This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why branch to address with LSB=0 in non-secure state will trigger secure fault?

Hi all, 

I have some questions about branch instructions and TrustZone, not sure if here is the right place to post them.

I am using cortex M23, and I debug with Keil MDK.

I don't know if there is any limitation on branch instructions (B,BX, BL,BLX,BXNS,BLXNS). But here it says when processor is in non-secure state, the LSB of address shouldn't be 0, otherwise there will be hardfault. 

Does any one know why is it?

I am writing a non-secure software, so I did not enable the compiler TrustZone option (-mcmse) in this project. And I am using ARM compiler C library for startup and initialization.

In the assembly, there is one line

After this line the processor goes into secure handler state. So I guess BL & B have the same limitation like BLX & BX? It triggers a hardfault when the LSB of address is 0?

I don't think this is true. Because assembly is generated by compiler. If I cannot use 0x12000100 as destination, the compiler should know.

To provide more information, I put the assembly of __scatterload:

Thanks,

Hilda

0