https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95646
Bug ID: 95646
Summary: arm-none-eabi function attribute
'cmse_nonsecure_entry' wipes register values with -Os
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: c.woodward at cascoda dot com
Target Milestone: ---
Created attachment 48721
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48721&action=edit
test file exhibiting the issue with cmse_nonsecure_entry and Os
This issue is specific to arm-none-eabi target, when building with arm CMSE and
-Os. The issue is that the calling convention is violated in functions marked
with __attribute__((cmse_nonsecure_entry)), and registers are wiped when they
should be preserved.
The issue only occurs when using -Os on the command line. O1, O2, O3 do not
produce the issue. Using function attributes to affect the optimisation level
does not seem to either cause nor prevent the error - only command line option.
The issue is that upon returning from the entry function, r8, r9, r10, r11 and
r12 are wiped without being restored. As per the 'Procedure Call Standard for
ARM Architecture' document, these should be preserved by the subroutine.
The 'ARM v8-M Security Extensions: Requirements on development tools' (section
5.4) specification specifies that all registers must be cleared before
returning from a secure entry function, which I imagine is where this issue
originates. However it also states that the registers should be restored, which
can be observed in O0. In O1, O2, O3, these are optimised out, which is fine.
However, in Os, the registers are cleared, but never restored, which causes
issues that are quite difficult to debug.
I have attached a simple (single function, no includes) c file that can be used
to recreate the issue.
I also have a runtime test that can demonstrate the broken behaviour if that
would be useful?
For anyone finding this bug and looking for a temporary workaround, do not use
'-Os' when compiling secure code for trustzone.
gcc args to recreate issue: -mcmse -mcpu=cortex-m23 -Os -c test.c
gcc version: 9.3.1 20200408 (release) (GNU Arm Embedded Toolchain
9-2020-q2-update)
Target: arm-none-eabi
Configured with:
/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/src/gcc/configure
--target=arm-none-eabi
--prefix=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native
--libexecdir=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native/lib
--infodir=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native/share/doc/gcc-arm-none-eabi/info
--mandir=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native/share/doc/gcc-arm-none-eabi/man
--htmldir=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native/share/doc/gcc-arm-none-eabi/html
--pdfdir=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native/share/doc/gcc-arm-none-eabi/pdf
--enable-languages=c,c++ --enable-plugins --disable-decimal-float
--disable-libffi --disable-libgomp --disable-libmudflap --disable-libquadmath
--disable-libssp --disable-libstdcxx-pch --disable-nls --disable-shared
--disable-threads --disable-tls --with-gnu-as --with-gnu-ld --with-newlib
--with-headers=yes --with-python-dir=share/gcc-arm-none-eabi
--with-sysroot=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/install-native/arm-none-eabi
--build=x86_64-linux-gnu --host=x86_64-linux-gnu
--with-gmp=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/build-native/host-libs/usr
--with-mpfr=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/build-native/host-libs/usr
--with-mpc=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/build-native/host-libs/usr
--with-isl=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/build-native/host-libs/usr
--with-libelf=/mnt/workspace/workspace/GCC-9-pipeline/jenkins-GCC-9-pipeline-200_20200521_1590053374/build-native/host-libs/usr
--with-host-libstdcxx='-static-libgcc -Wl,-Bstatic,-lstdc++,-Bdynamic -lm'
--with-pkgversion='GNU Arm Embedded Toolchain 9-2020-q2-update'
--with-multilib-list=rmprofile,aprofile
(also tested and issue still exists with gcc version 7.3.1, 7.2.1, 8.3.1,
9.2.1)
