1 /*
2 * SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
7 #include <stdlib.h>
8
9 #include "esp_spi_flash.h"
10 #include "esp_ipc_isr.h"
11 #include "esp_private/system_internal.h"
12
13 #include "soc/soc_memory_layout.h"
14 #include "soc/cpu.h"
15 #include "soc/soc_caps.h"
16 #include "soc/rtc.h"
17
18 #include "hal/soc_hal.h"
19 #include "hal/cpu_hal.h"
20
21 #include "cache_err_int.h"
22
23 #include "sdkconfig.h"
24 #include "esp_rom_sys.h"
25
26 #if CONFIG_IDF_TARGET_ESP32
27 #include "esp32/dport_access.h"
28 #endif
29
30 #if CONFIG_ESP_SYSTEM_MEMPROT_FEATURE
31 #if CONFIG_IDF_TARGET_ESP32S2
32 #include "esp32s2/memprot.h"
33 #else
34 #include "esp_memprot.h"
35 #endif
36 #endif
37
38 #include "esp_private/panic_internal.h"
39 #include "esp_private/panic_reason.h"
40
41 #include "hal/wdt_types.h"
42 #include "hal/wdt_hal.h"
43
44 extern int _invalid_pc_placeholder;
45
46 extern void esp_panic_handler_reconfigure_wdts(void);
47
48 extern void esp_panic_handler(panic_info_t *);
49
50 static wdt_hal_context_t wdt0_context = {.inst = WDT_MWDT0, .mwdt_dev = &TIMERG0};
51
52 void *g_exc_frames[SOC_CPU_CORES_NUM] = {NULL};
53
54 /*
55 Panic handlers; these get called when an unhandled exception occurs or the assembly-level
56 task switching / interrupt code runs into an unrecoverable error. The default task stack
57 overflow handler and abort handler are also in here.
58 */
59
60 /*
61 Note: The linker script will put everything in this file in IRAM/DRAM, so it also works with flash cache disabled.
62 */
print_state_for_core(const void * f,int core)63 static void print_state_for_core(const void *f, int core)
64 {
65 /* On Xtensa (with Window ABI), register dump is not required for backtracing.
66 * Don't print it on abort to reduce clutter.
67 * On other architectures, register values need to be known for backtracing.
68 */
69 #if defined(__XTENSA__) && defined(XCHAL_HAVE_WINDOWED)
70 if (!g_panic_abort) {
71 #else
72 if (true) {
73 #endif
74 panic_print_registers(f, core);
75 panic_print_str("\r\n");
76 }
77 panic_print_backtrace(f, core);
78 }
79
80 static void print_state(const void *f)
81 {
82 #if !CONFIG_ESP_SYSTEM_SINGLE_CORE_MODE
83 int err_core = f == g_exc_frames[0] ? 0 : 1;
84 #else
85 int err_core = 0;
86 #endif
87
88 print_state_for_core(f, err_core);
89
90 panic_print_str("\r\n");
91
92 #if !CONFIG_ESP_SYSTEM_SINGLE_CORE_MODE
93 // If there are other frame info, print them as well
94 for (int i = 0; i < SOC_CPU_CORES_NUM; i++) {
95 // `f` is the frame for the offending core, see note above.
96 if (err_core != i && g_exc_frames[i] != NULL) {
97 print_state_for_core(g_exc_frames[i], i);
98 panic_print_str("\r\n");
99 }
100 }
101 #endif
102 }
103
104 static void frame_to_panic_info(void *frame, panic_info_t *info, bool pseudo_excause)
105 {
106 info->core = cpu_hal_get_core_id();
107 info->exception = PANIC_EXCEPTION_FAULT;
108 info->details = NULL;
109 info->reason = "Unknown";
110 info->pseudo_excause = pseudo_excause;
111
112 if (pseudo_excause) {
113 panic_soc_fill_info(frame, info);
114 } else {
115 panic_arch_fill_info(frame, info);
116 }
117
118 info->state = print_state;
119 info->frame = frame;
120 }
121
122 static void panic_handler(void *frame, bool pseudo_excause)
123 {
124 panic_info_t info = { 0 };
125
126 /*
127 * Setup environment and perform necessary architecture/chip specific
128 * steps here prior to the system panic handler.
129 * */
130 int core_id = cpu_hal_get_core_id();
131
132 // If multiple cores arrive at panic handler, save frames for all of them
133 g_exc_frames[core_id] = frame;
134
135 #if !CONFIG_ESP_SYSTEM_SINGLE_CORE_MODE
136 // These are cases where both CPUs both go into panic handler. The following code ensures
137 // only one core proceeds to the system panic handler.
138 if (pseudo_excause) {
139 #define BUSY_WAIT_IF_TRUE(b) { if (b) while(1); }
140 // For WDT expiry, pause the non-offending core - offending core handles panic
141 BUSY_WAIT_IF_TRUE(panic_get_cause(frame) == PANIC_RSN_INTWDT_CPU0 && core_id == 1);
142 BUSY_WAIT_IF_TRUE(panic_get_cause(frame) == PANIC_RSN_INTWDT_CPU1 && core_id == 0);
143
144 // For cache error, pause the non-offending core - offending core handles panic
145 if (panic_get_cause(frame) == PANIC_RSN_CACHEERR && core_id != esp_cache_err_get_cpuid()) {
146 // Only print the backtrace for the offending core in case of the cache error
147 g_exc_frames[core_id] = NULL;
148 while (1) {
149 ;
150 }
151 }
152 }
153
154 // Need to reconfigure WDTs before we stall any other CPU
155 esp_panic_handler_reconfigure_wdts();
156
157 esp_rom_delay_us(1);
158 SOC_HAL_STALL_OTHER_CORES();
159 #endif
160
161 esp_ipc_isr_stall_abort();
162
163 if (esp_cpu_in_ocd_debug_mode()) {
164 #if __XTENSA__
165 if (!(esp_ptr_executable(cpu_ll_pc_to_ptr(panic_get_address(frame))) && (panic_get_address(frame) & 0xC0000000U))) {
166 /* Xtensa ABI sets the 2 MSBs of the PC according to the windowed call size
167 * Incase the PC is invalid, GDB will fail to translate addresses to function names
168 * Hence replacing the PC to a placeholder address in case of invalid PC
169 */
170 panic_set_address(frame, (uint32_t)&_invalid_pc_placeholder);
171 }
172 #endif
173 if (panic_get_cause(frame) == PANIC_RSN_INTWDT_CPU0
174 #if !CONFIG_ESP_SYSTEM_SINGLE_CORE_MODE
175 || panic_get_cause(frame) == PANIC_RSN_INTWDT_CPU1
176 #endif
177 ) {
178 wdt_hal_write_protect_disable(&wdt0_context);
179 wdt_hal_handle_intr(&wdt0_context);
180 wdt_hal_write_protect_enable(&wdt0_context);
181 }
182 }
183
184 // Convert architecture exception frame into abstracted panic info
185 frame_to_panic_info(frame, &info, pseudo_excause);
186
187 // Call the system panic handler
188 esp_panic_handler(&info);
189 }
190
191 /**
192 * This function must always be in IRAM as it is required to
193 * re-enable the flash cache.
194 */
195 static void IRAM_ATTR panic_enable_cache(void)
196 {
197 int core_id = cpu_hal_get_core_id();
198
199 if (!spi_flash_cache_enabled()) {
200 esp_ipc_isr_stall_abort();
201 spi_flash_enable_cache(core_id);
202 }
203 }
204
205 void IRAM_ATTR panicHandler(void *frame)
206 {
207
208 panic_enable_cache();
209 // This panic handler gets called for when the double exception vector,
210 // kernel exception vector gets used; as well as handling interrupt-based
211 // faults cache error, wdt expiry. EXCAUSE register gets written with
212 // one of PANIC_RSN_* values.
213 panic_handler(frame, true);
214 }
215
216 void IRAM_ATTR xt_unhandled_exception(void *frame)
217 {
218 panic_enable_cache();
219 panic_handler(frame, false);
220 }
221
222 void __attribute__((noreturn)) panic_restart(void)
223 {
224 bool digital_reset_needed = false;
225 #ifdef CONFIG_IDF_TARGET_ESP32
226 // On the ESP32, cache error status can only be cleared by system reset
227 if (esp_cache_err_get_cpuid() != -1) {
228 digital_reset_needed = true;
229 }
230 #endif
231 #if CONFIG_ESP_SYSTEM_MEMPROT_FEATURE
232 #if CONFIG_IDF_TARGET_ESP32S2
233 if (esp_memprot_is_intr_ena_any() || esp_memprot_is_locked_any()) {
234 digital_reset_needed = true;
235 }
236 #else
237 bool is_on = false;
238 if (esp_mprot_is_intr_ena_any(&is_on) != ESP_OK || is_on) {
239 digital_reset_needed = true;
240 } else if (esp_mprot_is_conf_locked_any(&is_on) != ESP_OK || is_on) {
241 digital_reset_needed = true;
242 }
243 #endif
244 #endif
245 if (digital_reset_needed) {
246 esp_restart_noos_dig();
247 }
248 esp_restart_noos();
249 }
250
