FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

S32G3 ATF behavior on fatal errors

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

S32G3 ATF behavior on fatal errors

Jump to solution
2 weeks ago
490 Views
yashasdu
Contributor I

Hello NXP Support Team,

I am working with an S32G399-based custom board using Yocto BSP 43 and ARM Trusted Firmware (TF-A) v2.10.7.

When ATF encounters a fatal error during boot (for example, panic, assert, or BL2/BL31 failure), the system currently enters a halt state and stops execution. For my use case, I would prefer the system to automatically reboot instead of halting when such failures occur.

Could you please advise:

  • What is the recommended behavior for handling fatal ATF errors on S32G platforms?

  • Whether reboot-on-failure is supported or recommended by NXP for S32G?

  • If there is any existing configuration, hook, or reference implementation provided by NXP to achieve this behavior?

Thank you for your guidance.

Regards,
@yashasdu 

0 Kudos
Reply
1 Solution

Jump to solution
a week ago
335 Views
chenyin_h
NXP Employee
NXP Employee

Hello, @yashasdu 

Thanks for your reply.

As I had mentioned, there is not such a formal guidance/documents from us for your requirements, I apologize. From my experience,  maybe the s32_destructive_reset API is helpful for you, you may check if it could be compatible for rebooting the system in your case.

 

BR

Chenyin

View solution in original post

0 Kudos
Reply
3 Replies

Jump to solution
a week ago
347 Views
chenyin_h
NXP Employee
NXP Employee

Hello, @yashasdu 

Thanks for your post.

1. BSP is based on open source project, you may find all source code of TFA part, from the BSP UM, there is not special settings/implementation for your requirements.

2. There are not a formal recommendation from BSP's perspective, but you may also reference the safety manual for implementing some of the functionality required.

3. From my understanding, the default reaction in TFA for critical errors(system hang) is useful for protect the system safety and is convenient to debug/obtain logs/stack/registers, etc, it is possible for you to trigger reset to the system for certain critical errors as required.

 

BR

Chenyin

0 Kudos
Reply

Jump to solution
a week ago
343 Views
yashasdu
Contributor I

Hello @chenyin_h 

Thanks for your clarification. I understand that ATF halts on fatal errors by default for safety and debugging purposes.

I intend to implement a controlled reset on critical failures for our board. Could you advise the recommended way to trigger a system reset safely from BL2/BL31 context on S32G399 (e.g., using MC_RGM or other platform mechanisms)?

This guidance will help me ensure the changes follow platform best practices.

Regards,
Yashas

0 Kudos
Reply

Jump to solution
a week ago
336 Views
chenyin_h
NXP Employee
NXP Employee

Hello, @yashasdu 

Thanks for your reply.

As I had mentioned, there is not such a formal guidance/documents from us for your requirements, I apologize. From my experience,  maybe the s32_destructive_reset API is helpful for you, you may check if it could be compatible for rebooting the system in your case.

 

BR

Chenyin

0 Kudos
Reply
%3CLINGO-SUB%20id%3D%22lingo-sub-2290693%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3ES32G3%20ATF%20behavior%20on%20fatal%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2290693%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%20class%3D%22%22%3E%3CSPAN%3EHello%20NXP%20Support%20Team%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%20class%3D%22%22%3E%3CSPAN%3EI%20am%20working%20with%20an%20S32G399-based%20custom%20board%20using%20Yocto%20BSP%2043%20and%20ARM%20Trusted%20Firmware%20(TF-A)%20v2.10.7.%3C%2FSPAN%3E%3C%2FP%3E%3CP%20class%3D%22%22%3E%3CSPAN%3EWhen%20ATF%20encounters%20a%20fatal%20error%20during%20boot%20(for%20example%2C%20panic%2C%20assert%2C%20or%20BL2%2FBL31%20failure)%2C%20the%20system%20currently%20enters%20a%20halt%20state%20and%20stops%20execution.%20For%20my%20use%20case%2C%20I%20would%20prefer%20the%20system%20to%20automatically%20reboot%20instead%20of%20halting%20when%20such%20failures%20occur.%3C%2FSPAN%3E%3C%2FP%3E%3CP%20class%3D%22%22%3E%3CSPAN%3ECould%20you%20please%20advise%3A%3C%2FSPAN%3E%3C%2FP%3E%3CUL%3E%3CLI%3E%3CP%20class%3D%22%22%3E%3CSPAN%3EWhat%20is%20the%20recommended%20behavior%20for%20handling%20fatal%20ATF%20errors%20on%20S32G%20platforms%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLI%3E%3CLI%3E%3CP%20class%3D%22%22%3E%3CSPAN%3EWhether%20reboot-on-failure%20is%20supported%20or%20recommended%20by%20NXP%20for%20S32G%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLI%3E%3CLI%3E%3CP%20class%3D%22%22%3E%3CSPAN%3EIf%20there%20is%20any%20existing%20configuration%2C%20hook%2C%20or%20reference%20implementation%20provided%20by%20NXP%20to%20achieve%20this%20behavior%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%3EThank%20you%20for%20your%20guidance.%3CBR%20%2F%3E%3CBR%20%2F%3ERegards%2C%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F234498%22%20target%3D%22_blank%22%3E%40yashasdu%3C%2FA%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2291497%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20S32G3%20ATF%20behavior%20on%20fatal%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2291497%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%20%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F24163%22%20target%3D%22_blank%22%3E%40chenyin_h%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20your%20clarification.%20I%20understand%20that%20ATF%20halts%20on%20fatal%20errors%20by%20default%20for%20safety%20and%20debugging%20purposes.%3C%2FP%3E%3CP%3EI%20intend%20to%20implement%20a%20controlled%20reset%20on%20critical%20failures%20for%20our%20board.%20Could%20you%20advise%20the%20recommended%20way%20to%20trigger%20a%20system%20reset%20safely%20from%20BL2%2FBL31%20context%20on%20S32G399%20(e.g.%2C%20using%20MC_RGM%20or%20other%20platform%20mechanisms)%3F%3C%2FP%3E%3CP%3EThis%20guidance%20will%20help%20me%20ensure%20the%20changes%20follow%20platform%20best%20practices.%3C%2FP%3E%3CP%3ERegards%2C%3CBR%20%2F%3EYashas%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2291481%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20S32G3%20ATF%20behavior%20on%20fatal%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2291481%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F234498%22%20target%3D%22_blank%22%3E%40yashasdu%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks%20for%20your%20post.%3C%2FP%3E%0A%3CP%3E1.%20BSP%20is%20based%20on%20open%20source%20project%2C%20you%20may%20find%20all%20source%20code%20of%20TFA%20part%2C%20from%20the%20BSP%20UM%2C%20there%20is%20not%20special%20settings%2Fimplementation%20for%20your%20requirements.%3C%2FP%3E%0A%3CP%3E2.%20There%20are%20not%20a%20formal%20recommendation%20from%20BSP's%20perspective%2C%20but%20you%20may%20also%20reference%20the%20safety%20manual%20for%20implementing%20some%20of%20the%20functionality%20required.%3C%2FP%3E%0A%3CP%3E3.%20From%20my%20understanding%2C%20the%20default%20reaction%20in%20TFA%20for%20critical%20errors(system%20hang)%20is%20useful%20for%20protect%20the%20system%20safety%20and%20is%20convenient%20to%20debug%2Fobtain%20logs%2Fstack%2Fregisters%2C%20etc%2C%20it%20is%20possible%20for%20you%20to%20trigger%20reset%20to%20the%20system%20for%20certain%20critical%20errors%20as%20required.%3C%2FP%3E%0A%3CBR%20%2F%3E%0A%3CP%3EBR%3C%2FP%3E%0A%3CP%3EChenyin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2291653%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20S32G3%20ATF%20behavior%20on%20fatal%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2291653%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F234498%22%20target%3D%22_blank%22%3E%40yashasdu%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks%20for%20your%20reply.%3C%2FP%3E%0A%3CP%3EAs%20I%20had%20mentioned%2C%20there%20is%20not%20such%20a%20formal%20guidance%2Fdocuments%20from%20us%20for%20your%20requirements%2C%20I%20apologize.%20From%20my%20experience%2C%26nbsp%3B%20maybe%20the%20s32_destructive_reset%20API%20is%20helpful%20for%20you%2C%20you%20may%20check%20if%20it%20could%20be%20compatible%20for%20rebooting%20the%20system%20in%20your%20case.%3C%2FP%3E%0A%3CBR%20%2F%3E%0A%3CP%3EBR%3C%2FP%3E%0A%3CP%3EChenyin%3C%2FP%3E%3C%2FLINGO-BODY%3E