virtio has the equivalent of:

	if (vq->last_avail_index != vring_avail_idx(vq)) {
		read descriptor head at vq->last_avail_index;
	}

In theory, processor can reorder descriptor head
read to happen speculatively before the index read.
this would trigger the following race:

	host descriptor head read <- reads invalid head from ring
		guest writes valid descriptor head
		guest writes avail index
	host avail index read <- observes valid index

as a result host will use an invalid head value.
This was not observed in the field by me but after
the experience with the previous two races
I think it is prudent to address this theoretical race condition.
Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>

This fixes an issue dual to the one fixed by
patch 'virtio: add missing mb() on notification'
and applies on top.

In this case, to enable vq kick to exit to host,
qemu writes out used flag then reads the
avail index. if these are reordered we get a race:

    host avail index read: ring is empty
    		guest avail index write
    		guest flag read: exit disabled
    host used flag write: enable exit

which results in a lost exit: host will never be notified about the
avail index update.  Again, happens in the field but only seems to
trigger on some specific hardware.

Insert an smp_mb barrier operation to ensure the correct ordering.
Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>

During normal operation, virtio first writes a used index
and then checks whether it should interrupt the guest
by reading guest avail index/flag values.

Guest does the reverse: writes the index/flag,
then checks the used ring.

The ordering is important: if host avail flag read bypasses the used
index write, we could in effect get this timing:

host avail flag read
		guest enable interrupts: avail flag write
		guest check used ring: ring is empty
host used index write

which results in a lost interrupt: guest will never be notified
about the used ring update.

This actually can happen when using kvm with an io thread,
such that the guest vcpu and qemu run on different host cpus,
and this has actually been observed in the field
(but only seems to trigger on very specific processor types)
with userspace virtio: vhost has the necessary smp_mb()
in place to prevent the regordering, so the same workload stalls
forever waiting for an interrupt with vhost=off but works
fine with vhost=on.

Insert an smp_mb barrier operation in userspace virtio to
ensure the correct ordering.
Applying this patch fixed the race condition we have observed.
Tested on x86_64. I checked the code generated by the new macro
for i386 and ppc but didn't run virtio.

Note: mb could in theory be implemented by __sync_synchronize, but this
would make us hit old GCC bugs. Besides old GCC
not implementing __sync_synchronize at all, there were bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=36793
in this functionality as recently as in 4.3.

As we need asm for rmb,wmb anyway, it's just as well to
use it for mb.
Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>

Make it easier to reuse this function.
Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>

If a guest sets very short timeouts, and asks for a timer to be reloaded on
timeout, QEMU can go to 100%CPU utilisation and become unresponsive,
as it is spending all its time generating timeout interrupts.  On real
hardware this doesn't matter, as the interrupts are just coalesced,
and the effect is to have the interrupt asserted all the time.

This patch is a band-aid, that prevents timeouts less than 10
microseconds from being set.  10 microseconds is a limit that was
determined empirically on a variety of machines as the shortest that
allowed QEMU to pick up a control-a c sequence to get at the monitor.
Reported-by: NAnna Lyons <anna.lyons@nicta.com.au>
Signed-off-by: NPeter Chubb <peter.chubb@nicta.com.au>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Specify the root to search from as argument. This avoids hardcoding
"/machine" in some places and makes it more flexible.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Anthony Liguori <anthony@codemonkey.ws>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Sparc Debian 5.0.8 does not define __suseconds_t as long,
but FMT_timeval expects %ld.
Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

  remove the extra pthread switch which might be there
  from the package config check for gthreads.
Signed-off-by: NPeter Portante <peter.portante@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Only proxy helper does.
Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NKusanagi Kouichi <slash@ac.auone-net.jp>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

qemu-system-arm (and other system emulations) crashes with SDL when
the user switches consoles (Alt-Ctrl-F4).

We already check for NULL pointers in qemu_chr_fe_ioctl,
qemu_chr_be_can_write and other functions, so do this also
for s->chr_read in qemu_chr_be_write. This fixes the crash.
Signed-off-by: NStefan Weil <sw@weilnetz.de>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

This will allow the user to make Qemu use a different subdirectory name
inside $datadir and $sysconfdir, instead of "/qemu".
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Autoconf uses --datadir for the /usr/share directory, not the
program-specific subdirectory inside /usr/share. This changes configure
to match autoconf behavior.

Note that this will break compatibility with existing build scripts.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

As now that block handles only the prefix variable, the code can be much
simpler. This also removes the CONFIG_QEMU_PREFIX define as it is not
used by any C code.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Now only the qemu_*dir variables will become #defines. The other
directory names aren't used by the C code.

That means the following #defines won't be available in C code anymore:

 - CONFIG_QEMU_BINDIR
 - CONFIG_QEMU_LIBDIR
 - CONFIG_QEMU_INCLUDEDIR
 - CONFIG_QEMU_MANDIR
 - CONFIG_QEMU_SYSCONFDIR
 - CONFIG_QEMU_LIBEXECDIR

The following #defines are going to be kept because they are handled by
the qemu_* block on create_config:

 - CONFIG_QEMU_CONFDIR
 - CONFIG_QEMU_DATADIR
 - CONFIG_QEMU_DOCDIR

This one will be kept because it is set directly by ./configure:

 - CONFIG_QEMU_HELPERDIR

This patch keeps the 'prefix=*' (CONFIG_QEMU_PREFIX) pattern because
other variables may use $prefix on their config-host.mak definitions.
The remaining code will be simplified on a further patch.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Cosmetic change.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

There is no code using that variable according to 'git grep', so kill
it.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Instead of hardcoding the directory suffix, use the qemu-specific
directory variable.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

$confdir is a confusing name, as it's not clear if it's "the system
config dir" or "the Qemus-specific directory inside the config dir".
$qemu_confdir makes it more clear.

The current C code that uses CONFIG_QEMU_CONFDIR should be safe, as now
create_config generates the same #define name (CONFIG_QEMU_CONFDIR) for
both "confdir" and "qemu_confdir" variables.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Autoconf concept of "datadir" is supposed to be "$prefix/share", not
"$prefix/share/PACKAGE", so using datadir for the Qemu-specific
directory is confusing.

The current C code that uses CONFIG_QEMU_DATADIR should be safe, as now
create_config generates the same #define name (CONFIG_QEMU_DATADIR) for
both "datadir" and "qemu_datadir" variables.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

The generic *dir section will eventually go away and be replaced with
qemu_* section. By now, both sections will be kept, while the variables
get renamed on config-host.mak.

With this patch, a XXXdir variable will become a CONFIG_QEMU_XXXDIR
define, and a qemu_XXXdir variable will become CONFIG_QEMU_XXXDIR as
well (instead of becoming a CONFIG_QEMU_QEMU_XXXDIR define).

Changes v1 -> v2:
 - Rebase on top of newer qemu.git changes, that changed
   "tr '[:lower:]' '[:upper:]'" to "LC_ALL=C tr '[a-z]' '[A-Z]'".
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

There's no "confdir" variable on Autoconf, but it's good to make it
clear that it's a variable for the Qemu-specific subdirectory inside
$sysconfdir.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

The autoconf "docdir" variable is used for the program-specific
subdirectory, but anyway it's better to make it clear that the variable
is used for the qemu-specific subdirectory path.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

The variable is used for the qemu-specific directory and has a different
meaning of the autoconf "datadir" variable (that's used for the
$prefix/share directory, not for $prefix/share/PACKAGE).

This doesn't change behavior or interfaces, it's just an internal
variable rename.
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Move code from cpu_mb_init() to a QOM initfn.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Tested-by: NPeter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
[AF: Leave cpu_reset() call in cpu_mb_init()]

Move code from cpu_state_reset() to QOM mb_cpu_reset().
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Tested-by: NPeter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>

Embed CPUMBState as first member of QOM MicroBlazeCPU.

Let CPUClass::reset() call cpu_state_reset() for now.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Tested-by: NPeter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
[AF: Updated cpu.c to include cpu-qom.h indirectly via cpu.h]

Move VR-independent code from cpu_cris_init() into an initfn.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Move code from cpu_state_reset() into QOM cris_cpu_reset().
Let CPU init call cpu_reset().
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Embed CPUCRISState as first member of QOM CRISCPU.

Let CPUClass::reset() call cpu_state_reset() for now.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

* origin/master:
  qtest: fix memread and memwrite on 32 bit hosts

* qmp/queue/qmp:
  qapi: g_hash_table_find() instead of GHashTableIter.
  qmp: make block job command naming consistent

Use PRIx64 to print 64 bit values to avoid truncation
on 32 bit hosts.
Reviewed-by: NAnthony Liguori <aliguori@us.ibm.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

* kwolf/for-anthony: (38 commits)
  qemu-iotests: Fix test 031 for qcow2 v3 support
  qemu-iotests: Add -o and make v3 the default for qcow2
  qcow2: Zero write support
  qemu-iotests: Test backing file COW with zero clusters
  qemu-iotests: add a simple test for write_zeroes
  qcow2: Support for feature table header extension
  qcow2: Support reading zero clusters
  qcow2: Version 3 images
  qcow2: Ignore reserved bits in check_refcounts
  qcow2: Ignore reserved bits in refcount table entries
  qcow2: Simplify count_cow_clusters
  qcow2: Refactor qcow2_free_any_clusters
  qcow2: Ignore reserved bits in L1/L2 entries
  qcow2: Fail write_compressed when overwriting data
  qcow2: Ignore reserved bits in count_contiguous_clusters()
  qcow2: Ignore reserved bits in get_cluster_offset
  qcow2: Save disk size in snapshot header
  Specification for qcow2 version 3
  qcow2: Fix refcount block allocation during qcow2_alloc_cluster_at()
  iotests: Resolve test failures caused by hostname
  ...

* origin/master:
  fix BCD mask for date (Solaris 2.5 guest hang fix)

Fix BCD mask for date. The most visible effect of this patch is
Solaris 2.5.1 doesn't hang at boot if the day of month is >21.
Signed-off-by: NArtyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

* origin/master: (27 commits)
  target-arm: Move reset handling to arm_cpu_reset
  target-arm: Drop cpu_reset_model_id()
  target-arm: Move cache ID register setup to cpu specific init fns
  target-arm: Move OMAP cp15_i_{max,min} reset to cpu_state_reset
  target-arm: Move feature register setup to per-CPU init fns
  target-arm: Move iWMMXT wCID reset to cpu_state_reset
  target-arm: Drop JTAG_ID documentation
  target-arm: Move SCTLR reset value setup to per cpu init fns
  target-arm: Move CTR setup to per cpu init fns
  target-arm: Move MVFR* setup to per cpu init fns
  target-arm: Move FPSID config to cpu init fns
  target-arm: Move feature bit settings to CPU init fns
  target-arm: Add QOM subclasses for each ARM cpu implementation
  target-arm: remind to keep arm features in sync with linux-user/elfload.c
  tci: GETPC() macro must return an uintptr_t
  gdbstub: Synchronize CPU state unconditionally in gdb_set_cpu_pc
  softfloat: make USE_SOFTFLOAT_STRUCT_TYPES compile
  target-xtensa: add tests for LOOPNEZ and LOOPGTZ
  target-xtensa: fix LOOPNEZ/LOOPGTZ translation
  qtest: add m48t59 tests for Sparc
  ...

GHashTableIter was first introduced in glib 2.16.
This patch removes it in favor of older g_hash_table_find()
for better compatibility with RHEL5.
Signed-off-by: NNODA, Kai <nodakai@gmail.com>
Signed-off-by: NLuiz Capitulino <lcapitulino@redhat.com>

The block streaming and job commands used '_' instead of '-' for reasons
of compatibility with libvirt, which already included support for the
'_' naming.  However, the semantics of block_job_cancel have changed and
libvirt now needs to handle the new semantics.

Since the old semantics were never in a QEMU release we can still rename
the commands to use '-' instead of '_'.  Libvirt is also happy because
the new name can be used to distinguish QEMU binaries that support the
latest block-job-cancel semantics from those that include a downstream
block_job_cancel command.

Therefore, let's apply the QAPI/QMP naming rules to the block streaming
and job commands.  QEMU 1.1 will be the first release with these
commands so no upstream users can break.

Note that HMP commands are left with '_' because that is the convention
there.
Signed-off-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Reviewed-by: NEric Blake <eblake@redhat.com>
Signed-off-by: NLuiz Capitulino <lcapitulino@redhat.com>

* sstabellini/build_fix:
  xen: add a dummy xc_hvm_inject_msi for Xen < 4.2
  xen,configure: detect Xen 4.2