Bisected this to https://chromium-review.googlesource.com/855196, and confirmed that it for some reason causes service_manager_unittests to crash on startup, under Fuchsia/x64+Debug.

o_O

But how?

Issue affects both x64 and ARM64, and appears to be an attempt to read address 0x8, so hitting the zero page & faulting.

Switching off the component build gets things working, suggesting that this is some bug in the dynamic loader, tickled by rockot@'s Mojo change (e.g. perhaps we hit some .text size limit in libmojo*.so that the loader can't currently handle?)

Before rockot@'s CL the libmojo*.so's built for service_manager_unittests were (stripped):

-rwxr-x--- 1 wez eng   47280 Jan 17 09:50 out/gnDebug/libmojo_common_lib.so
-rwxr-x--- 1 wez eng  244624 Jan 17 09:50 out/gnDebug/libmojo_public_system_cpp.so
-rwxr-x--- 1 wez eng   13560 Jan 17 09:50 out/gnDebug/libmojo_public_system.so
-rwxr-x--- 1 wez eng 1069848 Jan 17 09:50 out/gnDebug/libmojo_system_impl.so

After it, they were:

-rwxr-x--- 1 wez eng   51240 Jan 17 09:51 out/gnDebug/libmojo_base_lib.so
-rwxr-x--- 1 wez eng   17896 Jan 17 09:51 out/gnDebug/libmojo_base_mojom_shared.so
-rwxr-x--- 1 wez eng   51264 Jan 17 09:51 out/gnDebug/libmojo_base_mojom.so
-rwxr-x--- 1 wez eng   43064 Jan 17 09:51 out/gnDebug/libmojo_base_shared_typemap_traits.so
-rwxr-x--- 1 wez eng   47280 Jan 17 09:51 out/gnDebug/libmojo_common_lib.so
-rwxr-x--- 1 wez eng  244624 Jan 17 09:51 out/gnDebug/libmojo_public_system_cpp.so
-rwxr-x--- 1 wez eng   13560 Jan 17 09:51 out/gnDebug/libmojo_public_system.so
-rwxr-x--- 1 wez eng 1069848 Jan 17 09:51 out/gnDebug/libmojo_system_impl.so

The CL has therefore added four dependencies, so perhaps we're hitting a low dynamic-library limit in the platform.

Before rockot@'s CL service_manager_unittests had 19 dynamic library dependencies, afterward it has 22 -> note to self to look for any hard-coded small limit in the Fuchsia dynamic loader :)

Is it possible dependencies became circular? I could imagine Fuchsia's loader being less forgiving of that.

Re #7: Ooooh, that's a good question; should be easy to check.

Also adding mcgrathr@ in case there is some obvious limit they're aware of.

Tracked this down to an out-by-one error in a buffer size calculation. We have always been overrunning the requested buffer size by one byte, but due to rounding to the next page bounary, this normally had no adverse effect. rockot@'s change happened to introduce a library with exactly the right name length for the single-byte overrun to spill over into the next page of memory, outside the allocation.

Patch to Fuchsia's loader is currently up for review.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/3d0476a897f85ba83f7fa280f625160518c64487

commit 3d0476a897f85ba83f7fa280f625160518c64487
Author: Scott Graham <scottmg@chromium.org>
Date: Fri Jan 26 18:08:16 2018

Roll Fuchsia SDK to 893404234442cf13abbc4e22ed996839ff5b1338

Updates clang toolchain_libs path to 7.0.0.

Includes https://fuchsia-review.googlesource.com/c/zircon/+/115121
which should fix component builds crashes.

Also renames calls from zx_time_get() to zx_clock_get() per recent
Fuchsia syscall change.

TBR=kmackay@chromium.org

Bug:  724204 , 707030,  803110 
Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: If2cb1d320c27b60fb32b0337ce1c6d2886b45b33
Reviewed-on: https://chromium-review.googlesource.com/884822
Reviewed-by: Kenneth MacKay <kmackay@chromium.org>
Reviewed-by: Wez <wez@chromium.org>
Commit-Queue: Scott Graham <scottmg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#532014}
[modify] https://crrev.com/3d0476a897f85ba83f7fa280f625160518c64487/DEPS
[modify] https://crrev.com/3d0476a897f85ba83f7fa280f625160518c64487/base/time/time_fuchsia.cc
[modify] https://crrev.com/3d0476a897f85ba83f7fa280f625160518c64487/build/config/fuchsia/BUILD.gn
[modify] https://crrev.com/3d0476a897f85ba83f7fa280f625160518c64487/chromecast/media/cma/backend/audio_decoder_for_mixer.cc
[modify] https://crrev.com/3d0476a897f85ba83f7fa280f625160518c64487/chromecast/media/cma/backend/fuchsia/mixer_output_stream_fuchsia.cc
[modify] https://crrev.com/3d0476a897f85ba83f7fa280f625160518c64487/media/audio/fuchsia/audio_output_stream_fuchsia.cc