Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Unable to debug enclave in Visual Studio 2019

Edwardbr1
Beginner
311 Views

Hi I have my code debugging happily in visual studio 2017 in debug mode, but not in 2019.  I am using multibyte character sets, not wide utf16/UCS2 character sets.  I am compiling 64 bit with the /d2FH4- flag specified.  I can run the code fine, but I cannot hit any breakpoints in the enclave.

I am using visual studio 2019 16.9.3, against Intel SGX SDK for Windows v2.12.100.4. with the working directory of the executable set to $(OutDir).

Please note that the vcxproj files are generated from cmake files, this is so we can use ninja for our server side for faster builds and be able to target multiple OS's and compilers.

Regards

Edward

These are the typical compiler flags that I use in the untrusted executable, with some company include paths and libs stripped out for brevity:

/MP /ifcOutput "foo_test.dir\Debug\" /GS /Zc:rvalueCast /W3 /Gy /Zc:wchar_t /I"C:\PROGRA~2\Intel\INTELS~1\include" /I"C:\Dev\Secretarium\core1\cmakeconfigs\submodules\mbedtls\include" /I"C:\.hunter\_Base\36e7f44\4a04064\f9d8bc8\Install\include" /Zi /Gm- /Od /Ob0 /sdl /Fd"C:\Dev\Secretarium\core1\build\output\Debug\foo_test.pdb" /Zc:inline /fp:precise /D "ENCLAVE_STATUS=sgx_status_t" /D "ENCLAVE_OK=SGX_SUCCESS" /D "_LIB" /D "NOMINMAX" /D "WIN32" /D "_WINDOWS" /D "_DEBUG" /D "FMT_HEADER_ONLY=1" /D "SPDLOG_COMPILED_LIB" /D "SPDLOG_FMT_EXTERNAL" /D "FMT_LOCALE" /D "NNG_HAVE_BUS0" /D "NNG_HAVE_PAIR0" /D "NNG_HAVE_PAIR1" /D "NNG_HAVE_PUSH0" /D "NNG_HAVE_PULL0" /D "NNG_HAVE_PUB0" /D "NNG_HAVE_SUB0" /D "NNG_HAVE_REQ0" /D "NNG_HAVE_REP0" /D "NNG_HAVE_SURVEYOR0" /D "NNG_HAVE_RESPONDENT0" /D "NNG_TRANSPORT_INPROC" /D "NNG_TRANSPORT_IPC" /D "NNG_TRANSPORT_TCP" /D "NNG_TRANSPORT_TLS" /D "NNG_STATIC_LIB" /D "CMAKE_INTDIR=\"Debug\"" /D "_MBCS" /errorReport:prompt /WX /Zc:forScope /RTC1 /Gd /MDd /std:c++17 /FC /Fa"foo_test.dir\Debug\" /EHsc /nologo /Fo"foo_test.dir\Debug\" /Fp"foo_test.dir\Debug\foo_test.pch" /diagnostics:classic /bigobj

These are the linker flags that I use in the untrusted executable:

/OUT:"C:\Dev\Secretarium\core1\build\output\Debug\foo_test.exe" /MANIFEST /NXCOMPAT /PDB:"C:/Dev/Secretarium/core1/build/output/Debug/foo_test.pdb" /DYNAMICBASE "..\..\..\..\output\Debug\miscellaneous_host.lib" "C:\.hunter\_Base\36e7f44\4a04064\f9d8bc8\Install\lib\spdlogd.lib" "ws2_32.lib" /IMPLIB:"C:/Dev/Secretarium/core1/build/output/Debug/foo_test.lib" /DEBUG /MACHINE:X64 /WX /INCREMENTAL /PGD:"C:\Dev\Secretarium\core1\build\output\Debug\foo_test.pgd" /SUBSYSTEM:CONSOLE /MANIFESTUAC:"level='asInvoker' uiAccess='false'" /ManifestFile:"foo_test.dir\Debug\foo_test.exe.intermediate.manifest" /LTCGOUT:"foo_test.dir\Debug\foo_test.iobj" /ERRORREPORT:PROMPT /NOLOGO /LIBPATH:"C:/PROGRA~2/Intel/INTELS~1/bin/x64/Release" /LIBPATH:"C:/PROGRA~2/Intel/INTELS~1/bin/x64/Release/Debug" /TLBID:1 /machine:x64 /IGNORE:4099 /IGNORE:4098 /IGNORE:4204

 

The enclave compile flags:

/MP /ifcOutput "foo_enclave.dir\Debug\" /GS /Zc:rvalueCast /W3 /Gy /Zc:wchar_t /I"C:\PROGRA~2\Intel\INTELS~1\include" /I"C:\Dev\Secretarium\core1\build\secretarium\libraries\foo\enclave" /I"C:\.hunter\_Base\36e7f44\4a04064\f9d8bc8\Install\include" /Qspectre /Zi /Gm- /Od /Ob0 /sdl /Fd"C:\Dev\Secretarium\core1\build\output\Debug\foo_enclave.pdb" /Zc:inline /fp:precise /D "ENCLAVE_STATUS=sgx_status_t" /D "ENCLAVE_OK=SGX_SUCCESS" /D "_LIB" /D "NOMINMAX" /D "_IN_ENCLAVE" /D "VERBOSE=2" /D "_DEBUG" /D "ALL_APPS_EMBEDDED" /D "IGNORE_DISTRIBUTION_INCONSITENCIES" /D "CMAKE_INTDIR=\"Debug\"" /D "foo_enclave_EXPORTS" /D "_WINDLL" /D "_MBCS" /errorReport:prompt /WX /Zc:forScope /Gd /MDd /std:c++17 /FC /Fa"foo_enclave.dir\Debug\" /EHsc /nologo /Fo"foo_enclave.dir\Debug\" /Fp"foo_enclave.dir\Debug\foo_enclave.pch" /diagnostics:classic /bigobj /d2FH4-

The enclave linker flags:

/OUT:"C:\Dev\Secretarium\core1\build\output\Debug\foo_enclave.dll" /MANIFEST /NOENTRY /NXCOMPAT /PDB:"C:/Dev/Secretarium/core1/build/output/Debug/foo_enclave.pdb" /DYNAMICBASE "sgx_tcxx.lib" "sgx_trts.lib" "sgx_tstdc.lib" "sgx_tservice.lib" "sgx_tcrypto.lib" /IMPLIB:"C:/Dev/Secretarium/core1/build/output/Debug/foo_enclave.lib" /DEBUG /DLL /MACHINE:X64 /WX /OPT:REF /INCREMENTAL:NO /PGD:"C:\Dev\Secretarium\core1\build\output\Debug\foo_enclave.pgd" /SUBSYSTEM:CONSOLE /MANIFESTUAC:"level='asInvoker' uiAccess='false'" /ManifestFile:"foo_enclave.dir\Debug\foo_enclave.dll.intermediate.manifest" /LTCGOUT:"foo_enclave.dir\Debug\foo_enclave.iobj" /OPT:ICF /ERRORREPORT:PROMPT /NOLOGO /LIBPATH:"C:/PROGRA~2/Intel/INTELS~1/bin/x64/Release" /LIBPATH:"C:/PROGRA~2/Intel/INTELS~1/bin/x64/Release/Debug" /NODEFAULTLIB /TLBID:1 /machine:x64 /IGNORE:4099

0 Kudos
1 Solution
JesusG_Intel
Moderator
279 Views

Hello Edward,

Was the information I provided helpful?

The Intel SGX SDK Developer Reference Guide for Windows that is distributed with each SDK contains the latest guidance in Section Setting up an Intel Software Guard Extensions Project. The guide is in the documents directory where you expanded the SGX SDK installer file. This slightly older Developer Reference Guide has the same guidance, I think.

Sincerely,

Jesus G.

Intel Customer Support

 

View solution in original post

2 Replies
JesusG_Intel
Moderator
301 Views

Hello Edward, here are the flags that work for me in Visual Studio 2019, 64-bit, SGX SDK 2.12.100.4


Enclave

C/C++ Command Line:

/ifcOutput "x64\Debug\" /GS /W4 /Zc:wchar_t /I"C:\git\src\SampleEnclave - Copy\\Include" /I"C:\Program Files (x86)\Intel\IntelSGXSDK\include" /I"C:\Program Files (x86)\Intel\IntelSGXSDK\include\tlibc" /I"C:\Program Files (x86)\Intel\IntelSGXSDK\include\libc++" /I"C:\Program Files (x86)\Intel\IntelSGXSDK\include\epid" /I"C:\git\src\SampleEnclave - Copy\\Enclave" /Qspectre /guard:cf /Zi /Gm- /Od /Fd"x64\Debug\vc142.pdb" /Zc:inline /fp:precise /D "_WINDLL" /errorReport:prompt /WX /Zc:forScope /Gd /MTd /FC /Fa"x64\Debug\" /EHsc /nologo /Fo"x64\Debug\" /Fp"x64\Debug\Enclave.pch" /diagnostics:column 

Additional Options: /d2FH4-


Linker Command Line:

/OUT:"C:\git\src\SampleEnclave - Copy\x64\Debug\Enclave.dll" /MANIFEST:NO /NOENTRY /NXCOMPAT /PDB:"C:\git\src\SampleEnclave - Copy\x64\Debug\Enclave.pdb" /DYNAMICBASE "sgx_trts.lib" "sgx_tstdc.lib" "sgx_tservice.lib" "sgx_tcxx.lib" "sgx_tcrypto.lib" /IMPLIB:"C:\git\src\SampleEnclave - Copy\x64\Debug\Enclave.lib" /DEBUG /DLL /MACHINE:X64 /WX /PGD:"C:\git\src\SampleEnclave - Copy\x64\Debug\Enclave.pgd" /MANIFESTUAC:"level='asInvoker' uiAccess='false'" /ManifestFile:"x64\Debug\Enclave.dll.intermediate.manifest" /ERRORREPORT:PROMPT /NOLOGO /LIBPATH:"C:\Program Files (x86)\Intel\IntelSGXSDK\bin\x64\Debug" /NODEFAULTLIB /TLBID:1 


Untrusted App

C/C++ Command Line:

/JMC /ifcOutput "x64\Debug\" /GS /W4 /Zc:wchar_t /I"C:\Program Files (x86)\Intel\IntelSGXSDK\\include" /I"C:\git\src\SampleEnclave - Copy\\Include" /I"C:\Program Files (x86)\Intel\IntelSGXSDK\\include\epid" /I"C:\git\src\SampleEnclave - Copy\\App" /guard:cf /Zi /Gm- /Od /Fd"x64\Debug\vc142.pdb" /Zc:inline /fp:precise /D "_MBCS" /errorReport:prompt /WX /Zc:forScope /RTC1 /Gd /MDd /FC /Fa"x64\Debug\" /EHsc /nologo /Fo"x64\Debug\" /Fp"x64\Debug\App.pch" /diagnostics:column 


Linker Command Line:

/OUT:"C:\git\src\SampleEnclave - Copy\x64\Debug\App.exe" /MANIFEST /NXCOMPAT /PDB:"C:\git\src\SampleEnclave - Copy\x64\Debug\App.pdb" /DYNAMICBASE "sgx_urts.lib" "kernel32.lib" "user32.lib" "gdi32.lib" "winspool.lib" "comdlg32.lib" "advapi32.lib" "shell32.lib" "ole32.lib" "oleaut32.lib" "uuid.lib" "odbc32.lib" "odbccp32.lib" /DEBUG /MACHINE:X64 /NODEFAULTLIB:"libcmtd.lib" /WX /INCREMENTAL /PGD:"C:\git\src\SampleEnclave - Copy\x64\Debug\App.pgd" /MANIFESTUAC:"level='asInvoker' uiAccess='false'" /ManifestFile:"x64\Debug\App.exe.intermediate.manifest" /ERRORREPORT:PROMPT /NOLOGO /LIBPATH:"C:\Program Files (x86)\Intel\IntelSGXSDK\\bin\x64\Debug" /TLBID:1


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
280 Views

Hello Edward,

Was the information I provided helpful?

The Intel SGX SDK Developer Reference Guide for Windows that is distributed with each SDK contains the latest guidance in Section Setting up an Intel Software Guard Extensions Project. The guide is in the documents directory where you expanded the SGX SDK installer file. This slightly older Developer Reference Guide has the same guidance, I think.

Sincerely,

Jesus G.

Intel Customer Support

 

Reply