diff --git a/.gitignore b/.gitignore index 75bceb9975..88a80ff4a5 100644 --- a/.gitignore +++ b/.gitignore @@ -24,6 +24,8 @@ /*-darwin-user /*-linux-user /*-bsd-user +/ivshmem-client +/ivshmem-server /libdis* /libuser /linux-headers/asm diff --git a/configure b/configure index 60cbd84fff..b68776435c 100755 --- a/configure +++ b/configure @@ -1348,7 +1348,6 @@ disabled with --disable-FEATURE, default is enabled if available: vte vte support for the gtk UI curses curses UI vnc VNC UI support - vnc-tls TLS encryption for VNC server vnc-sasl SASL encryption for VNC server vnc-jpeg JPEG lossy compression for VNC server vnc-png PNG compression for VNC server diff --git a/contrib/ivshmem-server/ivshmem-server.c b/contrib/ivshmem-server/ivshmem-server.c index 5e5239ce45..d9e26b0574 100644 --- a/contrib/ivshmem-server/ivshmem-server.c +++ b/contrib/ivshmem-server/ivshmem-server.c @@ -168,7 +168,9 @@ ivshmem_server_handle_new_conn(IvshmemServer *server) } if (i == G_MAXUINT16) { IVSHMEM_SERVER_DEBUG(server, "cannot allocate new client id\n"); - goto fail; + close(newfd); + g_free(peer); + return -1; } peer->id = server->cur_id++; diff --git a/exec.c b/exec.c index ed88e72f14..a028961587 100644 --- a/exec.c +++ b/exec.c @@ -903,7 +903,7 @@ static RAMBlock *qemu_get_ram_block(ram_addr_t addr) block = atomic_rcu_read(&ram_list.mru_block); if (block && addr - block->offset < block->max_length) { - goto found; + return block; } QLIST_FOREACH_RCU(block, &ram_list.blocks, next) { if (addr - block->offset < block->max_length) { diff --git a/gdbstub.c b/gdbstub.c index d2c95b5d1e..9c29aa0e87 100644 --- a/gdbstub.c +++ b/gdbstub.c @@ -956,6 +956,13 @@ static int gdb_handle_packet(GDBState *s, const char *line_buf) if (*p == ',') p++; len = strtoull(p, NULL, 16); + + /* memtohex() doubles the required space */ + if (len > MAX_PACKET_LENGTH / 2) { + put_packet (s, "E22"); + break; + } + if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) { put_packet (s, "E14"); } else { @@ -970,6 +977,12 @@ static int gdb_handle_packet(GDBState *s, const char *line_buf) len = strtoull(p, (char **)&p, 16); if (*p == ':') p++; + + /* hextomem() reads 2*len bytes */ + if (len > strlen(p) / 2) { + put_packet (s, "E22"); + break; + } hextomem(mem_buf, p, len); if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, true) != 0) { @@ -1107,7 +1120,8 @@ static int gdb_handle_packet(GDBState *s, const char *line_buf) cpu = find_cpu(thread); if (cpu != NULL) { cpu_synchronize_state(cpu); - len = snprintf((char *)mem_buf, sizeof(mem_buf), + /* memtohex() doubles the required space */ + len = snprintf((char *)mem_buf, sizeof(buf) / 2, "CPU#%d [%s]", cpu->cpu_index, cpu->halted ? "halted " : "running"); memtohex(buf, mem_buf, len); @@ -1136,8 +1150,8 @@ static int gdb_handle_packet(GDBState *s, const char *line_buf) put_packet(s, "E01"); break; } - hextomem(mem_buf, p + 5, len); len = len / 2; + hextomem(mem_buf, p + 5, len); mem_buf[len++] = 0; qemu_chr_be_write(s->mon_chr, mem_buf, len); put_packet(s, "OK"); diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c index 0d4b3247b7..a00a0abe83 100644 --- a/hw/acpi/aml-build.c +++ b/hw/acpi/aml-build.c @@ -1163,9 +1163,7 @@ void *acpi_data_push(GArray *table_data, unsigned size) unsigned acpi_data_len(GArray *table) { -#if GLIB_CHECK_VERSION(2, 22, 0) assert(g_array_get_element_size(table) == 1); -#endif return table->len; } diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c index c903747952..b9bcdcc78d 100644 --- a/hw/bt/sdp.c +++ b/hw/bt/sdp.c @@ -150,12 +150,14 @@ static ssize_t sdp_svc_search(struct bt_l2cap_sdp_state_s *sdp, if (seqlen < 3 || len < seqlen) return -SDP_INVALID_SYNTAX; len -= seqlen; - while (seqlen) if (sdp_svc_match(sdp, &req, &seqlen)) return -SDP_INVALID_SYNTAX; - } else if (sdp_svc_match(sdp, &req, &seqlen)) - return -SDP_INVALID_SYNTAX; + } else { + if (sdp_svc_match(sdp, &req, &len)) { + return -SDP_INVALID_SYNTAX; + } + } if (len < 3) return -SDP_INVALID_SYNTAX; @@ -278,8 +280,11 @@ static ssize_t sdp_attr_get(struct bt_l2cap_sdp_state_s *sdp, while (seqlen) if (sdp_attr_match(record, &req, &seqlen)) return -SDP_INVALID_SYNTAX; - } else if (sdp_attr_match(record, &req, &seqlen)) - return -SDP_INVALID_SYNTAX; + } else { + if (sdp_attr_match(record, &req, &len)) { + return -SDP_INVALID_SYNTAX; + } + } if (len < 1) return -SDP_INVALID_SYNTAX; @@ -393,8 +398,11 @@ static ssize_t sdp_svc_search_attr_get(struct bt_l2cap_sdp_state_s *sdp, while (seqlen) if (sdp_svc_match(sdp, &req, &seqlen)) return -SDP_INVALID_SYNTAX; - } else if (sdp_svc_match(sdp, &req, &seqlen)) - return -SDP_INVALID_SYNTAX; + } else { + if (sdp_svc_match(sdp, &req, &len)) { + return -SDP_INVALID_SYNTAX; + } + } if (len < 3) return -SDP_INVALID_SYNTAX; @@ -413,8 +421,11 @@ static ssize_t sdp_svc_search_attr_get(struct bt_l2cap_sdp_state_s *sdp, while (seqlen) if (sdp_svc_attr_match(sdp, &req, &seqlen)) return -SDP_INVALID_SYNTAX; - } else if (sdp_svc_attr_match(sdp, &req, &seqlen)) - return -SDP_INVALID_SYNTAX; + } else { + if (sdp_svc_attr_match(sdp, &req, &len)) { + return -SDP_INVALID_SYNTAX; + } + } if (len < 1) return -SDP_INVALID_SYNTAX; diff --git a/hw/display/qxl.c b/hw/display/qxl.c index 9c961dae93..8a3040cbbf 100644 --- a/hw/display/qxl.c +++ b/hw/display/qxl.c @@ -2156,7 +2156,7 @@ static int qxl_post_load(void *opaque, int version) qxl_create_guest_primary(d, 1, QXL_SYNC); /* replay surface-create and cursor-set commands */ - cmds = g_malloc0(sizeof(QXLCommandExt) * (d->ssd.num_surfaces + 1)); + cmds = g_new0(QXLCommandExt, d->ssd.num_surfaces + 1); for (in = 0, out = 0; in < d->ssd.num_surfaces; in++) { if (d->guest_surfaces.cmds[in] == 0) { continue; diff --git a/hw/display/tcx.c b/hw/display/tcx.c index bf119bc89a..d720ea6666 100644 --- a/hw/display/tcx.c +++ b/hw/display/tcx.c @@ -944,57 +944,55 @@ static void tcx_initfn(Object *obj) SysBusDevice *sbd = SYS_BUS_DEVICE(obj); TCXState *s = TCX(obj); - memory_region_init_ram(&s->rom, OBJECT(s), "tcx.prom", FCODE_MAX_ROM_SIZE, + memory_region_init_ram(&s->rom, obj, "tcx.prom", FCODE_MAX_ROM_SIZE, &error_fatal); memory_region_set_readonly(&s->rom, true); sysbus_init_mmio(sbd, &s->rom); /* 2/STIP : Stippler */ - memory_region_init_io(&s->stip, OBJECT(s), &tcx_stip_ops, s, "tcx.stip", + memory_region_init_io(&s->stip, obj, &tcx_stip_ops, s, "tcx.stip", TCX_STIP_NREGS); sysbus_init_mmio(sbd, &s->stip); /* 3/BLIT : Blitter */ - memory_region_init_io(&s->blit, OBJECT(s), &tcx_blit_ops, s, "tcx.blit", + memory_region_init_io(&s->blit, obj, &tcx_blit_ops, s, "tcx.blit", TCX_BLIT_NREGS); sysbus_init_mmio(sbd, &s->blit); /* 5/RSTIP : Raw Stippler */ - memory_region_init_io(&s->rstip, OBJECT(s), &tcx_rstip_ops, s, "tcx.rstip", + memory_region_init_io(&s->rstip, obj, &tcx_rstip_ops, s, "tcx.rstip", TCX_RSTIP_NREGS); sysbus_init_mmio(sbd, &s->rstip); /* 6/RBLIT : Raw Blitter */ - memory_region_init_io(&s->rblit, OBJECT(s), &tcx_rblit_ops, s, "tcx.rblit", + memory_region_init_io(&s->rblit, obj, &tcx_rblit_ops, s, "tcx.rblit", TCX_RBLIT_NREGS); sysbus_init_mmio(sbd, &s->rblit); /* 7/TEC : ??? */ - memory_region_init_io(&s->tec, OBJECT(s), &tcx_dummy_ops, s, - "tcx.tec", TCX_TEC_NREGS); + memory_region_init_io(&s->tec, obj, &tcx_dummy_ops, s, "tcx.tec", + TCX_TEC_NREGS); sysbus_init_mmio(sbd, &s->tec); /* 8/CMAP : DAC */ - memory_region_init_io(&s->dac, OBJECT(s), &tcx_dac_ops, s, - "tcx.dac", TCX_DAC_NREGS); + memory_region_init_io(&s->dac, obj, &tcx_dac_ops, s, "tcx.dac", + TCX_DAC_NREGS); sysbus_init_mmio(sbd, &s->dac); /* 9/THC : Cursor */ - memory_region_init_io(&s->thc, OBJECT(s), &tcx_thc_ops, s, "tcx.thc", + memory_region_init_io(&s->thc, obj, &tcx_thc_ops, s, "tcx.thc", TCX_THC_NREGS); sysbus_init_mmio(sbd, &s->thc); /* 11/DHC : ??? */ - memory_region_init_io(&s->dhc, OBJECT(s), &tcx_dummy_ops, s, "tcx.dhc", + memory_region_init_io(&s->dhc, obj, &tcx_dummy_ops, s, "tcx.dhc", TCX_DHC_NREGS); sysbus_init_mmio(sbd, &s->dhc); /* 12/ALT : ??? */ - memory_region_init_io(&s->alt, OBJECT(s), &tcx_dummy_ops, s, "tcx.alt", + memory_region_init_io(&s->alt, obj, &tcx_dummy_ops, s, "tcx.alt", TCX_ALT_NREGS); sysbus_init_mmio(sbd, &s->alt); - - return; } static void tcx_realizefn(DeviceState *dev, Error **errp) diff --git a/hw/dma/pxa2xx_dma.c b/hw/dma/pxa2xx_dma.c index d4501fb4cb..54cdb25a32 100644 --- a/hw/dma/pxa2xx_dma.c +++ b/hw/dma/pxa2xx_dma.c @@ -459,9 +459,8 @@ static int pxa2xx_dma_init(SysBusDevice *sbd) return -1; } - s->chan = g_malloc0(sizeof(PXA2xxDMAChannel) * s->channels); + s->chan = g_new0(PXA2xxDMAChannel, s->channels); - memset(s->chan, 0, sizeof(PXA2xxDMAChannel) * s->channels); for (i = 0; i < s->channels; i ++) s->chan[i].state = DCSR_STOPINTR; diff --git a/hw/i386/pci-assign-load-rom.c b/hw/i386/pci-assign-load-rom.c index 34a3a7ed7f..e40b586b92 100644 --- a/hw/i386/pci-assign-load-rom.c +++ b/hw/i386/pci-assign-load-rom.c @@ -45,14 +45,10 @@ void *pci_assign_dev_load_option_rom(PCIDevice *dev, struct Object *owner, return NULL; } - if (access(rom_file, F_OK)) { - error_report("pci-assign: Insufficient privileges for %s", rom_file); - return NULL; - } - /* Write "1" to the ROM file to enable it */ fp = fopen(rom_file, "r+"); if (fp == NULL) { + error_report("pci-assign: Cannot open %s: %s", rom_file, strerror(errno)); return NULL; } val = 1; diff --git a/hw/input/tsc210x.c b/hw/input/tsc210x.c index fae3385636..1073bbfec6 100644 --- a/hw/input/tsc210x.c +++ b/hw/input/tsc210x.c @@ -1086,9 +1086,7 @@ uWireSlave *tsc2102_init(qemu_irq pint) { TSC210xState *s; - s = (TSC210xState *) - g_malloc0(sizeof(TSC210xState)); - memset(s, 0, sizeof(TSC210xState)); + s = g_new0(TSC210xState, 1); s->x = 160; s->y = 160; s->pressure = 0; @@ -1135,9 +1133,7 @@ uWireSlave *tsc2301_init(qemu_irq penirq, qemu_irq kbirq, qemu_irq dav) { TSC210xState *s; - s = (TSC210xState *) - g_malloc0(sizeof(TSC210xState)); - memset(s, 0, sizeof(TSC210xState)); + s = g_new0(TSC210xState, 1); s->x = 400; s->y = 240; s->pressure = 0; diff --git a/hw/pci/pcie.c b/hw/pci/pcie.c index 32c65c27a4..0eab29d534 100644 --- a/hw/pci/pcie.c +++ b/hw/pci/pcie.c @@ -426,13 +426,13 @@ void pcie_cap_slot_write_config(PCIDevice *dev, */ if ((sltsta & PCI_EXP_SLTSTA_PDS) && (val & PCI_EXP_SLTCTL_PCC) && ((val & PCI_EXP_SLTCTL_PIC_OFF) == PCI_EXP_SLTCTL_PIC_OFF)) { - PCIBus *sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(dev)); - pci_for_each_device(sec_bus, pci_bus_num(sec_bus), - pcie_unplug_device, NULL); + PCIBus *sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(dev)); + pci_for_each_device(sec_bus, pci_bus_num(sec_bus), + pcie_unplug_device, NULL); - pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTSTA, - PCI_EXP_SLTSTA_PDS); - pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, + pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTSTA, + PCI_EXP_SLTSTA_PDS); + pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, PCI_EXP_SLTSTA_PDC); } diff --git a/hw/usb/ccid-card-emulated.c b/hw/usb/ccid-card-emulated.c index 72329ed7d7..869a63c5b7 100644 --- a/hw/usb/ccid-card-emulated.c +++ b/hw/usb/ccid-card-emulated.c @@ -166,7 +166,7 @@ static void emulated_push_event(EmulatedState *card, EmulEvent *event) static void emulated_push_type(EmulatedState *card, uint32_t type) { - EmulEvent *event = (EmulEvent *)g_malloc(sizeof(EmulEvent)); + EmulEvent *event = g_new(EmulEvent, 1); assert(event); event->p.gen.type = type; @@ -175,7 +175,7 @@ static void emulated_push_type(EmulatedState *card, uint32_t type) static void emulated_push_error(EmulatedState *card, uint64_t code) { - EmulEvent *event = (EmulEvent *)g_malloc(sizeof(EmulEvent)); + EmulEvent *event = g_new(EmulEvent, 1); assert(event); event->p.error.type = EMUL_ERROR; diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c index 809b1cb118..a2762679eb 100644 --- a/hw/usb/dev-mtp.c +++ b/hw/usb/dev-mtp.c @@ -359,8 +359,7 @@ static void usb_mtp_object_readdir(MTPState *s, MTPObject *o) } while ((entry = readdir(dir)) != NULL) { if ((o->nchildren % 32) == 0) { - o->children = g_realloc(o->children, - (o->nchildren + 32) * sizeof(MTPObject *)); + o->children = g_renew(MTPObject *, o->children, o->nchildren + 32); } o->children[o->nchildren] = usb_mtp_object_alloc(s, s->next_handle++, o, entry->d_name); diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c index 1c57e20e70..268ab36468 100644 --- a/hw/usb/hcd-xhci.c +++ b/hw/usb/hcd-xhci.c @@ -2188,7 +2188,7 @@ static void xhci_kick_ep(XHCIState *xhci, unsigned int slotid, xfer->trbs = NULL; } if (!xfer->trbs) { - xfer->trbs = g_malloc(sizeof(XHCITRB) * length); + xfer->trbs = g_new(XHCITRB, length); xfer->trb_alloced = length; } xfer->trb_count = length; diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c index 38086cd0f2..30ff742730 100644 --- a/hw/usb/redirect.c +++ b/hw/usb/redirect.c @@ -322,7 +322,7 @@ static void packet_id_queue_add(struct PacketIdQueue *q, uint64_t id) DPRINTF("adding packet id %"PRIu64" to %s queue\n", id, q->name); - e = g_malloc0(sizeof(struct PacketIdQueueEntry)); + e = g_new0(struct PacketIdQueueEntry, 1); e->id = id; QTAILQ_INSERT_TAIL(&q->head, e, next); q->size++; @@ -468,7 +468,7 @@ static void bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len, dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; } - bufp = g_malloc(sizeof(struct buf_packet)); + bufp = g_new(struct buf_packet, 1); bufp->data = data; bufp->len = len; bufp->offset = 0; @@ -2234,7 +2234,7 @@ static int usbredir_get_bufpq(QEMUFile *f, void *priv, size_t unused) endp->bufpq_size = qemu_get_be32(f); for (i = 0; i < endp->bufpq_size; i++) { - bufp = g_malloc(sizeof(struct buf_packet)); + bufp = g_new(struct buf_packet, 1); bufp->len = qemu_get_be32(f); bufp->status = qemu_get_be32(f); bufp->offset = 0; diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c index 0efee112fd..3d8686d550 100644 --- a/hw/xen/xen_pt_config_init.c +++ b/hw/xen/xen_pt_config_init.c @@ -1937,7 +1937,7 @@ static int xen_pt_config_reg_init(XenPCIPassthroughState *s, break; case 4: rc = xen_host_pci_get_long(&s->real_device, offset, &val); break; - default: assert(1); + default: abort(); } if (rc) { /* Serious issues when we cannot read the host values! */ @@ -1982,7 +1982,7 @@ static int xen_pt_config_reg_init(XenPCIPassthroughState *s, break; case 4: pci_set_long(s->dev.config + offset, val); break; - default: assert(1); + default: abort(); } /* set register value pointer to the data. */ reg_entry->ptr.byte = s->dev.config + offset; diff --git a/include/qom/object.h b/include/qom/object.h index be7280c862..0bb89d481e 100644 --- a/include/qom/object.h +++ b/include/qom/object.h @@ -510,16 +510,16 @@ struct TypeInfo /** * OBJECT_CLASS_CHECK: - * @class: The C type to use for the return value. - * @obj: A derivative of @type to cast. - * @name: the QOM typename of @class. + * @class_type: The C type to use for the return value. + * @class: A derivative class of @class_type to cast. + * @name: the QOM typename of @class_type. * * A type safe version of @object_class_dynamic_cast_assert. This macro is * typically wrapped by each type to perform type safe casts of a class to a * specific class type. */ -#define OBJECT_CLASS_CHECK(class, obj, name) \ - ((class *)object_class_dynamic_cast_assert(OBJECT_CLASS(obj), (name), \ +#define OBJECT_CLASS_CHECK(class_type, class, name) \ + ((class_type *)object_class_dynamic_cast_assert(OBJECT_CLASS(class), (name), \ __FILE__, __LINE__, __func__)) /** diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 8bfb24f05b..6c64ba63db 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -5325,8 +5325,7 @@ static abi_long do_open_by_handle_at(abi_long mount_fd, abi_long handle, return -TARGET_EFAULT; } - fh = g_malloc0(total_size); - memcpy(fh, target_fh, total_size); + fh = g_memdup(target_fh, total_size); fh->handle_bytes = size; fh->handle_type = tswap32(target_fh->handle_type); diff --git a/net/tap-bsd.c b/net/tap-bsd.c index 7028d9be95..0103a97bf6 100644 --- a/net/tap-bsd.c +++ b/net/tap-bsd.c @@ -109,8 +109,7 @@ int tap_open(char *ifname, int ifname_size, int *vnet_hdr, #define PATH_NET_TAP "/dev/tap" -int tap_open(char *ifname, int ifname_size, int *vnet_hdr, - int vnet_hdr_required, int mq_required, Error **errp) +static int tap_open_clone(char *ifname, int ifname_size, Error **errp) { int fd, s, ret; struct ifreq ifr; @@ -126,7 +125,8 @@ int tap_open(char *ifname, int ifname_size, int *vnet_hdr, ret = ioctl(fd, TAPGIFNAME, (void *)&ifr); if (ret < 0) { error_setg_errno(errp, errno, "could not get tap interface name"); - goto error; + close(fd); + return -1; } if (ifname[0] != '\0') { @@ -135,19 +135,47 @@ int tap_open(char *ifname, int ifname_size, int *vnet_hdr, if (s < 0) { error_setg_errno(errp, errno, "could not open socket to set interface name"); - goto error; + close(fd); + return -1; } ifr.ifr_data = ifname; ret = ioctl(s, SIOCSIFNAME, (void *)&ifr); close(s); if (ret < 0) { error_setg(errp, "could not set tap interface name"); - goto error; + close(fd); + return -1; } } else { pstrcpy(ifname, ifname_size, ifr.ifr_name); } + return fd; +} + +int tap_open(char *ifname, int ifname_size, int *vnet_hdr, + int vnet_hdr_required, int mq_required, Error **errp) +{ + int fd = -1; + + /* If the specified tap device already exists just use it. */ + if (ifname[0] != '\0') { + char dname[100]; + snprintf(dname, sizeof dname, "/dev/%s", ifname); + TFR(fd = open(dname, O_RDWR)); + if (fd < 0 && errno != ENOENT) { + error_setg_errno(errp, errno, "could not open %s", dname); + return -1; + } + } + + if (fd < 0) { + /* Tap device not specified or does not exist. */ + if ((fd = tap_open_clone(ifname, ifname_size, errp)) < 0) { + return -1; + } + } + if (*vnet_hdr) { /* BSD doesn't have IFF_VNET_HDR */ *vnet_hdr = 0; diff --git a/qom/object.c b/qom/object.c index 11cd86b931..fc6e161088 100644 --- a/qom/object.c +++ b/qom/object.c @@ -204,7 +204,7 @@ static bool type_is_ancestor(TypeImpl *type, TypeImpl *target_type) { assert(target_type); - /* Check if typename is a direct ancestor of type */ + /* Check if target_type is a direct ancestor of type */ while (type) { if (type == target_type) { return true; diff --git a/target-alpha/translate.c b/target-alpha/translate.c index 87950c63ec..9909c70b1b 100644 --- a/target-alpha/translate.c +++ b/target-alpha/translate.c @@ -2916,7 +2916,7 @@ void gen_intermediate_code(CPUAlphaState *env, struct TranslationBlock *tb) num_insns++; if (unlikely(cpu_breakpoint_test(cs, ctx.pc, BP_ANY))) { - gen_excp(&ctx, EXCP_DEBUG, 0); + ret = gen_excp(&ctx, EXCP_DEBUG, 0); /* The address covered by the breakpoint must be included in [tb->pc, tb->pc + tb->size) in order to for it to be properly cleared -- thus we increment the PC here so that diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c index 4934c80b8f..e88dc7fc7a 100644 --- a/target-ppc/translate_init.c +++ b/target-ppc/translate_init.c @@ -305,7 +305,7 @@ static void spr_read_ibat (DisasContext *ctx, int gprn, int sprn) static void spr_read_ibat_h (DisasContext *ctx, int gprn, int sprn) { - tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, IBAT[sprn & 1][(sprn - SPR_IBAT4U) / 2])); + tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, IBAT[sprn & 1][((sprn - SPR_IBAT4U) / 2) + 4])); } static void spr_write_ibatu (DisasContext *ctx, int sprn, int gprn) diff --git a/tests/.gitignore b/tests/.gitignore index 65496aa5a6..e96f569903 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -30,6 +30,7 @@ test-qapi-types.[ch] test-qapi-visit.[ch] test-qdev-global-props test-qemu-opts +test-qga test-qmp-commands test-qmp-commands.h test-qmp-event diff --git a/tests/i440fx-test.c b/tests/i440fx-test.c index d0bc8de25a..7fa170990f 100644 --- a/tests/i440fx-test.c +++ b/tests/i440fx-test.c @@ -191,7 +191,7 @@ static void write_area(uint32_t start, uint32_t end, uint8_t value) uint32_t size = end - start + 1; uint8_t *data; - data = g_malloc0(size); + data = g_malloc(size); memset(data, value, size); memwrite(start, data, size); diff --git a/ui/console.c b/ui/console.c index f26544eb26..745c354f53 100644 --- a/ui/console.c +++ b/ui/console.c @@ -450,7 +450,7 @@ static void text_console_resize(QemuConsole *s) if (s->width < w1) w1 = s->width; - cells = g_malloc(s->width * s->total_height * sizeof(TextCell)); + cells = g_new(TextCell, s->width * s->total_height); for(y = 0; y < s->total_height; y++) { c = &cells[y * s->width]; if (w1 > 0) { diff --git a/ui/curses.c b/ui/curses.c index 266260a401..7e7e4029ec 100644 --- a/ui/curses.c +++ b/ui/curses.c @@ -431,7 +431,7 @@ void curses_display_init(DisplayState *ds, int full_screen) curses_winch_init(); - dcl = (DisplayChangeListener *) g_malloc0(sizeof(DisplayChangeListener)); + dcl = g_new0(DisplayChangeListener, 1); dcl->ops = &dcl_ops; register_displaychangelistener(dcl); diff --git a/ui/input-legacy.c b/ui/input-legacy.c index a67ed329ce..e0a39f08a5 100644 --- a/ui/input-legacy.c +++ b/ui/input-legacy.c @@ -206,7 +206,7 @@ QEMUPutMouseEntry *qemu_add_mouse_event_handler(QEMUPutMouseEvent *func, { QEMUPutMouseEntry *s; - s = g_malloc0(sizeof(QEMUPutMouseEntry)); + s = g_new0(QEMUPutMouseEntry, 1); s->qemu_put_mouse_event = func; s->qemu_put_mouse_event_opaque = opaque; @@ -240,7 +240,7 @@ QEMUPutLEDEntry *qemu_add_led_event_handler(QEMUPutLEDEvent *func, { QEMUPutLEDEntry *s; - s = g_malloc0(sizeof(QEMUPutLEDEntry)); + s = g_new0(QEMUPutLEDEntry, 1); s->put_led = func; s->opaque = opaque; diff --git a/ui/keymaps.c b/ui/keymaps.c index 49410ae9d1..1b9ba3fa24 100644 --- a/ui/keymaps.c +++ b/ui/keymaps.c @@ -109,7 +109,7 @@ static kbd_layout_t *parse_keyboard_layout(const name2keysym_t *table, } if (!k) { - k = g_malloc0(sizeof(kbd_layout_t)); + k = g_new0(kbd_layout_t, 1); } for(;;) { diff --git a/ui/sdl.c b/ui/sdl.c index 3be29101ed..570cb99f08 100644 --- a/ui/sdl.c +++ b/ui/sdl.c @@ -985,7 +985,7 @@ void sdl_display_init(DisplayState *ds, int full_screen, int no_frame) sdl_grab_start(); } - dcl = g_malloc0(sizeof(DisplayChangeListener)); + dcl = g_new0(DisplayChangeListener, 1); dcl->ops = &dcl_ops; register_displaychangelistener(dcl); diff --git a/ui/vnc-jobs.c b/ui/vnc-jobs.c index 22c9abce55..9512b87183 100644 --- a/ui/vnc-jobs.c +++ b/ui/vnc-jobs.c @@ -79,7 +79,7 @@ static void vnc_unlock_queue(VncJobQueue *queue) VncJob *vnc_job_new(VncState *vs) { - VncJob *job = g_malloc0(sizeof(VncJob)); + VncJob *job = g_new0(VncJob, 1); job->vs = vs; vnc_lock_queue(queue); @@ -90,7 +90,7 @@ VncJob *vnc_job_new(VncState *vs) int vnc_job_add_rect(VncJob *job, int x, int y, int w, int h) { - VncRectEntry *entry = g_malloc0(sizeof(VncRectEntry)); + VncRectEntry *entry = g_new0(VncRectEntry, 1); entry->rect.x = x; entry->rect.y = y; @@ -298,7 +298,7 @@ disconnected: static VncJobQueue *vnc_queue_init(void) { - VncJobQueue *queue = g_malloc0(sizeof(VncJobQueue)); + VncJobQueue *queue = g_new0(VncJobQueue, 1); qemu_cond_init(&queue->cond); qemu_mutex_init(&queue->mutex); diff --git a/ui/vnc.c b/ui/vnc.c index a47f2b382c..f20c08db4a 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -2982,7 +2982,7 @@ static void vnc_refresh(DisplayChangeListener *dcl) static void vnc_connect(VncDisplay *vd, int csock, bool skipauth, bool websocket) { - VncState *vs = g_malloc0(sizeof(VncState)); + VncState *vs = g_new0(VncState, 1); int i; vs->csock = csock; @@ -3005,7 +3005,7 @@ static void vnc_connect(VncDisplay *vd, int csock, vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); for (i = 0; i < VNC_STAT_ROWS; ++i) { - vs->lossy_rect[i] = g_malloc0(VNC_STAT_COLS * sizeof (uint8_t)); + vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); } VNC_DEBUG("New client on socket %d\n", csock); diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c index dfe45875f8..5a31d164d9 100644 --- a/util/qemu-sockets.c +++ b/util/qemu-sockets.c @@ -751,8 +751,7 @@ int unix_listen_opts(QemuOpts *opts, Error **errp) qemu_opt_set(opts, "path", un.sun_path, &error_abort); } - if ((access(un.sun_path, F_OK) == 0) && - unlink(un.sun_path) < 0) { + if (unlink(un.sun_path) < 0 && errno != ENOENT) { error_setg_errno(errp, errno, "Failed to unlink socket %s", un.sun_path); goto err;