Update Changelog and VERSION for 0.11.0-rc1 release

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Changelog

@@ -1,3 +1,92 @@
+version 0.11.0-rc1
+  - add machine aliasing support (Mark McLoughlin)
+  - add getfd/closefd monitor commands (Mark McLoughlin)
+  - use correct headers for tap-win32 (Filip Navara)
+  - fix live migration (Glauber Costa)
+  - slirp: use monotonic clock if available (Ed Swierk)
+  - clear msix_entries_nr on error (Michael Tsirkin)
+  - HPET: fix reg writes (Beth Kon)
+  - slirp: fix guestfwd for incoming data (Jan Kiszka)
+  - fix build of qemu-thread.c on win32 (Sebastian Herbszt)
+  - improve signrom.sh portability (Christoph Egger)
+  - fix qemu-img convert to copy unallocated parts of the image
+	(Akkarit Sangpetch)
+  - vmdk: fix backing file handling (Kevin Wolf)
+  - scsi: add save/restore support (Nolan Leake)
+  - fix live migration for SCSI (Nolan Leake)
+  - various sparc build fixes (Blue Swirl)
+  - fix OpenBSD build (Blue Swirl)
+  - only allow -cpu host when using KVM (Anthony Liguori)
+  - fix build breakage when !KVM (Anthony Liguori)
+
+version 0.10.6:
+  - e1000: ignore reset command (Kevin Wolf)
+  - fix VNC memory allocation (Stefan Weil)
+  - fix raw_pread_aligned return value (Christoph Hellwig)
+  - allow monitor interaction when using -incoming exec: (Chris Lalancette)
+  - fix -net socket,listen (Jan Kiszka)
+  - live migration: don't send gratuitous packets all at once (Gleb Natapov)
+  - serial: fix lost characters after sysrq (Jason Wessel)
+  - Fix prototype of zfree (Stefan Weil)
+  - Handle EINTR with exec: migration (Uri Lublin)
+  - Delete io-handler before closing fd after migration (Uri Lublin)
+  - Fix qemu_aio_flush (Andrea Arcangeli)
+  - lsi53c895a: Implement additional registers (Sebastian Herbszt)
+  - virtio-blk: fix warning (Gerd Hoffman)
+  - i386: fix cpu reset (Nitin Kamble)
+  - kvm: fix irq injection into full queue (Jan Kiszka)
+  - Prevent CD-ROM eject while device is locked (Mark McLoughlin)
+  - Fix screen dump with blank screen (Eduardo Habkost)
+  - Fix memory leak with cpu_unregister_map_client (Isaku Yamahata)
+  - Fix memory leak in SDL (Jan Kiszka)
+  - Fix build on OS X 10.4 (John Arbuckle)
+  - Fix leak of vlan clients after hot remove (Mark McLoughlin)
+  - Fix migration after hot remove with eepro100 (Mark McLoughlin)
+  - Don't start a VM after failed migration if stopped (Anthony Liguori)
+  - Fix live migration under heavy IO load (Glauber Costa)
+  - Honor -S on incoming migration (Paolo Bonzini)
+  - Reset HPET config register on reset (Beth Kon)
+  - Reset PS2 keyboard/mouse on reset (Dinesh Subraveti)
+
+version 0.10.5:
+  - kvm: trim unsupported cpu features from cpuid (Avi Kivity)
+  - kvm: provide a better error message for -smp > 1 (Mark McLoughlin)
+  - Remove initrd printfs (Richard Jones)
+  - Initial variables found by valgrind (Jean-Christophe Dubois)
+  - Fix -initrd with > 4GB guests (Glauber Costa)
+  - Fix busy loop on live migration for certain platforms (Uri Lublin)
+  - Remove GCC 3.x requirements from docs (Hollis Blanchard)
+  - ETRAX: fixes for kernel command line, ethernet address, bmi (Edgar Iglesias)
+  - CRIS: Fix bmi (Edgar Iglesias)
+  - Fix bounce buffer errors (Avi Kivity)
+  - Fix regression in -kernel (Anthony Liguori)
+
+version 0.10.4:
+  - Improve block range checks to remove integer overflow (Kevin Wolf)
+  - e1000: do not re-init PCI config space 0 (Amit Shah)
+  - fix AIO deletion race (Alex Graf)
+  - reset option roms on reboot (Glauber Costa)
+  - fix qcow2 corruption in cluster freeing (Gleb Natapov)
+  - Enable power button event generation (Gleb Natapov)
+
+version 0.10.3:
+  - fix AIO cancellations (Avi Kivity)
+  - fix live migration error path on incoming
+  - avoid SEGV on pci hotplug failure (Chris Wright)
+  - fix serial option in -drive
+  - support DDIM for option roms (Glauber Costa)
+  - avoid fork/exec on pre-2.6.27 kernels with KVM (Jan Kiszka)
+  - block-vpc: don't silently create smaller images than requested (Kevin Wolf)
+  - Fix non-ACPI timer interrupt routing (Beth Kon)
+  - hpet: fix emulation of HPET_TN_SETVAL (Jan Kiszka)
+  - kvm: fix cpuid initialization (Jan Kiszka)
+  - qcow2: fix corruption on little endian hosts (Kevin Wolf)
+  - avoid leaing memory on hot unplug (Mark McLoughlin)
+  - fix savevm/migration after hot unplug (Mark McLoughlin)
+  - Fix keyboard mapping on newer Xords with non-default keymaps (balrog)
+  - Make PCI config status register read-only (Anthony Liguori)
+  - Fix crash on resolution change -> screen dump -> vga redraw (Avi Kivity)
+
 version 0.10.2:
 
   - fix savevm/loadvm (Anthony Liguori)

Makefile.target

@@ -262,8 +262,6 @@ endif
 obj-y = main.o syscall.o strace.o mmap.o signal.o path.o thunk.o \
       elfload.o linuxload.o uaccess.o envlist.o gdbstub.o gdbstub-xml.o \
       ioport-user.o
-LIBS+= $(PTHREADLIBS)
-LIBS+= $(CLOCKLIBS)
 obj-$(TARGET_HAS_BFLT) += flatload.o
 
 ifdef TARGET_HAS_ELFLOAD32
@@ -289,6 +287,9 @@ signal.o: CFLAGS += $(HELPER_CFLAGS)
 ARLIBS=../libqemu_user.a libqemu.a
 endif #CONFIG_LINUX_USER
 
+LIBS+= $(PTHREADLIBS)
+LIBS+= $(CLOCKLIBS)
+
 #########################################################
 # Darwin user emulator target
 

VERSION

@@ -1 +1 @@
-0.10.90
+0.10.91

aio.c

@@ -112,7 +112,7 @@ void qemu_aio_flush(void)
         LIST_FOREACH(node, &aio_handlers, node) {
             ret |= node->io_flush(node->opaque);
         }
-    } while (ret > 0);
+    } while (qemu_bh_poll() || ret > 0);
 }
 
 void qemu_aio_wait(void)

audio/alsaaudio.c

@@ -25,6 +25,10 @@
 #include "qemu-common.h"
 #include "audio.h"
 
+#if QEMU_GNUC_PREREQ(4, 3)
+#pragma GCC diagnostic ignored "-Waddress"
+#endif
+
 #define AUDIO_CAP "alsa"
 #include "audio_int.h"
 

block/qcow2-refcount.c

@@ -277,7 +277,7 @@ static int update_refcount(BlockDriverState *bs,
     int first_index = -1, last_index = -1;
 
 #ifdef DEBUG_ALLOC2
-    printf("update_refcount: offset=%lld size=%lld addend=%d\n",
+    printf("update_refcount: offset=%" PRId64 " size=%" PRId64 " addend=%d\n",
            offset, length, addend);
 #endif
     if (length <= 0)
@@ -380,7 +380,7 @@ retry:
             goto retry;
     }
 #ifdef DEBUG_ALLOC2
-    printf("alloc_clusters: size=%lld -> %lld\n",
+    printf("alloc_clusters: size=%" PRId64 " -> %" PRId64 "\n",
             size,
             (s->free_cluster_index - nb_clusters) << s->cluster_bits);
 #endif

block/raw-posix.c

@@ -24,6 +24,7 @@
 #include "qemu-common.h"
 #include "qemu-timer.h"
 #include "qemu-char.h"
+#include "qemu-log.h"
 #include "block_int.h"
 #include "module.h"
 #ifdef CONFIG_AIO

block/vmdk.c

@@ -170,7 +170,7 @@ static int vmdk_is_cid_valid(BlockDriverState *bs)
 {
 #ifdef CHECK_CID
     BDRVVmdkState *s = bs->opaque;
-    BlockDriverState *p_bs = s->hd->backing_hd;
+    BlockDriverState *p_bs = bs->backing_hd;
     uint32_t cur_pcid;
 
     if (p_bs) {
@@ -338,26 +338,26 @@ static int vmdk_parent_open(BlockDriverState *bs, const char * filename)
         p_name += sizeof("parentFileNameHint") + 1;
         if ((end_name = strchr(p_name,'\"')) == NULL)
             return -1;
-        if ((end_name - p_name) > sizeof (s->hd->backing_file) - 1)
+        if ((end_name - p_name) > sizeof (bs->backing_file) - 1)
             return -1;
 
-        pstrcpy(s->hd->backing_file, end_name - p_name + 1, p_name);
-        if (stat(s->hd->backing_file, &file_buf) != 0) {
+        pstrcpy(bs->backing_file, end_name - p_name + 1, p_name);
+        if (stat(bs->backing_file, &file_buf) != 0) {
             path_combine(parent_img_name, sizeof(parent_img_name),
-                         filename, s->hd->backing_file);
+                         filename, bs->backing_file);
         } else {
             pstrcpy(parent_img_name, sizeof(parent_img_name),
-                    s->hd->backing_file);
+                    bs->backing_file);
         }
 
-        s->hd->backing_hd = bdrv_new("");
-        if (!s->hd->backing_hd) {
+        bs->backing_hd = bdrv_new("");
+        if (!bs->backing_hd) {
             failure:
             bdrv_close(s->hd);
             return -1;
         }
         parent_open = 1;
-        if (bdrv_open(s->hd->backing_hd, parent_img_name, BDRV_O_RDONLY) < 0)
+        if (bdrv_open(bs->backing_hd, parent_img_name, BDRV_O_RDONLY) < 0)
             goto failure;
         parent_open = 0;
     }
@@ -464,13 +464,14 @@ static int get_whole_cluster(BlockDriverState *bs, uint64_t cluster_offset,
 
     // we will be here if it's first write on non-exist grain(cluster).
     // try to read from parent image, if exist
-    if (s->hd->backing_hd) {
-        BDRVVmdkState *ps = s->hd->backing_hd->opaque;
+    if (bs->backing_hd) {
+        BDRVVmdkState *ps = bs->backing_hd->opaque;
 
         if (!vmdk_is_cid_valid(bs))
             return -1;
 
-        parent_cluster_offset = get_cluster_offset(s->hd->backing_hd, NULL, offset, allocate);
+        parent_cluster_offset = get_cluster_offset(bs->backing_hd, NULL,
+            offset, allocate);
 
         if (parent_cluster_offset) {
             BDRVVmdkState *act_s = activeBDRV.hd->opaque;
@@ -621,10 +622,10 @@ static int vmdk_read(BlockDriverState *bs, int64_t sector_num,
             n = nb_sectors;
         if (!cluster_offset) {
             // try to read from parent image, if exist
-            if (s->hd->backing_hd) {
+            if (bs->backing_hd) {
                 if (!vmdk_is_cid_valid(bs))
                     return -1;
-                ret = bdrv_read(s->hd->backing_hd, sector_num, buf, n);
+                ret = bdrv_read(bs->backing_hd, sector_num, buf, n);
                 if (ret < 0)
                     return -1;
             } else {

bsd-user/elfload.c

@@ -1295,7 +1295,7 @@ int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
         }
 
         if (interp_elf_ex.e_ident[0] != 0x7f ||
-                strncmp(&interp_elf_ex.e_ident[1], "ELF",3) != 0) {
+                strncmp((char *)&interp_elf_ex.e_ident[1], "ELF",3) != 0) {
             interpreter_type &= ~INTERPRETER_ELF;
         }
 

bsd-user/uaccess.c

@@ -51,7 +51,7 @@ abi_long target_strlen(abi_ulong guest_addr1)
         ptr = lock_user(VERIFY_READ, guest_addr, max_len, 1);
         if (!ptr)
             return -TARGET_EFAULT;
-        len = qemu_strnlen(ptr, max_len);
+        len = qemu_strnlen((char *)ptr, max_len);
         unlock_user(ptr, guest_addr, 0);
         guest_addr += len;
         /* we don't allow wrapping or integer overflow */

buffered_file.c

@@ -113,7 +113,7 @@ static int buffered_put_buffer(void *opaque, const uint8_t *buf, int64_t pos, in
     int offset = 0;
     ssize_t ret;
 
-    dprintf("putting %ld bytes at %Ld\n", size, pos);
+    dprintf("putting %d bytes at %" PRId64 "\n", size, pos);
 
     if (s->has_error) {
         dprintf("flush when error, bailing\n");
@@ -151,7 +151,7 @@ static int buffered_put_buffer(void *opaque, const uint8_t *buf, int64_t pos, in
     }
 
     if (offset >= 0) {
-        dprintf("buffering %ld bytes\n", size - offset);
+        dprintf("buffering %d bytes\n", size - offset);
         buffered_append(s, buf + offset, size - offset);
         offset = size;
     }

exec.c

@@ -655,7 +655,8 @@ static void tb_invalidate_check(target_ulong address)
         for(tb = tb_phys_hash[i]; tb != NULL; tb = tb->phys_hash_next) {
             if (!(address + TARGET_PAGE_SIZE <= tb->pc ||
                   address >= tb->pc + tb->size)) {
-                printf("ERROR invalidate: address=%08lx PC=%08lx size=%04x\n",
+                printf("ERROR invalidate: address=" TARGET_FMT_lx
+                       " PC=%08lx size=%04x\n",
                        address, (long)tb->pc, tb->size);
             }
         }
@@ -680,26 +681,6 @@ static void tb_page_check(void)
     }
 }
 
-static void tb_jmp_check(TranslationBlock *tb)
-{
-    TranslationBlock *tb1;
-    unsigned int n1;
-
-    /* suppress any remaining jumps to this TB */
-    tb1 = tb->jmp_first;
-    for(;;) {
-        n1 = (long)tb1 & 3;
-        tb1 = (TranslationBlock *)((long)tb1 & ~3);
-        if (n1 == 2)
-            break;
-        tb1 = tb1->jmp_next[n1];
-    }
-    /* check end of list */
-    if (tb1 != tb) {
-        printf("ERROR: jmp_list from 0x%08lx\n", (long)tb);
-    }
-}
-
 #endif
 
 /* invalidate one TB */
@@ -2939,7 +2920,7 @@ static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
     idx = SUBPAGE_IDX(start);
     eidx = SUBPAGE_IDX(end);
 #if defined(DEBUG_SUBPAGE)
-    printf("%s: %p start %08x end %08x idx %08x eidx %08x mem %d\n", __func__,
+    printf("%s: %p start %08x end %08x idx %08x eidx %08x mem %ld\n", __func__,
            mmio, start, end, idx, eidx, memory);
 #endif
     memory >>= IO_MEM_SHIFT;

hw/boards.h

@@ -14,6 +14,7 @@ typedef void QEMUMachineInitFunc(ram_addr_t ram_size,
 
 typedef struct QEMUMachine {
     const char *name;
+    const char *alias;
     const char *desc;
     QEMUMachineInitFunc *init;
     int use_scsi;

hw/cirrus_vga.c

@@ -2029,7 +2029,7 @@ static uint32_t cirrus_vga_mem_readb(void *opaque, target_phys_addr_t addr)
     } else {
 	val = 0xff;
 #ifdef DEBUG_CIRRUS
-	printf("cirrus: mem_readb %06x\n", addr);
+	printf("cirrus: mem_readb " TARGET_FMT_plx "\n", addr);
 #endif
     }
     return val;
@@ -2124,7 +2124,8 @@ static void cirrus_vga_mem_writeb(void *opaque, target_phys_addr_t addr,
 	}
     } else {
 #ifdef DEBUG_CIRRUS
-	printf("cirrus: mem_writeb %06x value %02x\n", addr, mem_value);
+        printf("cirrus: mem_writeb " TARGET_FMT_plx " value %02x\n", addr,
+               mem_value);
 #endif
     }
 }

hw/eccmemctl.c

@@ -358,7 +358,7 @@ static SysBusDeviceInfo ecc_info = {
     .qdev.props = (Property[]) {
         {
             .name   = "version",
-            .info   = &qdev_prop_uint32,
+            .info   = &qdev_prop_hex32,
             .offset = offsetof(ECCState, version),
             .defval = (uint32_t[]) { -1 },
         },

hw/escc.c

@@ -970,22 +970,22 @@ static SysBusDeviceInfo escc_info = {
         {
             .name = "chrB",
             .info = &qdev_prop_ptr,
-            .offset = offsetof(SerialState, chn[1].chr),
+            .offset = offsetof(SerialState, chn[0].chr),
         },
         {
             .name = "chrA",
             .info = &qdev_prop_ptr,
-            .offset = offsetof(SerialState, chn[0].chr),
+            .offset = offsetof(SerialState, chn[1].chr),
         },
         {
             .name = "chnBtype",
             .info = &qdev_prop_uint32,
-            .offset = offsetof(SerialState, chn[1].type),
+            .offset = offsetof(SerialState, chn[0].type),
         },
         {
             .name = "chnAtype",
             .info = &qdev_prop_uint32,
-            .offset = offsetof(SerialState, chn[0].type),
+            .offset = offsetof(SerialState, chn[1].type),
         },
         {/* end of list */}
     }

hw/fdc.c

@@ -33,6 +33,7 @@
 #include "qemu-timer.h"
 #include "isa.h"
 #include "sysbus.h"
+#include "qdev-addr.h"
 
 /********************************************************/
 /* debug Floppy devices */
@@ -1972,7 +1973,7 @@ static SysBusDeviceInfo fdc_info = {
     .qdev.props = (Property[]) {
         {
             .name = "io_base",
-            .info = &qdev_prop_uint32,
+            .info = &qdev_prop_taddr,
             .offset = offsetof(fdctrl_t, io_base),
         },
         {

hw/hpet.c

@@ -371,7 +371,7 @@ static void hpet_ram_writel(void *opaque, target_phys_addr_t addr,
 {
     int i;
     HPETState *s = (HPETState *)opaque;
-    uint64_t old_val, new_val, index;
+    uint64_t old_val, new_val, val, index;
 
     dprintf("qemu: Enter hpet_ram_writel at %" PRIx64 " = %#x\n", addr, value);
     index = addr;
@@ -387,8 +387,8 @@ static void hpet_ram_writel(void *opaque, target_phys_addr_t addr,
         switch ((addr - 0x100) % 0x20) {
             case HPET_TN_CFG:
                 dprintf("qemu: hpet_ram_writel HPET_TN_CFG\n");
-                timer->config = hpet_fixup_reg(new_val, old_val, 
-                                               HPET_TN_CFG_WRITE_MASK);
+                val = hpet_fixup_reg(new_val, old_val, HPET_TN_CFG_WRITE_MASK);
+                timer->config = (timer->config & 0xffffffff00000000ULL) | val;
                 if (new_val & HPET_TN_32BIT) {
                     timer->cmp = (uint32_t)timer->cmp;
                     timer->period = (uint32_t)timer->period;
@@ -456,8 +456,8 @@ static void hpet_ram_writel(void *opaque, target_phys_addr_t addr,
             case HPET_ID:
                 return;
             case HPET_CFG:
-                s->config = hpet_fixup_reg(new_val, old_val, 
-                                           HPET_CFG_WRITE_MASK);
+                val = hpet_fixup_reg(new_val, old_val, HPET_CFG_WRITE_MASK);
+                s->config = (s->config & 0xffffffff00000000ULL) | val;
                 if (activating_bit(old_val, new_val, HPET_CFG_ENABLE)) {
                     /* Enable main counter and interrupt generation. */
                     s->hpet_offset = ticks_to_ns(s->hpet_counter)
@@ -541,8 +541,8 @@ static void hpet_reset(void *opaque) {
         timer->tn = i;
         timer->cmp = ~0ULL;
         timer->config =  HPET_TN_PERIODIC_CAP | HPET_TN_SIZE_CAP;
-        /* advertise availability of irqs 5,10,11 */
-        timer->config |=  0x00000c20ULL << 32;
+        /* advertise availability of ioapic inti2 */
+        timer->config |=  0x00000004ULL << 32;
         timer->state = s;
         timer->period = 0ULL;
         timer->wrap_flag = 0;

hw/hpet_emul.h

@@ -18,12 +18,7 @@
 
 #define FS_PER_NS 1000000
 #define HPET_NUM_TIMERS 3
-#define HPET_TIMER_TYPE_LEVEL 1
-#define HPET_TIMER_TYPE_EDGE 0
-#define HPET_TIMER_DELIVERY_APIC 0
-#define HPET_TIMER_DELIVERY_FSB 1
-#define HPET_TIMER_CAP_FSB_INT_DEL (1 << 15)
-#define HPET_TIMER_CAP_PER_INT (1 << 4)
+#define HPET_TIMER_TYPE_LEVEL 0x002
 
 #define HPET_CFG_ENABLE 0x001
 #define HPET_CFG_LEGACY 0x002

hw/i8259.c

@@ -25,6 +25,7 @@
 #include "pc.h"
 #include "isa.h"
 #include "monitor.h"
+#include "qemu-timer.h"
 
 /* debug PIC */
 //#define DEBUG_PIC

hw/iommu.c

@@ -406,7 +406,7 @@ static SysBusDeviceInfo iommu_info = {
     .qdev.props = (Property[]) {
         {
             .name = "version",
-            .info = &qdev_prop_uint32,
+            .info = &qdev_prop_hex32,
             .offset = offsetof(IOMMUState, version),
         },
         {/* end of property list */}

hw/lsi53c895a.c

@@ -10,6 +10,8 @@
 /* ??? Need to check if the {read,write}[wl] routines work properly on
    big-endian targets.  */
 
+#include <assert.h>                             \
+
 #include "hw.h"
 #include "pci.h"
 #include "scsi-disk.h"
@@ -1981,6 +1983,174 @@ void lsi_scsi_attach(DeviceState *host, BlockDriverState *bd, int id)
     bd->private = &s->pci_dev;
 }
 
+static void lsi_scsi_save(QEMUFile *f, void *opaque)
+{
+    LSIState *s = opaque;
+
+    assert(s->dma_buf == NULL);
+    assert(s->current_dma_len == 0);
+    assert(s->active_commands == 0);
+
+    pci_device_save(&s->pci_dev, f);
+
+    qemu_put_sbe32s(f, &s->carry);
+    qemu_put_sbe32s(f, &s->sense);
+    qemu_put_sbe32s(f, &s->msg_action);
+    qemu_put_sbe32s(f, &s->msg_len);
+    qemu_put_buffer(f, s->msg, sizeof (s->msg));
+    qemu_put_sbe32s(f, &s->waiting);
+
+    qemu_put_be32s(f, &s->dsa);
+    qemu_put_be32s(f, &s->temp);
+    qemu_put_be32s(f, &s->dnad);
+    qemu_put_be32s(f, &s->dbc);
+    qemu_put_8s(f, &s->istat0);
+    qemu_put_8s(f, &s->istat1);
+    qemu_put_8s(f, &s->dcmd);
+    qemu_put_8s(f, &s->dstat);
+    qemu_put_8s(f, &s->dien);
+    qemu_put_8s(f, &s->sist0);
+    qemu_put_8s(f, &s->sist1);
+    qemu_put_8s(f, &s->sien0);
+    qemu_put_8s(f, &s->sien1);
+    qemu_put_8s(f, &s->mbox0);
+    qemu_put_8s(f, &s->mbox1);
+    qemu_put_8s(f, &s->dfifo);
+    qemu_put_8s(f, &s->ctest2);
+    qemu_put_8s(f, &s->ctest3);
+    qemu_put_8s(f, &s->ctest4);
+    qemu_put_8s(f, &s->ctest5);
+    qemu_put_8s(f, &s->ccntl0);
+    qemu_put_8s(f, &s->ccntl1);
+    qemu_put_be32s(f, &s->dsp);
+    qemu_put_be32s(f, &s->dsps);
+    qemu_put_8s(f, &s->dmode);
+    qemu_put_8s(f, &s->dcntl);
+    qemu_put_8s(f, &s->scntl0);
+    qemu_put_8s(f, &s->scntl1);
+    qemu_put_8s(f, &s->scntl2);
+    qemu_put_8s(f, &s->scntl3);
+    qemu_put_8s(f, &s->sstat0);
+    qemu_put_8s(f, &s->sstat1);
+    qemu_put_8s(f, &s->scid);
+    qemu_put_8s(f, &s->sxfer);
+    qemu_put_8s(f, &s->socl);
+    qemu_put_8s(f, &s->sdid);
+    qemu_put_8s(f, &s->ssid);
+    qemu_put_8s(f, &s->sfbr);
+    qemu_put_8s(f, &s->stest1);
+    qemu_put_8s(f, &s->stest2);
+    qemu_put_8s(f, &s->stest3);
+    qemu_put_8s(f, &s->sidl);
+    qemu_put_8s(f, &s->stime0);
+    qemu_put_8s(f, &s->respid0);
+    qemu_put_8s(f, &s->respid1);
+    qemu_put_be32s(f, &s->mmrs);
+    qemu_put_be32s(f, &s->mmws);
+    qemu_put_be32s(f, &s->sfs);
+    qemu_put_be32s(f, &s->drs);
+    qemu_put_be32s(f, &s->sbms);
+    qemu_put_be32s(f, &s->dbms);
+    qemu_put_be32s(f, &s->dnad64);
+    qemu_put_be32s(f, &s->pmjad1);
+    qemu_put_be32s(f, &s->pmjad2);
+    qemu_put_be32s(f, &s->rbc);
+    qemu_put_be32s(f, &s->ua);
+    qemu_put_be32s(f, &s->ia);
+    qemu_put_be32s(f, &s->sbc);
+    qemu_put_be32s(f, &s->csbc);
+    qemu_put_buffer(f, (uint8_t *)s->scratch, sizeof (s->scratch));
+    qemu_put_8s(f, &s->sbr);
+
+    qemu_put_buffer(f, (uint8_t *)s->script_ram, sizeof (s->script_ram));
+}
+
+static int lsi_scsi_load(QEMUFile *f, void *opaque, int version_id)
+{
+    LSIState *s = opaque;
+    int ret;
+
+    if (version_id > 0) {
+        return -EINVAL;
+    }
+
+    if ((ret = pci_device_load(&s->pci_dev, f)) < 0)
+        return ret;
+
+    qemu_get_sbe32s(f, &s->carry);
+    qemu_get_sbe32s(f, &s->sense);
+    qemu_get_sbe32s(f, &s->msg_action);
+    qemu_get_sbe32s(f, &s->msg_len);
+    qemu_get_buffer(f, s->msg, sizeof (s->msg));
+    qemu_get_sbe32s(f, &s->waiting);
+
+    qemu_get_be32s(f, &s->dsa);
+    qemu_get_be32s(f, &s->temp);
+    qemu_get_be32s(f, &s->dnad);
+    qemu_get_be32s(f, &s->dbc);
+    qemu_get_8s(f, &s->istat0);
+    qemu_get_8s(f, &s->istat1);
+    qemu_get_8s(f, &s->dcmd);
+    qemu_get_8s(f, &s->dstat);
+    qemu_get_8s(f, &s->dien);
+    qemu_get_8s(f, &s->sist0);
+    qemu_get_8s(f, &s->sist1);
+    qemu_get_8s(f, &s->sien0);
+    qemu_get_8s(f, &s->sien1);
+    qemu_get_8s(f, &s->mbox0);
+    qemu_get_8s(f, &s->mbox1);
+    qemu_get_8s(f, &s->dfifo);
+    qemu_get_8s(f, &s->ctest2);
+    qemu_get_8s(f, &s->ctest3);
+    qemu_get_8s(f, &s->ctest4);
+    qemu_get_8s(f, &s->ctest5);
+    qemu_get_8s(f, &s->ccntl0);
+    qemu_get_8s(f, &s->ccntl1);
+    qemu_get_be32s(f, &s->dsp);
+    qemu_get_be32s(f, &s->dsps);
+    qemu_get_8s(f, &s->dmode);
+    qemu_get_8s(f, &s->dcntl);
+    qemu_get_8s(f, &s->scntl0);
+    qemu_get_8s(f, &s->scntl1);
+    qemu_get_8s(f, &s->scntl2);
+    qemu_get_8s(f, &s->scntl3);
+    qemu_get_8s(f, &s->sstat0);
+    qemu_get_8s(f, &s->sstat1);
+    qemu_get_8s(f, &s->scid);
+    qemu_get_8s(f, &s->sxfer);
+    qemu_get_8s(f, &s->socl);
+    qemu_get_8s(f, &s->sdid);
+    qemu_get_8s(f, &s->ssid);
+    qemu_get_8s(f, &s->sfbr);
+    qemu_get_8s(f, &s->stest1);
+    qemu_get_8s(f, &s->stest2);
+    qemu_get_8s(f, &s->stest3);
+    qemu_get_8s(f, &s->sidl);
+    qemu_get_8s(f, &s->stime0);
+    qemu_get_8s(f, &s->respid0);
+    qemu_get_8s(f, &s->respid1);
+    qemu_get_be32s(f, &s->mmrs);
+    qemu_get_be32s(f, &s->mmws);
+    qemu_get_be32s(f, &s->sfs);
+    qemu_get_be32s(f, &s->drs);
+    qemu_get_be32s(f, &s->sbms);
+    qemu_get_be32s(f, &s->dbms);
+    qemu_get_be32s(f, &s->dnad64);
+    qemu_get_be32s(f, &s->pmjad1);
+    qemu_get_be32s(f, &s->pmjad2);
+    qemu_get_be32s(f, &s->rbc);
+    qemu_get_be32s(f, &s->ua);
+    qemu_get_be32s(f, &s->ia);
+    qemu_get_be32s(f, &s->sbc);
+    qemu_get_be32s(f, &s->csbc);
+    qemu_get_buffer(f, (uint8_t *)s->scratch, sizeof (s->scratch));
+    qemu_get_8s(f, &s->sbr);
+
+    qemu_get_buffer(f, (uint8_t *)s->script_ram, sizeof (s->script_ram));
+
+    return 0;
+}
+
 static int lsi_scsi_uninit(PCIDevice *d)
 {
     LSIState *s = (LSIState *) d;
@@ -2033,6 +2203,8 @@ static void lsi_scsi_init(PCIDevice *dev)
     lsi_soft_reset(s);
 
     scsi_bus_new(&dev->qdev, lsi_scsi_attach);
+
+    register_savevm("lsiscsi", -1, 0, lsi_scsi_save, lsi_scsi_load, s);
 }
 
 static PCIDeviceInfo lsi_info = {

hw/msix.c

@@ -255,6 +255,7 @@ int msix_init(struct PCIDevice *dev, unsigned short nentries,
     return 0;
 
 err_config:
+    dev->msix_entries_nr = 0;
     cpu_unregister_io_memory(dev->msix_mmio_index);
 err_index:
     qemu_free(dev->msix_table_page);

hw/openpic.c

@@ -592,7 +592,7 @@ static void openpic_gbl_write (void *opaque, target_phys_addr_t addr, uint32_t v
     IRQ_dst_t *dst;
     int idx;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
 #if defined TARGET_WORDS_BIGENDIAN
@@ -651,7 +651,7 @@ static uint32_t openpic_gbl_read (void *opaque, target_phys_addr_t addr)
     openpic_t *opp = opaque;
     uint32_t retval;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;
@@ -824,7 +824,7 @@ static void openpic_cpu_write (void *opaque, target_phys_addr_t addr, uint32_t v
     IRQ_dst_t *dst;
     int idx, s_IRQ, n_IRQ;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
 #if defined TARGET_WORDS_BIGENDIAN
@@ -886,7 +886,7 @@ static uint32_t openpic_cpu_read (void *opaque, target_phys_addr_t addr)
     uint32_t retval;
     int idx, n_IRQ;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;
@@ -1264,8 +1264,7 @@ qemu_irq *openpic_init (PCIBus *bus, int *pmem_index, int nb_cpus,
 static void mpic_irq_raise(openpic_t *mpp, int n_CPU, IRQ_src_t *src)
 {
     int n_ci = IDR_CI0 - n_CPU;
-    DPRINTF("%s: cpu:%d irq:%d (testbit idr:%x ci:%d)\n", __func__,
-                    n_CPU, n_IRQ, mpp->src[n_IRQ].ide, n_ci);
+
     if(test_bit(&src->ide, n_ci)) {
         qemu_irq_raise(mpp->dst[n_CPU].irqs[OPENPIC_OUTPUT_CINT]);
     }
@@ -1313,7 +1312,7 @@ static void mpic_timer_write (void *opaque, target_phys_addr_t addr, uint32_t va
     openpic_t *mpp = opaque;
     int idx, cpu;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
     addr &= 0xFFFF;
@@ -1347,7 +1346,7 @@ static uint32_t mpic_timer_read (void *opaque, target_phys_addr_t addr)
     uint32_t retval;
     int idx, cpu;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;
@@ -1382,7 +1381,7 @@ static void mpic_src_ext_write (void *opaque, target_phys_addr_t addr,
     openpic_t *mpp = opaque;
     int idx = MPIC_EXT_IRQ;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
 
@@ -1405,7 +1404,7 @@ static uint32_t mpic_src_ext_read (void *opaque, target_phys_addr_t addr)
     uint32_t retval;
     int idx = MPIC_EXT_IRQ;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;
@@ -1432,7 +1431,7 @@ static void mpic_src_int_write (void *opaque, target_phys_addr_t addr,
     openpic_t *mpp = opaque;
     int idx = MPIC_INT_IRQ;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
 
@@ -1455,7 +1454,7 @@ static uint32_t mpic_src_int_read (void *opaque, target_phys_addr_t addr)
     uint32_t retval;
     int idx = MPIC_INT_IRQ;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;
@@ -1482,7 +1481,7 @@ static void mpic_src_msg_write (void *opaque, target_phys_addr_t addr,
     openpic_t *mpp = opaque;
     int idx = MPIC_MSG_IRQ;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
 
@@ -1505,7 +1504,7 @@ static uint32_t mpic_src_msg_read (void *opaque, target_phys_addr_t addr)
     uint32_t retval;
     int idx = MPIC_MSG_IRQ;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;
@@ -1532,7 +1531,7 @@ static void mpic_src_msi_write (void *opaque, target_phys_addr_t addr,
     openpic_t *mpp = opaque;
     int idx = MPIC_MSI_IRQ;
 
-    DPRINTF("%s: addr %08x <= %08x\n", __func__, addr, val);
+    DPRINTF("%s: addr " TARGET_FMT_plx " <= %08x\n", __func__, addr, val);
     if (addr & 0xF)
         return;
 
@@ -1554,7 +1553,7 @@ static uint32_t mpic_src_msi_read (void *opaque, target_phys_addr_t addr)
     uint32_t retval;
     int idx = MPIC_MSI_IRQ;
 
-    DPRINTF("%s: addr %08x\n", __func__, addr);
+    DPRINTF("%s: addr " TARGET_FMT_plx "\n", __func__, addr);
     retval = 0xFFFFFFFF;
     if (addr & 0xF)
         return retval;

hw/pc.c

@@ -1512,7 +1512,8 @@ void cmos_set_s3_resume(void)
 }
 
 static QEMUMachine pc_machine = {
-    .name = "pc",
+    .name = "pc-0.11",
+    .alias = "pc",
     .desc = "Standard PC",
     .init = pc_init_pci,
     .max_cpus = 255,

hw/ppc_prep.c

@@ -60,7 +60,8 @@ do {                                                     \
     }                                                    \
 } while (0)
 #elif defined (DEBUG_PPC_IO)
-#define PPC_IO_DPRINTF(fmt, ...) qemu_log_mask(CPU_LOG_IOPORT, ## __VA_ARGS__)
+#define PPC_IO_DPRINTF(fmt, ...) \
+qemu_log_mask(CPU_LOG_IOPORT, fmt, ## __VA_ARGS__)
 #else
 #define PPC_IO_DPRINTF(fmt, ...) do { } while (0)
 #endif

hw/ppce500_pci.c

@@ -89,8 +89,8 @@ static uint32_t pcie500_cfgaddr_readl(void *opaque, target_phys_addr_t addr)
 {
     PPCE500PCIState *pci = opaque;
 
-    pci_debug("%s: (addr:%Lx) -> value:%x\n", __func__, addr,
-                    pci->pci_state.config_reg);
+    pci_debug("%s: (addr:" TARGET_FMT_plx ") -> value:%x\n", __func__, addr,
+              pci->pci_state.config_reg);
     return pci->pci_state.config_reg;
 }
 
@@ -105,7 +105,8 @@ static void pcie500_cfgaddr_writel(void *opaque, target_phys_addr_t addr,
 {
     PPCE500PCIState *controller = opaque;
 
-    pci_debug("%s: value:%x -> (addr%Lx)\n", __func__, value, addr);
+    pci_debug("%s: value:%x -> (addr:" TARGET_FMT_plx ")\n", __func__, value,
+              addr);
     controller->pci_state.config_reg = value & ~0x3;
 }
 
@@ -169,7 +170,8 @@ static uint32_t pci_reg_read4(void *opaque, target_phys_addr_t addr)
         break;
     }
 
-    pci_debug("%s: win:%lx(addr:%Lx) -> value:%x\n",__func__,win,addr,value);
+    pci_debug("%s: win:%lx(addr:" TARGET_FMT_plx ") -> value:%x\n", __func__,
+              win, addr, value);
     return value;
 }
 
@@ -187,7 +189,8 @@ static void pci_reg_write4(void *opaque, target_phys_addr_t addr,
 
     win = addr & 0xfe0;
 
-    pci_debug("%s: value:%x -> win:%lx(addr:%Lx)\n",__func__,value,win,addr);
+    pci_debug("%s: value:%x -> win:%lx(addr:" TARGET_FMT_plx ")\n",
+              __func__, value, win, addr);
 
     switch (win) {
     case PPCE500_PCI_OW1:

hw/qdev-properties.c

@@ -117,9 +117,9 @@ static int parse_mac(DeviceState *dev, Property *prop, const char *str)
     char *p;
 
     for (i = 0, pos = 0; i < 6; i++, pos += 3) {
-        if (!isxdigit(str[pos]))
+        if (!qemu_isxdigit(str[pos]))
             return -1;
-        if (!isxdigit(str[pos+1]))
+        if (!qemu_isxdigit(str[pos+1]))
             return -1;
         if (i == 5 && str[pos+2] != '\0')
             return -1;

hw/qdev.c

@@ -32,7 +32,6 @@
 
 /* This is a nasty hack to allow passing a NULL bus to qdev_create.  */
 static BusState *main_system_bus;
-extern struct BusInfo system_bus_info;
 
 static DeviceInfo *device_info_list;
 

hw/qdev.h

@@ -162,4 +162,7 @@ void qdev_prop_set_defaults(DeviceState *dev, Property *props);
 void qdev_prop_register_compat(CompatProperty *props);
 void qdev_prop_set_compat(DeviceState *dev);
 
+/* This is a nasty hack to allow passing a NULL bus to qdev_create.  */
+extern struct BusInfo system_bus_info;
+
 #endif

hw/scsi-disk.c

@@ -172,7 +172,7 @@ static void scsi_read_complete(void * opaque, int ret)
         scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NO_SENSE);
         return;
     }
-    DPRINTF("Data ready tag=0x%x len=%d\n", r->tag, r->iov.iov_len);
+    DPRINTF("Data ready tag=0x%x len=%" PRId64 "\n", r->tag, r->iov.iov_len);
 
     s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->iov.iov_len);
 }
@@ -192,7 +192,7 @@ static void scsi_read_data(SCSIDevice *d, uint32_t tag)
         return;
     }
     if (r->sector_count == (uint32_t)-1) {
-        DPRINTF("Read buf_len=%d\n", r->iov.iov_len);
+        DPRINTF("Read buf_len=%" PRId64 "\n", r->iov.iov_len);
         r->sector_count = 0;
         s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->iov.iov_len);
         return;
@@ -777,7 +777,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
     case 0x08:
     case 0x28:
     case 0x88:
-        DPRINTF("Read (sector %lld, count %d)\n", lba, len);
+        DPRINTF("Read (sector %" PRId64 ", count %d)\n", lba, len);
         if (lba > s->max_lba)
             goto illegal_lba;
         r->sector = lba * s->cluster_size;
@@ -786,7 +786,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
     case 0x0a:
     case 0x2a:
     case 0x8a:
-        DPRINTF("Write (sector %lld, count %d)\n", lba, len);
+        DPRINTF("Write (sector %" PRId64 ", count %d)\n", lba, len);
         if (lba > s->max_lba)
             goto illegal_lba;
         r->sector = lba * s->cluster_size;
@@ -794,7 +794,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
         is_write = 1;
         break;
     case 0x35:
-        DPRINTF("Synchronise cache (sector %d, count %d)\n", lba, len);
+        DPRINTF("Synchronise cache (sector %" PRId64 ", count %d)\n", lba, len);
         bdrv_flush(s->bdrv);
         break;
     case 0x43:
@@ -896,7 +896,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
         r->iov.iov_len = 16;
         break;
     case 0x2f:
-        DPRINTF("Verify (sector %d, count %d)\n", lba, len);
+        DPRINTF("Verify (sector %" PRId64 ", count %d)\n", lba, len);
         break;
     default:
 	DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);

hw/slavio_timer.c

@@ -197,8 +197,8 @@ static void slavio_timer_mem_writel(void *opaque, target_phys_addr_t addr,
             s->counthigh = val & (TIMER_MAX_COUNT64 >> 32);
             s->reached = 0;
             count = ((uint64_t)s->counthigh << 32) | s->count;
-            DPRINTF("processor %d user timer set to %016llx\n", s->slave_index,
-                    count);
+            DPRINTF("processor %d user timer set to %016" PRIx64 "\n",
+                    s->slave_index, count);
             if (s->timer)
                 ptimer_set_count(s->timer, LIMIT_TO_PERIODS(s->limit - count));
         } else {
@@ -223,8 +223,8 @@ static void slavio_timer_mem_writel(void *opaque, target_phys_addr_t addr,
             s->count = val & TIMER_MAX_COUNT64;
             s->reached = 0;
             count = ((uint64_t)s->counthigh) << 32 | s->count;
-            DPRINTF("processor %d user timer set to %016llx\n", s->slave_index,
-                    count);
+            DPRINTF("processor %d user timer set to %016" PRIx64 "\n",
+                    s->slave_index, count);
             if (s->timer)
                 ptimer_set_count(s->timer, LIMIT_TO_PERIODS(s->limit - count));
         } else

hw/sun4c_intctl.c

@@ -107,9 +107,9 @@ void sun4c_irq_info(Monitor *mon, void *opaque)
     int64_t count;
 
     monitor_printf(mon, "IRQ statistics:\n");
-    count = s->irq_count[i];
+    count = s->irq_count;
     if (count > 0)
-        monitor_printf(mon, "%2d: %" PRId64 "\n", i, count);
+        monitor_printf(mon, " %" PRId64 "\n", count);
 #endif
 }
 
@@ -121,7 +121,6 @@ static void sun4c_check_interrupts(void *opaque)
     uint32_t pil_pending;
     unsigned int i;
 
-    DPRINTF("pending %x disabled %x\n", pending, s->intregm_disabled);
     pil_pending = 0;
     if (s->pending && !(s->reg & 0x80000000)) {
         for (i = 0; i < 8; i++) {
@@ -156,7 +155,7 @@ static void sun4c_set_irq(void *opaque, int irq, int level)
     if (pil > 0) {
         if (level) {
 #ifdef DEBUG_IRQ_COUNT
-            s->irq_count[pil]++;
+            s->irq_count++;
 #endif
             s->pending |= mask;
         } else {

hw/sun4m.c

@@ -510,11 +510,11 @@ static void ram_init(target_phys_addr_t addr, ram_addr_t RAM_size,
         exit(1);
     }
     dev = qdev_create(NULL, "memory");
-    qdev_init(dev);
     s = sysbus_from_qdev(dev);
 
     d = FROM_SYSBUS(RamDevice, s);
     d->size = RAM_size;
+    qdev_init(dev);
 
     sysbus_mmio_map(s, 0, addr);
 }

hw/usb-ohci.c

@@ -905,7 +905,7 @@ static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed)
 
     flag_r = (td.flags & OHCI_TD_R) != 0;
 #ifdef DEBUG_PACKET
-    dprintf(" TD @ 0x%.8x %u bytes %s r=%d cbp=0x%.8x be=0x%.8x\n",
+    dprintf(" TD @ 0x%.8x %" PRId64 " bytes %s r=%d cbp=0x%.8x be=0x%.8x\n",
             addr, len, str, flag_r, td.cbp, td.be);
 
     if (len > 0 && dir != OHCI_TD_DIR_IN) {
@@ -1677,7 +1677,7 @@ static void usb_ohci_init(OHCIState *ohci, int num_ports, int devfn,
             usb_bit_time = 1;
         }
 #endif
-        dprintf("usb-ohci: usb_bit_time=%lli usb_frame_time=%lli\n",
+        dprintf("usb-ohci: usb_bit_time=%" PRId64 " usb_frame_time=%" PRId64 "\n",
                 usb_frame_time, usb_bit_time);
     }
 

hw/usb-uhci.c

@@ -72,7 +72,7 @@
 #ifdef DEBUG
 #define dprintf printf
 
-const char *pid2str(int pid)
+static const char *pid2str(int pid)
 {
     switch (pid) {
     case USB_TOKEN_SETUP: return "SETUP";

hw/vga.c

@@ -799,7 +799,7 @@ void vga_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
     uint32_t write_mask, bit_mask, set_mask;
 
 #ifdef DEBUG_VGA_MEM
-    printf("vga: [0x%x] = 0x%02x\n", addr, val);
+    printf("vga: [0x" TARGET_FMT_plx "] = 0x%02x\n", addr, val);
 #endif
     /* convert to VGA memory offset */
     memory_map_mode = (s->gr[6] >> 2) & 3;
@@ -832,7 +832,7 @@ void vga_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
         if (s->sr[2] & mask) {
             s->vram_ptr[addr] = val;
 #ifdef DEBUG_VGA_MEM
-            printf("vga: chain4: [0x%x]\n", addr);
+            printf("vga: chain4: [0x" TARGET_FMT_plx "]\n", addr);
 #endif
             s->plane_updated |= mask; /* only used to detect font change */
             cpu_physical_memory_set_dirty(s->vram_offset + addr);
@@ -845,7 +845,7 @@ void vga_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
             addr = ((addr & ~1) << 1) | plane;
             s->vram_ptr[addr] = val;
 #ifdef DEBUG_VGA_MEM
-            printf("vga: odd/even: [0x%x]\n", addr);
+            printf("vga: odd/even: [0x" TARGET_FMT_plx "]\n", addr);
 #endif
             s->plane_updated |= mask; /* only used to detect font change */
             cpu_physical_memory_set_dirty(s->vram_offset + addr);
@@ -919,10 +919,10 @@ void vga_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
             (((uint32_t *)s->vram_ptr)[addr] & ~write_mask) |
             (val & write_mask);
 #ifdef DEBUG_VGA_MEM
-            printf("vga: latch: [0x%x] mask=0x%08x val=0x%08x\n",
-                   addr * 4, write_mask, val);
+        printf("vga: latch: [0x" TARGET_FMT_plx "] mask=0x%08x val=0x%08x\n",
+               addr * 4, write_mask, val);
 #endif
-            cpu_physical_memory_set_dirty(s->vram_offset + (addr << 2));
+        cpu_physical_memory_set_dirty(s->vram_offset + (addr << 2));
     }
 }
 

linux-user/mmap.c

@@ -145,8 +145,8 @@ int target_mprotect(abi_ulong start, abi_ulong len, int prot)
     int prot1, ret;
 
 #ifdef DEBUG_MMAP
-    printf("mprotect: start=0x" TARGET_FMT_lx
-           "len=0x" TARGET_FMT_lx " prot=%c%c%c\n", start, len,
+    printf("mprotect: start=0x" TARGET_ABI_FMT_lx
+           "len=0x" TARGET_ABI_FMT_lx " prot=%c%c%c\n", start, len,
            prot & PROT_READ ? 'r' : '-',
            prot & PROT_WRITE ? 'w' : '-',
            prot & PROT_EXEC ? 'x' : '-');
@@ -331,8 +331,8 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
     mmap_lock();
 #ifdef DEBUG_MMAP
     {
-        printf("mmap: start=0x" TARGET_FMT_lx
-               " len=0x" TARGET_FMT_lx " prot=%c%c%c flags=",
+        printf("mmap: start=0x" TARGET_ABI_FMT_lx
+               " len=0x" TARGET_ABI_FMT_lx " prot=%c%c%c flags=",
                start, len,
                prot & PROT_READ ? 'r' : '-',
                prot & PROT_WRITE ? 'w' : '-',
@@ -352,7 +352,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
             printf("[MAP_TYPE=0x%x] ", flags & MAP_TYPE);
             break;
         }
-        printf("fd=%d offset=" TARGET_FMT_lx "\n", fd, offset);
+        printf("fd=%d offset=" TARGET_ABI_FMT_lx "\n", fd, offset);
     }
 #endif
 
@@ -523,7 +523,7 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
     page_set_flags(start, start + len, prot | PAGE_VALID);
  the_end:
 #ifdef DEBUG_MMAP
-    printf("ret=0x" TARGET_FMT_lx "\n", start);
+    printf("ret=0x" TARGET_ABI_FMT_lx "\n", start);
     page_dump(stdout);
     printf("\n");
 #endif
@@ -540,7 +540,9 @@ int target_munmap(abi_ulong start, abi_ulong len)
     int prot, ret;
 
 #ifdef DEBUG_MMAP
-    printf("munmap: start=0x%lx len=0x%lx\n", start, len);
+    printf("munmap: start=0x" TARGET_ABI_FMT_lx " len=0x"
+           TARGET_ABI_FMT_lx "\n",
+           start, len);
 #endif
     if (start & ~TARGET_PAGE_MASK)
         return -EINVAL;

linux-user/signal.c

@@ -584,8 +584,8 @@ int do_sigaction(int sig, const struct target_sigaction *act,
         return -EINVAL;
     k = &sigact_table[sig - 1];
 #if defined(DEBUG_SIGNAL)
-    fprintf(stderr, "sigaction sig=%d act=0x%08x, oact=0x%08x\n",
-            sig, (int)act, (int)oact);
+    fprintf(stderr, "sigaction sig=%d act=0x%p, oact=0x%p\n",
+            sig, act, oact);
 #endif
     if (oact) {
         oact->_sa_handler = tswapl(k->_sa_handler);

linux-user/syscall.c

@@ -6977,7 +6977,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
     }
 fail:
 #ifdef DEBUG
-    gemu_log(" = %ld\n", ret);
+    gemu_log(" = " TARGET_ABI_FMT_ld "\n", ret);
 #endif
     if(do_strace)
         print_syscall_ret(num, ret);

monitor.c

@@ -70,6 +70,14 @@ typedef struct mon_cmd_t {
     const char *help;
 } mon_cmd_t;
 
+/* file descriptors passed via SCM_RIGHTS */
+typedef struct mon_fd_t mon_fd_t;
+struct mon_fd_t {
+    char *name;
+    int fd;
+    LIST_ENTRY(mon_fd_t) next;
+};
+
 struct Monitor {
     CharDriverState *chr;
     int flags;
@@ -80,6 +88,7 @@ struct Monitor {
     CPUState *mon_cpu;
     BlockDriverCompletionFunc *password_completion_cb;
     void *password_opaque;
+    LIST_HEAD(,mon_fd_t) fds;
     LIST_ENTRY(Monitor) entry;
 };
 
@@ -1705,6 +1714,90 @@ static void do_inject_mce(Monitor *mon,
 }
 #endif
 
+static void do_getfd(Monitor *mon, const char *fdname)
+{
+    mon_fd_t *monfd;
+    int fd;
+
+    fd = qemu_chr_get_msgfd(mon->chr);
+    if (fd == -1) {
+        monitor_printf(mon, "getfd: no file descriptor supplied via SCM_RIGHTS\n");
+        return;
+    }
+
+    if (qemu_isdigit(fdname[0])) {
+        monitor_printf(mon, "getfd: monitor names may not begin with a number\n");
+        return;
+    }
+
+    fd = dup(fd);
+    if (fd == -1) {
+        monitor_printf(mon, "Failed to dup() file descriptor: %s\n",
+                       strerror(errno));
+        return;
+    }
+
+    LIST_FOREACH(monfd, &mon->fds, next) {
+        if (strcmp(monfd->name, fdname) != 0) {
+            continue;
+        }
+
+        close(monfd->fd);
+        monfd->fd = fd;
+        return;
+    }
+
+    monfd = qemu_mallocz(sizeof(mon_fd_t));
+    monfd->name = qemu_strdup(fdname);
+    monfd->fd = fd;
+
+    LIST_INSERT_HEAD(&mon->fds, monfd, next);
+}
+
+static void do_closefd(Monitor *mon, const char *fdname)
+{
+    mon_fd_t *monfd;
+
+    LIST_FOREACH(monfd, &mon->fds, next) {
+        if (strcmp(monfd->name, fdname) != 0) {
+            continue;
+        }
+
+        LIST_REMOVE(monfd, next);
+        close(monfd->fd);
+        qemu_free(monfd->name);
+        qemu_free(monfd);
+        return;
+    }
+
+    monitor_printf(mon, "Failed to find file descriptor named %s\n",
+                   fdname);
+}
+
+int monitor_get_fd(Monitor *mon, const char *fdname)
+{
+    mon_fd_t *monfd;
+
+    LIST_FOREACH(monfd, &mon->fds, next) {
+        int fd;
+
+        if (strcmp(monfd->name, fdname) != 0) {
+            continue;
+        }
+
+        fd = monfd->fd;
+
+        /* caller takes ownership of fd */
+        LIST_REMOVE(monfd, next);
+        qemu_free(monfd->name);
+        qemu_free(monfd);
+
+        return fd;
+    }
+
+    return -1;
+}
+
 static const mon_cmd_t mon_cmds[] = {
 #include "qemu-monitor.h"
     { NULL, NULL, },

monitor.h

@@ -20,6 +20,8 @@ void monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
                                  BlockDriverCompletionFunc *completion_cb,
                                  void *opaque);
 
+int monitor_get_fd(Monitor *mon, const char *fdname);
+
 void monitor_vprintf(Monitor *mon, const char *fmt, va_list ap);
 void monitor_printf(Monitor *mon, const char *fmt, ...)
     __attribute__ ((__format__ (__printf__, 2, 3)));

net.c

@@ -1150,7 +1150,7 @@ static void slirp_smb(SlirpState* s, Monitor *mon, const char *exported_dir,
     snprintf(smb_cmdline, sizeof(smb_cmdline), "%s -s %s",
              SMBD_COMMAND, smb_conf);
 
-    if (slirp_add_exec(s->slirp, 0, smb_cmdline, vserver_addr, 139) < 0) {
+    if (slirp_add_exec(s->slirp, 0, smb_cmdline, &vserver_addr, 139) < 0) {
         slirp_smb_cleanup(s);
         config_error(mon, "conflicting/invalid smbserver address\n");
     }
@@ -1239,16 +1239,17 @@ static void slirp_guestfwd(SlirpState *s, Monitor *mon, const char *config_str,
         qemu_free(fwd);
         return;
     }
-    fwd->server = server;
-    fwd->port = port;
-    fwd->slirp = s->slirp;
 
-    if (slirp_add_exec(s->slirp, 3, fwd->hd, server, port) < 0) {
+    if (slirp_add_exec(s->slirp, 3, fwd->hd, &server, port) < 0) {
         config_error(mon, "conflicting/invalid host:port in guest forwarding "
                      "rule '%s'\n", config_str);
         qemu_free(fwd);
         return;
     }
+    fwd->server = server;
+    fwd->port = port;
+    fwd->slirp = s->slirp;
+
     qemu_chr_add_handlers(fwd->hd, guestfwd_can_read, guestfwd_read,
                           NULL, fwd);
     return;
@@ -2410,6 +2411,23 @@ void qemu_check_nic_model_list(NICInfo *nd, const char * const *models,
     exit(exit_status);
 }
 
+static int net_handle_fd_param(Monitor *mon, const char *param)
+{
+    if (!qemu_isdigit(param[0])) {
+        int fd;
+
+        fd = monitor_get_fd(mon, param);
+        if (fd == -1) {
+            config_error(mon, "No file descriptor named %s found", param);
+            return -1;
+        }
+
+        return fd;
+    } else {
+        return strtol(param, NULL, 0);
+    }
+}
+
 int net_client_init(Monitor *mon, const char *device, const char *p)
 {
     char buf[1024];
@@ -2650,14 +2668,20 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
             static const char * const fd_params[] = {
                 "vlan", "name", "fd", "sndbuf", NULL
             };
+            ret = -1;
             if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
-                ret = -1;
                 goto out;
             }
-            fd = strtol(buf, NULL, 0);
+            fd = net_handle_fd_param(mon, buf);
+            if (fd == -1) {
+                goto out;
+            }
             fcntl(fd, F_SETFL, O_NONBLOCK);
             s = net_tap_fd_init(vlan, device, name, fd);
+            if (!s) {
+                close(fd);
+            }
         } else {
             static const char * const tap_params[] = {
                 "vlan", "name", "ifname", "script", "downscript", "sndbuf", NULL
@@ -2697,15 +2721,20 @@ int net_client_init(Monitor *mon, const char *device, const char *p)
                 "vlan", "name", "fd", NULL
             };
             int fd;
+            ret = -1;
             if (check_params(chkbuf, sizeof(chkbuf), fd_params, p) < 0) {
                 config_error(mon, "invalid parameter '%s' in '%s'\n", chkbuf, p);
-                ret = -1;
                 goto out;
             }
-            fd = strtol(buf, NULL, 0);
-            ret = -1;
-            if (net_socket_fd_init(vlan, device, name, fd, 1))
-                ret = 0;
+            fd = net_handle_fd_param(mon, buf);
+            if (fd == -1) {
+                goto out;
+            }
+            if (!net_socket_fd_init(vlan, device, name, fd, 1)) {
+                close(fd);
+                goto out;
+            }
+            ret = 0;
         } else if (get_param_value(buf, sizeof(buf), "listen", p) > 0) {
             static const char * const listen_params[] = {
                 "vlan", "name", "listen", NULL

pc-bios/optionrom/signrom.sh

@@ -31,9 +31,10 @@ x=`dd if="$1" bs=1 count=1 skip=2 2>/dev/null | od -t u1 -A n`
 size=$(( $x * 512 - 1 ))
 
 # now get the checksum
-for i in `od -A n -t u1 -v "$1"`; do
+nums=`od -A n -t u1 -v "$1"`
+for i in ${nums}; do
     # add each byte's value to sum
-    sum=$(( $sum + $i ))
+    sum=`expr $sum + $i`
 done
 
 sum=$(( $sum % 256 ))

qemu-char.c

@@ -168,6 +168,11 @@ void qemu_chr_read(CharDriverState *s, uint8_t *buf, int len)
     s->chr_read(s->handler_opaque, buf, len);
 }
 
+int qemu_chr_get_msgfd(CharDriverState *s)
+{
+    return s->get_msgfd ? s->get_msgfd(s) : -1;
+}
+
 void qemu_chr_accept_input(CharDriverState *s)
 {
     if (s->chr_accept_input)
@@ -1832,6 +1837,7 @@ typedef struct {
     int do_telnetopt;
     int do_nodelay;
     int is_unix;
+    int msgfd;
 } TCPCharDriver;
 
 static void tcp_chr_accept(void *opaque);
@@ -1907,6 +1913,70 @@ static void tcp_chr_process_IAC_bytes(CharDriverState *chr,
     *size = j;
 }
 
+static int tcp_get_msgfd(CharDriverState *chr)
+{
+    TCPCharDriver *s = chr->opaque;
+
+    return s->msgfd;
+}
+
+#ifndef WIN32
+static void unix_process_msgfd(CharDriverState *chr, struct msghdr *msg)
+{
+    TCPCharDriver *s = chr->opaque;
+    struct cmsghdr *cmsg;
+
+    for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
+        int fd;
+
+        if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)) ||
+            cmsg->cmsg_level != SOL_SOCKET ||
+            cmsg->cmsg_type != SCM_RIGHTS)
+            continue;
+
+        fd = *((int *)CMSG_DATA(cmsg));
+        if (fd < 0)
+            continue;
+
+        if (s->msgfd != -1)
+            close(s->msgfd);
+        s->msgfd = fd;
+    }
+}
+
+static ssize_t tcp_chr_recv(CharDriverState *chr, char *buf, size_t len)
+{
+    TCPCharDriver *s = chr->opaque;
+    struct msghdr msg = { 0, };
+    struct iovec iov[1];
+    union {
+        struct cmsghdr cmsg;
+        char control[CMSG_SPACE(sizeof(int))];
+    } msg_control;
+    ssize_t ret;
+
+    iov[0].iov_base = buf;
+    iov[0].iov_len = len;
+
+    msg.msg_iov = iov;
+    msg.msg_iovlen = 1;
+    msg.msg_control = &msg_control;
+    msg.msg_controllen = sizeof(msg_control);
+
+    ret = recvmsg(s->fd, &msg, 0);
+    if (ret > 0 && s->is_unix)
+        unix_process_msgfd(chr, &msg);
+
+    return ret;
+}
+#else
+static ssize_t tcp_chr_recv(CharDriverState *chr, char *buf, size_t len)
+{
+    TCPCharDriver *s = chr->opaque;
+    return recv(s->fd, buf, len, 0);
+}
+#endif
+
 static void tcp_chr_read(void *opaque)
 {
     CharDriverState *chr = opaque;
@@ -1919,7 +1989,7 @@ static void tcp_chr_read(void *opaque)
     len = sizeof(buf);
     if (len > s->max_size)
         len = s->max_size;
-    size = recv(s->fd, (void *)buf, len, 0);
+    size = tcp_chr_recv(chr, (void *)buf, len);
     if (size == 0) {
         /* connection closed */
         s->connected = 0;
@@ -1934,6 +2004,10 @@ static void tcp_chr_read(void *opaque)
             tcp_chr_process_IAC_bytes(chr, s, buf, &size);
         if (size > 0)
             qemu_chr_read(chr, buf, size);
+        if (s->msgfd != -1) {
+            close(s->msgfd);
+            s->msgfd = -1;
+        }
     }
 }
 
@@ -2095,12 +2169,14 @@ static CharDriverState *qemu_chr_open_tcp(const char *host_str,
     s->connected = 0;
     s->fd = -1;
     s->listen_fd = -1;
+    s->msgfd = -1;
     s->is_unix = is_unix;
     s->do_nodelay = do_nodelay && !is_unix;
 
     chr->opaque = s;
     chr->chr_write = tcp_chr_write;
     chr->chr_close = tcp_chr_close;
+    chr->get_msgfd = tcp_get_msgfd;
 
     if (is_listen) {
         s->listen_fd = fd;

qemu-char.h

@@ -51,6 +51,7 @@ struct CharDriverState {
     int (*chr_write)(struct CharDriverState *s, const uint8_t *buf, int len);
     void (*chr_update_read_handler)(struct CharDriverState *s);
     int (*chr_ioctl)(struct CharDriverState *s, int cmd, void *arg);
+    int (*get_msgfd)(struct CharDriverState *s);
     IOEventHandler *chr_event;
     IOCanRWHandler *chr_can_read;
     IOReadHandler *chr_read;
@@ -81,6 +82,7 @@ void qemu_chr_reset(CharDriverState *s);
 void qemu_chr_initial_reset(void);
 int qemu_chr_can_read(CharDriverState *s);
 void qemu_chr_read(CharDriverState *s, uint8_t *buf, int len);
+int qemu_chr_get_msgfd(CharDriverState *s);
 void qemu_chr_accept_input(CharDriverState *s);
 void qemu_chr_info(Monitor *mon);
 

qemu-img.c

@@ -747,14 +747,20 @@ static int img_convert(int argc, char **argv)
                 n = bs_offset + bs_sectors - sector_num;
 
             if (strcmp(drv->format_name, "host_device")) {
-                if (!bdrv_is_allocated(bs[bs_i], sector_num - bs_offset,
-                                       n, &n1)) {
-                    sector_num += n1;
-                    continue;
+                /* If the output image is being created as a copy on write image,
+                   assume that sectors which are unallocated in the input image
+                   are present in both the output's and input's base images (no
+                   need to copy them). */
+                if (out_baseimg) {
+                    if (!bdrv_is_allocated(bs[bs_i], sector_num - bs_offset,
+                                           n, &n1)) {
+                        sector_num += n1;
+                        continue;
+                    }
+                    /* The next 'n1' sectors are allocated in the input image. Copy
+                       only those as they may be followed by unallocated sectors. */
+                    n = n1;
                 }
-                /* The next 'n1' sectors are allocated in the input image. Copy
-                   only those as they may be followed by unallocated sectors. */
-                n = n1;
             } else {
                 n1 = n;
             }

qemu-monitor.hx

@@ -626,6 +626,24 @@ ETEXI
 STEXI
 @item mce @var{cpu} @var{bank} @var{status} @var{mcgstatus} @var{addr} @var{misc}
 Inject an MCE on the given CPU (x86 only).
+ETEXI
+
+    { "getfd", "s", do_getfd, "getfd name",
+      "receive a file descriptor via SCM rights and assign it a name" },
+STEXI
+@item getfd @var{fdname}
+If a file descriptor is passed alongside this command using the SCM_RIGHTS
+mechanism on unix sockets, it is stored using the name @var{fdname} for
+later use by other monitor commands.
+ETEXI
+
+    { "closefd", "s", do_closefd, "closefd name",
+      "close a file descriptor previously passed via SCM rights" },
+STEXI
+@item closefd @var{fdname}
+Close the file descriptor previously assigned to @var{fdname} using the
+@code{getfd} command. This is only needed if the file descriptor was never
+used by another monitor command.
 ETEXI
 
 STEXI

qemu-thread.c

@@ -158,6 +158,6 @@ void qemu_thread_self(QemuThread *thread)
 
 int qemu_thread_equal(QemuThread *thread1, QemuThread *thread2)
 {
-   return (thread1->thread == thread2->thread);
+   return pthread_equal(thread1->thread, thread2->thread);
 }
 

qemu-tool.c

@@ -15,11 +15,14 @@
 #include "monitor.h"
 #include "sysemu.h"
 #include "qemu-timer.h"
+#include "qemu-log.h"
 
 #include <sys/time.h>
 
 QEMUClock *rt_clock;
 
+FILE *logfile;
+
 struct QEMUBH
 {
     QEMUBHFunc *cb;

slirp/libslirp.h

@@ -33,7 +33,7 @@ int slirp_add_hostfwd(Slirp *slirp, int is_udp,
 int slirp_remove_hostfwd(Slirp *slirp, int is_udp,
                          struct in_addr host_addr, int host_port);
 int slirp_add_exec(Slirp *slirp, int do_pty, const void *args,
-                   struct in_addr guest_addr, int guest_port);
+                   struct in_addr *guest_addr, int guest_port);
 
 void slirp_connection_info(Slirp *slirp, Monitor *mon);
 

slirp/slirp.c

@@ -22,6 +22,7 @@
  * THE SOFTWARE.
  */
 #include "qemu-common.h"
+#include "qemu-timer.h"
 #include "qemu-char.h"
 #include "slirp.h"
 #include "hw/hw.h"
@@ -244,29 +245,6 @@ void slirp_cleanup(Slirp *slirp)
 #define CONN_CANFRCV(so) (((so)->so_state & (SS_FCANTRCVMORE|SS_ISFCONNECTED)) == SS_ISFCONNECTED)
 #define UPD_NFDS(x) if (nfds < (x)) nfds = (x)
 
-/*
- * curtime kept to an accuracy of 1ms
- */
-#ifdef _WIN32
-static void updtime(void)
-{
-    struct _timeb tb;
-
-    _ftime(&tb);
-
-    curtime = tb.time * 1000 + tb.millitm;
-}
-#else
-static void updtime(void)
-{
-    struct timeval tv;
-
-    gettimeofday(&tv, NULL);
-
-    curtime = tv.tv_sec * 1000 + tv.tv_usec / 1000;
-}
-#endif
-
 void slirp_select_fill(int *pnfds,
                        fd_set *readfds, fd_set *writefds, fd_set *xfds)
 {
@@ -405,8 +383,7 @@ void slirp_select_poll(fd_set *readfds, fd_set *writefds, fd_set *xfds,
     global_writefds = writefds;
     global_xfds = xfds;
 
-	/* Update time */
-	updtime();
+    curtime = qemu_get_clock(rt_clock);
 
     TAILQ_FOREACH(slirp, &slirp_instances, entry) {
 	/*
@@ -794,19 +771,19 @@ int slirp_add_hostfwd(Slirp *slirp, int is_udp, struct in_addr host_addr,
 }
 
 int slirp_add_exec(Slirp *slirp, int do_pty, const void *args,
-                   struct in_addr guest_addr, int guest_port)
+                   struct in_addr *guest_addr, int guest_port)
 {
-    if (!guest_addr.s_addr) {
-        guest_addr.s_addr = slirp->vnetwork_addr.s_addr |
+    if (!guest_addr->s_addr) {
+        guest_addr->s_addr = slirp->vnetwork_addr.s_addr |
             (htonl(0x0204) & ~slirp->vnetwork_mask.s_addr);
     }
-    if ((guest_addr.s_addr & slirp->vnetwork_mask.s_addr) !=
+    if ((guest_addr->s_addr & slirp->vnetwork_mask.s_addr) !=
         slirp->vnetwork_addr.s_addr ||
-        guest_addr.s_addr == slirp->vhost_addr.s_addr ||
-        guest_addr.s_addr == slirp->vnameserver_addr.s_addr) {
+        guest_addr->s_addr == slirp->vhost_addr.s_addr ||
+        guest_addr->s_addr == slirp->vnameserver_addr.s_addr) {
         return -1;
     }
-    return add_exec(&slirp->exec_list, do_pty, (char *)args, guest_addr,
+    return add_exec(&slirp->exec_list, do_pty, (char *)args, *guest_addr,
                     htons(guest_port));
 }
 

slirp/slirp.h

@@ -108,10 +108,6 @@ typedef unsigned char u_int8_t;
 #include <arpa/inet.h>
 #endif
 
-#ifdef GETTIMEOFDAY_ONE_ARG
-#define gettimeofday(x, y) gettimeofday(x)
-#endif
-
 /* Systems lacking strdup() definition in <string.h>. */
 #if defined(ultrix)
 char *strdup(const char *);

slirp/slirp_config.h

@@ -190,9 +190,6 @@
 #define NO_UNIX_SOCKETS
 #endif
 
-/* Define if gettimeofday only takes one argument */
-#undef GETTIMEOFDAY_ONE_ARG
-
 /* Define if you have revoke() */
 #undef HAVE_REVOKE
 

tap-win32.c

@@ -30,13 +30,7 @@
 #include "sysemu.h"
 #include <stdio.h>
 #include <windows.h>
-
-/* NOTE: PCIBus is redefined in winddk.h */
-#define PCIBus _PCIBus
-#include <ddk/ntapi.h>
-#include <ddk/winddk.h>
-#include <ddk/ntddk.h>
-#undef PCIBus
+#include <winioctl.h>
 
 //=============
 // TAP IOCTLs

target-i386/helper.c

@@ -297,7 +297,7 @@ static void host_cpuid(uint32_t function, uint32_t count, uint32_t *eax,
 
 static int cpu_x86_fill_model_id(char *str)
 {
-    uint32_t eax, ebx, ecx, edx;
+    uint32_t eax = 0, ebx = 0, ecx = 0, edx = 0;
     int i;
 
     for (i = 0; i < 3; i++) {
@@ -358,11 +358,10 @@ static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def, const char *cpu_model)
             break;
         }
     }
-    if (!def) {
-        if (strcmp(name, "host") != 0) {
-            goto error;
-        }
+    if (kvm_enabled() && strcmp(name, "host") == 0) {
         cpu_x86_fill_host(x86_cpu_def);
+    } else if (!def) {
+        goto error;
     } else {
         memcpy(x86_cpu_def, def, sizeof(*def));
     }

target-ppc/helper.c

@@ -558,18 +558,18 @@ static always_inline int get_bat (CPUState *env, mmu_ctx_t *ctx,
     }
     if (ret < 0) {
 #if defined(DEBUG_BATS)
-        if (IS_LOGGING) {
-            QEMU_LOG0("no BAT match for " ADDRX ":\n", virtual);
+        if (qemu_log_enabled()) {
+            LOG_BATS("no BAT match for " ADDRX ":\n", virtual);
             for (i = 0; i < 4; i++) {
                 BATu = &BATut[i];
                 BATl = &BATlt[i];
                 BEPIu = *BATu & 0xF0000000;
                 BEPIl = *BATu & 0x0FFE0000;
                 bl = (*BATu & 0x00001FFC) << 15;
-                QEMU_LOG0("%s: %cBAT%d v " ADDRX " BATu " ADDRX
-                        " BATl " ADDRX " \n\t" ADDRX " " ADDRX " " ADDRX "\n",
-                        __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual,
-                        *BATu, *BATl, BEPIu, BEPIl, bl);
+                LOG_BATS("%s: %cBAT%d v " ADDRX " BATu " ADDRX
+                         " BATl " ADDRX " \n\t" ADDRX " " ADDRX " " ADDRX "\n",
+                         __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual,
+                         *BATu, *BATl, BEPIu, BEPIl, bl);
             }
         }
 #endif
@@ -860,8 +860,8 @@ void ppc_store_slb (CPUPPCState *env, target_ulong rb, target_ulong rs)
     slb->tmp = (vsid << 8) | (flags << 3);
 
     LOG_SLB("%s: %d " ADDRX " - " ADDRX " => %016" PRIx64
-                " %08" PRIx32 "\n", __func__,
-                slb_nr, rb, rs, tmp64, tmp);
+            " %08" PRIx32 "\n", __func__,
+            slb_nr, rb, rs, slb->tmp64, slb->tmp);
 
     slb_set_entry(env, slb_nr, slb);
 }
@@ -2445,7 +2445,7 @@ static always_inline void powerpc_excp (CPUState *env,
         tlb_miss:
 #if defined (DEBUG_SOFTWARE_TLB)
             if (qemu_log_enabled()) {
-                const unsigned char *es;
+                const char *es;
                 target_ulong *miss, *cmp;
                 int en;
                 if (excp == POWERPC_EXCP_IFTLB) {
@@ -2478,7 +2478,7 @@ static always_inline void powerpc_excp (CPUState *env,
         tlb_miss_74xx:
 #if defined (DEBUG_SOFTWARE_TLB)
             if (qemu_log_enabled()) {
-                const unsigned char *es;
+                const char *es;
                 target_ulong *miss, *cmp;
                 int en;
                 if (excp == POWERPC_EXCP_IFTLB) {

target-sparc/helper.c

@@ -583,15 +583,15 @@ void dump_mmu(CPUState *env)
                 break;
             }
             if ((env->dtlb_tte[i] & 0x8000000000000000ULL) != 0) {
-                printf("VA: " TARGET_FMT_lx ", PA: " TARGET_FMT_lx
+                printf("VA: %" PRIx64 ", PA: %" PRIx64
                        ", %s, %s, %s, %s, ctx %" PRId64 "\n",
-                       env->dtlb_tag[i] & ~0x1fffULL,
-                       env->dtlb_tte[i] & 0x1ffffffe000ULL,
+                       env->dtlb_tag[i] & (uint64_t)~0x1fffULL,
+                       env->dtlb_tte[i] & (uint64_t)0x1ffffffe000ULL,
                        mask,
                        env->dtlb_tte[i] & 0x4? "priv": "user",
                        env->dtlb_tte[i] & 0x2? "RW": "RO",
                        env->dtlb_tte[i] & 0x40? "locked": "unlocked",
-                       env->dtlb_tag[i] & 0x1fffULL);
+                       env->dtlb_tag[i] & (uint64_t)0x1fffULL);
             }
         }
     }
@@ -616,14 +616,14 @@ void dump_mmu(CPUState *env)
                 break;
             }
             if ((env->itlb_tte[i] & 0x8000000000000000ULL) != 0) {
-                printf("VA: " TARGET_FMT_lx ", PA: " TARGET_FMT_lx
+                printf("VA: %" PRIx64 ", PA: %" PRIx64
                        ", %s, %s, %s, ctx %" PRId64 "\n",
-                       env->itlb_tag[i] & ~0x1fffULL,
-                       env->itlb_tte[i] & 0x1ffffffe000ULL,
+                       env->itlb_tag[i] & (uint64_t)~0x1fffULL,
+                       env->itlb_tte[i] & (uint64_t)0x1ffffffe000ULL,
                        mask,
                        env->itlb_tte[i] & 0x4? "priv": "user",
                        env->itlb_tte[i] & 0x40? "locked": "unlocked",
-                       env->itlb_tag[i] & 0x1fffULL);
+                       env->itlb_tag[i] & (uint64_t)0x1fffULL);
             }
         }
     }
@@ -1314,7 +1314,7 @@ static int cpu_sparc_find_by_name(sparc_def_t *cpu_def, const char *cpu_model)
                 }
                 cpu_def->fpu_version = fpu_version;
 #ifdef DEBUG_FEATURES
-                fprintf(stderr, "fpu_version %llx\n", fpu_version);
+                fprintf(stderr, "fpu_version %x\n", fpu_version);
 #endif
             } else if (!strcmp(featurestr, "mmu_version")) {
                 char *err;
@@ -1326,7 +1326,7 @@ static int cpu_sparc_find_by_name(sparc_def_t *cpu_def, const char *cpu_model)
                 }
                 cpu_def->mmu_version = mmu_version;
 #ifdef DEBUG_FEATURES
-                fprintf(stderr, "mmu_version %llx\n", mmu_version);
+                fprintf(stderr, "mmu_version %x\n", mmu_version);
 #endif
             } else if (!strcmp(featurestr, "nwindows")) {
                 char *err;

target-sparc/op_helper.c

@@ -1212,11 +1212,14 @@ GEN_FCMP(fcmpeq_fcc3, float128, QT0, QT1, 26, 1);
     defined(DEBUG_MXCC)
 static void dump_mxcc(CPUState *env)
 {
-    printf("mxccdata: %016llx %016llx %016llx %016llx\n",
+    printf("mxccdata: %016" PRIx64 " %016" PRIx64 " %016" PRIx64 " %016" PRIx64
+           "\n",
            env->mxccdata[0], env->mxccdata[1],
            env->mxccdata[2], env->mxccdata[3]);
-    printf("mxccregs: %016llx %016llx %016llx %016llx\n"
-           "          %016llx %016llx %016llx %016llx\n",
+    printf("mxccregs: %016" PRIx64 " %016" PRIx64 " %016" PRIx64 " %016" PRIx64
+           "\n"
+           "          %016" PRIx64 " %016" PRIx64 " %016" PRIx64 " %016" PRIx64
+           "\n",
            env->mxccregs[0], env->mxccregs[1],
            env->mxccregs[2], env->mxccregs[3],
            env->mxccregs[4], env->mxccregs[5],
@@ -1455,7 +1458,8 @@ uint64_t helper_ld_asi(target_ulong addr, int asi, int size, int sign)
                 env->mmubpregs[reg] = 0ULL;
                 break;
             }
-            DPRINTF_MMU("read breakpoint reg[%d] 0x%016llx\n", reg, ret);
+            DPRINTF_MMU("read breakpoint reg[%d] 0x%016" PRIx64 "\n", reg,
+                        ret);
         }
         break;
     case 8: /* User code access, XXX */
@@ -1808,7 +1812,7 @@ void helper_st_asi(target_ulong addr, uint64_t val, int asi, int size)
                 env->mmubpregs[reg] = (val & 0xfULL);
                 break;
             }
-            DPRINTF_MMU("write breakpoint reg[%d] 0x%016llx\n", reg,
+            DPRINTF_MMU("write breakpoint reg[%d] 0x%016x\n", reg,
                         env->mmuregs[reg]);
         }
         break;

tcg/arm/tcg-target.c

@@ -1567,7 +1567,7 @@ static inline void tcg_out_st(TCGContext *s, TCGType type, int arg,
     tcg_out_st32(s, COND_AL, arg, arg1, arg2);
 }
 
-void tcg_out_addi(TCGContext *s, int reg, tcg_target_long val)
+static void tcg_out_addi(TCGContext *s, int reg, tcg_target_long val)
 {
     if (val > 0)
         if (val < 0x100)

tcg/arm/tcg-target.h

@@ -51,9 +51,10 @@ enum {
     TCG_REG_R12,
     TCG_REG_R13,
     TCG_REG_R14,
-    TCG_TARGET_NB_REGS
 };
 
+#define TCG_TARGET_NB_REGS 15
+
 /* used for function call generation */
 #define TCG_REG_CALL_STACK		TCG_REG_R13
 #define TCG_TARGET_STACK_ALIGN		8
@@ -69,8 +70,7 @@ enum {
 static inline void flush_icache_range(unsigned long start, unsigned long stop)
 {
 #if QEMU_GNUC_PREREQ(4, 1)
-    void __clear_cache(char *beg, char *end);
-    __clear_cache((char *) start, (char *) stop);
+    __builtin___clear_cache((char *) start, (char *) stop);
 #else
     register unsigned long _beg __asm ("a1") = start;
     register unsigned long _end __asm ("a2") = stop;

tcg/tcg-op.h

@@ -1749,7 +1749,7 @@ static inline void tcg_gen_rotr_i64(TCGv_i64 ret, TCGv_i64 arg1, TCGv_i64 arg2)
 
     t0 = tcg_temp_new_i64();
     t1 = tcg_temp_new_i64();
-    tcg_gen_shl_i64(t0, arg1, arg2);
+    tcg_gen_shr_i64(t0, arg1, arg2);
     tcg_gen_subfi_i64(t1, 64, arg2);
     tcg_gen_shl_i64(t1, arg1, t1);
     tcg_gen_or_i64(ret, t0, t1);

vl.c

@@ -31,6 +31,8 @@
 
 /* Needed early for HOST_BSD etc. */
 #include "config-host.h"
+/* Needed early to override system queue definitions on BSD */
+#include "sys-queue.h"
 
 #ifndef _WIN32
 #include <libgen.h>
@@ -3357,6 +3359,8 @@ static QEMUMachine *find_machine(const char *name)
     for(m = first_machine; m != NULL; m = m->next) {
         if (!strcmp(m->name, name))
             return m;
+        if (m->alias && !strcmp(m->alias, name))
+            return m;
     }
     return NULL;
 }
@@ -4993,6 +4997,9 @@ int main(int argc, char **argv, char **envp)
                     QEMUMachine *m;
                     printf("Supported machines are:\n");
                     for(m = first_machine; m != NULL; m = m->next) {
+                        if (m->alias)
+                            printf("%-10s %s (alias of %s)\n",
+                                   m->alias, m->desc, m->name);
                         printf("%-10s %s%s\n",
                                m->name, m->desc,
                                m->is_default ? " (default)" : "");
@@ -6073,8 +6080,10 @@ int main(int argc, char **argv, char **envp)
     if (loadvm)
         do_loadvm(cur_mon, loadvm);
 
-    if (incoming)
+    if (incoming) {
+        autostart = 0;
         qemu_start_incoming_migration(incoming);
+    }
 
     if (autostart)
         vm_start();