On 18.09.2015 18:40, Richard Henderson wrote:
> On 09/18/2015 03:32 AM, Peter Maydell wrote:
>>> + if (unlikely(cpu_breakpoint_test(cs, dc->pc, BP_ANY))) {
>>> + gen_exception_internal_insn(dc, 0, EXCP_DEBUG);
>>> + /* Advance PC so that clearing the breakpoint will
>>> + invalidate this TB. */
>>> + dc->pc += 2;
>>> + goto done_generating;
>>> + }
>>> if (num_insns == max_insns && (tb->cflags & CF_LAST_IO)) {
>>> gen_io_start();
>>> }
>> Do you know why some but not all targets do this "advance PC"
>> thing if there's a breakpoint?
> No. I don't believe I've seen it before yesterday.
>
> My suspicion is that if we have a TB that would span two pages, and the
> breakpoint is exactly at the page boundary, then we must advance the pc like
> this so that it's clear that the TB utilizes the second page.
>
> If so, it means that there are some targets that are broken based on this
> (e.g.
> i386), and there are a few for which this situation is impossible, and this
> fixup is cargo culting (e.g. aarch64).
>
I noticed that this fixup is only used combined with thing like "goto
done_generating". Other targets terminate the loop only after translated
the insn, e.g. with "dc->is_jmp = DISAS_JUMP".
Best regards,
Sergey
