toolchain/gcc: Add "memory" clobber to asm traps before CODE_UNREACHABLE

GCC 14.3 will happily delete any code that appears before
__builtin_unreachable that isn't separated with an obvious branch. That
includes __asm__ statements, even those which generate traps.

The failure case that I debugged was on x86 in
z_check_stack_sentinel. There is a store to restore the sentinel to the
correct value just before the ARCH_EXCEPT, and that macro emits 'int $32'
followed by CODE_UNREACHABLE. Because the compiler didn't understand that
ARCH_EXCEPT was changing execution flow, it decided that the sentinel
restoring store 'couldn't' be reached and elided it.

I added the "memory" clobber to the asm statement in ARCH_EXCEPT before
CODE_UNREACHABLE to enforce that all pending store operations be performed
before the asm statement occurs. This ensures that they are not deleted by
the compiler.

I think this might be a GCC bug. The GCC documentation explicitly documents
that asm statements which change the flow of control should be followed by
__builtin_unreachable.

Signed-off-by: Keith Packard <[email protected]>

Author: keith-packard

arch/arm/core/cortex_m/thread.c

@@ -649,7 +649,7 @@ FUNC_NORETURN void z_arm_switch_to_main_no_multithreading(k_thread_entry_t main_
 			  ,
 		  [_psplim] "r"(psplim)
 #endif
-		: "r0", "r1", "r2", "ip", "lr");
+		: "r0", "r1", "r2", "ip", "lr", "memory");
 
 	CODE_UNREACHABLE; /* LCOV_EXCL_LINE */
 }

arch/x86/core/ia32/fatal.c

@@ -219,7 +219,7 @@ static FUNC_NORETURN __used void df_handler_top(void)
 	/* NT bit is set in EFLAGS so we will task switch back to _main_tss
 	 * and run df_handler_bottom
 	 */
-	__asm__ volatile ("iret");
+	__asm__ volatile ("iret" ::: "memory");
 	CODE_UNREACHABLE;
 }
 

arch/xtensa/core/fatal.c

@@ -118,7 +118,7 @@ void xtensa_simulator_exit(int return_code)
 	    "simcall\n\t"
 	    :
 	    : [code] "r" (return_code), [call] "i" (SYS_exit)
-	    : "a3", "a2");
+	    : "a3", "a2", "memory");
 
 	CODE_UNREACHABLE;
 }

include/zephyr/arch/x86/ia32/arch.h

@@ -362,7 +362,8 @@ extern struct task_state_segment _main_tss;
 		"int %[vector]\n\t" \
 		: \
 		: [vector] "i" (Z_X86_OOPS_VECTOR), \
-		  [reason] "i" (reason_p)); \
+		  [reason] "i" (reason_p) \
+		: "memory"); \
 	CODE_UNREACHABLE; /* LCOV_EXCL_LINE */ \
 } while (false)
 

include/zephyr/arch/x86/intel64/arch.h

@@ -66,7 +66,8 @@ static ALWAYS_INLINE unsigned int arch_irq_lock(void)
 		"movq %[reason], %%rax\n\t" \
 		"int $32\n\t" \
 		: \
-		: [reason] "i" (reason_p)); \
+		: [reason] "i" (reason_p) \
+		: "memory"); \
 	CODE_UNREACHABLE; /* LCOV_EXCL_LINE */ \
 } while (false)