esp-open-rtos/core/exception_vectors.S
Angus Gratton 1a4c829b1f Extended unaligned load support to work from DoubleExceptionVector
Allows handling bad loads that occur inside level 1 exception handlers.
2015-09-14 17:20:00 +10:00

445 lines
11 KiB
ArmAsm
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/* Xtensa Exception (ie interrupt) Vectors & low-level handler code
Core exception handler code is placed in the .vecbase section,
which gets picked up specially in the linker script and placed
at beginning of IRAM.
The actual VecBase symbol should be the first thing in .vecbase
(this is not strictly important as it gets set by symbol lookup not
by hardcoded address, but having it at 0x40100000 means that the
exception vectors have memorable offsets, which match the default
Boot ROM vector offsets. So convenient for human understanding.
Part of esp-open-rtos
Original vector contents Copyright (C) 2014-2015 Espressif Systems
Additions Copyright (C) Superhouse Automation Pty Ltd
BSD Licensed as described in the file LICENSE
*/
/* Some UserException causes, see table Table 464 in ISA reference */
#define CAUSE_SYSCALL 1
#define CAUSE_LOADSTORE 3
#define CAUSE_LVL1INT 4
.text
.section .vecbase.text, "x"
.align 256
.global VecBase
.type VecBase, @function /* it's not really a function, but treat it like one */
VecBase:
/* IMPORTANT: exception vector literals will go here, but we
can't have more than 4 otherwise we push DebugExceptionVector past
offset 0x10 relative to VecBase. There should be ways to avoid this,
and also keep the VecBase offsets easy to read, but this works for now.
*/
.literal_position
.align 16
DebugExceptionVector:
wsr.excsave2 a0
call0 sdk_user_fatal_exception_handler
rfi 2
.align 16
NMIExceptionVector:
wsr.excsave3 a0
call0 CallNMIExceptionHandler
rfi 3 /* CallNMIExceptionHandler should call rfi itself */
.align 16
KernelExceptionVector:
break 1, 0
call0 sdk_user_fatal_exception_handler
rfe
.align 16
.L_EmptyVectorEntry:
nop
.align 16
UserExceptionVector:
wsr.excsave1 a0
rsr.exccause a0
beqi a0, CAUSE_SYSCALL, UserSyscallHandler
beqi a0, CAUSE_LOADSTORE, UserExceptionLoadStoreHandler
j UserExceptionHandler
/* Empty exception slot goes here, but previous slot is large enough we can skip it */
.align 16
DoubleExceptionVector:
break 1, 4
j DoubleExceptionHandler
.align 16
.L_UnusedResetVector:
/* reset vector slot doesn't get used, as vecbase goes back to mask ROM on reset */
nop
.section .bss
NMIHandlerStack: /* stack space for NMI handler */
.skip 4*0x100
NMIRegisterSaved: /* register space for saving NMI registers */
.skip 4*(0x16 + 6)
/* this symbol is _Pri_3_HandlerAddress in the RTOS SDK, appears totally
unused (stays zero at all times) */
.global NMIHandlerAddress
NMIHandlerAddress:
.long 0
/* Save register relative to a0 */
.macro SAVE_REG register, regnum
s32i \register, a0, (0x20 + 4 * \regnum)
.endm
/* Load register relative to sp */
.macro LOAD_REG register, regnum
l32i \register, sp, (0x20 + 4 * \regnum)
.endm
.text
.section .vecbase.text
.literal_position
.align 4
.global call_user_start
.type call_user_start, @function
call_user_start:
movi a2, VecBase
wsr.vecbase a2
call0 sdk_user_start
.literal_position
.align 16
.type CallNMIExceptionHandler, @function
CallNMIExceptionHandler:
movi a0, NMIRegisterSaved
SAVE_REG a2, 2
movi a2, NMIHandlerAddress
l32i a2, a2, 0
SAVE_REG sp, 1
SAVE_REG a3, 3
xsr.excsave3 a2 /* excsave3 is now NMIHandlerAddress, a2 is former a0 */
SAVE_REG a4, 4
SAVE_REG a2, 0
rsr.epc1 a3
rsr.exccause a4
SAVE_REG a3, -5
SAVE_REG a4, -4
rsr.excvaddr a3
SAVE_REG a3, -3
rsr.excsave1 a3
SAVE_REG a3, -2
SAVE_REG a5, 5
SAVE_REG a6, 6
SAVE_REG a7, 7
SAVE_REG a8, 8
SAVE_REG a9, 9
SAVE_REG a10, 10
SAVE_REG a11, 11
SAVE_REG a12, 12
SAVE_REG a13, 13
SAVE_REG a14, 14
SAVE_REG a15, 15
movi sp, NMIRegisterSaved /* also top of NMIHandlerStack */
movi a0, 0
movi a2, 0x23 /* argument for handler */
wsr.ps a2
rsync
rsr.sar a14
s32i a14, sp, 0 /* this is also NMIRegisterSaved+0 */
call0 sdk_wDev_ProcessFiq
l32i a15, sp, 0
wsr.sar a15
movi a2, 0x33
wsr.ps a2
rsync
LOAD_REG a4, 4
LOAD_REG a5, 5
LOAD_REG a6, 6
LOAD_REG a7, 7
LOAD_REG a8, 8
LOAD_REG a9, 9
LOAD_REG a10, 10
LOAD_REG a11, 11
LOAD_REG a12, 12
LOAD_REG a13, 13
LOAD_REG a14, 14
LOAD_REG a15, 15
LOAD_REG a2, -5
LOAD_REG a3, -4
wsr.epc1 a2
wsr.exccause a3
LOAD_REG a2, -3
LOAD_REG a3, -2
wsr.excvaddr a2
wsr.excsave1 a3
LOAD_REG a0, 0
/* set dport nmi status bit 0 (wDev_ProcessFiq clears & verifies this bit stays cleared,
see http://esp8266-re.foogod.com/wiki/WDev_ProcessFiq_%28IoT_RTOS_SDK_0.9.9%29) */
movi a2, 0x3ff00000
movi a3, 0x1
s32i a3, a2, 0
LOAD_REG a2, 2
LOAD_REG a3, 3
LOAD_REG a1, 1
rfi 0x3
.type UserExceptionHandler, @function
UserExceptionHandler:
mov a0, sp /* a0 was saved in UserExceptionVector */
addi sp, sp, -0x50
s32i a0, sp, 0x10
rsr.ps a0
s32i a0, sp, 0x08
rsr.epc1 a0
s32i a0, sp, 0x04
rsr.excsave1 a0
s32i a0, sp, 0x0c
movi a0, _xt_user_exit
s32i a0, sp, 0x0
call0 sdk__xt_int_enter
movi a0, 0x23
wsr.ps a0
rsync
rsr.exccause a2
beqi a2, CAUSE_LVL1INT, UserHandleInterrupt
/* Any UserException cause other than level 1 interrupt triggers a panic */
UserFailOtherExceptionCause:
break 1, 1
call0 sdk_user_fatal_exception_handler
UserHandleInterrupt:
rsil a0, 1
rsr.intenable a2
rsr.interrupt a3
movi a4, 0x3fff
and a2, a2, a3
and a2, a2, a4 /* a2 = 0x3FFF & INTENABLE & INTERRUPT */
UserHandleTimer:
movi a3, 0xffbf
and a3, a2, a3 /* a3 = a2 & 0xFFBF, ie remove 0x40 from a2 if set */
bnez a3, UserTimerDone /* bits other than 0x40 are set */
movi a3, 0x40
sub a12, a2, a3 /* a12 - a2 - 0x40 - I think a12 _must_ be zero here? */
call0 sdk__xt_timer_int /* tick timer interrupt */
mov a2, a12 /* restore a2 from a12, ie zero */
beqz a2, UserIntDone
UserTimerDone:
call0 _xt_isr_handler
bnez a2, UserHandleTimer
UserIntDone:
beqz a2, UserIntExit
break 1, 1 /* non-zero remnant in a2 means fail */
call0 sdk_user_fatal_exception_handler
UserIntExit:
call0 sdk__xt_int_exit /* calls rfi */
/* As far as I can tell, the syscall handler is basically a no-op */
UserSyscallHandler:
addi sp, sp, -0x10
s32i a2, sp, 0x08
s32i a3, sp, 0x0c
rsr.epc1 a2
addi a3, a2, 0x3
wsr.epc1 a3
l32i a2, sp, 0x8
l32i a3, sp, 0xc
addi sp, sp, 0x10
movi a0, 0x7f
movnez a2, a0, a2
rsr.excsave1 a0
rfe
.text
.section .vecbase.text
.literal_position
.align 4
DoubleExceptionHandler:
rsr.exccause a0
beqi a0, CAUSE_LOADSTORE, DoubleExceptionLoadStoreHandler
call0 sdk_user_fatal_exception_handler
.text
.section .vecbase.text
.literal_position
.align 4
/* "Fix" LoadStoreException exceptions that are l8/l16 from an Instruction region,
DoubleException exception variant (ie load happened in a level1 exception handler). */
DoubleExceptionLoadStoreHandler:
addi sp, sp, -0x18
s32i a2, sp, 0x08
rsr.epc2 a2
j InnerLoadStoreExceptionHandler
.text
.section .vecbase.text
.literal_position
.align 4
/* "Fix" LoadStoreException exceptions that are l8/l16 from an Instruction region,
normal exception variant. */
UserExceptionLoadStoreHandler:
addi sp, sp, -0x18
s32i a2, sp, 0x08
rsr.epc1 a2
/* Inner UserLoadStoreExceptionHandler handlers. Works for both level1 & level 2 interrupt level.
*
* Called from level-specific handler above which sets up stack and loads epcX into a2.
*/
InnerLoadStoreExceptionHandler:
s32i a3, sp, 0x0c
s32i a4, sp, 0x10
s32i a5, sp, 0x14
rsr.sar a0 // save sar in a0
/* Examine the instruction we failed to execute (in a2) */
ssa8l a2 // sar is now correct shift for aligned read
movi a3, ~3
and a2, a2, a3 // a2 now 4-byte aligned address of instruction
l32i a3, a2, 0
l32i a4, a2, 4
src a2, a4, a3 // a2 now instruction that failed
/* Check if a2 matches l8ui, l16ui or l16si opcodes */
movi a3, 0x00F00F /* opcode mask */
and a3, a2, a3
beqi a3, 0x000002, .Lcan_fix_8bit /* l8ui opcode after masking */
movi a4, 0x001002 /* l16ui opcode after masking */
beq a3, a4, .Lcan_fix_16bit
movi a4, 0x009002 /* l16si opcode after masking */
beq a3, a4, .Lcan_fix_16bit_signed
.Lcant_fix:
/* not an opcode we can try to fix, so bomb out
TODO: the exception dump will have some wrong values in it */
call0 sdk_user_fatal_exception_handler
.Lcan_fix_16bit_signed:
movi a5, 0x7FFF
j .Lcan_fix
.Lcan_fix_16bit:
movi a5, 0xFFFF
j .Lcan_fix
.Lcan_fix_8bit:
movi a5, 0xFF
.Lcan_fix:
/* verified an 8- or 16-bit read
a2 holds instruction, a5 holds mask to apply to read value
*/
rsr.excvaddr a3 // read faulting address
ssa8l a3 /* sar is now shift to extract a3's byte */
movi a4, ~3
and a3, a3, a4 /* a3 now word aligned read address */
l32i a3, a3, 0 /* perform the actual read */
srl a3, a3 /* shift right correct distance */
and a4, a3, a5 /* mask off bits we need for an l8/l16 */
bbci a5, 14, .Lafter_extend_sign /* 8-bit, no sign extension */
bbsi a5, 15, .Lafter_extend_sign /* 16-bit unsigned, no sign extension */
bbci a3, 15, .Lafter_extend_sign /* sign bit not set, no sign extension */
movi a3, (1<<31)
or a4, a3, a4 /* set 32-bit sign bit */
.Lafter_extend_sign:
/* a2 holds instruction, a4 holds the correctly read value */
extui a2, a2, 4, 4 /* a2 now destination register 0-15 */
/* test if a4 needs to be written directly to a register (ie not a working register) */
bgei a2, 6, .Lwrite_value_direct_reg
/* test if a4 needs to be written to a0 */
beqz a2, .Lwrite_value_a0_reg
/* otherwise, a4 can be written to a saved working register 'slot' on the stack */
addx4 a5, a2, sp
s32i a4, a5, 0
.Lafter_write_value:
/* test PS.INTLEVEL (1=User, 2=Double) to see which interrupt level we restore from
*/
rsr.ps a2
bbsi a2, 1, .Lincrement_PC_intlevel2
.Lincrement_PC_intlevel1:
rsr.epc1 a2
addi a3, a2, 0x3
wsr.epc1 a3
wsr.sar a0 // restore saved sar
rsr.excsave1 a0 // restore a0 saved in exception vector
.Lafter_increment_PC:
// Restore registers
l32i a2, sp, 0x08
l32i a3, sp, 0x0c
l32i a4, sp, 0x10
l32i a5, sp, 0x14
addi sp, sp, 0x18
rfe
.Lincrement_PC_intlevel2:
rsr.epc2 a2
addi a3, a2, 0x3
wsr.epc2 a3
wsr.sar a0 // restore saved sar
rsr.excsave2 a0 // restore a0 saved in exception vector
j .Lafter_increment_PC
.Lextend_sign: /* apply 16-bit sign extension if necessary
a3 holds raw value, a4 holds masked */
bbci a3, 15, .Lafter_extend_sign /* sign bit not set, do nothing */
movi a3, (1<<31)
or a4, a3, a4 /* set sign bit */
j .Lafter_extend_sign
.Lwrite_value_direct_reg:
/* Directly update register index a2, in range 6-15, using value in a4 */
addi a2, a2, -6
slli a2, a2, 3 /* offset from a6, x8 */
movi a3, .Ldirect_reg_jumptable
add a2, a2, a3
jx a2
.align 8
.Ldirect_reg_jumptable:
mov a6, a4
j .Lafter_write_value
.align 8
mov a7, a4
j .Lafter_write_value
.align 8
mov a8, a4
j .Lafter_write_value
.align 8
mov a9, a4
j .Lafter_write_value
.align 8
mov a10, a4
j .Lafter_write_value
.align 8
mov a11, a4
j .Lafter_write_value
.align 8
mov a12, a4
j .Lafter_write_value
.align 8
mov a13, a4
j .Lafter_write_value
.align 8
mov a14, a4
j .Lafter_write_value
.align 8
mov a15, a4
j .Lafter_write_value
.Lwrite_value_a0_reg:
/* a0 is saved in excsave1,so just update this with value
TODO: This won't work with interrupt level 2
*/
wsr.excsave1 a4
j .Lafter_write_value
/* End of InnerUserLoadStoreExceptionHandler */
.global _xt_user_exit
.type _xt_user_exit, @function
_xt_user_exit:
l32i a0, sp, 0x8
wsr.ps a0
l32i a0, sp, 0x4
wsr.epc1 a0
l32i a0, sp, 0xc
l32i sp, sp, 0x10
rsync
rfe