core_debug.tex

\chapter{RISC-V Debug}
\label{sec:core_debug}

Modifications to the RISC-V core to support debug are kept to a minimum.  There
is a special execution mode (Debug Mode) and a few extra CSRs. The DM takes care
of the rest.

In order to be compliant with this specification an implementation must
implement everything described in this section that is not explicitly listed as
optional.

\section{Debug Mode} \label{debugmode}

Debug Mode is a special processor mode used only when a hart is halted for
external debugging. Because the hart is halted, there is no forward progress in
the normal instruction stream.
How Debug Mode is implemented is not specified here.

\begin{steps}{When executing code due to an abstract command, the hart stays in
    Debug Mode and the following apply:}
\item All operations are executed at machine mode privilege level, except that
    \FcsrMcontrolMprv in \Rmstatus may be ignored according to \FcsrDcsrMprven.
\item All interrupts (including NMI) are masked.
\item Exceptions don't update any registers.  That includes {\tt cause}, {\tt
    epc}, {\tt tval}, {\tt dpc}, and \Rmstatus. They do end execution of the
    Program Buffer.
\item No action is taken if a trigger matches.
\item If \FcsrDcsrStopcount is 0 then counters continue. If it is 1 then
    counters are stopped.
\item If \FcsrDcsrStoptime is 0 then timers continue. If it is 1 then
    timers are stopped.
\item The {\tt wfi} instruction acts as a {\tt nop}.
\item Almost all instructions that change the privilege level have undefined
    behavior.  This includes {\tt ecall}, {\tt mret}, {\tt sret},
    and {\tt uret}.  (To change the privilege level, the debugger can write
    \FcsrDcsrPrv in \RcsrDcsr). The only exception is {\tt ebreak}, which ends
    execution of the Program Buffer when executed.
\item \label{fence} Completing Program Buffer execution is considered output for the purpose
    of {\tt fence} instructions.
\item All control transfer instructions may act as illegal instructions if
    their destination is in the Program Buffer. If one such instruction acts as
    an illegal instruction, all such instructions must act as illegal
    instructions.
\item All control transfer instructions may act as illegal instructions if
    their destination is outside the Program Buffer. If one such instruction
    acts as an illegal instruction, all such instructions must act as
    illegal instructions.
\item Instructions that depend on the value of the PC (e.g.\ {\tt auipc}) may act
    as illegal instructions.
\item Effective XLEN is DXLEN.
\item Forward progress is guaranteed.
\end{steps}

\begin{commentary}
    In general, the debugger is expected to be able to simulate all the effects of \FcsrMcontrolMprv.
    The exception is the case of Sv32 systems, which need \FcsrMcontrolMprv functionality in order to access
    34-bit physical addresses. Other systems are likely to tie \FcsrDcsrMprven to 0.
\end{commentary}

\section{Load-Reserved/Store-Conditional Instructions}

The reservation registered by an {\tt lr} instruction on a memory address may
be lost when entering Debug Mode or while in Debug Mode.  This means that there
may be no forward progress if Debug Mode is entered between {\tt lr} and {\tt
sc} pairs.

\begin{commentary}
    This is a behavior that debug users must be aware of. If they have a
    breakpoint set between a {\tt lr} and {\tt sc} pair, or are stepping
    through such code, the {\tt sc} may never succeed.  Fortunately in general use
    there will be very few instructions in such a sequence, and anybody
    debugging it will quickly notice that the reservation is not occurring.
    The solution in that case is to set a breakpoint on the first instruction
    after the {\tt sc} and run to it. A higher level debugger may choose to
    automate this.
\end{commentary}

\section{Wait for Interrupt Instruction}

If halt is requested while {\tt wfi} is executing, then the hart must leave the
stalled state, completing this instruction's execution, and then enter Debug
Mode.

\section{Single Step}

\subsection{Step Bit In Dcsr} \label{stepBit}

This method is only available to external debuggers, and is the preferred way
to single step.

An external debugger can cause a halted hart to execute a single instruction or
trap
and then re-enter Debug Mode by setting \FcsrDcsrStep before setting
\FdmDmcontrolResumereq.

If control is transferred to a trap handler while executing the instruction,
then Debug Mode is re-entered immediately after the PC is changed to the trap
handler, and the appropriate {\tt tval} and {\tt cause} registers are updated.
In this case none of the trap handler is executed, and if the cause was a
pending interrupt no instructions might be executed at all.

If executing or fetching the instruction causes a trigger to fire, Debug Mode
is re-entered immediately after that trigger has fired. In that case \FcsrDcsrCause is
set to 2 (trigger) instead of 4 (single step).  Whether the instruction is
executed or not depends on the specific configuration of the trigger.

If the instruction that is executed causes the PC to change to an address where
an instruction fetch causes an exception, that exception does not occur until
the next time the hart is resumed. Similarly, a trigger at the new address does
not fire until the hart actually attempts to execute that instruction.

If the instruction being stepped over is {\tt wfi} and would normally stall the
hart, then instead the instruction is treated as {\tt nop}.

\subsection{Icount Trigger}

Native debuggers won't have access to \RcsrDcsr, but can use the \RcsrIcount
trigger by setting \FcsrIcountCount to 1.

\begin{steps}{This approach does have some limitations:}
    \item Interrupts will fire as usual. Debuggers that want to disable
        interrupts while stepping must disable them by changing \Rmstatus, and
        specially handle instructions that read \Rmstatus.
    \item {\tt wfi} instructions are not treated specially and might take a
        very long time to complete.
\end{steps}

\section{Reset}

If the halt signal (driven by the hart's halt request bit in the Debug Module)
or \Fresethaltreq are asserted when a hart comes out of reset, the hart must
enter Debug Mode before executing any instructions, but after performing any
initialization that would usually happen before the first instruction is
executed.

\section{Resume}

\begin{steps}{When a hart resumes:}
    \item \Rpc changes to the value stored in \RcsrDpc.
    \item The current privilege mode is changed to that specified by
        \FcsrDcsrPrv.
    \item If the new privilege mode is less privileged than M mode,
        \FcsrMcontrolMprv in \Rmstatus is cleared.
    \item The hart is no longer in debug mode.
\end{steps}

\section{{\tt dret} Instruction} \label{dret}

To return from Debug Mode, a new instruction is defined: {\tt dret}. It has an
encoding of 0x7b200073. On harts which support this instruction,
executing {\tt dret} in Debug Mode cause the hart to resume as described above.

Executing {\tt dret} outside of Debug Mode causes an illegal instruction exception.

It is not necessary for the debugger to know whether an implementation supports
{\tt dret}, as the Debug Module will ensure that it is executed if necessary.
It is defined in this specification only to reserve the opcode and
allow for reusable Debug Module implementations.

\section{XLEN}

While in Debug Mode, XLEN is DXLEN. It is up to the debugger to determine the
XLEN during normal program execution (by looking at \Rmisa) and to clearly
communicate this to the user.

\section{Core Debug Registers} \label{debreg}

The supported Core Debug Registers must be implemented for each hart that can
be debugged. They are CSRs, accessible using the RISC-V {\tt csr} opcodes and
optionally also using abstract debug commands.

\input{core_registers.tex}

\section{Virtual Debug Registers} \label{virtreg}

\input{sw_registers.tex}