_name': 'nssfuzz-cert',
       'type': 'executable',
       'sources': [
         'asn1_mutators.cc',
         'cert_target.cc',
         'initialize.cc',
       ],
       'dependencies': [
         '<(DEPTH)/exports.gyp:nss_exports',
-        'libFuzzer',
+        'fuzz_base',
+      ],
+    },
+    {
+      'target_name': 'nssfuzz-spki',
+      'type': 'executable',
+      'sources': [
+        'asn1_mutators.cc',
+        'spki_target.cc',
+        'initialize.cc',
+      ],
+      'dependencies': [
+        '<(DEPTH)/exports.gyp:nss_exports',
+        'fuzz_base',
       ],
     },
     {
       'target_name': 'nssfuzz-pkcs8',
       'type': 'executable',
       'sources': [
         'asn1_mutators.cc',
         'initialize.cc',
         'pkcs8_target.cc',
       ],
       'dependencies': [
         '<(DEPTH)/exports.gyp:nss_exports',
-        'libFuzzer',
-      ],
-    },
-    {
-      'target_name': 'nssfuzz-spki',
-      'type': 'executable',
-      'sources': [
-        'asn1_mutators.cc',
-        'spki_target.cc',
-        'initialize.cc',
-      ],
-      'dependencies': [
-        '<(DEPTH)/exports.gyp:nss_exports',
-        'libFuzzer',
+        'fuzz_base',
       ],
     },
     {
       'target_name': 'nssfuzz',
       'type': 'none',
       'dependencies': [
         'nssfuzz-cert',
+        'nssfuzz-spki',
         'nssfuzz-pkcs8',
-        'nssfuzz-spki',
-      ]
+      ],
     }
   ],
-  'target_defaults': {
-    'variables': {
-      'debug_optimization_level': '2',
-    },
-    'cflags/': [
-      ['exclude', '-fsanitize-coverage'],
-    ],
-    'xcode_settings': {
-      'OTHER_CFLAGS/': [
-        ['exclude', '-fsanitize-coverage'],
-      ],
-    },
-  },
-  'variables': {
-    'module': 'nss',
-  }
 }
--- a/fuzz/warning.txt
+++ b/fuzz/warning.txt
@@ -1,15 +1,16 @@
 
-##############################################
-##                                          ##
-##  WARNING: You're building with -Dfuzz=1  ##
-##                                          ##
-##  This means:                             ##
-##                                          ##
-##   * Your PRNG is DETERMINISTIC.          ##
-##   * TLS transcripts are PLAINTEXT.       ##
-##   * TLS signature checks are DISABLED.   ##
-##                                          ##
-##  Thank you for fuzzing!                  ##
-##                                          ##
-##############################################
+##################################################
+##                                              ##
+##  WARNING: You're building with -Dfuzz_tls=1  ##
+##                                              ##
+##  This means:                                 ##
+##                                              ##
+##   * Your PRNG is DETERMINISTIC.              ##
+##   * TLS transcripts are PLAINTEXT.           ##
+##   * Session tickets are NOT encrypted.       ##
+##   * TLS signature/MAC checks are DISABLED.   ##
+##                                              ##
+##  Thank you for fuzzing!                      ##
+##                                              ##
+##################################################
 
--- a/gtests/common/gtest.gypi
+++ b/gtests/common/gtest.gypi
@@ -9,17 +9,17 @@
           '-lws2_32',
         ],
       }],
       ['OS=="android"', {
         'libraries': [
           '-lstdc++',
         ],
       }],
-      [ 'fuzz==1', {
+      [ 'fuzz_tls==1', {
         'defines': [
           'UNSAFE_FUZZER_MODE',
         ],
       }],
     ],
     'msvs_settings': {
       'VCCLCompilerTool': {
         'ExceptionHandling': 1,
--- a/lib/freebl/freebl.gyp
+++ b/lib/freebl/freebl.gyp
@@ -220,17 +220,17 @@
               # not x64
               'sources': [
                 'chacha20.c',
                 'poly1305.c',
               ],
             }],
           ],
         }],
-        [ 'fuzz==1', {
+        [ 'fuzz_tls==1', {
           'sources': [
             'det_rng.c',
           ],
           'defines': [
             'UNSAFE_FUZZER_MODE',
           ],
         }],
         [ 'ct_verif==1', {
@@ -386,17 +386,17 @@
             'defines': [
               'MP_IS_LITTLE_ENDIAN',
               'NSS_BEVAND_ARCFOUR',
               'MPI_AMD64',
               'MP_ASSEMBLY_MULTIPLY',
               'NSS_USE_COMBA',
             ],
           }],
-          [ 'target_arch=="x64" and use_msan==0', {
+          [ 'target_arch=="x64"', {
             'defines': [
               'USE_HW_AES',
               'INTEL_GCM',
             ],
           }],
           [ 'target_arch=="ia32"', {
             'defines': [
               'MP_IS_LITTLE_ENDIAN',
--- a/lib/ssl/ssl.gyp
+++ b/lib/ssl/ssl.gyp
@@ -58,17 +58,17 @@
         [ 'ssl_enable_zlib==1', {
           'dependencies': [
             '<(DEPTH)/lib/zlib/zlib.gyp:nss_zlib'
           ],
           'defines': [
             'NSS_SSL_ENABLE_ZLIB',
           ],
         }],
-        [ 'fuzz==1', {
+        [ 'fuzz_tls==1', {
           'defines': [
             'UNSAFE_FUZZER_MODE',
           ],
         }],
         [ 'mozilla_client==1', {
           'defines': [
             'NSS_ENABLE_TLS13_SHORT_HEADERS',
           ],
--- a/nss.gyp
+++ b/nss.gyp
@@ -236,34 +236,38 @@
                 }],
               ],
               'action': ['<(python)', '<(DEPTH)/coreconf/shlibsign.py', '<@(_inputs)']
             }
           ],
         },
       ],
     }],
-    [ 'fuzz==1', {
+    [ 'fuzz_tls==1', {
       'targets': [
         {
           'target_name': 'fuzz_warning',
           'type': 'none',
           'actions': [
             {
               'action_name': 'fuzz_warning',
               'action': ['cat', 'fuzz/warning.txt'],
               'inputs': ['fuzz/warning.txt'],
               'ninja_use_console': 1,
               'outputs': ['dummy'],
             }
           ],
         },
+      ],
+    }],
+    [ 'fuzz==1', {
+      'targets': [
         {
           'target_name': 'fuzz',
           'type': 'none',
           'dependencies': [
             'fuzz/fuzz.gyp:nssfuzz',
-          ]
+          ],
         },
       ],
     }],
   ],
 }