Topic: Hard Fault during certificate verification on LPC1768 using GCC-ARM
I have an application that I prototyped w/ the MBED on-line compiler and it runs nicely. I exported the project and now I am compiling it w/ GCC (gcc-arm-none-eabi-4_8-2013q4) and I am getting hard faults during certificate verification. The following is the output of the program with DEBUG_WOLFSSL defined. The last part is the output of my hard fault handler:
wolfSSL Entering SSL_connect()
growing output buffer
Shrinking output buffer
connect state: CLIENT_HELLO_SENT
growing input buffer
growing input buffer
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
growing input buffer
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
Loading peer's cert chain
Put another cert into chain
Put another cert into chain
Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
wolfSSL Entering GetAlgoId
Getting Cert Name
Getting Cert Name
wolfSSL Entering GetAlgoId
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
About to verify certificate signature
Hard Fault! 40000000
Forced Hard Fault:
SCB->CFSR = 0x00008200
SCB->BFAR = 0x0cb85502
r0 = 0x00000003
r1 = 0x00000000
r2 = 0x00000063
r3 = 0x0cb85502
r12 = 0x92492a47
lr = 0x00000000
pc = 0x0002881a
psr = 0x81000000
The contents of SCB->CFSR indicate a precise bus error. The program counter value: 0x0002881a is located in the following assembly:
28816: e058 b.n 288ca <fast_s_mp_mul_digs+0x126>
int tx, ty;
int iy;
mp_digit *tmpx, *tmpy;
/* get offsets into the two bignums */
ty = MIN(b->used-1, ix);
28818: 68bb ldr r3, [r7, #8]
2881a: 681b ldr r3, [r3, #0]
2881c: 1e5a subs r2, r3, #1
2881e: 6bfb ldr r3, [r7, #60] ; 0x3c
28820: 429a cmp r2, r3
28822: bfb8 it lt
28824: 4613 movlt r3, r2
28826: 623b str r3, [r7, #32]
The offending code is line 2913 of "integer.c" (fast_s_mp_mul_digs function) in the 2.7.0 release. I'm reading "load r3 into r3" because of the #0 offset? The contents of r3 are not a valid memory address, which I am assuming is causing the bus error.
Any ideas why this might be? Do you even support cortex-m3 compiled with GCC? I could not find any information about that. Here are the relevant config values from settings.h
#define MBED
#define WOLFSSL_LWIP
#ifdef MBED
#define SINGLE_THREADED
#define WOLFSSL_USER_IO
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_SHA512
//#define NO_DH
#define NO_DSA
#define NO_HC128
#define NO_FILESYSTEM
#define DEBUG_WOLFSSL
#define SSL_CFG_PSK_EN
#define NO_DES3 // 3 des is being phased out
#define NO_MD4 // MD4 is broken and shouldn't be used
#define SMALL_SESSION_CACHE
//#define WOLFSSL_CALLBACKS
//#define USER_TIME
//#define USE_FAST_MATH // assembler implementation of bigInt routines
//#define TFM_TIMING_RESISTANT // uses less memory when fast math is enabled
#endif /* MBED */