Hi Richard, On Mon, Mar 11, 2019 at 09:01:32PM -0700, Richard Henderson wrote: > On 3/11/19 8:28 PM, Richard Henderson wrote: > > On 3/11/19 12:16 PM, Sven Schnelle wrote: > >> HP-UX (all versions) is losing timer interrupts, which leads to > >> hangs. Pressing a key on the console fixes this, so it looks like > >> QEMU is just looping trough TBs without checking for interrupts. > >> Further investion showed that this happens when interrupts are > >> triggered, without PSW_I enabled. Calling eval_interrupt() after > >> PSW_I is set seems to fix this. > >> > >> Signed-off-by: Sven Schnelle <sv...@stackframe.org> > >> --- > >> target/hppa/cpu.h | 1 + > >> target/hppa/int_helper.c | 2 +- > >> target/hppa/op_helper.c | 6 ++++++ > >> 3 files changed, 8 insertions(+), 1 deletion(-) > > > > The correct fix is to exit to the main loop. > > ... except what we're already doing that. So I don't see what > can be changed to help. This doesn't seem to make a difference.
I looked into this again, and with my limited TCG knowledge it looks like the exit_tb is not happening because ssm is called in a branch delay slot: This is the TB it's calling when it looses the timer interrupt: IN: 0x0000000000045758: bv r0(rp) 0x000000000004575c: ssm 1,r0 OP: ld_i32 tmp0,env,$0xffffffffffffffe0 movi_i32 tmp1,$0x0 brcond_i32 tmp0,tmp1,lt,$L0 ---- 0000000000045758 000000000004575c mov_i32 tmp0,r2 mov_i32 iaoq_b,tmp0 ---- 000000000004575c 00000000ffffffff movi_i32 tmp1,$0x4 add_i32 tmp0,iaoq_b,tmp1 ld_i32 tmp1,env,$0x1c0 movi_i32 tmp2,$0x1 or_i32 tmp1,tmp1,tmp2 call swap_system_mask,$0x1,$1,tmp1,env,tmp1 Everything above is ssm, and below this is the branch instruction, which skips the exit_tb (i think): mov_i32 iaoq_f,iaoq_b mov_i32 iaoq_b,tmp0 mov_i64 iasq_f,iasq_b call lookup_tb_ptr,$0x6,$1,tmp3,env goto_ptr tmp3 set_label $L0 exit_tb $0x7f373c33cb83 I might also be totally wrong, let me know if that's the case. ;-) Regards Sven
