Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1.1.4 enclave linker error undefined reference to `__assert_fail' without release #373

Open
celaus opened this issue Feb 9, 2022 · 3 comments
Open

1.1.4 enclave linker error undefined reference to `__assert_fail' without release #373

celaus opened this issue Feb 9, 2022 · 3 comments

Comments

@celaus
Copy link

celaus commented Feb 9, 2022

Hi,

it looks like something changed between 1.1.3 and 1.1.4 that keeps ring (and I assume other dependencies with a debug_assert) from building. Here is the log output, note that I commented out the release flag in the enclave's build file (cargo build #--release). At the end of the log you'll find the corresponding linker error:

root@c7e07849f3a4:~/sgx/samplecode/tls/tlsclient# make
make -C ./enclave/
make[1]: Entering directory '/root/sgx/samplecode/tls/tlsclient/enclave'
cargo build #--release
warning: Patch `sgx_backtrace v1.1.4 (/root/sgx/sgx_backtrace)` was not used in the crate graph.
Patch `sgx_cov v1.1.4 (/root/sgx/sgx_cov)` was not used in the crate graph.
Patch `sgx_crypto_helper v1.1.4 (/root/sgx/sgx_crypto_helper)` was not used in the crate graph.
Patch `sgx_rand v1.1.4 (/root/sgx/sgx_rand)` was not used in the crate graph.
Patch `sgx_rand_derive v1.1.4 (/root/sgx/sgx_rand_derive)` was not used in the crate graph.
Patch `sgx_serialize v1.1.4 (/root/sgx/sgx_serialize)` was not used in the crate graph.
Patch `sgx_serialize_derive v1.1.4 (/root/sgx/sgx_serialize_derive)` was not used in the crate graph.
Patch `sgx_serialize_derive_internals v1.1.4 (/root/sgx/sgx_serialize_derive_internals)` was not used in the crate graph.
Patch `sgx_tcrypto v1.1.4 (/root/sgx/sgx_tcrypto)` was not used in the crate graph.
Patch `sgx_tcrypto_helper v1.1.4 (/root/sgx/sgx_tcrypto_helper)` was not used in the crate graph.
Patch `sgx_tdh v1.1.4 (/root/sgx/sgx_tdh)` was not used in the crate graph.
Patch `sgx_tkey_exchange v1.1.4 (/root/sgx/sgx_tkey_exchange)` was not used in the crate graph.
Patch `sgx_tse v1.1.4 (/root/sgx/sgx_tse)` was not used in the crate graph.
Patch `sgx_tseal v1.1.4 (/root/sgx/sgx_tseal)` was not used in the crate graph.
Patch `sgx_tunittest v1.1.4 (/root/sgx/sgx_tunittest)` was not used in the crate graph.
Check that the patched package version and available features are compatible
with the dependency requirements. If the patch has a different version from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not enabled.
warning: unnecessary `unsafe` block
   --> /root/sgx/sgx_tstd/src/sys_common/wtf8.rs:828:9
    |
828 |         unsafe {
    |         ^^^^^^ unnecessary `unsafe` block
    |
    = note: `#[warn(unused_unsafe)]` on by default

warning: `sgx_tstd` (lib) generated 1 warning
    Finished dev [unoptimized + debuginfo] target(s) in 0.03s
cp ./target/debug/libtlsclient.a ../lib/libenclave.a
make[1]: Leaving directory '/root/sgx/samplecode/tls/tlsclient/enclave'
CC   <=  enclave/Enclave_t.c
/usr/bin/ld: ./lib/libenclave.a(aes_nohw.o): in function `aes_nohw_to_batch':
/root/.cargo/git/checkouts/ring-sgx-f3f2b49526f918ea/844efe2/crypto/fipsmodule/aes/aes_nohw.c:479: undefined reference to `__assert_fail'
/usr/bin/ld: ./lib/libenclave.a(aes_nohw.o): in function `aes_nohw_from_batch':
/root/.cargo/git/checkouts/ring-sgx-f3f2b49526f918ea/844efe2/crypto/fipsmodule/aes/aes_nohw.c:496: undefined reference to `__assert_fail'
/usr/bin/ld: ./lib/libenclave.a(limbs.o): in function `limbs_add':
/root/.cargo/git/checkouts/ring-sgx-f3f2b49526f918ea/844efe2/crypto/limbs/limbs.inl:118: undefined reference to `__assert_fail'
/usr/bin/ld: ./lib/libenclave.a(limbs.o): in function `limbs_sub':
/root/.cargo/git/checkouts/ring-sgx-f3f2b49526f918ea/844efe2/crypto/limbs/limbs.inl:129: undefined reference to `__assert_fail'
/usr/bin/ld: ./lib/libenclave.a(limbs.o): in function `LIMBS_less_than':
/root/.cargo/git/checkouts/ring-sgx-f3f2b49526f918ea/844efe2/crypto/limbs/limbs.c:71: undefined reference to `__assert_fail'
/usr/bin/ld: ./lib/libenclave.a(limbs.o):/root/.cargo/git/checkouts/ring-sgx-f3f2b49526f918ea/844efe2/crypto/limbs/limbs.c:84: more undefined references to `__assert_fail' follow
collect2: error: ld returned 1 exit status
Makefile:141: recipe for target 'enclave/enclave.so' failed
make: *** [enclave/enclave.so] Error 1

Whereas the same thing works in 1.1.3 (here it's just cargo build):

root@ad3bd7ac0824:~/sgx/samplecode/tls/tlsclient# make
make -C ./enclave/
make[1]: Entering directory '/root/sgx/samplecode/tls/tlsclient/enclave'
cargo build
    Updating git repository `https://github.com/apache/teaclave-sgx-sdk.git`
warning: Patch `sgx_backtrace v1.1.3 (/root/sgx/sgx_backtrace)` was not used in the crate graph.
Patch `sgx_cov v1.1.3 (/root/sgx/sgx_cov)` was not used in the crate graph.
Patch `sgx_crypto_helper v1.1.3 (/root/sgx/sgx_crypto_helper)` was not used in the crate graph.
Patch `sgx_rand v1.1.3 (/root/sgx/sgx_rand)` was not used in the crate graph.
Patch `sgx_rand_derive v1.1.3 (/root/sgx/sgx_rand_derive)` was not used in the crate graph.
Patch `sgx_serialize v1.1.3 (/root/sgx/sgx_serialize)` was not used in the crate graph.
Patch `sgx_serialize_derive v1.1.3 (/root/sgx/sgx_serialize_derive)` was not used in the crate graph.
Patch `sgx_serialize_derive_internals v1.1.3 (/root/sgx/sgx_serialize_derive_internals)` was not used in the crate graph.
Patch `sgx_tcrypto v1.1.3 (/root/sgx/sgx_tcrypto)` was not used in the crate graph.
Patch `sgx_tcrypto_helper v1.1.3 (/root/sgx/sgx_tcrypto_helper)` was not used in the crate graph.
Patch `sgx_tdh v1.1.3 (/root/sgx/sgx_tdh)` was not used in the crate graph.
Patch `sgx_tkey_exchange v1.1.3 (/root/sgx/sgx_tkey_exchange)` was not used in the crate graph.
Patch `sgx_tse v1.1.3 (/root/sgx/sgx_tse)` was not used in the crate graph.
Patch `sgx_tseal v1.1.3 (/root/sgx/sgx_tseal)` was not used in the crate graph.
Patch `sgx_tunittest v1.1.3 (/root/sgx/sgx_tunittest)` was not used in the crate graph.
Check that the patched package version and available features are compatible
with the dependency requirements. If the patch has a different version from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not enabled.
   Compiling sgx_tstd v1.1.3 (/root/sgx/sgx_tstd)
   Compiling sgx_unwind v0.1.1 (/root/sgx/sgx_unwind)
   Compiling sgx_libc v1.1.3 (/root/sgx/sgx_libc)
   Compiling sgx_backtrace_sys v1.1.3 (/root/sgx/sgx_backtrace_sys)
   Compiling ring v0.16.19 (https://github.com/mesalock-linux/ring-sgx?tag=v0.16.5#844efe27)
   Compiling log v0.4.14 (https://github.com/mesalock-linux/log-sgx#2ca9039a)
   Compiling lazy_static v1.4.0
   Compiling sgx_trts v1.1.3 (/root/sgx/sgx_trts)
   Compiling sgx_tprotected_fs v1.1.3 (/root/sgx/sgx_tprotected_fs)
   Compiling base64 v0.13.0 (https://github.com/mesalock-linux/rust-base64-sgx#dc7389e1)
   Compiling webpki v0.21.4 (https://github.com/mesalock-linux/webpki?branch=mesalock_sgx#8dbe6fbe)
   Compiling sct v0.6.0 (https://github.com/mesalock-linux/sct.rs?branch=mesalock_sgx#c4d859cc)
   Compiling rustls v0.19.0 (https://github.com/mesalock-linux/rustls?branch=mesalock_sgx#95b5e79d)
   Compiling tlsclient v1.0.0 (/root/sgx/samplecode/tls/tlsclient/enclave)
    Finished dev [unoptimized + debuginfo] target(s) in 20.45s
cp ./target/debug/libtlsclient.a ../lib/libenclave.a
make[1]: Leaving directory '/root/sgx/samplecode/tls/tlsclient/enclave'
CC   <=  enclave/Enclave_t.c
LINK =>  enclave/enclave.so
mkdir -p bin
<!-- Please refer to User's Guide for the explanation of each field -->
<EnclaveConfiguration>
    <ProdID>0</ProdID>
    <ISVSVN>0</ISVSVN>
    <StackMaxSize>0x40000</StackMaxSize>
    <HeapMaxSize>0x100000</HeapMaxSize>
    <TCSNum>1</TCSNum>
    <TCSPolicy>1</TCSPolicy>
    <DisableDebug>0</DisableDebug>
    <MiscSelect>0</MiscSelect>
    <MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>
tcs_num 1, tcs_max_num 1, tcs_min_pool 1
The required memory is 4157440B.
The required memory is 0x3f7000, 4060 KB.
Succeed.
SIGN =>  bin/enclave.signed.so

Can you check what happened?
@dingelish
Copy link
Contributor

@celaus which rustc are you using? i just tested against nightly-2021-11-01 and didn't reproduce.

$ rustc --version
rustc 1.58.0-nightly (ff0e14829 2021-10-31)

@celaus
Copy link
Author

celaus commented Feb 10, 2022
edited
Loading

I was using the respective docker images for each compile:

$ sudo docker run -ti -v (pwd):/root/sgx --device /dev/isgx  baiduxlab/sgx-rust:1804-1.1.4 bash
root@23e62148b04d:~# rustc --version
rustc 1.58.0-nightly (ff0e14829 2021-10-31)

and

$ sudo docker run -ti -v (pwd):/root/sgx --device /dev/isgx  baiduxlab/sgx-rust:1804-1.1.3 bash
root@e8f1676b3dde:~# rustc --version
rustc 1.49.0-nightly (ffa2e7ae8 2020-10-24)
root@e8f1676b3dde:~#

@dingelish
Copy link
Contributor

@celaus reproduced. thanks!
looks like the newer compiler somehow does not include __assert_fail's implementation in generated static libraries. to this end, you can export CFLAGS="-DRING_CORE_NOSTDLIBINC=1" to let Ring build without the __assert_fail dependency.

@Niederb Niederb mentioned this issue Jul 6, 2022
Closed
@OverOrion OverOrion mentioned this issue Mar 3, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@celaus @dingelish