will cortex m3/m4 enter a lockup mode if a serious fault happened while FAULTMASK is set

Greetings,,

what happens if FAULTMASK is set in cortex-m3/m4 and one or more serious fault happened like bus fault, MPU violation, invalid instruction, stack corruption.. etc will the processor enter a lockup? if not what would be the status of the processor? what will happen to the currently executed program/code.. since HardFault handler is not executed to remedy the issue.. if you can elaborate and give as much explanation and details as possible and if you can share some cases and examples it would be very appreciated..

Thank you..

  • Hello ghaflims,


    logically nothing would occur with CPU behavior by the HardFault if FAULTMASK is set.

    However, the situation which made the HardFault would came from the peripheral inconsistency.

    Therefore, there is no guarantee which the CPU could run without stopping.

    According to ARMv7M ARM, the  FAULTMASK bit can only be set in the NMI handler.

    Therefore the purpose of the fUALTMASK bit should be used to analyze the root cause of the HardFault.

    The ARMv7M ARM also describes "Returning from any exception except NMI clears FAULTMASK to 0".

    From this, the execution with FAULTMASK being 1 would be an abnormal case.


    Best regards,

    Yasuhiko Koumoto.

  • Thank you for your quick answer.. and thanks for refering me to the ARMv7m ARM (I forgot that thing exist )

    you mentioned

    yasuhikokoumoto wrote:

    Hello ghaflims,


    logically nothing would occur with CPU behavior by the HardFault if FAULTMASK is set.

    However, the situation which made the HardFault would came from the peripheral inconsistency.

    Therefore, there is no guarantee which the CPU could run without stopping.

    According to ARMv7M ARM, the  FAULTMASK bit can only be set in the NMI handler.

    Therefore the purpose of the fUALTMASK bit should be used to analyze the root cause of the HardFault.

    The ARMv7M ARM also describes "Returning from any exception except NMI clears FAULTMASK to 0".

    From this, the execution with FAULTMASK being 1 would be an abnormal case.


    Best regards,

    Yasuhiko Koumoto.


    after doing a quick search about FAULTMASK I came across this

    (ARMv7-M ARM page 575 - B1.4.3 The special-purpose mask registers)

    FAULTMASK

    The fault mask, a 1-bit register. Setting FAULTMASK to 1 raises the execution priority to -1, the
    priority of HardFault. Only privileged software executing at a priority below -1 can set

    FAULTMASK to 1. This means HardFault and NMI handlers cannot set FAULTMASK to 1.

    Returning from any exception except NMI clears FAULTMASK to 0.

     

    (ARMv7-M ARM page 584 - Priority boosting)

    FAULTMASK

    Setting this mask bit to 1 raises the execution priority to -1. Software can set FAULTMASK

    to 1 only when the execution priority is not NMI or HardFault, that is FAULTMASK can be

    set to 1 only when the priority value is greater than or equal to zero. Setting FAULTMASK

    raises the priority of the exception handler to the level of a HardFault. Any exception return

    except a return from NMI automatically clears FAULTMASK to 0.

    Now, I'm really confused .. please note that I've not read the ARMv7-M ARM yet.. I'm planning to read it after I finish jyiu 's book

    to see if I understood correctly from your reply:

    • FAULTMASK should not be set in normal execution
    • CPU will continue running (no lockup)
    • "Returning from any exception except NMI clears FAULTMASK to 0".

    the points that needs further clarification are:

    • the purpose of the FAULTMASK should be used to analyze the root cause of the HardFault (how?) (normally it's analyzed through generic hard fault handler that dumps fault registers & stacked registers) (niallcooling did a great job)
    • FAULTMASK bit can only be set in the NMI handler. (that is the confusing part)
    • is the processor architecturally designed to ignore setting FAULTMASK while executing (HardFault/NMI)
    • can privileged code in thread mode set FAULTMASK (although it's not recommended) or it can only be set in handler mode

    aslo,, from jyiu's book the usage of setting FAULTMASK in configurable fault handlers (MemMange, Bus Fault, Usage Fault) are to Bypass MPU & Ignore data Bus Fault

    Thank you yasuhikokoumoto for your helpful answer..

  • Hello ghaflims,

    I am very sorry for the incorrect information.

    I have mistaken the word "lower priority" for the "low priority number".

    This is the beginning of the all incorrect information.

    You may forget all my answer but can I correct myself?

    Because the priority of NMI and HardFaults are -2 and -1 respectively, the FAULTMASK can be set during execution in other than NMI or HardFault handler.

    This means the FAULTMASK bit can be set at always normal execution.

    • the purpose of the FAULTMASK should be used to analyze the root cause of the HardFault (how?) (normally it's analysed through generic hard fault handler that dumps fault registers & stacked registers) (Niall Cooling did a great job)

    As Joephi Yiu book says, the FAULTMASK can ignore MPU violations or Bus Fault.

    However, I think that there would not be any advantages to ignore MPU violations and Bus Fault.

    I think that the FAULTMASK bit would be used to prevent further HardFaults in MemMange, Bus Fault, or Usage Fault handler.

    This means that it would be to analyze of the root cause not of HardFault but of MemMange, Bus Fault, or Usage Fault.

    • FAULTMASK bit can only be set in the NMI handler. (that is the confusing part)

    I am sorry. It is incorrect.

    FAULTMASK bit can be set in other than NMI or HardHault handler.

    • is the processor architecturally designed to ignore setting FAULTMASK while executing (HardFault/NMI)

    It is not correct, either.

    • can privileged code in thread mode set FAULTMASK (although it's not recommended) or it can only be set in handler mode

    If the execution priority number is greater than or equal to 0, in both the thread and handler mode, the FAULTMASK can be set.

    Sorry and best regards,

    Yasuhiko Koumoto.

  • Hi ghaflims, Yasuhiko-san,

    FAULTMASK can be set by any privileged software (including privileged thread mode).

    However, a software need to handle FAULTMASK carefully as this block the HardFault handling.

    So if things go wrong, it could end up with LOCKUP:

    - Invalid instruction -> LOCKUP

    - MPU violation -> depends on MPU setting

    - Bus error -> depends on fault type and setting

    - Stack corruption -> depends on what end up happening. It might end up with branching to invalida address, or so many different possibilities.

    Software developers using FAULTMASK in their fault handler need to understand the risk they are taking.

    In practice, many of the error handling operations can be done without setting FAULTMASK. For example, the error reporting code can run without setting FAULTMASK.

    regards,

    Joseph

  • Greetings yasuhikokoumoto , jyiu

    Thank you for your helpful comments.. I really apprechiate it..

    jyiu I'd like to take this chance to thank you for your amazing book.. and the effort you have put in it..

    I'm using your book to study for the AAME Exam wish me luck

    However, a software need to handle FAULTMASK carefully as this block the HardFault handling.

    So if things go wrong, it could end up with LOCKUP:

    - Invalid instruction -> LOCKUP

    I'd love to see this lockup case documented in later revision of the book (12.7.1 What is Lockup?) .. Also I don't know if it's mentioned in the ARMv7 ARM if it's not,, it would be great to have it there also..

    Thank you again both for your time, effort and your helpful comments

    Best Regards,,

    Mustafa S.