search

gramineproject / graphene

Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support
https://grapheneproject.io
GNU Lesser General Public License v3.0
771 stars 260 forks source link

I/O error during run SQLite in Graphene #2461

Closed Keepmoving-ZXY closed 3 years ago

Keepmoving-ZXY commented 3 years ago

Description of the problem

I am working on run SQLite on Graphene, according to my two day's work, the compile of SQLite is okay, but run a SQLite database insert will cause SQLite I/O error.

Steps to reproduce

I change memcached manifest template file to use during SQLite compile and run, the Makefile can be found at:https://github.com/Keepmoving-ZXY/graphene/blob/master/Examples/sqlite/Makefile the manifest.template used during compile of SQLite:https://github.com/Keepmoving-ZXY/graphene/blob/master/Examples/sqlite/sqlite.manifest.template the manifest.template used during run SQLite test:https://github.com/Keepmoving-ZXY/graphene/blob/master/Examples/sqlite/app.manifest.template And my folk of graphene is master branch of this repo in 2021-6-20, and the manifest.template file is change from memcached.manifest.template, and I have not change this file fully, so memcache appears in the manifest.template for SQLite.

Expected results

Expected output is:

ID = 1
NAME = Kris
AGE = 27
ADDRESS = California
SALARY = 16000.0

Execute sql-statement: "CREATE TABLE COMPANY (          ID INT PRIMARY KEY NOT NULL,            NAME TEXT NOT NULL,             AGE INT NOT NULL,           ADDRESS CHAR(50),           SALARY REAL );          INSERT INTO COMPANY VALUES (                    1, 'Kris', 27,                  'California', 16000.00 );           SELECT * FROM COMPANY;"
on database: /tmp/test.db OK

Actual results

error: Using insecure argv source. Graphene will continue application execution, but this configuration must not be used in production!
SQL error: disk I/O error
mkow commented 3 years ago

In this particular case the culprit is this line: sgx.protected_files.dbfile = "file:/tmp/test.db", or rather what you're trying to do. Graphene currently doesn't support R/W protected files, you can either read one or write, but not both at the same time. This is due to challenges in cryptographically securing such files against replay attacks. Fortunately, if your database doesn't need to be persistent across enclave runs, then you can store it in tmpfs (in-memory mount), see https://graphene.readthedocs.io/en/latest/manifest-syntax.html#fs-mount-points.

p.s. In the future, you can usually trace down such issues yourself by raising log_level in the manifest to "debug" or "trace" and checking what exactly is failing.

mkow commented 3 years ago

Correction: actually, we should support R/W accesses to protected files, there was an old implementation of PF which didn't support this, but the current one should, which I forgot :) So, this shouldn't be the culprit. Could you find what exactly is failing in the logs? (see the post scriptum in my previous message).

Keepmoving-ZXY commented 3 years ago

Thank you for help, below is trace level log during graphene-sgx ./app:

debug: Token file: ./app.token
debug: Read token:
debug:     valid:                 0x00000001
debug:     attr.flags:            0x0000000000000006
debug:     attr.xfrm:             0x000000000000001f
debug:     mr_enclave:            a3ff6216503ffece44df2af41f840a1a209b108691d4e8144522988ca138621f
debug:     mr_signer:             8983b37ad6c2ae99127c48864157191132f6e57dbd16fb8b1334498bd33042ff
debug:     LE cpu_svn:            1012ffff010200000000000000000000
debug:     LE isv_prod_id:        20
debug:     LE isv_svn:            05
debug:     LE masked_misc_select: 0x00000000
debug:     LE attr.flags:         0x0000000000000021
debug:     LE attr.xfrm:          0x0000000000000000
debug: enclave created:
debug:     base:           0x0000000000000000
debug:     size:           0x0000000008000000
debug:     misc_select:    0x00000000
debug:     attr.flags:     0x0000000000000007
debug:     attr.xfrm:      0x000000000000001f
debug:     ssa_frame_size: 4
debug:     isv_prod_id:    0x00000000
debug:     isv_svn:        0x00000000
debug: adding pages to enclave: 0x7d37000-0x8000000 [REG:R--] (manifest) measured
debug: adding pages to enclave: 0x7d0f000-0x7d37000 [REG:RW-] (ssa) measured
debug: adding pages to enclave: 0x7d0a000-0x7d0f000 [TCS:---] (tcs) measured
debug: adding pages to enclave: 0x7d05000-0x7d0a000 [REG:RW-] (tls) measured
debug: adding pages to enclave: 0x7cc5000-0x7d05000 [REG:RW-] (stack) measured
debug: adding pages to enclave: 0x7c85000-0x7cc5000 [REG:RW-] (stack) measured
debug: adding pages to enclave: 0x7c45000-0x7c85000 [REG:RW-] (stack) measured
debug: adding pages to enclave: 0x7c05000-0x7c45000 [REG:RW-] (stack) measured
debug: adding pages to enclave: 0x7bc5000-0x7c05000 [REG:RW-] (stack) measured
debug: adding pages to enclave: 0x7bb5000-0x7bc5000 [REG:RW-] (sig_stack) measured
debug: adding pages to enclave: 0x7ba5000-0x7bb5000 [REG:RW-] (sig_stack) measured
debug: adding pages to enclave: 0x7b95000-0x7ba5000 [REG:RW-] (sig_stack) measured
debug: adding pages to enclave: 0x7b85000-0x7b95000 [REG:RW-] (sig_stack) measured
debug: adding pages to enclave: 0x7b75000-0x7b85000 [REG:RW-] (sig_stack) measured
debug: adding pages to enclave: 0x3759000-0x379c000 [REG:R-X] (code) measured
debug: adding pages to enclave: 0x379c000-0x37a0000 [REG:RW-] (data) measured
debug: adding pages to enclave: 0x37a0000-0x7b75000 [REG:RW-] (bss) measured
debug: adding pages to enclave: 0x10000-0x3759000 [REG:RWX] (free)
debug: enclave initializing:
debug:     enclave id:   0x0000000007fff000
debug:     mr_enclave:   a3ff6216503ffece44df2af41f840a1a209b108691d4e8144522988ca138621f
error: Using insecure argv source. Graphene will continue application execution, but this configuration must not be used in production!
warning: DkVirtualMemoryProtect is unimplemented in Linux-SGX PAL
[P48883::] debug: Host: Linux-SGX
[P48883::] debug: LibOS xsave_enabled 1, xsave_size 0x440(1088), xsave_features 0x1f
[P48883::] debug: Initial VMA region 0x36b7000-0x3759000 (LibOS) bookkeeped
[P48883::] debug: Initial VMA region 0x7d37000-0x8000000 (manifest) bookkeeped
[P48883::] debug: ASLR top address adjusted to 0x1046000
[P48883::] debug: Shim loaded at 0x36b7000, ready to initialize
[P48883::] debug: Mounting root as chroot filesystem: from file:. to /
[P48883::] debug: Mounting special proc filesystem: /proc
[P48883::] debug: Mounting special dev filesystem: /dev
[P48883::] debug: Mounting terminal device /dev/tty under /dev
[P48883::] debug: Mounting special sys filesystem: /sys
[P48883:T1:] debug: Mounting as chroot filesystem: from file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc to /lib
[P48883:T1:] debug: Mounting as chroot filesystem: from file:/etc to /etc
[P48883:T1:] debug: Mounting as chroot filesystem: from file:/tmp/ to /tmp/
[P48883:T1:] debug: Mounting as chroot filesystem: from file:/lib/x86_64-linux-gnu to /lib/x86_64-linux-gnu
[P48883:T1:] debug: Mounting as chroot filesystem: from file:/usr//lib/x86_64-linux-gnu to /usr//lib/x86_64-linux-gnu
[P48883:T1:app] debug: Allocating stack at 0x0 (size = 262144)
[P48883:T1:app] debug: loading "file:./app"
[P48883:T1:app] debug: adding a library for gdb: file:./app
[P48883:T1:app] debug: searching for interpreter: /lib/ld-linux-x86-64.so.2
[P48883:T1:app] debug: adding a library for gdb: file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc/ld-linux-x86-64.so.2
[P48883:T1:app] debug: Creating pipe: pipe.srv:48883
debug: sock_getopt (fd = 12, sockopt addr = 0x7ffdc0357cf0) is not implemented and always returns 0
[P48883:T1:app] debug: Shim process initialized
[P48883:i1:shim] debug: IPC worker started
[P48883:T1:app] trace: ---- shim_brk(0x0) = 0x256d000
[P48883:T1:app] warning: Not supported flag (0x3001) passed to arch_prctl
[P48883:T1:app] trace: ---- shim_arch_prctl(12289, 0x1045db0) = -38
[P48883:T1:app] trace: ---- shim_uname(0x10459a0) = 0x0
[P48883:T1:app] trace: ---- shim_access("/etc/ld.so.preload", F_OK|R_OK) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v3/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v3", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v2/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/glibc-hwcaps/x86-64-v2", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/tls/haswell/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/tls/haswell/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/tls/haswell/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/tls/haswell", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/tls/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/tls/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/tls/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/tls", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/haswell/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/haswell/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/haswell/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/haswell", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib", 0x1044fe0, 0) = 0x0
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/haswell/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/haswell/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/haswell/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/haswell", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/tls", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/haswell/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/haswell/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/haswell/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/haswell", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/x86_64/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = -2
[P48883:T1:app] trace: ---- shim_newfstatat(AT_FDCWD, "/lib/x86_64-linux-gnu/x86_64", 0x1044fe0, 0) = -2
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsqlite3.so.0", O_RDONLY|0x80000, 0000) = 0x3
[P48883:T1:app] trace: ---- shim_read(3, 0x1045138, 0x340) ...
[P48883:T1:app] trace: ---- return from shim_read(...) = 0x340
[P48883:T1:app] trace: ---- shim_newfstatat(3, "", 0x1044fe0, 4096) = 0x0
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xfca000
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x128e38, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xea1000
[P48883:T1:app] trace: ---- shim_mprotect(0xeaf000, 0x115000, PROT_NONE) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mmap(0xeaf000, 0xe0000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xeaf000
[P48883:T1:app] trace: ---- shim_mmap(0xf8f000, 0x34000, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xee000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xf8f000
[P48883:T1:app] trace: ---- shim_mmap(0xfc4000, 0x6000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x122000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xfc4000
[P48883:T1:app] trace: ---- shim_close(3) = 0x0
[P48883:T1:app] debug: glibc register library /lib/x86_64-linux-gnu/libsqlite3.so.0 loaded at 0x00ea1000
[P48883:T1:app] debug: adding a library for gdb: file:/lib/x86_64-linux-gnu/libsqlite3.so.0
[P48883:T1:app] trace: sync client: destroying handle: 0x100000006
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/libc.so.6", O_RDONLY|0x80000, 0000) = 0x3
[P48883:T1:app] trace: ---- shim_read(3, 0x1045118, 0x340) ...
[P48883:T1:app] trace: ---- return from shim_read(...) = 0x340
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1044b70, 0x310, 0x40) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x310
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1044b30, 0x30, 0x350) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x30
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1044ae0, 0x44, 0x380) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x44
[P48883:T1:app] trace: ---- shim_newfstatat(3, "", 0x1044fc0, 4096) = 0x0
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1044c10, 0x310, 0x40) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x310
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x1bf0e0, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xce1000
[P48883:T1:app] trace: ---- shim_mprotect(0xd07000, 0x190000, PROT_NONE) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mmap(0xd07000, 0x143000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xd07000
[P48883:T1:app] trace: ---- shim_mmap(0xe4a000, 0x4c000, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x169000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xe4a000
[P48883:T1:app] trace: ---- shim_mmap(0xe97000, 0x6000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b5000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xe97000
[P48883:T1:app] trace: ---- shim_mmap(0xe9d000, 0x30e0, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xe9d000
[P48883:T1:app] trace: ---- shim_close(3) = 0x0
[P48883:T1:app] debug: glibc register library /lib/libc.so.6 loaded at 0x00ce1000
[P48883:T1:app] debug: adding a library for gdb: file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc/libc.so.6
[P48883:T1:app] trace: sync client: destroying handle: 0x100000008
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/libm.so.6", O_RDONLY|0x80000, 0000) = 0x3
[P48883:T1:app] trace: ---- shim_read(3, 0x10450f8, 0x340) ...
[P48883:T1:app] trace: ---- return from shim_read(...) = 0x340
[P48883:T1:app] trace: ---- shim_newfstatat(3, "", 0x1044fa0, 4096) = 0x0
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x1420f8, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb9e000
[P48883:T1:app] trace: ---- shim_mmap(0xbad000, 0x99000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xbad000
[P48883:T1:app] trace: ---- shim_mmap(0xc46000, 0x99000, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa8000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xc46000
[P48883:T1:app] trace: ---- shim_mmap(0xcdf000, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x140000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xcdf000
[P48883:T1:app] trace: ---- shim_close(3) = 0x0
[P48883:T1:app] debug: glibc register library /lib/libm.so.6 loaded at 0x00b9e000
[P48883:T1:app] debug: adding a library for gdb: file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc/libm.so.6
[P48883:T1:app] trace: sync client: destroying handle: 0x10000000a
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/libpthread.so.0", O_RDONLY|0x80000, 0000) = 0x3
[P48883:T1:app] trace: ---- shim_read(3, 0x10450d8, 0x340) ...
[P48883:T1:app] trace: ---- return from shim_read(...) = 0x340
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1044e00, 0x30, 0x318) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x30
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1044db0, 0x44, 0x348) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x44
[P48883:T1:app] trace: ---- shim_newfstatat(3, "", 0x1044f80, 4096) = 0x0
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x20418, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb7d000
[P48883:T1:app] trace: ---- shim_mmap(0xb84000, 0xf000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb84000
[P48883:T1:app] trace: ---- shim_mmap(0xb93000, 0x5000, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb93000
[P48883:T1:app] trace: ---- shim_mmap(0xb98000, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb98000
[P48883:T1:app] trace: ---- shim_mmap(0xb9a000, 0x3418, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb9a000
[P48883:T1:app] trace: ---- shim_close(3) = 0x0
[P48883:T1:app] debug: glibc register library /lib/libpthread.so.0 loaded at 0x00b7d000
[P48883:T1:app] debug: adding a library for gdb: file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc/libpthread.so.0
[P48883:T1:app] trace: sync client: destroying handle: 0x10000000c
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/lib/libdl.so.2", O_RDONLY|0x80000, 0000) = 0x3
[P48883:T1:app] trace: ---- shim_read(3, 0x10450b8, 0x340) ...
[P48883:T1:app] trace: ---- return from shim_read(...) = 0x340
[P48883:T1:app] trace: ---- shim_newfstatat(3, "", 0x1044f60, 4096) = 0x0
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x40f0, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb78000
[P48883:T1:app] trace: ---- shim_mmap(0xb79000, 0x1000, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb79000
[P48883:T1:app] trace: ---- shim_mmap(0xb7a000, 0x1000, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb7a000
[P48883:T1:app] trace: ---- shim_mmap(0xb7b000, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb7b000
[P48883:T1:app] trace: ---- shim_close(3) = 0x0
[P48883:T1:app] debug: glibc register library /lib/libdl.so.2 loaded at 0x00b78000
[P48883:T1:app] debug: adding a library for gdb: file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc/libdl.so.2
[P48883:T1:app] trace: sync client: destroying handle: 0x10000000e
[P48883:T1:app] trace: ---- shim_mmap(0x0, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_mmap(...) = 0xb76000
[P48883:T1:app] trace: ---- shim_arch_prctl(4098, 0xb77080) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0xe97000, 0x3000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0xb7b000, 0x1000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0xb98000, 0x1000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0xcdf000, 0x1000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0xfc4000, 0x3000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0x1003000, 0x1000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_mprotect(0xffc000, 0x2000, PROT_READ) ...
[P48883:T1:app] trace: ---- return from shim_mprotect(...) = 0x0
[P48883:T1:app] trace: ---- shim_set_tid_address(0xb77350) = 0x1
[P48883:T1:app] trace: ---- shim_set_robust_list(0xb77360, 0x18) = 0x0
[P48883:T1:app] trace: ---- shim_rt_sigaction([SIG32], 0x1045c40, 0x0, 0x8) = 0x0
[P48883:T1:app] trace: ---- shim_rt_sigaction([SIG33], 0x1045c40, 0x0, 0x8) = 0x0
[P48883:T1:app] trace: ---- shim_rt_sigprocmask(UNBLOCK, [SIG32,SIG33,], NULL, 0x8) = 0x0
[P48883:T1:app] trace: ---- shim_prlimit64(0, 3, 0x0, 0x1045da0) = 0x0
[P48883:T1:app] trace: ---- shim_brk(0x0) = 0x256d000
[P48883:T1:app] trace: ---- shim_brk(0x258e000) = 0x258e000
debug: load_protected_file: /tmp/test.db, fd 18, size 4096, mode 1, create 0, pf 0x6f4a200
debug: load_protected_file: /tmp/test.db, fd 18: opening new PF 0x6f4a200
[P48883:T1:app] trace: ---- shim_lstat("/tmp/test.db", 0x1045ae0) = 0x0
[P48883:T1:app] trace: ---- shim_getpid() = 0x1
[P48883:T1:app] trace: ---- shim_getpid() = 0x1
debug: load_protected_file: /tmp/test.db, fd 18, size 4096, mode 3, create 1, pf 0x6f4a200
debug: load_protected_file: /tmp/test.db, fd 18: opening new PF 0x6f4a200
[P48883:T1:app] trace: ---- shim_openat(AT_FDCWD, "/tmp/test.db", O_RDWR|O_CREAT|0xa0000, 0644) = 0x3
[P48883:T1:app] trace: ---- shim_fstat(3, 0x10456d0) = 0x0
[P48883:T1:app] trace: ---- shim_fstat(3, 0x1045530) = 0x0
[P48883:T1:app] trace: ---- shim_stat("/tmp/test.db", 0x10455c0) = 0x0
[P48883:T1:app] trace: ---- shim_pread64(3, 0x1045c40, 0x64, 0x0) ...
[P48883:T1:app] trace: ---- return from shim_pread64(...) = 0x0
[P48883:T1:app] trace: ---- shim_fcntl(3, F_SETLK, 0x1044ca0) = -38
[P48883:T1:app] trace: ---- shim_write(2, 0x1043780, 0x1a) ...
SQL error: disk I/O error
[P48883:T1:app] trace: ---- return from shim_write(...) = 0x1a
[P48883:T1:app] trace: ---- shim_fstat(3, 0x1045bb0) = 0x0
[P48883:T1:app] trace: ---- shim_stat("/tmp/test.db", 0x1045c40) = 0x0
[P48883:T1:app] trace: sync client: destroying handle: 0x10000000f
[P48883:T1:app] trace: ---- shim_close(3) = 0x0
[P48883:T1:app] debug: ---- shim_exit_group (returning 255)
[P48883:T1:app] debug: sync client shutdown: closing handles
[P48883:T1:app] debug: sync client shutdown: waiting for confirmation
[P48883:T1:app] debug: sync client shutdown: finished
[P48883:i1:shim] debug: IPC worker: exiting worker thread
[P48883:T1:app] debug: process 48883 exited with status 255
debug: DkProcessExit: Returning exit code 255
dimakuv commented 3 years ago

The culprit is this output line:

[P48883:T1:app] trace: ---- shim_fcntl(3, F_SETLK, 0x1044ca0) = -38

Graphene doesn't support flock (or F_SETLK; both stand for "file locking") yet. Support for file-locking will come in a couple weeks, hopefully.

Keepmoving-ZXY commented 3 years ago

ok, thank you.