Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adjust frame IP in backtraces relative to image base for SGX target #117895

Merged
merged 3 commits into from
Nov 19, 2023

Conversation

mzohreva
Copy link
Contributor

This is followup to rust-lang/backtrace-rs#566.

The backtraces printed by panic! or generated by std::backtrace::Backtrace in SGX target are not usable. The frame addresses need to be relative to image base address so they can be used for symbol resolution. Here's an example panic backtrace generated before this change:

$ cargo r --target x86_64-fortanix-unknown-sgx
...
stack backtrace:
   0:     0x7f8fe401d3a5 - <unknown>
   1:     0x7f8fe4034780 - <unknown>
   2:     0x7f8fe401c5a3 - <unknown>
   3:     0x7f8fe401d1f5 - <unknown>
   4:     0x7f8fe401e6f6 - <unknown>

Here's the same panic after this change:

$ cargo +stage1 r --target x86_64-fortanix-unknown-sgx
stack backtrace:
   0:            0x198bf - <unknown>
   1:            0x3d181 - <unknown>
   2:            0x26164 - <unknown>
   3:            0x19705 - <unknown>
   4:            0x1ef36 - <unknown>

cc @jethrogb and @workingjubilee

@rustbot
Copy link
Collaborator

rustbot commented Nov 14, 2023

r? @Mark-Simulacrum

(rustbot has picked a reviewer for you, use r? to override)

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Nov 14, 2023
@rust-log-analyzer

This comment has been minimized.

@mzohreva mzohreva force-pushed the mz/fix-sgx-backtrace branch from 6763480 to 6e7ea03 Compare November 14, 2023 18:27
@rust-log-analyzer

This comment has been minimized.

@mzohreva
Copy link
Contributor Author

I don't quite understand why this is a problem:

Error: tidy error: /checkout/library/std/src/backtrace.rs:330: platform-specific cfg: cfg(all(target_vendor = "fortanix", target_env = "sgx"))

@workingjubilee
Copy link
Member

@mzohreva We try to keep platform-specific configuration code confined to the sys module, because otherwise we have 5 different abstraction layers bleeding into each other all the time.

@mzohreva
Copy link
Contributor Author

@workingjubilee so does that mean that we'd need to introduce a new API in sys that is only doing something in SGX and a no-op for all others? If so, can you point me to some existing example please?

@workingjubilee
Copy link
Member

so does that mean that we'd need to introduce a new API in sys that is only doing something in SGX and a no-op for all others?

Yes, basically. This is part of why I asked questions like "is there ANY other way to do this?" during review.

@workingjubilee
Copy link
Member

workingjubilee commented Nov 14, 2023

There is a file in tidy which contains a hardcoded list of exceptions, but it should generally never be added to, as doing so is... an unhappy last-resort, as any such exception applies to all ~450 lines of code in that file, and it means someone has to clean it up anyways in good time.

Other PRs which did this "refactor code into the sys module" (as part of a longer-term strategy of potentially extracting sys into its own crate) motion are

#[cfg(all(target_vendor = "fortanix", target_env = "sgx"))]
pub fn set_image_base() {
let image_base = crate::os::fortanix_sgx::mem::image_base();
backtrace_rs::set_image_base(crate::ptr::from_exposed_addr_mut(image_base as _));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this API implying that the backtrace generation is going to do more than math with the pointer value here? i.e., read/write from it? It seems odd to me to call from_exposed_addr here, vs. invalid_mut, which feels like it more appropriately describes the opaque nature of this pointer and theoretically hints that no one should read from it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, backtrace is only using this for adjusting frame IPs. Having read the docs in https://doc.rust-lang.org/nightly/std/ptr/index.html I was under the impression that doing pointer arithmetic also requires strict provenance.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would not expect arithmetic with non-unsafe functions to ever require provenance. It looks like that code is operating on usize even, so it's not even doing pointer arithmetic I think.

@Mark-Simulacrum
Copy link
Member

@bors r+

@bors
Copy link
Contributor

bors commented Nov 18, 2023

📌 Commit b576dd2 has been approved by Mark-Simulacrum

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Nov 18, 2023
compiler-errors added a commit to compiler-errors/rust that referenced this pull request Nov 18, 2023
…ark-Simulacrum

Adjust frame IP in backtraces relative to image base for SGX target

This is followup to rust-lang/backtrace-rs#566.

The backtraces printed by `panic!` or generated by `std::backtrace::Backtrace` in SGX target are not usable. The frame addresses need to be relative to image base address so they can be used for symbol resolution. Here's an example panic backtrace generated before this change:

```
$ cargo r --target x86_64-fortanix-unknown-sgx
...
stack backtrace:
   0:     0x7f8fe401d3a5 - <unknown>
   1:     0x7f8fe4034780 - <unknown>
   2:     0x7f8fe401c5a3 - <unknown>
   3:     0x7f8fe401d1f5 - <unknown>
   4:     0x7f8fe401e6f6 - <unknown>
```
Here's the same panic after this change:
```
$ cargo +stage1 r --target x86_64-fortanix-unknown-sgx
stack backtrace:
   0:            0x198bf - <unknown>
   1:            0x3d181 - <unknown>
   2:            0x26164 - <unknown>
   3:            0x19705 - <unknown>
   4:            0x1ef36 - <unknown>
```
cc `@jethrogb` and `@workingjubilee`
@bors
Copy link
Contributor

bors commented Nov 19, 2023

⌛ Testing commit b576dd2 with merge d052f6f...

@bors
Copy link
Contributor

bors commented Nov 19, 2023

☀️ Test successful - checks-actions
Approved by: Mark-Simulacrum
Pushing d052f6f to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Nov 19, 2023
@bors bors merged commit d052f6f into rust-lang:master Nov 19, 2023
11 checks passed
@rustbot rustbot added this to the 1.76.0 milestone Nov 19, 2023
@rust-timer
Copy link
Collaborator

Finished benchmarking commit (d052f6f): comparison URL.

Overall result: no relevant changes - no action needed

@rustbot label: -perf-regression

Instruction count

This benchmark run did not return any relevant results for this metric.

Max RSS (memory usage)

Results

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)
- - 0
Regressions ❌
(secondary)
4.8% [4.8%, 4.8%] 1
Improvements ✅
(primary)
-2.7% [-2.7%, -2.7%] 1
Improvements ✅
(secondary)
- - 0
All ❌✅ (primary) -2.7% [-2.7%, -2.7%] 1

Cycles

This benchmark run did not return any relevant results for this metric.

Binary size

This benchmark run did not return any relevant results for this metric.

Bootstrap: 676.828s -> 675.196s (-0.24%)
Artifact size: 313.81 MiB -> 313.81 MiB (0.00%)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
merged-by-bors This PR was explicitly merged by bors. S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-libs Relevant to the library team, which will review and decide on the PR/issue.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants