This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safe exit from HARD FAULT on CortexM0

Hi All, 

I am developing on a CM0+ with functional safety support. 
The safety manual requires to test some features before activating safety functions; many of these are straightforward while others are "convoluted". 

One of the requirements is access to an unimplemented space ad expect the abort to occur. This of course leads to an (expected) Hard Fault exception. My routine in the hard fault handler is able to detect if it is a testor not, and in case of test just set a flag and then exits from the hard fault handler. 

As expected, the unstacking of the registers leads to the instruction that triggered the fault, entering in a faulty instruction- hardfault handler- faulty instruction loop. 

Now, my idea is to modify the stacked program counter in order to return to the next instruction and going on with the regular program flow. 

Many questions here: 

  1. is this the correct approach? 
  2. best practice is to use PC or LR for this kind of operation?
  3. inspecting the assembly, I can see that the hard fault handler pushes 3 registers (push {r3, r4, r7, lr}) in addition to usual R0-R3, R12, PC and LR. why?
  4. In ArmV6m architecture hard faults are considered fatal. Still is "good" to exit from the hard fault is it was expected and wanted?

Any Hint would be gladly appreciated; 

Thanks and best regards, 

Parents
  • You should modify the ReturnAddress in stack at adderss SP+18. This address is pushed into the stack automatically when the fault happens and is taken.

    In real usage, if a hardfault happens in CM0, the system almost can't do anything to recover it or debug it, so a reset for the system looks more sensible.

Reply
  • You should modify the ReturnAddress in stack at adderss SP+18. This address is pushed into the stack automatically when the fault happens and is taken.

    In real usage, if a hardfault happens in CM0, the system almost can't do anything to recover it or debug it, so a reset for the system looks more sensible.

Children