Building and launching

In the Momentics IDE for BlackBerry, all of your development tasks start with the toolbar. You can use the toolbar to build, launch, debug, profile, and analyze your app.

Screen showing the buttons and drop-down lists on the toolbar.

When you create a project, the Momentics IDE creates a launch configuration for your app. You can create a launch configuration for different modes, such as run, debug, profile, or memory analysis. When you select a launch mode on the toolbar, it changes how the Momentics IDE starts the app. You can build your app directly in the IDE and deploy it to a device or simulator that's configured as a launch target.

Link against libraries

Before you can build an app successfully, you must link against all of the libraries that you use in your app.

For a complete list of libraries that are available in the BlackBerry 10 Native SDK, see Library support.

Set security options

The Makefile in a Cascades project contains a set of instructions that specify how to build an app. When you use the Momentics IDE to build and package your app, you don't typically need to modify any of these instructions. However, depending on the version of the BlackBerry 10 Native SDK that you're running, you might need to update some security settings. For more information, see Makefile security settings for Cascades apps.

You can select compiler and linker options that activate security features when you compile your C project and link object files into shared objects and executables. By default, the Momentics IDE applies the compiler and linker options to new C projects for all managed builds and Makefile projects. For more information, see Security options for C apps.

Makefile security settings for Cascades apps

These compiler and linker options make it harder to exploit vulnerabilities in an app. With the correct configuration, many vulnerabilities that might allow attackers to take control of an app become more difficult to exploit. The recommended security settings for a Cascades app are as follows:

 QMAKE_CFLAGS_RELEASE += -fPIC
QMAKE_CXXFLAGS_RELEASE += -fPIC
QMAKE_LFLAGS_RELEASE += -Wl,-z,relro -pie
QMAKE_POST_LINK = ntoarm-objcopy --only-keep-debug ${DESTDIR}/${QMAKE_TARGET} ${DESTDIR}/${QMAKE_TARGET}.sym && ntoarm-objcopy --strip-all -R.ident --add-gnu-debuglink "${DESTDIR}/${QMAKE_TARGET}.sym" "$@" "${DESTDIR}/${QMAKE_TARGET}" 

In future releases, some of these values might be enabled by default.

If your project has been updated to a recent version of Cascades, adding these settings might not work on their own. To determine if additional settings are required, look for the line containing the CONFIG variable in your .pro file. If that line contains cascades10, then the following settings are also required:

QMAKE_CFLAGS_RELEASE += -fstack-protector-strong
QMAKE_CXXFLAGS_RELEASE += -fstack-protector-strong
QMAKE_LFLAGS_RELEASE += -Wl,-z,relro

Security options for C apps

You can set compiler and linker pass-thru options for C apps.

Compiler options

-fstack-protector-all
This option causes the compiler to inject a cookie. If a buffer overflow occurs at runtime, the cookie is overwritten and the app quits with an error message on the console. Users don't see the console error when the app exits.
-D_FORTIFY_SOURCE
-D defines a macro and _FORTIFY_SOURCE provides lightweight buffer overflow protection to some memory and string functions. For example, with -D_FORTIFY_SOURCE=2, the line strcpy (&var.t.buf[1], "abcdxyz"); is considered a buffer overflow. If the compiler determines at compile time that an overflow occurs, it issues a warning. If the compiler cannot detect an overflow at compile time, it performs a check at runtime. If the check fails, the compiler prints a message on the console and ends the process.
-fPIE

You must use the -fPIE option when you compile your app as a position-independent executable (PIE). PIE refers to code that runs correctly regardless of its location in memory. To take full advantage of the Address Space Layout Randomization (ALSR) security features in the BlackBerry 10 OS, compile your executable as a PIE. The Momentics IDE applies this option only to release builds.

Be careful not to compile shared objects with the -fPIE option. Use the -shared option instead. The -shared option implies -fPIC.

The default option in the toolchain is PIE. If you have non-PIC libraries, you must rebuild them to link them correctly into a PIE binary, or use -nopie when linking the executable to generate an absolute executable.

Since gprof doesn't work on shared objects, when you compile and link with -p, you need to specify -nopie to generate an executable and linkable format (ELF) executable with output that gprof can use.

Linker pass-through options

-Wl,-z,relro
This option causes the dynamic linker to mark dynamic relocations in ELF files as read-only when the relocation tables have been processed.
-Wl,-z,now
This option forces all relocations to be applied, and all symbols to be resolved immediately at runtime. Without this option, the dynamic linker resolves the app lazily. If you use this option together with -Wl,-z,relro, they provide a high level of protection for the relocation table.
-pie
This option produces a position-independent executable (PIE). The Momentics IDE applies this option only to release builds.

Create a launch configuration

To run, debug, or profile an app on your target device or simulator, you need a launch configuration. If you don't create a launch configuration, the Momentics IDE creates a default configuration for you when you run your app for the first time. You can select a launch mode, such as Run, Debug, QML Profile, or Run Release, from the Launch mode drop-down list and use the default launch configuration for each of these options.

If you want more control, you can create a launch configuration. A launch configuration defines which app to launch, the command-line options to use, and what values to use for environment variables. The configuration also defines which tools to run with your app, such as the Code Coverage tool, Application Profiler, and Memory Analysis tool. You specify these settings once and then you can use them again and again. You can also create multiple launch configurations for your app.

To create a launch configuration:

  1. On the toolbar, in the Launch target drop-down list, select a device or simulator.
  2. In the Launch configuration drop-down list, select Create New Configuration.
  3. Select the initial launch mode, and click Next.

    To profile your app, select either C/C++ Profile or QML Profile instead of Profile.

  4. In the Launch Configuration Type options, select either BlackBerry C/C++ Application or BlackBerry Postmortem Debugging. You can use the default launch configuration settings or customize the settings:
    • To use the default settings, on the Launch Configuration Type screen, click Finish.
    • To customize the settings, on the Launch Configuration Type screen, click Next. Select the settings that you want, and then click Finish.

Last modified: 2014-11-17



Got questions about leaving a comment? Get answers from our Disqus FAQ.

comments powered by Disqus