RISC-V Debug specification includes Sdtrig ISA extension. This extension describes Trigger Module. Triggers can cause a breakpoint exception, entry into Debug Mode, or a trace action without having to execute a special instruction. For native debugging triggers can be used to implement hardware breakpoints and watchpoints. Software support for triggers consists of the following major components: - U-mode: gdb support for hw breakpoints/watchpoints - S-mode: hardware breakpoints framework in Linux kernel - M-mode: SBI firmware code to handle triggers SBI Debug Trigger extension proposal has been posted by Anup Patel to lists.riscv.org tech-debug mailing list, see: https://lists.riscv.org/g/tech-debug/topic/92375492 This patch provides initial Linux support for RISC-V hardware breakpoints and watchpoints based on the proposed SBI Debug Trigger extension. The accompanying OpenSBI and GDB changes has also been posted for review: - https://patchwork.ozlabs.org/project/opensbi/patch/20221203213929.206429-3-geomatsi@xxxxxxxxx/ - https://patchwork.sourceware.org/project/gdb/patch/20221130182605.1905317-1-yuly.tarasov@xxxxxxxxxxxxx/ Current revision has the following limitations: - two trigger types are supported: mcontrol, mcontrol6 - no support for chained triggers - no support for virtualization - only build test for RV32 The functionality has been tested on QEMU together with the mentioned opensbi and gdb patches, including both target gdb and remote debug using gdbserver. Hardware breakpoints work just fine on upstream QEMU. However this is not the case for watchpoints since there is no way to figure out which watchpoint triggered. IIUC there are two possible options for doing this: using 'hit' bit in tdata1 or reading faulting virtual address from STVAL. QEMU implements neither of them. Current implementation opts for STVAL. The following experimental QEMU patch is required to make hw-watchpoints work: : diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c : index 278d163803..8858be7411 100644 : --- a/target/riscv/cpu_helper.c : +++ b/target/riscv/cpu_helper.c : @@ -1639,6 +1639,10 @@ void riscv_cpu_do_interrupt(CPUState *cs) : case RISCV_EXCP_VIRT_INSTRUCTION_FAULT: : tval = env->bins; : break; : + case RISCV_EXCP_BREAKPOINT: : + tval = env->badaddr; : + env->badaddr = 0x0; : + break; : default: : break; : } : diff --git a/target/riscv/debug.c b/target/riscv/debug.c : index 26ea764407..b4d1d566ab 100644 : --- a/target/riscv/debug.c : +++ b/target/riscv/debug.c : @@ -560,6 +560,7 @@ void riscv_cpu_debug_excp_handler(CPUState *cs) : : if (cs->watchpoint_hit) { : if (cs->watchpoint_hit->flags & BP_CPU) { : + env->badaddr = cs->watchpoint_hit->hitaddr; : cs->watchpoint_hit = NULL; : do_trigger_action(env, DBG_ACTION_BP); Changes v1 -> v2: - switched to per-cpu buffers to exchange data with SBI firmware - added support for type 2 (mcounter) triggers - added ptrace interface to expose hw-breakpoints to debuggers Sergey Matyukevich (3): riscv: add support for hardware breakpoints/watchpoints riscv: ptrace: expose hardware breakpoints to debuggers riscv: hw-breakpoints: add more trigger controls arch/riscv/Kconfig | 2 + arch/riscv/include/asm/hw_breakpoint.h | 172 ++++++++ arch/riscv/include/asm/kdebug.h | 3 +- arch/riscv/include/asm/processor.h | 5 + arch/riscv/include/asm/sbi.h | 24 ++ arch/riscv/include/uapi/asm/ptrace.h | 9 + arch/riscv/kernel/Makefile | 1 + arch/riscv/kernel/hw_breakpoint.c | 540 +++++++++++++++++++++++++ arch/riscv/kernel/process.c | 3 + arch/riscv/kernel/ptrace.c | 188 +++++++++ arch/riscv/kernel/traps.c | 5 + 11 files changed, 951 insertions(+), 1 deletion(-) create mode 100644 arch/riscv/include/asm/hw_breakpoint.h create mode 100644 arch/riscv/kernel/hw_breakpoint.c -- 2.38.1
