On 12 May 2015 at 16:43, Richard Henderson <[email protected]> wrote: > On 05/12/2015 08:32 AM, Peter Maydell wrote: >> In order for -icount to work, it's important for the target >> translate.c code to correctly bracket any generated code which >> can "do I/O" with gen_io_start()/gen_io_end() calls. But >> does anybody know exactly what the criteria are here for this? >> It would be nice if we could document this in a comment in >> gen_icount.h -- I'm happy to write one up if somebody will just >> tell me what the right answer is :-) > > I'm really not sure. > > So far I've assumed "i/o"-like insns, and those that can read some sort of > cycle counter. So while that handles easy cases like "inb" and "rdcc", it > certainly doesn't handle any target for which all i/o is memory mapped.
I think the "mmio access" case is already dealt with in the softmmu_template.h handlers, isn't it? If the CPU isn't in a "can do IO" state then the io_read/write handlers call cpu_io_recompile(), which figures out how far through the TB we were (using the machinery we already have for converting host addresses of faults into guest PC values), and creates a new TB which stops with the MMIO load/store. (I don't entirely understand cpu_io_recompile(), though -- it looks rather tricksy.) -- PMM
