Place data_start/data_end calculation after reading the image header
to s->header. Set s->data_start to the offset calculated in
parallels_test_data_off(). Call bdrv_check() if data_off is incorrect.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

data_off field of the parallels image header can be corrupted. Check if
this field greater than the header + BAT size and less than file size.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

bdrv_co_getlength() should be used in coroutine context. Replace
bdrv_getlength() by bdrv_co_getlength() in parallels_check_outside_image().

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

Repair an image at opening if the image is unclean or out-of-image
corruption was detected.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

Cluster offsets must be unique among all the BAT entries. Find duplicate
offsets in the BAT and fix it by copying the content of the relevant
cluster to a newly allocated cluster and set the new cluster offset to the
duplicated entry.

Add host_cluster_index() helper to deduplicate the code.

When new clusters are allocated, the file size increases by 128 Mb. Call
parallels_check_leak() to fix this leak.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

In the next patch we will need the offset of the data area for host cluster
index calculation. Add this field and setting up code.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

In the on of the next patches we need to repair leaks without changing
leaks and leaks_fixed info in res. Also we don't want to print any warning
about leaks. Add "explicit" argument to skip info changing if the argument
is false.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

Initially data_end is set to the data_off image header field and must not
be greater than the file size.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

The BDRVParallelsState structure contains data_end field that is measured
in sectors. In parallels_open() initially this field is set by data_off
field from parallels image header.

According to the parallels format documentation, data_off field contains
an offset, in sectors, from the start of the file to the start of the
data area. For "WithoutFreeSpace" images: if data_off is zero, the offset
is calculated as the end of the BAT table plus some padding to ensure
sector size alignment.

The parallels_open() function has code for handling zero value in
data_off, but in the result data_end contains the offset in bytes.

Replace the alignment to sector size by division by sector size and fix
the comparision with s->header_size.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>

This patch is technically necessary as git patch rendering could result
in moving some code from one place to the another and that hits
checkpatch.pl warning. This problem specifically happens within next
series.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>

Driver changes are driving by me for now. At least we need to get
functionally complete check and repair procedure for now.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
CC: Stefan Hajnoczi <stefanha@redhat.com>

* Use precise selfmodifying code mode on s390x TCG
* Check for availablility of more devices in qtests before using them
* Some other minor qtest fixes

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmTw5v4RHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbX2DRAAo7NPNPQ2nsYDdYfKAGt8OSg1BHqh1RYH
# jvLiU5xrWQ3whmSJYw4rcSyBk4yC+lIjoXT6oBn6O40Q1r7OmrWgtrn9g//3SLHb
# Wfob5bZkmRiETDZNFFpYcpRPzElF3ZqIfwOhJ3zfmAQxqeTxpTnAuq2vI38pk3Hz
# 4pQR/j2IKZFmFt6cdYUaKi32odDK6ySKAFCKy9I8sz2hJgOXQRYBkjorDx+g+hoF
# o7DTGkA3uH2xXlLQKhbEGm5xQMlcBgTMb2XeguvRbb7g/Uc046homwm0r6rejDy5
# EgW9Kx3Y34QYZt51onqmA57MNNQboubHkSz9W2b57OX+IWA3VRncdBAxdGmubRTY
# Jb6LsBZSMdKQBXxgIP3DZjvH6MxYjA9Iy3YI7Mk+hJnDACkFVJOCPxS9acnmjYE5
# Nn935GmbYMazfci0c3zc/899hAGDNglD9Tf6ourBjl1WLQstefXhlpzkbGWqSFjF
# Tovpal+Rm6KLDFSfs6TsRp6+FF8a6C1k251Ai67adkiCYM/jKwVoiHrsUJeG0vyc
# 791x5+lixxkLUHu1qNYfEdxvaOE8guhXRt3zJIjmphio3v+RFBLbzC6lTzeZbTTv
# DpnnoFJ/tCzdLew7A1QuzuW361ywyKVE4Qp8HQfaJCOJT9aGgMdyoHlpgz0ojgJm
# fD8Vfl9GZFQ=
# =tZWg
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 31 Aug 2023 15:16:14 EDT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2023-08-31' of https://gitlab.com/thuth/qemu

:
  meson: test for CONFIG_TCG in config_all
  subprojects/berkeley-testfloat-3: Update to fix a problem with compiler warnings
  tests/qtest/bios-tables-test: Check for virtio-iommu device before using it
  tests/qtest/netdev-socket: Avoid variable-length array in inet_get_free_port_multiple()
  tests/qtest/usb-hcd-xhci-test: Check availability of devices before using them
  tests/tcg/s390x: Test precise self-modifying code handling
  target/s390x: Define TARGET_HAS_PRECISE_SMC

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Misc patches queue

Build fixes:
- Only define OS_OBJECT_USE_OBJC with gcc

Overall cleanups:
- Do not declare function prototypes using 'extern' keyword
- Remove unmaintained HAX accelerator
- Have FEWatchFunc handlers return G_SOURCE_CONTINUE/REMOVE instead of boolean
- Avoid modifying QOM class internals from instance in pmbus_device
- Avoid variable-length array in xhci_get_port_bandwidth
- Remove unuseful kvmclock_create() stub
- Style: permit inline loop variables
- Various header cleanups
- Various spelling fixes

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmTw0oUACgkQ4+MsLN6t
# wN7nZQ/+Jyrw1TnHiKV8nS5NKtQIszMTcAbrcuV8YCk0XgwprmrLzxOsOcVOU+MN
# C9SHOhGGcu8NKho73CDrsKqye/IKm8rumMm0hcZrtqGS+3MX9RQzDBUgRgihgD9b
# 78Pmiz/91mrsV4zjXBkWLILipjDUwAL0oXh+MLfkmkTdzJMVfllF5KfF+hdOipwq
# +ECOzwEAFUtCWQk51aLGfrg9SarKC2jtRBEvd1RhwfvXAMCdGP9+pfXJQqkT7ZTK
# Hf4TuOHkzZjHumHGGcJn+P1WHM6W3ILdocG7AAl+/0Jwkx4vhR+6MENJGLxqg4pa
# VTnOpJiL/HsY8319mTswTmlxqmotEDakGjdaRm4ClWPxPksF7zQkdTspBx0/Qayu
# SPr7U5gFLPXMhCpMnrznvjCS+C/dqLYrJAczs9Ecv6KawOIwMiPRzc0SyimCV4DI
# kcpL88Vn4unoBCF7AdiDluPoY2Q41TZ6gRa7B1/nI/4j9Y+Gs/gWQxYHjMlDso+O
# sNgMJ+sqIPW9n1vhl9s6AQweBYnMRW34A5iok9MV0HyFTxNKMoCoR8Ssfk9YzT+L
# mK5a9AfgT8FrhtQXQz6ojIPFM8Q4zGcAQOMudpPiDICDAJaPuUpzL3XVwStT6Rfc
# YL0+Nb+Ja5hPh0fAhgX3BH0EsqruW+DA8rEZfIgAIXDbOC5QFIo=
# =SVsZ
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 31 Aug 2023 13:48:53 EDT
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* tag 'misc-20230831' of https://github.com/philmd/qemu

: (39 commits)
  build: Only define OS_OBJECT_USE_OBJC with gcc
  tests/tcg/aarch64: Rename bti-crt.inc.c -> bti-crt.c.inc
  ui: spelling fixes
  util: spelling fixes
  util/fifo8: Fix typo in fifo8_push_all() description
  hw/i386: Rename 'hw/kvm/clock.h' -> 'hw/i386/kvm/clock.h'
  hw/i386: Remove unuseful kvmclock_create() stub
  hw/usb/hcd-xhci: Avoid variable-length array in xhci_get_port_bandwidth()
  hw/usb: spelling fixes
  hw/sd: spelling fixes
  hw/mips: spelling fixes
  hw/display: spelling fixes
  hw/ide: spelling fixes
  hw/i2c: spelling fixes
  hw/i2c/pmbus_device: Fix modifying QOM class internals from instance
  hw/char/pl011: Replace magic values by register field definitions
  hw/char/pl011: Remove duplicated PL011_INT_[RT]X definitions
  hw/char/pl011: Display register name in trace events
  hw/char/pl011: Restrict MemoryRegionOps implementation access sizes
  hw/char: Have FEWatchFunc handlers return G_SOURCE_CONTINUE/REMOVE
  ...

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Recent versions of macOS use clang instead of gcc. The OS_OBJECT_USE_OBJC
define is only necessary when building with gcc. Let's not define it when
building with clang.

With this patch, I can successfully include GCD headers in QEMU when
building with clang.

Signed-off-by: Alexander Graf <graf@amazon.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-ID: <20230830161425.91946-2-graf@amazon.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Since commit 139c1837 ("meson: rename included C source files
to .c.inc"), QEMU standard procedure for included C files is to
use *.c.inc.

Besides, since commit 6a0057aa ("docs/devel: make a statement
about includes") this is documented as the Coding Style:

  If you do use template header files they should be named with
  the ``.c.inc`` or ``.h.inc`` suffix to make it clear they are
  being included for expansion.

Therefore rename 'bti-crt.inc.c' as 'bti-crt.c.inc'.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20230606141252.95032-6-philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20230823065335.1919380-2-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20230823065335.1919380-3-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20230522153144.30610-2-philmd@linaro.org>

kvmclock_create() is only implemented in hw/i386/kvm/clock.h.
Restrict the "hw/kvm/clock.h" header to i386 by moving it to
hw/i386/.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20230620083228.88796-3-philmd@linaro.org>

We shouldn't call kvmclock_create() when KVM is not available
or disabled:
 - check for kvm_enabled() before calling it
 - assert KVM is enabled once called
Since the call is elided when KVM is not available, we can
remove the stub (it is never compiled).

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20230620083228.88796-2-philmd@linaro.org>

In xhci_get_port_bandwidth(), we use a variable-length array to
construct the buffer to send back to the guest. Avoid the VLA
by using dma_memory_set() to directly request the memory system
to fill the guest memory with a string of '80's.

The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions.  This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g.  CVE-2021-3527).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20230824164818.2652452-1-peter.maydell@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20230823065335.1919380-14-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20230823065335.1919380-18-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20230823065335.1919380-7-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20230823065335.1919380-15-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20230823065335.1919380-14-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20230823065335.1919380-14-mjt@tls.msk.ru>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

QOM object instance should not modify its class state (because
all other objects instanciated from this class get affected).

Instead of modifying the PMBusDeviceClass 'device_num_pages' field
the first time a instance is initialized (in pmbus_pages_alloc),
introduce a new pmbus_pages_num() helper which returns the page
number from the class without modifying the class state.

The code logic become slighly simplified.

Inspired-by: Bernhard Beschow <shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230523064408.57941-4-philmd@linaro.org>

0x400 is Data Register Break Error (DR_BE),
0x10 is Line Control Register Fifo Enabled (LCR_FEN)
and 0x1 is Send Break (LCR_BRK).

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230522153144.30610-7-philmd@linaro.org>

PL011_INT_TX duplicates INT_TX, and PL011_INT_RX INT_RX.
Follow other register fields definitions from this file,
keep the shorter form.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230522153144.30610-6-philmd@linaro.org>

To avoid knowing the register addresses by heart,
display their name along in the trace events.

Since the MMIO region is 4K wide (0x1000 bytes),
displaying the address with 3 digits is enough,
so reduce the address format.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230522153144.30610-5-philmd@linaro.org>

The pl011_read() and pl011_write() handlers shift the offset
argument by 2, so are implemented on a 32-bit boundary.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230710175102.32429-2-philmd@linaro.org>

GLib recommend to use G_SOURCE_REMOVE / G_SOURCE_CONTINUE
for GSourceFunc callbacks. Our FEWatchFunc is a GSourceFunc
returning such value. Use such definitions which are
"more memorable" [*].

[*] https://docs.gtk.org/glib/callback.SourceFunc.html#return-value



Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20230705133139.54419-5-philmd@linaro.org>

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20230705133139.54419-4-philmd@linaro.org>

'qemu/atomic.h' and 'exec/target_page.h' are not used.
'qemu/interval-tree.h' is only required for user emulation.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230828221314.18435-12-philmd@linaro.org>

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230828221314.18435-11-philmd@linaro.org>

Since commit fa92bd4a ("target/xtensa: fix access to
the INTERRUPT SR") these files use QEMU atomic API.
Explicit the header inclusion instead of relying on
implicit and indirect inclusion.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230828221314.18435-10-philmd@linaro.org>

This files only access the address_space_ld/st API, declared
in "exec/cpu-all.h", already included by "cpu.h".

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230828221314.18435-9-philmd@linaro.org>

"qemu/main-loop.h" declares functions related to QEMU's
main loop mutex, which these files don't access. Remove
the unused "qemu/main-loop.h" header.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230828221314.18435-8-philmd@linaro.org>

These files don't use the CPU ld/st API, remove the unnecessary
"exec/cpu_ldst.h" header.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230828221314.18435-7-philmd@linaro.org>