When a hart is already executing from the Debug Module ROM, redirect synchronous exceptions to the ROM exception entry instead of taking the normal trap path.
This keeps the hart inside the Debug Module state machine and lets the ROM report command faults through its mailbox protocol. Signed-off-by: Chao Liu <[email protected]> --- target/riscv/cpu_helper.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index e477016d4a..81b74f7e4a 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -142,6 +142,9 @@ static bool riscv_sdext_enabled(CPURISCVState *env) return riscv_cpu_cfg(env)->ext_sdext; } +/* DM ROM entry window offsets: exception vector is entry + 0x10 (0x810). */ +#define RISCV_DEBUG_ROM_EXCEPTION_OFS 0x10 + /* * Debug Spec v1.0 Table 9: * - ebreak: dpc = address of the ebreak instruction. @@ -2326,6 +2329,15 @@ void riscv_cpu_do_interrupt(CPUState *cs) return; } + if (env->debug_mode && env->dm_rom_present) { + /* + * Exceptions taken while already in Debug Mode are handled by the + * DM ROM exception entry (0x810 in the backing ROM). + */ + env->pc = env->dm_halt_addr + RISCV_DEBUG_ROM_EXCEPTION_OFS; + return; + } + if (!async) { /* set tval to badaddr for traps with address information */ switch (cause) { -- 2.53.0
