On 2/3/2026 9:55 AM, Chao Liu wrote:
Hi,
Per Daniel's review feedback, this v5 series is based on Alistair's riscv-to-apply.next branch [3]. It depends on patches 1-5 of Max Chou's "Add Zvfbfa extension support" v2 series (not included; apply them first) [2].
It is based on RISC-V Debug Specification 1.0 [1].
It introduces the sdext/sdtrig config bits, DCSR/DPC/DSCRATCH state, Debug Mode enter/leave helpers, DRET, EBREAK entry, single-step, and trigger action=debug mode.
To reduce review load, this series focuses on the Sdext features first. The Debug Module (DM) and related flows will follow in a later series.
We still need a reviewed-by in patch 1 (that I can't give, after all it's my patch hehe). Aside from that the series LGTM. It's not sensible to think that we're going to push upstream an error/bug free extension. The code will need more mileage with more people using it and we'll fix what is needed along the way. We have a long time until the release anyway. My vote is to queue this up (we'll need Max's series queued first). When this lands upstream we'll go back to the Server SoC reference board and get that upstreamed too. Thanks, Daniel
Changes in v5: - Patch 2: removed redundant `cpu->cfg.ext_sdext = false;` in riscv_cpu_init() since it's already set to false in MULTI_EXT_CFG_BOOL. (Daniel) - Patch 7: changed LOG_UNIMP to LOG_GUEST_ERROR for invalid trigger action=debug mode when Sdext is not enabled. LOG_UNIMP is reserved for unimplemented features, while LOG_GUEST_ERROR is for invalid guest actions. (Daniel)
Changes in v4: - Fixed linux-user build errors: moved debug_mode/dcsr/dpc/dscratch fields inside #ifndef CONFIG_USER_ONLY block in cpu.h, and wrapped all code using these fields with proper guards. (Daniel) - Updated dependency from single patch (patch 5 only) to patches 1-5 of Max Chou's "Add Zvfbfa extension support" v2 series to avoid compilation errors.
Changes in v3: - Rebase onto Alistair's riscv-to-apply.next branch. - Depend on Max Chou's patch "target/riscv: Use the tb->cs_bqse as the extend tb flags." (not included; apply it first) [2]. - Patch 2: default sdext to false in riscv_cpu_extensions[].
Changes in v2: - Drop the RHCT expected AML update from this series. - Replace the split sdext/sdtrig config bits patch with deprecating the 'debug' CPU property. - Rebase and update patch subjects to target/riscv prefix.
Changes in v1: - Debug Mode entry/exit updates DCSR/DPC and restores execution via DRET. - EBREAK honors DCSR ebreak bits and enters Debug Mode when enabled. - Single-step uses DCSR.STEP with a TB flag and a helper at TB exit. It references Max Chou's patch "target/riscv: Use the tb->cs_bqse as the extend tb flags." [2]. - Sdtrig supports action=debug mode for mcontrol/mcontrol6 and reports inst-count triggers in tinfo.
Differences vs Debug Spec (known gaps): - No Debug Module (no DMI, dmcontrol/dmstatus, haltreq/resumereq). - No debug ROM, program buffer, abstract commands, or SBA. - Resume is modeled by leaving Debug Mode at cpu_exec_enter. - Step/exception ordering is simplified: if the stepped instruction traps, the normal exception is taken and Debug Mode is not forced. - Several DCSR fields are not fully modeled (stopcount/stoptime, etc).
Roadmap (next stage, DM focus): 1) Add a DM core with DMI access and hart state tracking. 2) Implement halt/resume handshake and move Debug Mode transitions under DM control. 3) Add debug ROM, program buffer, and abstract commands for GPR/CSR and memory access. 4) Add SBA if required by tooling. 5) Tighten ordering rules for step/exception/trigger priorities.
References: [1] https://github.com/riscv/riscv-debug-spec/releases/tag/1.0 [2] https://lore.kernel.org/qemu-devel/20260108132631.9429-1-max.chou@sifive.com... [3] https://github.com/alistair23/qemu/tree/riscv-to-apply.next
Thanks, Chao
Chao Liu (6): target/riscv: add sdext debug CSRs state target/riscv: add sdext Debug Mode helpers target/riscv: add dret instruction target/riscv: add sdext enter Debug Mode on ebreak target/riscv: add sdext single-step support target/riscv: add sdtrig trigger action=debug mode
Daniel Henrique Barboza (1): target/riscv: deprecate 'debug' CPU property
docs/about/deprecated.rst | 7 + include/exec/translation-block.h | 4 +- target/riscv/cpu.c | 59 +++++++- target/riscv/cpu.h | 9 ++ target/riscv/cpu_bits.h | 33 +++++ target/riscv/cpu_cfg_fields.h.inc | 3 +- target/riscv/cpu_helper.c | 90 ++++++++++++ target/riscv/csr.c | 128 +++++++++++++++++- target/riscv/debug.c | 58 +++++++- target/riscv/helper.h | 3 + target/riscv/insn32.decode | 1 + .../riscv/insn_trans/trans_privileged.c.inc | 24 ++++ target/riscv/machine.c | 44 ++++-- target/riscv/op_helper.c | 70 ++++++++++ target/riscv/tcg/tcg-cpu.c | 21 ++- target/riscv/translate.c | 16 ++- 16 files changed, 545 insertions(+), 25 deletions(-)
-- 2.53.0