Next issue.

For some reason the secure image runs into a MemManage exception fairly early in the irq test of the ConfigRegressionIPCTfmLevel2 config and I have not yet been able to figure out why.

It happens in the psa_wait() call in: --- int32_t tfm_irq_test_1_init(void) {     tfm_enable_irq(SPM_CORE_IRQ_TEST_1_SIGNAL_TIMER_0_IRQ); #ifdef TFM_PSA_API     psa_signal_t signals = 0;

while (1) {         signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK); ---

The exact point of the exception is the SVC call in: --- __attribute__((naked, section("SFN"))) psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout)

{     __ASM volatile("SVC %0           \n"                    "BX LR            \n"                    : : "I" (TFM_SVC_PSA_WAIT)); } ---

The cause is IACCVIOL, "The processor attempted an instruction fetch from a location that does not permit execution."

The stack frame indicates that it happened on the SVC instruction, but I as far as I can see none of the MPU regions maps the address so I assumed it should be allowed as it should be handled by the background map, which should allow secure access.

If I don't enable the mpu (just skipping the enable call) then all tests run without problems.

I have tried to compare it with an image built with ARMCLANG, and I don't see anything obviously different. The regions are roughly the same, all regions with fixed addresses are the same, the enable bits are the same and the SVC handler is not mapped to any MPU region there either. I wish there were an MPU status register that would tell exactly what region was causing the exception.

The odd thing is that there is an SVC call in the tfm_enable_irq() call prior to the psa_wait() call, and that works.

This is on a Musca A by the way.

Ideas?