clang appears to emit calls to c++ memcpy from c code when processing __builtin_memcpy #31
Comments
|
This is not a C++ memcpy, this is a memcpy with the CHERIoT libcall calling convention. We mangle all libcall calling convention functions to avoid problems where people accidentally miss type signature changes. Freestanding C implementations are required to provide memcpy (and memcmp) and so LLVM does not have a mode to disable requiring them. For bare metal code, the best thing to do is have an early init phase set provide the sentry for the memcpy function in the compiler-generated export table entry. |
|
On Mon, Jun 24, 2024 at 12:08 AM David Chisnall ***@***.***> wrote:
This is not a C++ memcpy, this is a memcpy with the CHERIoT libcall
calling convention. We mangle all libcall calling convention functions to
avoid problems where people accidentally miss type signature changes.
Ok. Don't recall seeing this documented anywhere.
Freestanding C implementations are required to provide memcpy (and memcmp)
and so LLVM does not have a mode to disable requiring them. For bare metal
code, the best thing to do is have an early init phase set provide the
sentry for the memcpy function in the compiler-generated export table entry.
Now that I understand why there's a mangled symbol, sdk/lib/freestanding
<https://github.com/microsoft/cheriot-rtos/tree/main/sdk/lib/freestanding>
makes
more sense; esp the README. TBH I expected this to be part of a toolchain,
but this gives me something to work with, thanks.
… |
It's in §5.3 of the CHERIoT Architecture doc (Chapter 5 is the ABI description). It's not documented anywhere else because the only people who should care about it are folks implementing compilers or loaders.
For a system where the ISA, programmer model, ABI, and RTOS are co-designed, it's not always clear where the best home for something is. We currently don't provide any headers with the compiler and expect them to come from the RTOS in all cases. If you need to run code using the CHERIoT ABI from ROM, then you probably need to run a loader-style step early on that embeds the capabilities in the code for the ROM. We haven't done that because it breaks the strong provenance chain for all capabilities in the system are derived from the ones provided at boot (which lets us to layered boot things where each step in the chain may be arbitrarily restricted by a prior step). |
|
On Mon, Jun 24, 2024 at 9:07 AM David Chisnall ***@***.***> wrote:
Ok. Don't recall seeing this documented anywhere.
It's in §5.3 of the CHERIoT Architecture doc (Chapter 5 is the ABI
description). It's not documented anywhere else because the only people who
should care about it are folks implementing compilers or loaders.
So it is, thank you (I tend to read the code since docs frequently get out
of date/sync).
TBH I expected this to be part of a toolchain
For a system where the ISA, programmer model, ABI, and RTOS are
co-designed, it's not always clear where the best home for something is. We
currently don't provide *any* headers with the compiler and expect them
to come from the RTOS in all cases.
I'm essentially programming against a different RTOS. The problem appears
to be a mismatch in expectations as OpenTitan assumes the toolchain
provides includes+libs for baremetal operation.
If you need to run code using the CHERIoT ABI from ROM, then you probably
need to run a loader-style step early on that embeds the capabilities in
the code for the ROM. We haven't done that because it breaks the strong
provenance chain for all capabilities in the system are derived from the
ones provided at boot (which lets us to layered boot things where each step
in the chain may be arbitrarily restricted by a prior step).
I'm not disagreeing about provenance; this was meant to be a quick path to
booting the cheriot loader that preserved OT's functionality (live &
learn). We've discussed restructuring the boot process in a follow-on
effort.
… |
Opentitan again, building the boot rom which is c & assembler (no c++). I get undefined symbols; e.g.
Tracked this down to structure copies and similar operations. One example workaround is this (might be non-opentitan code as we incorporate opentitan in a more complex environment):
but there are many others (e.g. struct's passed by value as params). I also saw an explicit
__builtin_memcpyconverted to a call to the c++ memcpy.This is a sample cmd line:
Tried adding
-fno-built-memcpybut it seemed to have no effect. Maybe I'm missing a compiler flag?The text was updated successfully, but these errors were encountered: