Patchwork [3/5] Convert use of ptr = g_malloc(sizeof(type)) to g_new()

login
register
mail settings
Submitter Stuart Brady
Date Oct. 20, 2011, 8:03 a.m.
Message ID <1319097820-4788-3-git-send-email-sdb@zubnet.me.uk>
Download mbox | patch
Permalink /patch/120761/
State New
Headers show

Comments

Stuart Brady - Oct. 20, 2011, 8:03 a.m.
Convert calls to g_malloc() and g_malloc0() to g_new() and g_new0()
respectively, in cases where the size passed to g_malloc() is specified
in terms of sizeof(type) where the result is assigned to a variable of
the same type.

This was achieved using Coccinelle with the following semantic patch:

@@ type T; T *E; @@
-E = g_malloc(sizeof(T))
+E = g_new(T, 1)

@@ type T; T *E; @@
-E = g_malloc0(sizeof(T))
+E = g_new0(T, 1)

@@ type T; T *E; expression N; @@
-E = g_malloc(sizeof(T) * N)
+E = g_new(T, N)

@@ type T; T *E; expression N; @@
-E = g_malloc0(sizeof(T) * N)
+E = g_new0(T, N)

Signed-off-by: Stuart Brady <sdb@zubnet.me.uk>
---
 aio.c                           |    2 +-
 async.c                         |    2 +-
 block-migration.c               |    6 ++--
 block.c                         |    2 +-
 block/qcow.c                    |    4 +-
 block/qcow2-cluster.c           |    2 +-
 block/qcow2-refcount.c          |    4 +-
 block/qcow2-snapshot.c          |    6 ++--
 block/rbd.c                     |    4 +-
 block/sheepdog.c                |    2 +-
 block/vdi.c                     |    2 +-
 block/vmdk.c                    |    3 +-
 bt-host.c                       |    2 +-
 bt-vhci.c                       |    2 +-
 console.c                       |    8 +++---
 cutils.c                        |    2 +-
 exec.c                          |   10 ++++----
 gdbstub.c                       |    4 +-
 hw/9pfs/virtio-9p-handle.c      |    2 +-
 hw/9pfs/virtio-9p.c             |    6 ++--
 hw/adb.c                        |    4 +-
 hw/applesmc.c                   |    2 +-
 hw/baum.c                       |    4 +-
 hw/bitbang_i2c.c                |    2 +-
 hw/blizzard.c                   |    3 +-
 hw/bt-hci.c                     |    4 +-
 hw/bt-l2cap.c                   |    4 +-
 hw/bt.c                         |    2 +-
 hw/cirrus_vga.c                 |    2 +-
 hw/dp8393x.c                    |    2 +-
 hw/heathrow_pic.c               |    2 +-
 hw/i8259.c                      |    2 +-
 hw/ide/macio.c                  |    2 +-
 hw/ide/mmio.c                   |    2 +-
 hw/irq.c                        |    2 +-
 hw/ivshmem.c                    |    6 ++--
 hw/jazz_led.c                   |    2 +-
 hw/leon3.c                      |    2 +-
 hw/lm32_boards.c                |    4 +-
 hw/lm32_hwsetup.h               |    2 +-
 hw/mac_dbdma.c                  |    2 +-
 hw/mac_nvram.c                  |    2 +-
 hw/mcf_intc.c                   |    2 +-
 hw/mcf_uart.c                   |    2 +-
 hw/milkymist.c                  |    2 +-
 hw/mips_mipssim.c               |    2 +-
 hw/mips_r4k.c                   |    2 +-
 hw/msmouse.c                    |    2 +-
 hw/omap.h                       |    2 +-
 hw/omap_gpio.c                  |    4 +-
 hw/omap_l4.c                    |    2 +-
 hw/parallel.c                   |    2 +-
 hw/pckbd.c                      |    2 +-
 hw/pflash_cfi01.c               |    2 +-
 hw/pflash_cfi02.c               |    2 +-
 hw/ppc.c                        |    8 +++---
 hw/ppc405_boards.c              |    4 +-
 hw/ppc405_uc.c                  |   28 +++++++++++++-------------
 hw/ppc440.c                     |    4 +-
 hw/ppc4xx_devs.c                |    4 +-
 hw/ppc4xx_pci.c                 |    2 +-
 hw/ppc_booke.c                  |    4 +-
 hw/ppc_newworld.c               |    2 +-
 hw/ppc_oldworld.c               |    2 +-
 hw/ppc_prep.c                   |    2 +-
 hw/ppce500_mpc8544ds.c          |    4 +-
 hw/prep_pci.c                   |    2 +-
 hw/pxa2xx_dma.c                 |    2 +-
 hw/qxl.c                        |    2 +-
 hw/r2d.c                        |    4 +-
 hw/rc4030.c                     |    2 +-
 hw/s390-virtio.c                |    2 +-
 hw/serial.c                     |    4 +-
 hw/sh7750.c                     |    2 +-
 hw/sh_serial.c                  |    2 +-
 hw/slavio_timer.c               |    2 +-
 hw/strongarm.c                  |    2 +-
 hw/sun4u.c                      |    4 +-
 hw/syborg_interrupt.c           |    2 +-
 hw/usb-uhci.c                   |    2 +-
 hw/vga.c                        |    2 +-
 hw/virtex_ml507.c               |    2 +-
 hw/xenfb.c                      |    4 +-
 hw/xics.c                       |    4 +-
 hw/xtensa_lx60.c                |    2 +-
 input.c                         |    4 +-
 iohandler.c                     |    4 +-
 kvm-all.c                       |    4 +-
 linux-user/main.c               |    2 +-
 linux-user/syscall.c            |    2 +-
 monitor.c                       |    2 +-
 net.c                           |    2 +-
 net/queue.c                     |    2 +-
 net/slirp.c                     |    2 +-
 net/socket.c                    |    2 +-
 os-win32.c                      |    2 +-
 pflib.c                         |    2 +-
 posix-aio-compat.c              |    2 +-
 qemu-char.c                     |   40 +++++++++++++++++++-------------------
 qemu-ga.c                       |    2 +-
 qemu-img.c                      |    2 +-
 qemu-nbd.c                      |    2 +-
 qemu-timer.c                    |    4 +-
 qga/guest-agent-command-state.c |    4 +-
 qga/guest-agent-commands.c      |   10 ++++----
 savevm.c                        |   16 +++++++-------
 slirp/slirp.c                   |    2 +-
 spice-qemu-char.c               |    4 +-
 target-alpha/translate.c        |    2 +-
 target-arm/helper.c             |    2 +-
 target-cris/translate.c         |    2 +-
 target-i386/cpuid.c             |    2 +-
 target-i386/helper.c            |    2 +-
 target-i386/kvm.c               |    2 +-
 target-lm32/helper.c            |    2 +-
 target-m68k/helper.c            |    2 +-
 target-microblaze/translate.c   |    2 +-
 target-mips/translate.c         |    2 +-
 target-ppc/helper.c             |    2 +-
 target-s390x/helper.c           |    2 +-
 target-sh4/translate.c          |    2 +-
 target-sparc/helper.c           |    2 +-
 target-unicore32/helper.c       |    2 +-
 tcg/tcg.c                       |    4 +-
 test-qmp-commands.c             |   14 ++++++------
 test-visitor.c                  |    2 +-
 ui/keymaps.c                    |    2 +-
 ui/sdl.c                        |    4 +-
 ui/vnc-jobs-async.c             |    6 ++--
 ui/vnc.c                        |    4 +-
 usb-linux.c                     |    2 +-
 usb-redir.c                     |    2 +-
 vl.c                            |    8 +++---
 xen-all.c                       |    4 +-
 xen-mapcache.c                  |   10 ++++----
 135 files changed, 241 insertions(+), 243 deletions(-)

Patch

diff --git a/aio.c b/aio.c
index 1239ca7..b01a87b 100644
--- a/aio.c
+++ b/aio.c
@@ -81,7 +81,7 @@  int qemu_aio_set_fd_handler(int fd,
     } else {
         if (node == NULL) {
             /* Alloc and insert if it's not already there */
-            node = g_malloc0(sizeof(AioHandler));
+            node = g_new0(AioHandler, 1);
             node->fd = fd;
             QLIST_INSERT_HEAD(&aio_handlers, node, node);
         }
diff --git a/async.c b/async.c
index ca13962..b76f85e 100644
--- a/async.c
+++ b/async.c
@@ -43,7 +43,7 @@  struct QEMUBH {
 QEMUBH *qemu_bh_new(QEMUBHFunc *cb, void *opaque)
 {
     QEMUBH *bh;
-    bh = g_malloc0(sizeof(QEMUBH));
+    bh = g_new0(QEMUBH, 1);
     bh->cb = cb;
     bh->opaque = opaque;
     bh->next = first_bh;
diff --git a/block-migration.c b/block-migration.c
index e2775ee..1bf7328 100644
--- a/block-migration.c
+++ b/block-migration.c
@@ -235,7 +235,7 @@  static int mig_save_device_bulk(Monitor *mon, QEMUFile *f,
         nr_sectors = total_sectors - cur_sector;
     }
 
-    blk = g_malloc(sizeof(BlkMigBlock));
+    blk = g_new(BlkMigBlock, 1);
     blk->buf = g_malloc(BLOCK_SIZE);
     blk->bmds = bmds;
     blk->sector = cur_sector;
@@ -290,7 +290,7 @@  static void init_blk_migration_it(void *opaque, BlockDriverState *bs)
             return;
         }
 
-        bmds = g_malloc0(sizeof(BlkMigDevState));
+        bmds = g_new0(BlkMigDevState, 1);
         bmds->bs = bs;
         bmds->bulk_completed = 0;
         bmds->total_sectors = sectors;
@@ -395,7 +395,7 @@  static int mig_save_device_dirty(Monitor *mon, QEMUFile *f,
             } else {
                 nr_sectors = BDRV_SECTORS_PER_DIRTY_CHUNK;
             }
-            blk = g_malloc(sizeof(BlkMigBlock));
+            blk = g_new(BlkMigBlock, 1);
             blk->buf = g_malloc(BLOCK_SIZE);
             blk->bmds = bmds;
             blk->sector = sector;
diff --git a/block.c b/block.c
index cc69c87..6a8560c 100644
--- a/block.c
+++ b/block.c
@@ -214,7 +214,7 @@  BlockDriverState *bdrv_new(const char *device_name)
 {
     BlockDriverState *bs;
 
-    bs = g_malloc0(sizeof(BlockDriverState));
+    bs = g_new0(BlockDriverState, 1);
     pstrcpy(bs->device_name, sizeof(bs->device_name), device_name);
     if (device_name[0] != '\0') {
         QTAILQ_INSERT_TAIL(&bdrv_states, bs, list);
diff --git a/block/qcow.c b/block/qcow.c
index eba5a04..d2f0717 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -129,7 +129,7 @@  static int qcow_open(BlockDriverState *bs, int flags)
     s->l1_size = (header.size + (1LL << shift) - 1) >> shift;
 
     s->l1_table_offset = header.l1_table_offset;
-    s->l1_table = g_malloc(s->l1_size * sizeof(uint64_t));
+    s->l1_table = g_new(uint64_t, s->l1_size);
     if (!s->l1_table)
         goto fail;
     if (bdrv_pread(bs->file, s->l1_table_offset, s->l1_table, s->l1_size * sizeof(uint64_t)) !=
@@ -139,7 +139,7 @@  static int qcow_open(BlockDriverState *bs, int flags)
         be64_to_cpus(&s->l1_table[i]);
     }
     /* alloc L2 cache */
-    s->l2_cache = g_malloc(s->l2_size * L2_CACHE_SIZE * sizeof(uint64_t));
+    s->l2_cache = g_new(uint64_t, s->l2_size * L2_CACHE_SIZE);
     if (!s->l2_cache)
         goto fail;
     s->cluster_cache = g_malloc(s->cluster_size);
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 2f76311..d593b8c 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -612,7 +612,7 @@  int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, QCowL2Meta *m)
     if (m->nb_clusters == 0)
         return 0;
 
-    old_cluster = g_malloc(m->nb_clusters * sizeof(uint64_t));
+    old_cluster = g_new(uint64_t, m->nb_clusters);
 
     /* copy content of unmodified sectors */
     start_sect = (m->offset & ~(s->cluster_size - 1)) >> 9;
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 9605367..4eb400e 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -324,7 +324,7 @@  static int alloc_refcount_block(BlockDriverState *bs,
         s->cluster_size;
     uint64_t table_offset = meta_offset + blocks_clusters * s->cluster_size;
     uint16_t *new_blocks = g_malloc0(blocks_clusters * s->cluster_size);
-    uint64_t *new_table = g_malloc0(table_size * sizeof(uint64_t));
+    uint64_t *new_table = g_new0(uint64_t, table_size);
 
     assert(meta_offset >= (s->free_cluster_index * s->cluster_size));
 
@@ -1074,7 +1074,7 @@  int qcow2_check_refcounts(BlockDriverState *bs, BdrvCheckResult *res)
 
     size = bdrv_getlength(bs->file);
     nb_clusters = size_to_clusters(s, size);
-    refcount_table = g_malloc0(nb_clusters * sizeof(uint16_t));
+    refcount_table = g_new0(uint16_t, nb_clusters);
 
     /* header */
     inc_refcounts(bs, res, refcount_table, nb_clusters,
diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c
index bdc33ba..4c170d86 100644
--- a/block/qcow2-snapshot.c
+++ b/block/qcow2-snapshot.c
@@ -278,7 +278,7 @@  int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info)
     sn->l1_size = s->l1_size;
 
     if (s->l1_size != 0) {
-        l1_table = g_malloc(s->l1_size * sizeof(uint64_t));
+        l1_table = g_new(uint64_t, s->l1_size);
     } else {
         l1_table = NULL;
     }
@@ -292,7 +292,7 @@  int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info)
     g_free(l1_table);
     l1_table = NULL;
 
-    snapshots1 = g_malloc((s->nb_snapshots + 1) * sizeof(QCowSnapshot));
+    snapshots1 = g_new(QCowSnapshot, (s->nb_snapshots + 1));
     if (s->snapshots) {
         memcpy(snapshots1, s->snapshots, s->nb_snapshots * sizeof(QCowSnapshot));
         g_free(s->snapshots);
@@ -416,7 +416,7 @@  int qcow2_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab)
         return s->nb_snapshots;
     }
 
-    sn_tab = g_malloc0(s->nb_snapshots * sizeof(QEMUSnapshotInfo));
+    sn_tab = g_new0(QEMUSnapshotInfo, s->nb_snapshots);
     for(i = 0; i < s->nb_snapshots; i++) {
         sn_info = sn_tab + i;
         sn = s->snapshots + i;
diff --git a/block/rbd.c b/block/rbd.c
index fce09e6..91d887d 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -655,7 +655,7 @@  static BlockDriverAIOCB *rbd_aio_rw_vector(BlockDriverState *bs,
 
     s->qemu_aio_count++; /* All the RADOSCB */
 
-    rcb = g_malloc(sizeof(RADOSCB));
+    rcb = g_new(RADOSCB, 1);
     rcb->done = 0;
     rcb->acb = acb;
     rcb->buf = buf;
@@ -811,7 +811,7 @@  static int qemu_rbd_snap_list(BlockDriverState *bs,
         return snap_count;
     }
 
-    sn_tab = g_malloc0(snap_count * sizeof(QEMUSnapshotInfo));
+    sn_tab = g_new0(QEMUSnapshotInfo, snap_count);
 
     for (i = 0; i < snap_count; i++) {
         const char *snap_name = snaps[i].name;
diff --git a/block/sheepdog.c b/block/sheepdog.c
index 313b995..6147f04 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -1852,7 +1852,7 @@  static int sd_snapshot_goto(BlockDriverState *bs, const char *snapshot_id)
     uint32_t snapid = 0;
     int ret = -ENOENT, fd;
 
-    old_s = g_malloc(sizeof(BDRVSheepdogState));
+    old_s = g_new(BDRVSheepdogState, 1);
 
     memcpy(old_s, s, sizeof(BDRVSheepdogState));
 
diff --git a/block/vdi.c b/block/vdi.c
index 1d5ad2b..1672e61 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -301,7 +301,7 @@  static int vdi_check(BlockDriverState *bs, BdrvCheckResult *res)
     uint32_t *bmap;
     logout("\n");
 
-    bmap = g_malloc(s->header.blocks_in_image * sizeof(uint32_t));
+    bmap = g_new(uint32_t, s->header.blocks_in_image);
     memset(bmap, 0xff, s->header.blocks_in_image * sizeof(uint32_t));
 
     /* Check block map and value of blocks_allocated. */
diff --git a/block/vmdk.c b/block/vmdk.c
index 5d16ec4..b99bd6c 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -377,8 +377,7 @@  static int vmdk_init_tables(BlockDriverState *bs, VmdkExtent *extent)
         }
     }
 
-    extent->l2_cache =
-        g_malloc(extent->l2_size * L2_CACHE_SIZE * sizeof(uint32_t));
+    extent->l2_cache = g_new(uint32_t, extent->l2_size * L2_CACHE_SIZE);
     return 0;
  fail_l1b:
     g_free(extent->l1_backup_table);
diff --git a/bt-host.c b/bt-host.c
index df5b7cd..0c395e9 100644
--- a/bt-host.c
+++ b/bt-host.c
@@ -177,7 +177,7 @@  struct HCIInfo *bt_host_hci(const char *id)
     }
 # endif
 
-    s = g_malloc0(sizeof(struct bt_host_hci_s));
+    s = g_new0(struct bt_host_hci_s, 1);
     s->fd = fd;
     s->hci.cmd_send = bt_host_cmd;
     s->hci.sco_send = bt_host_sco;
diff --git a/bt-vhci.c b/bt-vhci.c
index bbc1029..0862451 100644
--- a/bt-vhci.c
+++ b/bt-vhci.c
@@ -156,7 +156,7 @@  void bt_vhci_init(struct HCIInfo *info)
         exit(-1);
     }
 
-    s = g_malloc0(sizeof(struct bt_vhci_s));
+    s = g_new0(struct bt_vhci_s, 1);
     s->fd = fd;
     s->info = info ?: qemu_next_hci();
     s->info->opaque = s;
diff --git a/console.c b/console.c
index 2545252..efd6ea8 100644
--- a/console.c
+++ b/console.c
@@ -522,7 +522,7 @@  static void text_console_resize(TextConsole *s)
     if (s->width < w1)
         w1 = s->width;
 
-    cells = g_malloc(s->width * s->total_height * sizeof(TextCell));
+    cells = g_new(TextCell, s->width * s->total_height);
     for(y = 0; y < s->total_height; y++) {
         c = &cells[y * s->width];
         if (w1 > 0) {
@@ -1243,7 +1243,7 @@  static TextConsole *new_console(DisplayState *ds, console_type_t console_type)
 
     if (nb_consoles >= MAX_CONSOLES)
         return NULL;
-    s = g_malloc0(sizeof(TextConsole));
+    s = g_new0(TextConsole, 1);
     if (!active_console || ((active_console->console_type != GRAPHIC_CONSOLE) &&
         (console_type == GRAPHIC_CONSOLE))) {
         active_console = s;
@@ -1342,7 +1342,7 @@  static struct DisplayAllocator default_allocator = {
 
 static void dumb_display_init(void)
 {
-    DisplayState *ds = g_malloc0(sizeof(DisplayState));
+    DisplayState *ds = g_new0(DisplayState, 1);
     int width = 640;
     int height = 480;
 
@@ -1514,7 +1514,7 @@  int text_console_init(QemuOpts *opts, CharDriverState **_chr)
     unsigned width;
     unsigned height;
 
-    chr = g_malloc0(sizeof(CharDriverState));
+    chr = g_new0(CharDriverState, 1);
 
     if (n_text_consoles == 128) {
         fprintf(stderr, "Too many text consoles\n");
diff --git a/cutils.c b/cutils.c
index c91f887..a57b423 100644
--- a/cutils.c
+++ b/cutils.c
@@ -136,7 +136,7 @@  int qemu_fdatasync(int fd)
 
 void qemu_iovec_init(QEMUIOVector *qiov, int alloc_hint)
 {
-    qiov->iov = g_malloc(alloc_hint * sizeof(struct iovec));
+    qiov->iov = g_new(struct iovec, alloc_hint);
     qiov->niov = 0;
     qiov->nalloc = alloc_hint;
     qiov->size = 0;
diff --git a/exec.c b/exec.c
index 790dc1a..248ff58 100644
--- a/exec.c
+++ b/exec.c
@@ -413,7 +413,7 @@  static PhysPageDesc *phys_page_find_alloc(target_phys_addr_t index, int alloc)
             if (!alloc) {
                 return NULL;
             }
-            *lp = p = g_malloc0(sizeof(void *) * L2_SIZE);
+            *lp = p = g_new0(void *, L2_SIZE);
         }
         lp = p + ((index >> (i * L2_BITS)) & (L2_SIZE - 1));
     }
@@ -426,7 +426,7 @@  static PhysPageDesc *phys_page_find_alloc(target_phys_addr_t index, int alloc)
             return NULL;
         }
 
-        *lp = pd = g_malloc(sizeof(PhysPageDesc) * L2_SIZE);
+        *lp = pd = g_new(PhysPageDesc, L2_SIZE);
 
         for (i = 0; i < L2_SIZE; i++) {
             pd[i].phys_offset = IO_MEM_UNASSIGNED;
@@ -562,7 +562,7 @@  static void code_gen_alloc(unsigned long tb_size)
     code_gen_buffer_max_size = code_gen_buffer_size -
         (TCG_MAX_OP_SIZE * OPC_BUF_SIZE);
     code_gen_max_blocks = code_gen_buffer_size / CODE_GEN_AVG_BLOCK_SIZE;
-    tbs = g_malloc(code_gen_max_blocks * sizeof(TranslationBlock));
+    tbs = g_new(TranslationBlock, code_gen_max_blocks);
 }
 
 /* Must be called before using the QEMU cpus. 'tb_size' is the size
@@ -3598,7 +3598,7 @@  static subpage_t *subpage_init (target_phys_addr_t base, ram_addr_t *phys,
     subpage_t *mmio;
     int subpage_memory;
 
-    mmio = g_malloc0(sizeof(subpage_t));
+    mmio = g_new0(subpage_t, 1);
 
     mmio->base = base;
     subpage_memory = cpu_register_io_memory(subpage_read, subpage_write, mmio,
@@ -3704,7 +3704,7 @@  static CPUWriteMemoryFunc * const swapendian_writefn[3]={
 
 static void swapendian_init(int io_index)
 {
-    SwapEndianContainer *c = g_malloc(sizeof(SwapEndianContainer));
+    SwapEndianContainer *c = g_new(SwapEndianContainer, 1);
     int i;
 
     /* Swap mmio for big endian targets */
diff --git a/gdbstub.c b/gdbstub.c
index 9b8103b..b94f42b 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -2712,7 +2712,7 @@  static void gdb_accept(void)
     val = 1;
     setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
 
-    s = g_malloc0(sizeof(GDBState));
+    s = g_new0(GDBState, 1);
     s->c_cpu = first_cpu;
     s->g_cpu = first_cpu;
     s->fd = fd;
@@ -2880,7 +2880,7 @@  int gdbserver_start(const char *device)
 
     s = gdbserver_state;
     if (!s) {
-        s = g_malloc0(sizeof(GDBState));
+        s = g_new0(GDBState, 1);
         gdbserver_state = s;
 
         qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
diff --git a/hw/9pfs/virtio-9p-handle.c b/hw/9pfs/virtio-9p-handle.c
index 5c8b5ed..f947dfb 100644
--- a/hw/9pfs/virtio-9p-handle.c
+++ b/hw/9pfs/virtio-9p-handle.c
@@ -550,7 +550,7 @@  static int handle_init(FsContext *ctx)
 {
     int ret, mnt_id;
     struct file_handle fh;
-    struct handle_data *data = g_malloc(sizeof(struct handle_data));
+    struct handle_data *data = g_new(struct handle_data, 1);
     data->mountfd = open(ctx->fs_root, O_DIRECTORY);
     if (data->mountfd < 0) {
         ret = data->mountfd;
diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
index e276ecc..5239672 100644
--- a/hw/9pfs/virtio-9p.c
+++ b/hw/9pfs/virtio-9p.c
@@ -336,7 +336,7 @@  static V9fsFidState *alloc_fid(V9fsState *s, int32_t fid)
             return NULL;
         }
     }
-    f = g_malloc0(sizeof(V9fsFidState));
+    f = g_new0(V9fsFidState, 1);
     f->fid = fid;
     f->fid_type = P9_FID_NONE;
     f->ref = 1;
@@ -1771,7 +1771,7 @@  static int v9fs_do_readdir_with_stat(V9fsPDU *pdu,
         return saved_dir_pos;
     }
 
-    dent = g_malloc(sizeof(struct dirent));
+    dent = g_new(struct dirent, 1);
 
     while (1) {
         v9fs_path_init(&path);
@@ -1915,7 +1915,7 @@  static int v9fs_do_readdir(V9fsPDU *pdu,
         return saved_dir_pos;
     }
 
-    dent = g_malloc(sizeof(struct dirent));
+    dent = g_new(struct dirent, 1);
 
     while (1) {
         err = v9fs_co_readdir_r(pdu, fidp, dent, &result);
diff --git a/hw/adb.c b/hw/adb.c
index aa15f55..b543ee1 100644
--- a/hw/adb.c
+++ b/hw/adb.c
@@ -290,7 +290,7 @@  void adb_kbd_init(ADBBusState *bus)
 {
     ADBDevice *d;
     KBDState *s;
-    s = g_malloc0(sizeof(KBDState));
+    s = g_new0(KBDState, 1);
     d = adb_register_device(bus, ADB_KEYBOARD, adb_kbd_request,
                             adb_kbd_reset, s);
     qemu_add_kbd_event_handler(adb_kbd_put_keycode, d);
@@ -447,7 +447,7 @@  void adb_mouse_init(ADBBusState *bus)
     ADBDevice *d;
     MouseState *s;
 
-    s = g_malloc0(sizeof(MouseState));
+    s = g_new0(MouseState, 1);
     d = adb_register_device(bus, ADB_MOUSE, adb_mouse_request,
                             adb_mouse_reset, s);
     qemu_add_mouse_event_handler(adb_mouse_event, d, 0, "QEMU ADB Mouse");
diff --git a/hw/applesmc.c b/hw/applesmc.c
index c47b592..19b04ca 100644
--- a/hw/applesmc.c
+++ b/hw/applesmc.c
@@ -170,7 +170,7 @@  static void applesmc_add_key(struct AppleSMCStatus *s, const char *key,
 {
     struct AppleSMCData *def;
 
-    def = g_malloc0(sizeof(struct AppleSMCData));
+    def = g_new0(struct AppleSMCData, 1);
     def->key = key;
     def->len = len;
     def->data = data;
diff --git a/hw/baum.c b/hw/baum.c
index 86d780a..f95befe 100644
--- a/hw/baum.c
+++ b/hw/baum.c
@@ -572,8 +572,8 @@  int chr_baum_init(QemuOpts *opts, CharDriverState **_chr)
 #endif
     int tty;
 
-    baum = g_malloc0(sizeof(BaumDriverState));
-    baum->chr = chr = g_malloc0(sizeof(CharDriverState));
+    baum = g_new0(BaumDriverState, 1);
+    baum->chr = chr = g_new0(CharDriverState, 1);
 
     chr->opaque = baum;
     chr->chr_write = baum_write;
diff --git a/hw/bitbang_i2c.c b/hw/bitbang_i2c.c
index 431359d..af54454 100644
--- a/hw/bitbang_i2c.c
+++ b/hw/bitbang_i2c.c
@@ -171,7 +171,7 @@  bitbang_i2c_interface *bitbang_i2c_init(i2c_bus *bus)
 {
     bitbang_i2c_interface *s;
 
-    s = g_malloc0(sizeof(bitbang_i2c_interface));
+    s = g_new0(bitbang_i2c_interface, 1);
 
     s->bus = bus;
     s->last_data = 1;
diff --git a/hw/blizzard.c b/hw/blizzard.c
index b2c1b22..e413a02 100644
--- a/hw/blizzard.c
+++ b/hw/blizzard.c
@@ -963,8 +963,7 @@  void *s1d13745_init(qemu_irq gpio_int)
 
     switch (ds_get_bits_per_pixel(s->state)) {
     case 0:
-        s->line_fn_tab[0] = s->line_fn_tab[1] =
-                g_malloc0(sizeof(blizzard_fn_t) * 0x10);
+        s->line_fn_tab[0] = s->line_fn_tab[1] = g_new0(blizzard_fn_t, 0x10);
         break;
     case 8:
         s->line_fn_tab[0] = blizzard_draw_fn_8;
diff --git a/hw/bt-hci.c b/hw/bt-hci.c
index a3a7fb4..4537cca 100644
--- a/hw/bt-hci.c
+++ b/hw/bt-hci.c
@@ -721,7 +721,7 @@  static void bt_hci_connection_reject_event(struct bt_hci_s *hci,
 static void bt_hci_connection_accept(struct bt_hci_s *hci,
                 struct bt_device_s *host)
 {
-    struct bt_hci_link_s *link = g_malloc0(sizeof(struct bt_hci_link_s));
+    struct bt_hci_link_s *link = g_new0(struct bt_hci_link_s, 1);
     evt_conn_complete params;
     uint16_t handle;
     uint8_t status = HCI_SUCCESS;
@@ -2143,7 +2143,7 @@  static void bt_hci_destroy(struct bt_device_s *dev)
 
 struct HCIInfo *bt_new_hci(struct bt_scatternet_s *net)
 {
-    struct bt_hci_s *s = g_malloc0(sizeof(struct bt_hci_s));
+    struct bt_hci_s *s = g_new0(struct bt_hci_s, 1);
 
     s->lm.inquiry_done = qemu_new_timer_ns(vm_clock, bt_hci_inquiry_done, s);
     s->lm.inquiry_next = qemu_new_timer_ns(vm_clock, bt_hci_inquiry_next, s);
diff --git a/hw/bt-l2cap.c b/hw/bt-l2cap.c
index 48f0715..930f183 100644
--- a/hw/bt-l2cap.c
+++ b/hw/bt-l2cap.c
@@ -1236,7 +1236,7 @@  static void l2cap_lmp_connection_request(struct bt_link_s *link)
 
     /* Always accept - we only get called if (dev->device->page_scan).  */
 
-    l2cap = g_malloc0(sizeof(struct slave_l2cap_instance_s));
+    l2cap = g_new0(struct slave_l2cap_instance_s, 1);
     l2cap->link.slave = &dev->device;
     l2cap->link.host = link->host;
     l2cap_init(&l2cap->l2cap, &l2cap->link, 0);
@@ -1257,7 +1257,7 @@  static void l2cap_lmp_connection_complete(struct bt_link_s *link)
         return;
     }
 
-    l2cap = g_malloc0(sizeof(struct l2cap_instance_s));
+    l2cap = g_new0(struct l2cap_instance_s, 1);
     l2cap_init(l2cap, link, 1);
 
     link->acl_mode = acl_active;
diff --git a/hw/bt.c b/hw/bt.c
index dc99fc2..dcfa7bc 100644
--- a/hw/bt.c
+++ b/hw/bt.c
@@ -54,7 +54,7 @@  static void bt_dummy_lmp_acl_resp(struct bt_link_s *link,
 /* Slaves that don't hold any additional per link state can use these */
 static void bt_dummy_lmp_connection_request(struct bt_link_s *req)
 {
-    struct bt_link_s *link = g_malloc0(sizeof(struct bt_link_s));
+    struct bt_link_s *link = g_new0(struct bt_link_s, 1);
 
     link->slave = req->slave;
     link->host = req->host;
diff --git a/hw/cirrus_vga.c b/hw/cirrus_vga.c
index d62cee4..2521063 100644
--- a/hw/cirrus_vga.c
+++ b/hw/cirrus_vga.c
@@ -2903,7 +2903,7 @@  void isa_cirrus_vga_init(MemoryRegion *system_memory)
 {
     CirrusVGAState *s;
 
-    s = g_malloc0(sizeof(CirrusVGAState));
+    s = g_new0(CirrusVGAState, 1);
 
     vga_common_init(&s->vga, VGA_RAM_SIZE);
     cirrus_init_common(s, CIRRUS_ID_CLGD5430, 0, system_memory);
diff --git a/hw/dp8393x.c b/hw/dp8393x.c
index f66844b..953f8fd 100644
--- a/hw/dp8393x.c
+++ b/hw/dp8393x.c
@@ -889,7 +889,7 @@  void dp83932_init(NICInfo *nd, target_phys_addr_t base, int it_shift,
 
     qemu_check_nic_model(nd, "dp83932");
 
-    s = g_malloc0(sizeof(dp8393xState));
+    s = g_new0(dp8393xState, 1);
 
     s->mem_opaque = mem_opaque;
     s->memory_rw = memory_rw;
diff --git a/hw/heathrow_pic.c b/hw/heathrow_pic.c
index 16f48d1..aac5ef2 100644
--- a/hw/heathrow_pic.c
+++ b/hw/heathrow_pic.c
@@ -202,7 +202,7 @@  qemu_irq *heathrow_pic_init(MemoryRegion **pmem,
 {
     HeathrowPICS *s;
 
-    s = g_malloc0(sizeof(HeathrowPICS));
+    s = g_new0(HeathrowPICS, 1);
     /* only 1 CPU */
     s->irqs = irqs[0];
     memory_region_init_io(&s->mem, &heathrow_pic_ops, s,
diff --git a/hw/i8259.c b/hw/i8259.c
index ab519de..96bd078 100644
--- a/hw/i8259.c
+++ b/hw/i8259.c
@@ -524,7 +524,7 @@  qemu_irq *i8259_init(qemu_irq parent_irq)
     ISADevice *dev;
     int i;
 
-    irq_set = g_malloc(ISA_NUM_IRQS * sizeof(qemu_irq));
+    irq_set = g_new(qemu_irq, ISA_NUM_IRQS);
 
     dev = isa_create("isa-i8259");
     qdev_prop_set_uint32(&dev->qdev, "iobase", 0x20);
diff --git a/hw/ide/macio.c b/hw/ide/macio.c
index 37b8239..94053c3 100644
--- a/hw/ide/macio.c
+++ b/hw/ide/macio.c
@@ -342,7 +342,7 @@  MemoryRegion *pmac_ide_init (DriveInfo **hd_table, qemu_irq irq,
 {
     MACIOIDEState *d;
 
-    d = g_malloc0(sizeof(MACIOIDEState));
+    d = g_new0(MACIOIDEState, 1);
     ide_init2_with_non_qdev_drives(&d->bus, hd_table[0], hd_table[1], irq);
 
     if (dbdma)
diff --git a/hw/ide/mmio.c b/hw/ide/mmio.c
index 2ec21b0..b8f9749 100644
--- a/hw/ide/mmio.c
+++ b/hw/ide/mmio.c
@@ -120,7 +120,7 @@  void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
                     qemu_irq irq, int shift,
                     DriveInfo *hd0, DriveInfo *hd1)
 {
-    MMIOState *s = g_malloc0(sizeof(MMIOState));
+    MMIOState *s = g_new0(MMIOState, 1);
     int mem1, mem2;
 
     ide_init2_with_non_qdev_drives(&s->bus, hd0, hd1, irq);
diff --git a/hw/irq.c b/hw/irq.c
index ab654e7..1730502 100644
--- a/hw/irq.c
+++ b/hw/irq.c
@@ -85,7 +85,7 @@  static void qemu_splitirq(void *opaque, int line, int level)
 
 qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2)
 {
-    qemu_irq *s = g_malloc0(2 * sizeof(qemu_irq));
+    qemu_irq *s = g_new0(qemu_irq, 2);
     s[0] = irq1;
     s[1] = irq2;
     return qemu_allocate_irqs(qemu_splitirq, s, 1)[0];
diff --git a/hw/ivshmem.c b/hw/ivshmem.c
index 6bd6ff6..68be030 100644
--- a/hw/ivshmem.c
+++ b/hw/ivshmem.c
@@ -556,7 +556,7 @@  static void ivshmem_setup_msi(IVShmemState * s) {
     }
 
     /* allocate Qemu char devices for receiving interrupts */
-    s->eventfd_table = g_malloc0(s->vectors * sizeof(EventfdEntry));
+    s->eventfd_table = g_new0(EventfdEntry, s->vectors);
 }
 
 static void ivshmem_save(QEMUFile* f, void *opaque)
@@ -690,12 +690,12 @@  static int pci_ivshmem_init(PCIDevice *dev)
         s->vm_id = -1;
 
         /* allocate/initialize space for interrupt handling */
-        s->peers = g_malloc0(s->nb_peers * sizeof(Peer));
+        s->peers = g_new0(Peer, s->nb_peers);
 
         pci_register_bar(&s->dev, 2,
                          PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ivshmem);
 
-        s->eventfd_chr = g_malloc0(s->vectors * sizeof(CharDriverState *));
+        s->eventfd_chr = g_new0(CharDriverState *, s->vectors);
 
         qemu_chr_add_handlers(s->server_chr, ivshmem_can_receive, ivshmem_read,
                      ivshmem_event, s);
diff --git a/hw/jazz_led.c b/hw/jazz_led.c
index eb472a0..99d8621 100644
--- a/hw/jazz_led.c
+++ b/hw/jazz_led.c
@@ -312,7 +312,7 @@  void jazz_led_init(target_phys_addr_t base)
     LedState *s;
     int io;
 
-    s = g_malloc0(sizeof(LedState));
+    s = g_new0(LedState, 1);
 
     s->state = REDRAW_SEGMENTS | REDRAW_BACKGROUND;
 
diff --git a/hw/leon3.c b/hw/leon3.c
index 607ec85..bb31f57 100644
--- a/hw/leon3.c
+++ b/hw/leon3.c
@@ -125,7 +125,7 @@  static void leon3_generic_hw_init(ram_addr_t  ram_size,
     cpu_sparc_set_id(env, 0);
 
     /* Reset data */
-    reset_info        = g_malloc0(sizeof(ResetData));
+    reset_info = g_new0(ResetData, 1);
     reset_info->env   = env;
     qemu_register_reset(main_cpu_reset, reset_info);
 
diff --git a/hw/lm32_boards.c b/hw/lm32_boards.c
index 97e1c00..1c10968 100644
--- a/hw/lm32_boards.c
+++ b/hw/lm32_boards.c
@@ -96,7 +96,7 @@  static void lm32_evr_init(ram_addr_t ram_size_not_used,
     int timer0_irq                 = 1;
     int timer1_irq                 = 3;
 
-    reset_info = g_malloc0(sizeof(ResetInfo));
+    reset_info = g_new0(ResetInfo, 1);
 
     if (cpu_model == NULL) {
         cpu_model = "lm32-full";
@@ -190,7 +190,7 @@  static void lm32_uclinux_init(ram_addr_t ram_size_not_used,
     target_phys_addr_t initrd_base  = 0x08400000;
     size_t initrd_max               = 0x01000000;
 
-    reset_info = g_malloc0(sizeof(ResetInfo));
+    reset_info = g_new0(ResetInfo, 1);
 
     if (cpu_model == NULL) {
         cpu_model = "lm32-full";
diff --git a/hw/lm32_hwsetup.h b/hw/lm32_hwsetup.h
index 8fc285e..b305789 100644
--- a/hw/lm32_hwsetup.h
+++ b/hw/lm32_hwsetup.h
@@ -57,7 +57,7 @@  static inline HWSetup *hwsetup_init(void)
 {
     HWSetup *hw;
 
-    hw = g_malloc(sizeof(HWSetup));
+    hw = g_new(HWSetup, 1);
     hw->data = g_malloc0(TARGET_PAGE_SIZE);
     hw->ptr = hw->data;
 
diff --git a/hw/mac_dbdma.c b/hw/mac_dbdma.c
index 5affdd1..7bfac0e 100644
--- a/hw/mac_dbdma.c
+++ b/hw/mac_dbdma.c
@@ -846,7 +846,7 @@  void* DBDMA_init (MemoryRegion **dbdma_mem)
 {
     DBDMAState *s;
 
-    s = g_malloc0(sizeof(DBDMAState));
+    s = g_new0(DBDMAState, 1);
 
     memory_region_init_io(&s->mem, &dbdma_ops, s, "dbdma", 0x1000);
     *dbdma_mem = &s->mem;
diff --git a/hw/mac_nvram.c b/hw/mac_nvram.c
index ed0a2b7..f9c5b97 100644
--- a/hw/mac_nvram.c
+++ b/hw/mac_nvram.c
@@ -121,7 +121,7 @@  MacIONVRAMState *macio_nvram_init (target_phys_addr_t size,
 {
     MacIONVRAMState *s;
 
-    s = g_malloc0(sizeof(MacIONVRAMState));
+    s = g_new0(MacIONVRAMState, 1);
     s->data = g_malloc0(size);
     s->size = size;
     s->it_shift = it_shift;
diff --git a/hw/mcf_intc.c b/hw/mcf_intc.c
index 99092e7..40ccede 100644
--- a/hw/mcf_intc.c
+++ b/hw/mcf_intc.c
@@ -144,7 +144,7 @@  qemu_irq *mcf_intc_init(target_phys_addr_t base, CPUState *env)
     mcf_intc_state *s;
     int iomemtype;
 
-    s = g_malloc0(sizeof(mcf_intc_state));
+    s = g_new0(mcf_intc_state, 1);
     s->env = env;
     mcf_intc_reset(s);
 
diff --git a/hw/mcf_uart.c b/hw/mcf_uart.c
index e6b2ab0..546021e 100644
--- a/hw/mcf_uart.c
+++ b/hw/mcf_uart.c
@@ -272,7 +272,7 @@  void *mcf_uart_init(qemu_irq irq, CharDriverState *chr)
 {
     mcf_uart_state *s;
 
-    s = g_malloc0(sizeof(mcf_uart_state));
+    s = g_new0(mcf_uart_state, 1);
     s->chr = chr;
     s->irq = irq;
     if (chr) {
diff --git a/hw/milkymist.c b/hw/milkymist.c
index b7a8c1c..4c5f810 100644
--- a/hw/milkymist.c
+++ b/hw/milkymist.c
@@ -100,7 +100,7 @@  milkymist_init(ram_addr_t ram_size_not_used,
     target_phys_addr_t cmdline_base = sdram_base + 0x1000000;
     size_t initrd_max = sdram_size - 0x1002000;
 
-    reset_info = g_malloc0(sizeof(ResetInfo));
+    reset_info = g_new0(ResetInfo, 1);
 
     if (cpu_model == NULL) {
         cpu_model = "lm32-full";
diff --git a/hw/mips_mipssim.c b/hw/mips_mipssim.c
index 7407158..cc2cdcb 100644
--- a/hw/mips_mipssim.c
+++ b/hw/mips_mipssim.c
@@ -157,7 +157,7 @@  mips_mipssim_init (ram_addr_t ram_size,
         fprintf(stderr, "Unable to find CPU definition\n");
         exit(1);
     }
-    reset_info = g_malloc0(sizeof(ResetData));
+    reset_info = g_new0(ResetData, 1);
     reset_info->env = env;
     reset_info->vector = env->active_tc.PC;
     qemu_register_reset(main_cpu_reset, reset_info);
diff --git a/hw/mips_r4k.c b/hw/mips_r4k.c
index d0564d4..07fd053 100644
--- a/hw/mips_r4k.c
+++ b/hw/mips_r4k.c
@@ -182,7 +182,7 @@  void mips_r4k_init (ram_addr_t ram_size,
         fprintf(stderr, "Unable to find CPU definition\n");
         exit(1);
     }
-    reset_info = g_malloc0(sizeof(ResetData));
+    reset_info = g_new0(ResetData, 1);
     reset_info->env = env;
     reset_info->vector = env->active_tc.PC;
     qemu_register_reset(main_cpu_reset, reset_info);
diff --git a/hw/msmouse.c b/hw/msmouse.c
index c3b57ea..8ab4254 100644
--- a/hw/msmouse.c
+++ b/hw/msmouse.c
@@ -68,7 +68,7 @@  int qemu_chr_open_msmouse(QemuOpts *opts, CharDriverState **_chr)
 {
     CharDriverState *chr;
 
-    chr = g_malloc0(sizeof(CharDriverState));
+    chr = g_new0(CharDriverState, 1);
     chr->chr_write = msmouse_chr_write;
     chr->chr_close = msmouse_chr_close;
 
diff --git a/hw/omap.h b/hw/omap.h
index cc09a3c..5583be6 100644
--- a/hw/omap.h
+++ b/hw/omap.h
@@ -1113,7 +1113,7 @@  inline static int debug_register_io_memory(CPUReadMemoryFunc * const *mem_read,
                                            CPUWriteMemoryFunc * const *mem_write,
                                            void *opaque)
 {
-    struct io_fn *s = g_malloc(sizeof(struct io_fn));
+    struct io_fn *s = g_new(struct io_fn, 1);
 
     s->mem_read = mem_read;
     s->mem_write = mem_write;
diff --git a/hw/omap_gpio.c b/hw/omap_gpio.c
index 42e59c3..b933852 100644
--- a/hw/omap_gpio.c
+++ b/hw/omap_gpio.c
@@ -696,8 +696,8 @@  static int omap2_gpio_init(SysBusDevice *dev)
     } else {
         s->modulecount = 6;
     }
-    s->modules = g_malloc0(s->modulecount * sizeof(struct omap2_gpio_s));
-    s->handler = g_malloc0(s->modulecount * 32 * sizeof(qemu_irq));
+    s->modules = g_new0(struct omap2_gpio_s, s->modulecount);
+    s->handler = g_new0(qemu_irq, s->modulecount * 32);
     qdev_init_gpio_in(&dev->qdev, omap2_gpio_set, s->modulecount * 32);
     qdev_init_gpio_out(&dev->qdev, s->handler, s->modulecount * 32);
     for (i = 0; i < s->modulecount; i++) {
diff --git a/hw/omap_l4.c b/hw/omap_l4.c
index e809352..2439fed 100644
--- a/hw/omap_l4.c
+++ b/hw/omap_l4.c
@@ -140,7 +140,7 @@  struct omap_l4_s *omap_l4_init(target_phys_addr_t base, int ta_num)
     omap_l4_io_writeb_fn = g_malloc0(sizeof(void *) * L4_PAGES);
     omap_l4_io_writeh_fn = g_malloc0(sizeof(void *) * L4_PAGES);
     omap_l4_io_writew_fn = g_malloc0(sizeof(void *) * L4_PAGES);
-    omap_l4_io_opaque = g_malloc0(sizeof(void *) * L4_PAGES);
+    omap_l4_io_opaque = g_new0(void *, L4_PAGES);
 #endif
 
     return bus;
diff --git a/hw/parallel.c b/hw/parallel.c
index 8494d94..dadecab 100644
--- a/hw/parallel.c
+++ b/hw/parallel.c
@@ -574,7 +574,7 @@  bool parallel_mm_init(target_phys_addr_t base, int it_shift, qemu_irq irq,
     ParallelState *s;
     int io_sw;
 
-    s = g_malloc0(sizeof(ParallelState));
+    s = g_new0(ParallelState, 1);
     s->irq = irq;
     s->chr = chr;
     s->it_shift = it_shift;
diff --git a/hw/pckbd.c b/hw/pckbd.c
index 06b40c5..536ede4 100644
--- a/hw/pckbd.c
+++ b/hw/pckbd.c
@@ -412,7 +412,7 @@  void i8042_mm_init(qemu_irq kbd_irq, qemu_irq mouse_irq,
                    MemoryRegion *region, ram_addr_t size,
                    target_phys_addr_t mask)
 {
-    KBDState *s = g_malloc0(sizeof(KBDState));
+    KBDState *s = g_new0(KBDState, 1);
 
     s->irq_kbd = kbd_irq;
     s->irq_mouse = mouse_irq;
diff --git a/hw/pflash_cfi01.c b/hw/pflash_cfi01.c
index 69b8e3d..5bce298 100644
--- a/hw/pflash_cfi01.c
+++ b/hw/pflash_cfi01.c
@@ -585,7 +585,7 @@  pflash_t *pflash_cfi01_register(target_phys_addr_t base,
         return NULL;
 #endif
 
-    pfl = g_malloc0(sizeof(pflash_t));
+    pfl = g_new0(pflash_t, 1);
 
     memory_region_init_rom_device(
         &pfl->mem, be ? &pflash_cfi01_ops_be : &pflash_cfi01_ops_le, pfl,
diff --git a/hw/pflash_cfi02.c b/hw/pflash_cfi02.c
index e5a63da..5c0966a 100644
--- a/hw/pflash_cfi02.c
+++ b/hw/pflash_cfi02.c
@@ -625,7 +625,7 @@  pflash_t *pflash_cfi02_register(target_phys_addr_t base,
         total_len != (32 * 1024 * 1024) && total_len != (64 * 1024 * 1024))
         return NULL;
 #endif
-    pfl = g_malloc0(sizeof(pflash_t));
+    pfl = g_new0(pflash_t, 1);
     memory_region_init_rom_device(
         &pfl->orig_mem, be ? &pflash_cfi02_ops_be : &pflash_cfi02_ops_le, pfl,
         qdev, name, size);
diff --git a/hw/ppc.c b/hw/ppc.c
index 25b59dd..d3506c3 100644
--- a/hw/ppc.c
+++ b/hw/ppc.c
@@ -753,7 +753,7 @@  clk_setup_cb cpu_ppc_tb_init (CPUState *env, uint32_t freq)
 {
     ppc_tb_t *tb_env;
 
-    tb_env = g_malloc0(sizeof(ppc_tb_t));
+    tb_env = g_new0(ppc_tb_t, 1);
     env->tb_env = tb_env;
     tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED;
     /* Create new timer */
@@ -1007,10 +1007,10 @@  clk_setup_cb ppc_40x_timers_init (CPUState *env, uint32_t freq,
     ppc_tb_t *tb_env;
     ppc40x_timer_t *ppc40x_timer;
 
-    tb_env = g_malloc0(sizeof(ppc_tb_t));
+    tb_env = g_new0(ppc_tb_t, 1);
     env->tb_env = tb_env;
     tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED;
-    ppc40x_timer = g_malloc0(sizeof(ppc40x_timer_t));
+    ppc40x_timer = g_new0(ppc40x_timer_t, 1);
     tb_env->tb_freq = freq;
     tb_env->decr_freq = freq;
     tb_env->opaque = ppc40x_timer;
@@ -1115,7 +1115,7 @@  int ppc_dcr_init (CPUState *env, int (*read_error)(int dcrn),
 {
     ppc_dcr_t *dcr_env;
 
-    dcr_env = g_malloc0(sizeof(ppc_dcr_t));
+    dcr_env = g_new0(ppc_dcr_t, 1);
     dcr_env->read_error = read_error;
     dcr_env->write_error = write_error;
     env->dcr_env = dcr_env;
diff --git a/hw/ppc405_boards.c b/hw/ppc405_boards.c
index c478c7b..36a3628 100644
--- a/hw/ppc405_boards.c
+++ b/hw/ppc405_boards.c
@@ -163,7 +163,7 @@  static void ref405ep_fpga_init (MemoryRegion *sysmem, uint32_t base)
     ref405ep_fpga_t *fpga;
     MemoryRegion *fpga_memory = g_new(MemoryRegion, 1);
 
-    fpga = g_malloc0(sizeof(ref405ep_fpga_t));
+    fpga = g_new0(ref405ep_fpga_t, 1);
     memory_region_init_io(fpga_memory, &ref405ep_fpga_ops, fpga,
                           "fpga", 0x00000100);
     memory_region_add_subregion(sysmem, base, fpga_memory);
@@ -486,7 +486,7 @@  static void taihu_cpld_init (MemoryRegion *sysmem, uint32_t base)
     taihu_cpld_t *cpld;
     MemoryRegion *cpld_memory = g_new(MemoryRegion, 1);
 
-    cpld = g_malloc0(sizeof(taihu_cpld_t));
+    cpld = g_new0(taihu_cpld_t, 1);
     memory_region_init_io(cpld_memory, &taihu_cpld_ops, cpld, "cpld", 0x100);
     memory_region_add_subregion(sysmem, base, cpld_memory);
     qemu_register_reset(&taihu_cpld_reset, cpld);
diff --git a/hw/ppc405_uc.c b/hw/ppc405_uc.c
index a6e7431..8b10013 100644
--- a/hw/ppc405_uc.c
+++ b/hw/ppc405_uc.c
@@ -173,7 +173,7 @@  static void ppc4xx_plb_init(CPUState *env)
 {
     ppc4xx_plb_t *plb;
 
-    plb = g_malloc0(sizeof(ppc4xx_plb_t));
+    plb = g_new0(ppc4xx_plb_t, 1);
     ppc_dcr_register(env, PLB0_ACR, plb, &dcr_read_plb, &dcr_write_plb);
     ppc_dcr_register(env, PLB0_BEAR, plb, &dcr_read_plb, &dcr_write_plb);
     ppc_dcr_register(env, PLB0_BESR, plb, &dcr_read_plb, &dcr_write_plb);
@@ -249,7 +249,7 @@  static void ppc4xx_pob_init(CPUState *env)
 {
     ppc4xx_pob_t *pob;
 
-    pob = g_malloc0(sizeof(ppc4xx_pob_t));
+    pob = g_new0(ppc4xx_pob_t, 1);
     ppc_dcr_register(env, POB0_BEAR, pob, &dcr_read_pob, &dcr_write_pob);
     ppc_dcr_register(env, POB0_BESR0, pob, &dcr_read_pob, &dcr_write_pob);
     ppc_dcr_register(env, POB0_BESR1, pob, &dcr_read_pob, &dcr_write_pob);
@@ -380,7 +380,7 @@  static void ppc4xx_opba_init(target_phys_addr_t base)
 {
     ppc4xx_opba_t *opba;
 
-    opba = g_malloc0(sizeof(ppc4xx_opba_t));
+    opba = g_new0(ppc4xx_opba_t, 1);
 #ifdef DEBUG_OPBA
     printf("%s: offset " TARGET_FMT_plx "\n", __func__, base);
 #endif
@@ -578,7 +578,7 @@  static void ppc405_ebc_init(CPUState *env)
 {
     ppc4xx_ebc_t *ebc;
 
-    ebc = g_malloc0(sizeof(ppc4xx_ebc_t));
+    ebc = g_new0(ppc4xx_ebc_t, 1);
     qemu_register_reset(&ebc_reset, ebc);
     ppc_dcr_register(env, EBC0_CFGADDR,
                      ebc, &dcr_read_ebc, &dcr_write_ebc);
@@ -661,7 +661,7 @@  static void ppc405_dma_init(CPUState *env, qemu_irq irqs[4])
 {
     ppc405_dma_t *dma;
 
-    dma = g_malloc0(sizeof(ppc405_dma_t));
+    dma = g_new0(ppc405_dma_t, 1);
     memcpy(dma->irqs, irqs, 4 * sizeof(qemu_irq));
     qemu_register_reset(&ppc405_dma_reset, dma);
     ppc_dcr_register(env, DMA0_CR0,
@@ -802,7 +802,7 @@  static void ppc405_gpio_init(target_phys_addr_t base)
 {
     ppc405_gpio_t *gpio;
 
-    gpio = g_malloc0(sizeof(ppc405_gpio_t));
+    gpio = g_new0(ppc405_gpio_t, 1);
 #ifdef DEBUG_GPIO
     printf("%s: offset " TARGET_FMT_plx "\n", __func__, base);
 #endif
@@ -964,7 +964,7 @@  static void ppc405_ocm_init(CPUState *env)
 {
     ppc405_ocm_t *ocm;
 
-    ocm = g_malloc0(sizeof(ppc405_ocm_t));
+    ocm = g_new0(ppc405_ocm_t, 1);
     /* XXX: Size is 4096 or 0x04000000 */
     memory_region_init_ram(&ocm->isarc_ram, NULL, "ppc405.ocm", 4096);
     memory_region_init_alias(&ocm->dsarc_ram, "ppc405.dsarc", &ocm->isarc_ram,
@@ -1210,7 +1210,7 @@  static void ppc405_i2c_init(target_phys_addr_t base, qemu_irq irq)
 {
     ppc4xx_i2c_t *i2c;
 
-    i2c = g_malloc0(sizeof(ppc4xx_i2c_t));
+    i2c = g_new0(ppc4xx_i2c_t, 1);
     i2c->irq = irq;
 #ifdef DEBUG_I2C
     printf("%s: offset " TARGET_FMT_plx "\n", __func__, base);
@@ -1486,7 +1486,7 @@  static void ppc4xx_gpt_init(target_phys_addr_t base, qemu_irq irqs[5])
     ppc4xx_gpt_t *gpt;
     int i;
 
-    gpt = g_malloc0(sizeof(ppc4xx_gpt_t));
+    gpt = g_new0(ppc4xx_gpt_t, 1);
     for (i = 0; i < 5; i++) {
         gpt->irqs[i] = irqs[i];
     }
@@ -1717,7 +1717,7 @@  static void ppc405_mal_init(CPUState *env, qemu_irq irqs[4])
     ppc40x_mal_t *mal;
     int i;
 
-    mal = g_malloc0(sizeof(ppc40x_mal_t));
+    mal = g_new0(ppc40x_mal_t, 1);
     for (i = 0; i < 4; i++)
         mal->irqs[i] = irqs[i];
     qemu_register_reset(&ppc40x_mal_reset, mal);
@@ -2082,7 +2082,7 @@  static void ppc405cr_cpc_init (CPUState *env, clk_setup_t clk_setup[7],
 {
     ppc405cr_cpc_t *cpc;
 
-    cpc = g_malloc0(sizeof(ppc405cr_cpc_t));
+    cpc = g_new0(ppc405cr_cpc_t, 1);
     memcpy(cpc->clk_setup, clk_setup,
            PPC405CR_CLK_NB * sizeof(clk_setup_t));
     cpc->sysclk = sysclk;
@@ -2130,7 +2130,7 @@  CPUState *ppc405cr_init(MemoryRegion *address_space_mem,
     /* OBP arbitrer */
     ppc4xx_opba_init(0xef600600);
     /* Universal interrupt controller */
-    irqs = g_malloc0(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB);
+    irqs = g_new0(qemu_irq, PPCUIC_OUTPUT_NB);
     irqs[PPCUIC_OUTPUT_INT] =
         ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT];
     irqs[PPCUIC_OUTPUT_CINT] =
@@ -2424,7 +2424,7 @@  static void ppc405ep_cpc_init (CPUState *env, clk_setup_t clk_setup[8],
 {
     ppc405ep_cpc_t *cpc;
 
-    cpc = g_malloc0(sizeof(ppc405ep_cpc_t));
+    cpc = g_new0(ppc405ep_cpc_t, 1);
     memcpy(cpc->clk_setup, clk_setup,
            PPC405EP_CLK_NB * sizeof(clk_setup_t));
     cpc->jtagid = 0x20267049;
@@ -2483,7 +2483,7 @@  CPUState *ppc405ep_init(MemoryRegion *address_space_mem,
     /* OBP arbitrer */
     ppc4xx_opba_init(0xef600600);
     /* Universal interrupt controller */
-    irqs = g_malloc0(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB);
+    irqs = g_new0(qemu_irq, PPCUIC_OUTPUT_NB);
     irqs[PPCUIC_OUTPUT_INT] =
         ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT];
     irqs[PPCUIC_OUTPUT_CINT] =
diff --git a/hw/ppc440.c b/hw/ppc440.c
index 483dedf..2790620 100644
--- a/hw/ppc440.c
+++ b/hw/ppc440.c
@@ -58,7 +58,7 @@  CPUState *ppc440ep_init(MemoryRegion *address_space_mem, ram_addr_t *ram_size,
     ppc_dcr_init(env, NULL, NULL);
 
     /* interrupt controller */
-    irqs = g_malloc0(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB);
+    irqs = g_new0(qemu_irq, PPCUIC_OUTPUT_NB);
     irqs[PPCUIC_OUTPUT_INT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT];
     irqs[PPCUIC_OUTPUT_CINT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_CINT];
     pic = ppcuic_init(env, irqs, 0x0C0, 0, 1);
@@ -75,7 +75,7 @@  CPUState *ppc440ep_init(MemoryRegion *address_space_mem, ram_addr_t *ram_size,
                       ram_bases, ram_sizes, do_init);
 
     /* PCI */
-    pci_irqs = g_malloc(sizeof(qemu_irq) * 4);
+    pci_irqs = g_new(qemu_irq, 4);
     pci_irqs[0] = pic[pci_irq_nrs[0]];
     pci_irqs[1] = pic[pci_irq_nrs[1]];
     pci_irqs[2] = pic[pci_irq_nrs[2]];
diff --git a/hw/ppc4xx_devs.c b/hw/ppc4xx_devs.c
index d18caa4..630826e 100644
--- a/hw/ppc4xx_devs.c
+++ b/hw/ppc4xx_devs.c
@@ -294,7 +294,7 @@  qemu_irq *ppcuic_init (CPUState *env, qemu_irq *irqs,
     ppcuic_t *uic;
     int i;
 
-    uic = g_malloc0(sizeof(ppcuic_t));
+    uic = g_new0(ppcuic_t, 1);
     uic->dcr_base = dcr_base;
     uic->irqs = irqs;
     if (has_vr)
@@ -642,7 +642,7 @@  void ppc4xx_sdram_init (CPUState *env, qemu_irq irq, int nbanks,
 {
     ppc4xx_sdram_t *sdram;
 
-    sdram = g_malloc0(sizeof(ppc4xx_sdram_t));
+    sdram = g_new0(ppc4xx_sdram_t, 1);
     sdram->irq = irq;
     sdram->nbanks = nbanks;
     sdram->ram_memories = ram_memories;
diff --git a/hw/ppc4xx_pci.c b/hw/ppc4xx_pci.c
index 339b38e..73fadde 100644
--- a/hw/ppc4xx_pci.c
+++ b/hw/ppc4xx_pci.c
@@ -341,7 +341,7 @@  PCIBus *ppc4xx_pci_init(CPUState *env, qemu_irq pci_irqs[4],
     static int ppc4xx_pci_id;
     uint8_t *pci_conf;
 
-    controller = g_malloc0(sizeof(PPC4xxPCIState));
+    controller = g_new0(PPC4xxPCIState, 1);
 
     controller->pci_state.bus = pci_register_bus(NULL, "pci",
                                                  ppc4xx_pci_set_irq,
diff --git a/hw/ppc_booke.c b/hw/ppc_booke.c
index 8871945..075620c 100644
--- a/hw/ppc_booke.c
+++ b/hw/ppc_booke.c
@@ -236,8 +236,8 @@  void ppc_booke_timers_init(CPUState *env, uint32_t freq, uint32_t flags)
     ppc_tb_t *tb_env;
     booke_timer_t *booke_timer;
 
-    tb_env      = g_malloc0(sizeof(ppc_tb_t));
-    booke_timer = g_malloc0(sizeof(booke_timer_t));
+    tb_env = g_new0(ppc_tb_t, 1);
+    booke_timer = g_new0(booke_timer_t, 1);
 
     env->tb_env = tb_env;
     tb_env->flags = flags | PPC_TIMER_BOOKE | PPC_DECR_ZERO_TRIGGERED;
diff --git a/hw/ppc_newworld.c b/hw/ppc_newworld.c
index 8c84f9e..ec90742 100644
--- a/hw/ppc_newworld.c
+++ b/hw/ppc_newworld.c
@@ -266,7 +266,7 @@  static void ppc_core99_init (ram_addr_t ram_size,
     memory_region_init_io(unin_memory, &unin_ops, NULL, "unin", 0x1000);
     memory_region_add_subregion(get_system_memory(), 0xf8000000, unin_memory);
 
-    openpic_irqs = g_malloc0(smp_cpus * sizeof(qemu_irq *));
+    openpic_irqs = g_new0(qemu_irq *, smp_cpus);
     openpic_irqs[0] =
         g_malloc0(smp_cpus * sizeof(qemu_irq) * OPENPIC_OUTPUT_NB);
     for (i = 0; i < smp_cpus; i++) {
diff --git a/hw/ppc_oldworld.c b/hw/ppc_oldworld.c
index ebcaafa..ae253bd 100644
--- a/hw/ppc_oldworld.c
+++ b/hw/ppc_oldworld.c
@@ -212,7 +212,7 @@  static void ppc_heathrow_init (ram_addr_t ram_size,
     isa_mmio_init(0xfe000000, 0x00200000);
 
     /* XXX: we register only 1 output pin for heathrow PIC */
-    heathrow_irqs = g_malloc0(smp_cpus * sizeof(qemu_irq *));
+    heathrow_irqs = g_new0(qemu_irq *, smp_cpus);
     heathrow_irqs[0] =
         g_malloc0(smp_cpus * sizeof(qemu_irq) * 1);
     /* Connect the heathrow PIC outputs to the 6xx bus */
diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c
index 6427baa..6e0225c 100644
--- a/hw/ppc_prep.c
+++ b/hw/ppc_prep.c
@@ -550,7 +550,7 @@  static void ppc_prep_init (ram_addr_t ram_size,
     DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
     DriveInfo *fd[MAX_FD];
 
-    sysctrl = g_malloc0(sizeof(sysctrl_t));
+    sysctrl = g_new0(sysctrl_t, 1);
 
     linux_boot = (kernel_filename != NULL);
 
diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
index 5bf8eab..ea26e86 100644
--- a/hw/ppce500_mpc8544ds.c
+++ b/hw/ppce500_mpc8544ds.c
@@ -250,7 +250,7 @@  static void mpc8544ds_init(ram_addr_t ram_size,
         cpu_model = "e500v2_v30";
     }
 
-    irqs = g_malloc0(smp_cpus * sizeof(qemu_irq *));
+    irqs = g_new0(qemu_irq *, smp_cpus);
     irqs[0] = g_malloc0(smp_cpus * sizeof(qemu_irq) * OPENPIC_OUTPUT_NB);
     for (i = 0; i < smp_cpus; i++) {
         qemu_irq *input;
@@ -276,7 +276,7 @@  static void mpc8544ds_init(ram_addr_t ram_size,
         if (!i) {
             /* Primary CPU */
             struct boot_info *boot_info;
-            boot_info = g_malloc0(sizeof(struct boot_info));
+            boot_info = g_new0(struct boot_info, 1);
             qemu_register_reset(mpc8544ds_cpu_reset, env);
             env->load_info = boot_info;
         } else {
diff --git a/hw/prep_pci.c b/hw/prep_pci.c
index 149807a..ea6dfcf 100644
--- a/hw/prep_pci.c
+++ b/hw/prep_pci.c
@@ -118,7 +118,7 @@  PCIBus *pci_prep_init(qemu_irq *pic,
     PCIDevice *d;
     int PPC_io_memory;
 
-    s = g_malloc0(sizeof(PREPPCIState));
+    s = g_new0(PREPPCIState, 1);
     s->bus = pci_register_bus(NULL, "pci",
                               prep_set_irq, prep_map_irq, pic,
                               address_space_mem,
diff --git a/hw/pxa2xx_dma.c b/hw/pxa2xx_dma.c
index 07ec2db..fff2a40 100644
--- a/hw/pxa2xx_dma.c
+++ b/hw/pxa2xx_dma.c
@@ -461,7 +461,7 @@  static int pxa2xx_dma_init(SysBusDevice *dev)
         return -1;
     }
 
-    s->chan = g_malloc0(sizeof(PXA2xxDMAChannel) * s->channels);
+    s->chan = g_new0(PXA2xxDMAChannel, s->channels);
 
     memset(s->chan, 0, sizeof(PXA2xxDMAChannel) * s->channels);
     for (i = 0; i < s->channels; i ++)
diff --git a/hw/qxl.c b/hw/qxl.c
index 03848ed..c17f1cd 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1700,7 +1700,7 @@  static int qxl_post_load(void *opaque, int version)
         qxl_create_guest_primary(d, 1, QXL_SYNC);
 
         /* replay surface-create and cursor-set commands */
-        cmds = g_malloc0(sizeof(QXLCommandExt) * (NUM_SURFACES + 1));
+        cmds = g_new0(QXLCommandExt, (NUM_SURFACES + 1));
         for (in = 0, out = 0; in < NUM_SURFACES; in++) {
             if (d->guest_surfaces.cmds[in] == 0) {
                 continue;
diff --git a/hw/r2d.c b/hw/r2d.c
index 82377a0..96eeb80 100644
--- a/hw/r2d.c
+++ b/hw/r2d.c
@@ -185,7 +185,7 @@  static qemu_irq *r2d_fpga_init(target_phys_addr_t base, qemu_irq irl)
     int iomemtype;
     r2d_fpga_t *s;
 
-    s = g_malloc0(sizeof(r2d_fpga_t));
+    s = g_new0(r2d_fpga_t, 1);
 
     s->irl = irl;
 
@@ -246,7 +246,7 @@  static void r2d_init(ram_addr_t ram_size,
         fprintf(stderr, "Unable to find CPU definition\n");
         exit(1);
     }
-    reset_info = g_malloc0(sizeof(ResetData));
+    reset_info = g_new0(ResetData, 1);
     reset_info->env = env;
     reset_info->vector = env->pc;
     qemu_register_reset(main_cpu_reset, reset_info);
diff --git a/hw/rc4030.c b/hw/rc4030.c
index eab402a..fdeee6f 100644
--- a/hw/rc4030.c
+++ b/hw/rc4030.c
@@ -806,7 +806,7 @@  void *rc4030_init(qemu_irq timer, qemu_irq jazz_bus,
     rc4030State *s;
     int s_chipset, s_jazzio;
 
-    s = g_malloc0(sizeof(rc4030State));
+    s = g_new0(rc4030State, 1);
 
     *irqs = qemu_allocate_irqs(rc4030_irq_jazz_request, s, 16);
     *dmas = rc4030_allocate_dmas(s, 4);
diff --git a/hw/s390-virtio.c b/hw/s390-virtio.c
index 778cffe..2e5077d 100644
--- a/hw/s390-virtio.c
+++ b/hw/s390-virtio.c
@@ -161,7 +161,7 @@  static void s390_init(ram_addr_t my_ram_size,
         cpu_model = "host";
     }
 
-    ipi_states = g_malloc(sizeof(CPUState *) * smp_cpus);
+    ipi_states = g_new(CPUState *, smp_cpus);
 
     for (i = 0; i < smp_cpus; i++) {
         CPUState *tmp_env;
diff --git a/hw/serial.c b/hw/serial.c
index d35c7a9..1dd684f 100644
--- a/hw/serial.c
+++ b/hw/serial.c
@@ -806,7 +806,7 @@  SerialState *serial_init(int base, qemu_irq irq, int baudbase,
 {
     SerialState *s;
 
-    s = g_malloc0(sizeof(SerialState));
+    s = g_new0(SerialState, 1);
 
     s->irq = irq;
     s->baudbase = baudbase;
@@ -861,7 +861,7 @@  SerialState *serial_mm_init(MemoryRegion *address_space,
 {
     SerialState *s;
 
-    s = g_malloc0(sizeof(SerialState));
+    s = g_new0(SerialState, 1);
 
     s->it_shift = it_shift;
     s->irq = irq;
diff --git a/hw/sh7750.c b/hw/sh7750.c
index 9f3ea92..506877a 100644
--- a/hw/sh7750.c
+++ b/hw/sh7750.c
@@ -712,7 +712,7 @@  SH7750State *sh7750_init(CPUSH4State * cpu)
     int sh7750_io_memory;
     int sh7750_mm_cache_and_tlb; /* memory mapped cache and tlb */
 
-    s = g_malloc0(sizeof(SH7750State));
+    s = g_new0(SH7750State, 1);
     s->cpu = cpu;
     s->periph_freq = 60000000;	/* 60MHz */
     sh7750_io_memory = cpu_register_io_memory(sh7750_mem_read,
diff --git a/hw/sh_serial.c b/hw/sh_serial.c
index a20c59e..b571a86 100644
--- a/hw/sh_serial.c
+++ b/hw/sh_serial.c
@@ -361,7 +361,7 @@  void sh_serial_init (target_phys_addr_t base, int feat,
     sh_serial_state *s;
     int s_io_memory;
 
-    s = g_malloc0(sizeof(sh_serial_state));
+    s = g_new0(sh_serial_state, 1);
 
     s->feat = feat;
     s->flags = SH_SERIAL_FLAG_TEND | SH_SERIAL_FLAG_TDE;
diff --git a/hw/slavio_timer.c b/hw/slavio_timer.c
index 84449ba..89a70a8 100644
--- a/hw/slavio_timer.c
+++ b/hw/slavio_timer.c
@@ -381,7 +381,7 @@  static int slavio_timer_init1(SysBusDevice *dev)
     TimerContext *tc;
 
     for (i = 0; i <= MAX_CPUS; i++) {
-        tc = g_malloc0(sizeof(TimerContext));
+        tc = g_new0(TimerContext, 1);
         tc->s = s;
         tc->timer_index = i;
 
diff --git a/hw/strongarm.c b/hw/strongarm.c
index 6097ea2..09d0461 100644
--- a/hw/strongarm.c
+++ b/hw/strongarm.c
@@ -1529,7 +1529,7 @@  StrongARMState *sa1110_init(unsigned int sdram_size, const char *rev)
     qemu_irq *pic;
     int i;
 
-    s = g_malloc0(sizeof(StrongARMState));
+    s = g_new0(StrongARMState, 1);
 
     if (!rev) {
         rev = "sa1110-b5";
diff --git a/hw/sun4u.c b/hw/sun4u.c
index 96fc3d0..26a9f58 100644
--- a/hw/sun4u.c
+++ b/hw/sun4u.c
@@ -348,7 +348,7 @@  static CPUTimer* cpu_timer_create(const char* name, CPUState *env,
                                   QEMUBHFunc *cb, uint32_t frequency,
                                   uint64_t disabled_mask)
 {
-    CPUTimer *timer = g_malloc0(sizeof (CPUTimer));
+    CPUTimer *timer = g_new0(CPUTimer, 1);
 
     timer->name = name;
     timer->frequency = frequency;
@@ -720,7 +720,7 @@  static CPUState *cpu_devinit(const char *cpu_model, const struct hwdef *hwdef)
     env->hstick = cpu_timer_create("hstick", env, hstick_irq,
                                     hstick_frequency, TICK_INT_DIS);
 
-    reset_info = g_malloc0(sizeof(ResetData));
+    reset_info = g_new0(ResetData, 1);
     reset_info->env = env;
     reset_info->prom_addr = hwdef->prom_addr;
     qemu_register_reset(main_cpu_reset, reset_info);
diff --git a/hw/syborg_interrupt.c b/hw/syborg_interrupt.c
index 1b0f3bb..9f5d2e0 100644
--- a/hw/syborg_interrupt.c
+++ b/hw/syborg_interrupt.c
@@ -213,7 +213,7 @@  static int syborg_int_init(SysBusDevice *dev)
                                        syborg_int_writefn, s,
                                        DEVICE_NATIVE_ENDIAN);
     sysbus_init_mmio(dev, 0x1000, iomemtype);
-    s->flags = g_malloc0(s->num_irqs * sizeof(syborg_int_flags));
+    s->flags = g_new0(syborg_int_flags, s->num_irqs);
 
     register_savevm(&dev->qdev, "syborg_int", -1, 1, syborg_int_save,
                     syborg_int_load, s);
diff --git a/hw/usb-uhci.c b/hw/usb-uhci.c
index 171d787..9709d78 100644
--- a/hw/usb-uhci.c
+++ b/hw/usb-uhci.c
@@ -168,7 +168,7 @@  typedef struct UHCI_QH {
 
 static UHCIAsync *uhci_async_alloc(UHCIState *s)
 {
-    UHCIAsync *async = g_malloc(sizeof(UHCIAsync));
+    UHCIAsync *async = g_new(UHCIAsync, 1);
 
     memset(&async->packet, 0, sizeof(async->packet));
     async->uhci  = s;
diff --git a/hw/vga.c b/hw/vga.c
index b89bb1e..3778200 100644
--- a/hw/vga.c
+++ b/hw/vga.c
@@ -2394,7 +2394,7 @@  static DisplayChangeListener* vga_screen_dump_init(DisplayState *ds)
 {
     DisplayChangeListener *dcl;
 
-    dcl = g_malloc0(sizeof(DisplayChangeListener));
+    dcl = g_new0(DisplayChangeListener, 1);
     dcl->dpy_update = vga_save_dpy_update;
     dcl->dpy_resize = vga_save_dpy_resize;
     dcl->dpy_refresh = vga_save_dpy_refresh;
diff --git a/hw/virtex_ml507.c b/hw/virtex_ml507.c
index d31a204..23e416d 100644
--- a/hw/virtex_ml507.c
+++ b/hw/virtex_ml507.c
@@ -98,7 +98,7 @@  static CPUState *ppc440_init_xilinx(ram_addr_t *ram_size,
     ppc_dcr_init(env, NULL, NULL);
 
     /* interrupt controller */
-    irqs = g_malloc0(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB);
+    irqs = g_new0(qemu_irq, PPCUIC_OUTPUT_NB);
     irqs[PPCUIC_OUTPUT_INT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT];
     irqs[PPCUIC_OUTPUT_CINT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_CINT];
     ppcuic_init(env, irqs, 0x0C0, 0, 1);
diff --git a/hw/xenfb.c b/hw/xenfb.c
index 1bcf171..08b0748 100644
--- a/hw/xenfb.c
+++ b/hw/xenfb.c
@@ -493,8 +493,8 @@  static int xenfb_map_fb(struct XenFB *xenfb)
     n_fbdirs = xenfb->fbpages * mode / 8;
     n_fbdirs = (n_fbdirs + (XC_PAGE_SIZE - 1)) / XC_PAGE_SIZE;
 
-    pgmfns = g_malloc0(sizeof(unsigned long) * n_fbdirs);
-    fbmfns = g_malloc0(sizeof(unsigned long) * xenfb->fbpages);
+    pgmfns = g_new0(unsigned long, n_fbdirs);
+    fbmfns = g_new0(unsigned long, xenfb->fbpages);
 
     xenfb_copy_mfns(mode, n_fbdirs, pgmfns, pd);
     map = xc_map_foreign_pages(xen_xc, xenfb->c.xendev.dom,
diff --git a/hw/xics.c b/hw/xics.c
index 29f2c78..dcf52d0 100644
--- a/hw/xics.c
+++ b/hw/xics.c
@@ -439,7 +439,7 @@  struct icp_state *xics_system_init(int nr_irqs)
 
     icp = g_new0(struct icp_state, 1);
     icp->nr_servers = max_server_num + 1;
-    icp->ss = g_malloc0(icp->nr_servers*sizeof(struct icp_server_state));
+    icp->ss = g_new0(struct icp_server_state, icp->nr_servers);
 
     for (i = 0; i < icp->nr_servers; i++) {
         icp->ss[i].mfrr = 0xff;
@@ -467,7 +467,7 @@  struct icp_state *xics_system_init(int nr_irqs)
     ics = g_new0(struct ics_state, 1);
     ics->nr_irqs = nr_irqs;
     ics->offset = 16;
-    ics->irqs = g_malloc0(nr_irqs * sizeof(struct ics_irq_state));
+    ics->irqs = g_new0(struct ics_irq_state, nr_irqs);
 
     icp->ics = ics;
     ics->icp = icp;
diff --git a/hw/xtensa_lx60.c b/hw/xtensa_lx60.c
index 424ddf2..44f6222 100644
--- a/hw/xtensa_lx60.c
+++ b/hw/xtensa_lx60.c
@@ -96,7 +96,7 @@  static const MemoryRegionOps lx60_fpga_ops = {
 static Lx60FpgaState *lx60_fpga_init(MemoryRegion *address_space,
         target_phys_addr_t base)
 {
-    Lx60FpgaState *s = g_malloc(sizeof(Lx60FpgaState));
+    Lx60FpgaState *s = g_new(Lx60FpgaState, 1);
 
     memory_region_init_io(&s->iomem, &lx60_fpga_ops, s,
             "lx60-fpga", 0x10000);
diff --git a/input.c b/input.c
index e2f7c92..810a6ca 100644
--- a/input.c
+++ b/input.c
@@ -73,7 +73,7 @@  QEMUPutMouseEntry *qemu_add_mouse_event_handler(QEMUPutMouseEvent *func,
     QEMUPutMouseEntry *s;
     static int mouse_index = 0;
 
-    s = g_malloc0(sizeof(QEMUPutMouseEntry));
+    s = g_new0(QEMUPutMouseEntry, 1);
 
     s->qemu_put_mouse_event = func;
     s->qemu_put_mouse_event_opaque = opaque;
@@ -111,7 +111,7 @@  QEMUPutLEDEntry *qemu_add_led_event_handler(QEMUPutLEDEvent *func,
 {
     QEMUPutLEDEntry *s;
 
-    s = g_malloc0(sizeof(QEMUPutLEDEntry));
+    s = g_new0(QEMUPutLEDEntry, 1);
 
     s->put_led = func;
     s->opaque = opaque;
diff --git a/iohandler.c b/iohandler.c
index 4cc1c5a..6a7f5df 100644
--- a/iohandler.c
+++ b/iohandler.c
@@ -67,7 +67,7 @@  int qemu_set_fd_handler2(int fd,
             if (ioh->fd == fd)
                 goto found;
         }
-        ioh = g_malloc0(sizeof(IOHandlerRecord));
+        ioh = g_new0(IOHandlerRecord, 1);
         QLIST_INSERT_HEAD(&io_handlers, ioh, next);
     found:
         ioh->fd = fd;
@@ -237,7 +237,7 @@  int qemu_add_child_watch(pid_t pid)
             return 1;
         }
     }
-    rec = g_malloc0(sizeof(ChildProcessRecord));
+    rec = g_new0(ChildProcessRecord, 1);
     rec->pid = pid;
     QLIST_INSERT_HEAD(&child_watches, rec, next);
     return 0;
diff --git a/kvm-all.c b/kvm-all.c
index e7faf5c..fe4647e 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -702,7 +702,7 @@  int kvm_init(void)
     int ret;
     int i;
 
-    s = g_malloc0(sizeof(KVMState));
+    s = g_new0(KVMState, 1);
 
 #ifdef KVM_CAP_SET_GUEST_DEBUG
     QTAILQ_INIT(&s->kvm_sw_breakpoints);
@@ -1188,7 +1188,7 @@  int kvm_insert_breakpoint(CPUState *current_env, target_ulong addr,
             return 0;
         }
 
-        bp = g_malloc(sizeof(struct kvm_sw_breakpoint));
+        bp = g_new(struct kvm_sw_breakpoint, 1);
         if (!bp) {
             return -ENOMEM;
         }
diff --git a/linux-user/main.c b/linux-user/main.c
index 186358b..fc092f5 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3463,7 +3463,7 @@  int main(int argc, char **argv, char **envp)
     }
     target_argv[target_argc] = NULL;
 
-    ts = g_malloc0 (sizeof(TaskState));
+    ts = g_new0(TaskState, 1);
     init_task_state(ts);
     /* build Task State */
     ts->info = info;
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 7735008..6beedd8 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4002,7 +4002,7 @@  static int do_fork(CPUState *env, unsigned int flags, abi_ulong newsp,
         new_thread_info info;
         pthread_attr_t attr;
 #endif
-        ts = g_malloc0(sizeof(TaskState));
+        ts = g_new0(TaskState, 1);
         init_task_state(ts);
         /* we create a new CPU instance. */
         new_env = cpu_copy(env);
diff --git a/monitor.c b/monitor.c
index 1732616..87ce79f 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2673,7 +2673,7 @@  static int do_getfd(Monitor *mon, const QDict *qdict, QObject **ret_data)
         return 0;
     }
 
-    monfd = g_malloc0(sizeof(mon_fd_t));
+    monfd = g_new0(mon_fd_t, 1);
     monfd->name = g_strdup(fdname);
     monfd->fd = fd;
 
diff --git a/net.c b/net.c
index d05930c..839778b 100644
--- a/net.c
+++ b/net.c
@@ -640,7 +640,7 @@  VLANState *qemu_find_vlan(int id, int allocate)
         return NULL;
     }
 
-    vlan = g_malloc0(sizeof(VLANState));
+    vlan = g_new0(VLANState, 1);
     vlan->id = id;
     QTAILQ_INIT(&vlan->clients);
 
diff --git a/net/queue.c b/net/queue.c
index 1ab5247..e359405 100644
--- a/net/queue.c
+++ b/net/queue.c
@@ -63,7 +63,7 @@  NetQueue *qemu_new_net_queue(NetPacketDeliver *deliver,
 {
     NetQueue *queue;
 
-    queue = g_malloc0(sizeof(NetQueue));
+    queue = g_new0(NetQueue, 1);
 
     queue->deliver = deliver;
     queue->deliver_iov = deliver_iov;
diff --git a/net/slirp.c b/net/slirp.c
index ce29404..a0007e2 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -614,7 +614,7 @@  static int slirp_guestfwd(SlirpState *s, const char *config_str,
         goto fail_syntax;
     }
 
-    fwd = g_malloc(sizeof(struct GuestFwd));
+    fwd = g_new(struct GuestFwd, 1);
     snprintf(buf, sizeof(buf), "guestfwd.tcp.%d", port);
     fwd->hd = qemu_chr_new(buf, p, NULL);
     if (!fwd->hd) {
diff --git a/net/socket.c b/net/socket.c
index e9ef128..6d2c4b4 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -404,7 +404,7 @@  static int net_socket_listen_init(VLANState *vlan,
     if (parse_host_port(&saddr, host_str) < 0)
         return -1;
 
-    s = g_malloc0(sizeof(NetSocketListenState));
+    s = g_new0(NetSocketListenState, 1);
 
     fd = qemu_socket(PF_INET, SOCK_STREAM, 0);
     if (fd < 0) {
diff --git a/os-win32.c b/os-win32.c
index f09f01f..9af4ab8 100644
--- a/os-win32.c
+++ b/os-win32.c
@@ -62,7 +62,7 @@  static PollingEntry *first_polling_entry;
 int qemu_add_polling_cb(PollingFunc *func, void *opaque)
 {
     PollingEntry **ppe, *pe;
-    pe = g_malloc0(sizeof(PollingEntry));
+    pe = g_new0(PollingEntry, 1);
     pe->func = func;
     pe->opaque = opaque;
     for(ppe = &first_polling_entry; *ppe != NULL; ppe = &(*ppe)->next);
diff --git a/pflib.c b/pflib.c
index 64cb2b3..4e8484a 100644
--- a/pflib.c
+++ b/pflib.c
@@ -156,7 +156,7 @@  static void convert_generic(QemuPfConv *conv, void *dst, void *src, uint32_t cnt
 
 QemuPfConv *qemu_pf_conv_get(PixelFormat *dst, PixelFormat *src)
 {
-    QemuPfConv *conv = g_malloc0(sizeof(QemuPfConv));
+    QemuPfConv *conv = g_new0(QemuPfConv, 1);
 
     conv->src = *src;
     conv->dst = *dst;
diff --git a/posix-aio-compat.c b/posix-aio-compat.c
index d3c1174..b64b49a 100644
--- a/posix-aio-compat.c
+++ b/posix-aio-compat.c
@@ -662,7 +662,7 @@  int paio_init(void)
     if (posix_aio_state)
         return 0;
 
-    s = g_malloc(sizeof(PosixAioState));
+    s = g_new(PosixAioState, 1);
 
     s->first_aio = NULL;
     if (qemu_pipe(fds) == -1) {
diff --git a/qemu-char.c b/qemu-char.c
index ab75c21..b0a521f 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -222,7 +222,7 @@  static int qemu_chr_open_null(QemuOpts *opts, CharDriverState **_chr)
 {
     CharDriverState *chr;
 
-    chr = g_malloc0(sizeof(CharDriverState));
+    chr = g_new0(CharDriverState, 1);
     chr->chr_write = null_chr_write;
 
     *_chr= chr;
@@ -471,8 +471,8 @@  static CharDriverState *qemu_chr_open_mux(CharDriverState *drv)
     CharDriverState *chr;
     MuxDriver *d;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    d = g_malloc0(sizeof(MuxDriver));
+    chr = g_new0(CharDriverState, 1);
+    d = g_new0(MuxDriver, 1);
 
     chr->opaque = d;
     d->drv = drv;
@@ -621,8 +621,8 @@  static CharDriverState *qemu_chr_open_fd(int fd_in, int fd_out)
     CharDriverState *chr;
     FDCharDriver *s;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(FDCharDriver));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(FDCharDriver, 1);
     s->fd_in = fd_in;
     s->fd_out = fd_out;
     chr->opaque = s;
@@ -993,8 +993,8 @@  static int qemu_chr_open_pty(QemuOpts *opts, CharDriverState **_chr)
 #define q_ptsname(x) ptsname(x)
 #endif
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(PtyCharDriver));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(PtyCharDriver, 1);
 
     if (openpty(&s->fd, &slave_fd, pty_name, NULL, NULL) < 0) {
         return -errno;
@@ -1373,11 +1373,11 @@  static int qemu_chr_open_pp(QemuOpts *opts, CharDriverState **_chr)
         return -errno;
     }
 
-    drv = g_malloc0(sizeof(ParallelCharDriver));
+    drv = g_new0(ParallelCharDriver, 1);
     drv->fd = fd;
     drv->mode = IEEE1284_MODE_COMPAT;
 
-    chr = g_malloc0(sizeof(CharDriverState));
+    chr = g_new0(CharDriverState, 1);
     chr->chr_write = null_chr_write;
     chr->chr_ioctl = pp_ioctl;
     chr->chr_close = pp_close;
@@ -1439,7 +1439,7 @@  static int qemu_chr_open_pp(QemuOpts *opts, CharDriverState **_chr)
         return -errno;
     }
 
-    chr = g_malloc0(sizeof(CharDriverState));
+    chr = g_new0(CharDriverState, 1);
     chr->opaque = (void *)(intptr_t)fd;
     chr->chr_write = null_chr_write;
     chr->chr_ioctl = pp_ioctl;
@@ -1657,8 +1657,8 @@  static int qemu_chr_open_win(QemuOpts *opts, CharDriverState **_chr)
     CharDriverState *chr;
     WinCharState *s;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(WinCharState));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(WinCharState, 1);
     chr->opaque = s;
     chr->chr_write = win_chr_write;
     chr->chr_close = win_chr_close;
@@ -1759,8 +1759,8 @@  static int qemu_chr_open_win_pipe(QemuOpts *opts, CharDriverState **_chr)
     CharDriverState *chr;
     WinCharState *s;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(WinCharState));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(WinCharState, 1);
     chr->opaque = s;
     chr->chr_write = win_chr_write;
     chr->chr_close = win_chr_close;
@@ -1781,8 +1781,8 @@  static int qemu_chr_open_win_file(HANDLE fd_out, CharDriverState **pchr)
     CharDriverState *chr;
     WinCharState *s;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(WinCharState));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(WinCharState, 1);
     s->hcom = fd_out;
     chr->opaque = s;
     chr->chr_write = win_chr_write;
@@ -1895,8 +1895,8 @@  static int qemu_chr_open_udp(QemuOpts *opts, CharDriverState **_chr)
     int fd = -1;
     int ret;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(NetCharDriver));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(NetCharDriver, 1);
 
     fd = inet_dgram_opts(opts);
     if (fd < 0) {
@@ -2233,8 +2233,8 @@  static int qemu_chr_open_socket(QemuOpts *opts, CharDriverState **_chr)
     if (!is_listen)
         is_waitconnect = 0;
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(TCPCharDriver));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(TCPCharDriver, 1);
 
     if (is_unix) {
         if (is_listen) {
diff --git a/qemu-ga.c b/qemu-ga.c
index 4932013..0e1ee24 100644
--- a/qemu-ga.c
+++ b/qemu-ga.c
@@ -610,7 +610,7 @@  int main(int argc, char **argv)
         become_daemon(pidfile);
     }
 
-    s = g_malloc0(sizeof(GAState));
+    s = g_new0(GAState, 1);
     s->conn_channel = NULL;
     s->path = path;
     s->method = method;
diff --git a/qemu-img.c b/qemu-img.c
index 6a39731..0099f23 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -750,7 +750,7 @@  static int img_convert(int argc, char **argv)
     qemu_progress_init(progress, 2.0);
     qemu_progress_print(0, 100);
 
-    bs = g_malloc0(bs_n * sizeof(BlockDriverState *));
+    bs = g_new0(BlockDriverState *, bs_n);
 
     total_sectors = 0;
     for (bs_i = 0; bs_i < bs_n; bs_i++) {
diff --git a/qemu-nbd.c b/qemu-nbd.c
index d8d3e15..f6cd213 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -430,7 +430,7 @@  int main(int argc, char **argv)
         /* children */
     }
 
-    sharing_fds = g_malloc((shared + 1) * sizeof(int));
+    sharing_fds = g_new(int, (shared + 1));
 
     if (socket) {
         sharing_fds[0] = unix_socket_incoming(socket);
diff --git a/qemu-timer.c b/qemu-timer.c
index ad1fc8b..e3413e9 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -364,7 +364,7 @@  static QEMUClock *qemu_new_clock(int type)
 {
     QEMUClock *clock;
 
-    clock = g_malloc0(sizeof(QEMUClock));
+    clock = g_new0(QEMUClock, 1);
     clock->type = type;
     clock->enabled = 1;
     notifier_list_init(&clock->reset_notifiers);
@@ -469,7 +469,7 @@  QEMUTimer *qemu_new_timer(QEMUClock *clock, int scale,
 {
     QEMUTimer *ts;
 
-    ts = g_malloc0(sizeof(QEMUTimer));
+    ts = g_new0(QEMUTimer, 1);
     ts->clock = clock;
     ts->cb = cb;
     ts->opaque = opaque;
diff --git a/qga/guest-agent-command-state.c b/qga/guest-agent-command-state.c
index 969da23..128c549 100644
--- a/qga/guest-agent-command-state.c
+++ b/qga/guest-agent-command-state.c
@@ -27,7 +27,7 @@  void ga_command_state_add(GACommandState *cs,
                           void (*init)(void),
                           void (*cleanup)(void))
 {
-    GACommandGroup *cg = g_malloc0(sizeof(GACommandGroup));
+    GACommandGroup *cg = g_new0(GACommandGroup, 1);
     cg->init = init;
     cg->cleanup = cleanup;
     cs->groups = g_slist_append(cs->groups, cg);
@@ -67,7 +67,7 @@  void ga_command_state_cleanup_all(GACommandState *cs)
 
 GACommandState *ga_command_state_new(void)
 {
-    GACommandState *cs = g_malloc0(sizeof(GACommandState));
+    GACommandState *cs = g_new0(GACommandState, 1);
     cs->groups = NULL;
     return cs;
 }
diff --git a/qga/guest-agent-commands.c b/qga/guest-agent-commands.c
index 6da9904..52419c0 100644
--- a/qga/guest-agent-commands.c
+++ b/qga/guest-agent-commands.c
@@ -56,7 +56,7 @@  void qmp_guest_ping(Error **err)
 
 struct GuestAgentInfo *qmp_guest_info(Error **err)
 {
-    GuestAgentInfo *info = g_malloc0(sizeof(GuestAgentInfo));
+    GuestAgentInfo *info = g_new0(GuestAgentInfo, 1);
 
     info->version = g_strdup(QGA_VERSION);
 
@@ -114,7 +114,7 @@  static void guest_file_handle_add(FILE *fh)
 {
     GuestFileHandle *gfh;
 
-    gfh = g_malloc0(sizeof(GuestFileHandle));
+    gfh = g_new0(GuestFileHandle, 1);
     gfh->id = fileno(fh);
     gfh->fh = fh;
     QTAILQ_INSERT_TAIL(&guest_file_state.filehandles, gfh, next);
@@ -217,7 +217,7 @@  struct GuestFileRead *qmp_guest_file_read(int64_t handle, bool has_count,
         error_set(err, QERR_QGA_COMMAND_FAILED, "fread() failed");
     } else {
         buf[read_count] = 0;
-        read_data = g_malloc0(sizeof(GuestFileRead));
+        read_data = g_new0(GuestFileRead, 1);
         read_data->count = read_count;
         read_data->eof = feof(fh);
         if (read_count) {
@@ -261,7 +261,7 @@  GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64,
         slog("guest-file-write failed, handle: %ld", handle);
         error_set(err, QERR_QGA_COMMAND_FAILED, "fwrite() error");
     } else {
-        write_data = g_malloc0(sizeof(GuestFileWrite));
+        write_data = g_new0(GuestFileWrite, 1);
         write_data->count = write_count;
         write_data->eof = feof(fh);
     }
@@ -379,7 +379,7 @@  static int guest_fsfreeze_build_mount_list(void)
             continue;
         }
 
-        mount = g_malloc0(sizeof(GuestFsfreezeMount));
+        mount = g_new0(GuestFsfreezeMount, 1);
         mount->dirname = g_strdup(ment->mnt_dir);
         mount->devtype = g_strdup(ment->mnt_type);
 
diff --git a/savevm.c b/savevm.c
index bf4d0e7..51f71f7 100644
--- a/savevm.c
+++ b/savevm.c
@@ -255,7 +255,7 @@  QEMUFile *qemu_popen(FILE *stdio_file, const char *mode)
         return NULL;
     }
 
-    s = g_malloc0(sizeof(QEMUFileStdio));
+    s = g_new0(QEMUFileStdio, 1);
 
     s->stdio_file = stdio_file;
 
@@ -303,7 +303,7 @@  QEMUFile *qemu_fdopen(int fd, const char *mode)
         return NULL;
     }
 
-    s = g_malloc0(sizeof(QEMUFileStdio));
+    s = g_new0(QEMUFileStdio, 1);
     s->stdio_file = fdopen(fd, mode);
     if (!s->stdio_file)
         goto fail;
@@ -324,7 +324,7 @@  fail:
 
 QEMUFile *qemu_fopen_socket(int fd)
 {
-    QEMUFileSocket *s = g_malloc0(sizeof(QEMUFileSocket));
+    QEMUFileSocket *s = g_new0(QEMUFileSocket, 1);
 
     s->fd = fd;
     s->file = qemu_fopen_ops(s, NULL, socket_get_buffer, socket_close, 
@@ -358,7 +358,7 @@  QEMUFile *qemu_fopen(const char *filename, const char *mode)
         return NULL;
     }
 
-    s = g_malloc0(sizeof(QEMUFileStdio));
+    s = g_new0(QEMUFileStdio, 1);
 
     s->stdio_file = fopen(filename, mode);
     if (!s->stdio_file)
@@ -411,7 +411,7 @@  QEMUFile *qemu_fopen_ops(void *opaque, QEMUFilePutBufferFunc *put_buffer,
 {
     QEMUFile *f;
 
-    f = g_malloc0(sizeof(QEMUFile));
+    f = g_new0(QEMUFile, 1);
 
     f->opaque = opaque;
     f->put_buffer = put_buffer;
@@ -1114,7 +1114,7 @@  int register_savevm_live(DeviceState *dev,
 {
     SaveStateEntry *se;
 
-    se = g_malloc0(sizeof(SaveStateEntry));
+    se = g_new0(SaveStateEntry, 1);
     se->version_id = version_id;
     se->section_id = global_section_id++;
     se->set_params = set_params;
@@ -1225,7 +1225,7 @@  int vmstate_register_with_alias_id(DeviceState *dev, int instance_id,
     /* If this triggers, alias support can be dropped for the vmsd. */
     assert(alias_id == -1 || required_for_version >= vmsd->minimum_version_id);
 
-    se = g_malloc0(sizeof(SaveStateEntry));
+    se = g_new0(SaveStateEntry, 1);
     se->version_id = vmsd->version_id;
     se->section_id = global_section_id++;
     se->save_live_state = NULL;
@@ -2141,7 +2141,7 @@  void do_info_snapshots(Monitor *mon)
         return;
     }
 
-    available_snapshots = g_malloc0(sizeof(int) * nb_sns);
+    available_snapshots = g_new0(int, nb_sns);
     total = 0;
     for (i = 0; i < nb_sns; i++) {
         sn = &sn_tab[i];
diff --git a/slirp/slirp.c b/slirp/slirp.c
index 19d69eb..b89f072 100644
--- a/slirp/slirp.c
+++ b/slirp/slirp.c
@@ -202,7 +202,7 @@  Slirp *slirp_init(int restricted, struct in_addr vnetwork,
                   const char *bootfile, struct in_addr vdhcp_start,
                   struct in_addr vnameserver, void *opaque)
 {
-    Slirp *slirp = g_malloc0(sizeof(Slirp));
+    Slirp *slirp = g_new0(Slirp, 1);
 
     slirp_init_once();
 
diff --git a/spice-qemu-char.c b/spice-qemu-char.c
index ac52202..86c4c1b 100644
--- a/spice-qemu-char.c
+++ b/spice-qemu-char.c
@@ -185,8 +185,8 @@  int qemu_chr_open_spice(QemuOpts *opts, CharDriverState **_chr)
         return -EINVAL;
     }
 
-    chr = g_malloc0(sizeof(CharDriverState));
-    s = g_malloc0(sizeof(SpiceCharDriver));
+    chr = g_new0(CharDriverState, 1);
+    s = g_new0(SpiceCharDriver, 1);
     s->chr = chr;
     s->debug = debug;
     s->active = false;
diff --git a/target-alpha/translate.c b/target-alpha/translate.c
index a961159..c808c32 100644
--- a/target-alpha/translate.c
+++ b/target-alpha/translate.c
@@ -3494,7 +3494,7 @@  CPUAlphaState * cpu_alpha_init (const char *cpu_model)
     CPUAlphaState *env;
     int implver, amask, i, max;
 
-    env = g_malloc0(sizeof(CPUAlphaState));
+    env = g_new0(CPUAlphaState, 1);
     cpu_exec_init(env);
     alpha_translate_init();
     tlb_flush(env, 1);
diff --git a/target-arm/helper.c b/target-arm/helper.c
index e2428eb..daad3ba 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -384,7 +384,7 @@  CPUARMState *cpu_arm_init(const char *cpu_model)
     id = cpu_arm_find_by_name(cpu_model);
     if (id == 0)
         return NULL;
-    env = g_malloc0(sizeof(CPUARMState));
+    env = g_new0(CPUARMState, 1);
     cpu_exec_init(env);
     if (!inited) {
         inited = 1;
diff --git a/target-cris/translate.c b/target-cris/translate.c
index 70abf8a..42ca59d 100644
--- a/target-cris/translate.c
+++ b/target-cris/translate.c
@@ -3516,7 +3516,7 @@  CPUCRISState *cpu_cris_init (const char *cpu_model)
 	static int tcg_initialized = 0;
 	int i;
 
-	env = g_malloc0(sizeof(CPUCRISState));
+	env = g_new0(CPUCRISState, 1);
 
 	env->pregs[PR_VR] = vr_by_name(cpu_model);
 	cpu_exec_init(env);
diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c
index 1e8bcff..297019f 100644
--- a/target-i386/cpuid.c
+++ b/target-i386/cpuid.c
@@ -1009,7 +1009,7 @@  static int cpudef_setfield(const char *name, const char *str, void *opaque)
  */
 static int cpudef_register(QemuOpts *opts, void *opaque)
 {
-    x86_def_t *def = g_malloc0(sizeof (x86_def_t));
+    x86_def_t *def = g_new0(x86_def_t, 1);
 
     qemu_opt_foreach(opts, cpudef_setfield, def, 1);
     def->next = x86_defs;
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 5df40d4..7ee3aa8 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1239,7 +1239,7 @@  CPUX86State *cpu_x86_init(const char *cpu_model)
     CPUX86State *env;
     static int inited;
 
-    env = g_malloc0(sizeof(CPUX86State));
+    env = g_new0(CPUX86State, 1);
     cpu_exec_init(env);
     env->cpu_model_str = cpu_model;
 
diff --git a/target-i386/kvm.c b/target-i386/kvm.c
index 90a6ffb..bcc645b 100644
--- a/target-i386/kvm.c
+++ b/target-i386/kvm.c
@@ -201,7 +201,7 @@  static void kvm_hwpoison_page_add(ram_addr_t ram_addr)
             return;
         }
     }
-    page = g_malloc(sizeof(HWPoisonPage));
+    page = g_new(HWPoisonPage, 1);
     page->ram_addr = ram_addr;
     QLIST_INSERT_HEAD(&hwpoison_page_list, page, list);
 }
diff --git a/target-lm32/helper.c b/target-lm32/helper.c
index fc0b444..f82beed 100644
--- a/target-lm32/helper.c
+++ b/target-lm32/helper.c
@@ -208,7 +208,7 @@  CPUState *cpu_lm32_init(const char *cpu_model)
         return NULL;
     }
 
-    env = g_malloc0(sizeof(CPUState));
+    env = g_new0(CPUState, 1);
 
     env->features = def->features;
     env->num_bps = def->num_breakpoints;
diff --git a/target-m68k/helper.c b/target-m68k/helper.c
index 674c8e6..81acc36 100644
--- a/target-m68k/helper.c
+++ b/target-m68k/helper.c
@@ -172,7 +172,7 @@  CPUM68KState *cpu_m68k_init(const char *cpu_model)
     CPUM68KState *env;
     static int inited;
 
-    env = g_malloc0(sizeof(CPUM68KState));
+    env = g_new0(CPUM68KState, 1);
     cpu_exec_init(env);
     if (!inited) {
         inited = 1;
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index 366fd3e..90f8175 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -1851,7 +1851,7 @@  CPUState *cpu_mb_init (const char *cpu_model)
     static int tcg_initialized = 0;
     int i;
 
-    env = g_malloc0(sizeof(CPUState));
+    env = g_new0(CPUState, 1);
 
     cpu_exec_init(env);
     cpu_reset(env);
diff --git a/target-mips/translate.c b/target-mips/translate.c
index d5b1c76..1bf2eb9 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -12704,7 +12704,7 @@  CPUMIPSState *cpu_mips_init (const char *cpu_model)
     def = cpu_mips_find_by_name(cpu_model);
     if (!def)
         return NULL;
-    env = g_malloc0(sizeof(CPUMIPSState));
+    env = g_new0(CPUMIPSState, 1);
     env->cpu_model = def;
     env->cpu_model_str = cpu_model;
 
diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index 6339be3..af1fc41 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -3184,7 +3184,7 @@  CPUPPCState *cpu_ppc_init (const char *cpu_model)
     if (!def)
         return NULL;
 
-    env = g_malloc0(sizeof(CPUPPCState));
+    env = g_new0(CPUPPCState, 1);
     cpu_exec_init(env);
     if (tcg_enabled()) {
         ppc_translate_init();
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index 96dd867..6cd06c0 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -79,7 +79,7 @@  CPUS390XState *cpu_s390x_init(const char *cpu_model)
     static int inited = 0;
     static int cpu_num = 0;
 
-    env = g_malloc0(sizeof(CPUS390XState));
+    env = g_new0(CPUS390XState, 1);
     cpu_exec_init(env);
     if (tcg_enabled() && !inited) {
         inited = 1;
diff --git a/target-sh4/translate.c b/target-sh4/translate.c
index bad3577..62cc274 100644
--- a/target-sh4/translate.c
+++ b/target-sh4/translate.c
@@ -279,7 +279,7 @@  CPUSH4State *cpu_sh4_init(const char *cpu_model)
     def = cpu_sh4_find_by_name(cpu_model);
     if (!def)
 	return NULL;
-    env = g_malloc0(sizeof(CPUSH4State));
+    env = g_new0(CPUSH4State, 1);
     env->features = def->features;
     cpu_exec_init(env);
     env->movcal_backup_tail = &(env->movcal_backup);
diff --git a/target-sparc/helper.c b/target-sparc/helper.c
index c80531a..e70835c 100644
--- a/target-sparc/helper.c
+++ b/target-sparc/helper.c
@@ -1208,7 +1208,7 @@  CPUSPARCState *cpu_sparc_init(const char *cpu_model)
 {
     CPUSPARCState *env;
 
-    env = g_malloc0(sizeof(CPUSPARCState));
+    env = g_new0(CPUSPARCState, 1);
     cpu_exec_init(env);
 
     gen_intermediate_code_init(env);
diff --git a/target-unicore32/helper.c b/target-unicore32/helper.c
index b5b1cb7..1cf38b0 100644
--- a/target-unicore32/helper.c
+++ b/target-unicore32/helper.c
@@ -53,7 +53,7 @@  CPUState *uc32_cpu_init(const char *cpu_model)
     uint32_t id;
     static int inited = 1;
 
-    env = g_malloc0(sizeof(CPUState));
+    env = g_new0(CPUState, 1);
     cpu_exec_init(env);
 
     id = uc32_cpu_find_by_name(cpu_model);
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 30f3aef..71f308a 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -243,8 +243,8 @@  void tcg_context_init(TCGContext *s)
         total_args += n;
     }
 
-    args_ct = g_malloc(sizeof(TCGArgConstraint) * total_args);
-    sorted_args = g_malloc(sizeof(int) * total_args);
+    args_ct = g_new(TCGArgConstraint, total_args);
+    sorted_args = g_new(int, total_args);
 
     for(op = 0; op < NB_OPS; op++) {
         def = &tcg_op_defs[op];
diff --git a/test-qmp-commands.c b/test-qmp-commands.c
index fa5a7bd..f44b6df 100644
--- a/test-qmp-commands.c
+++ b/test-qmp-commands.c
@@ -15,15 +15,15 @@  void qmp_user_def_cmd1(UserDefOne * ud1, Error **errp)
 UserDefTwo * qmp_user_def_cmd2(UserDefOne * ud1a, UserDefOne * ud1b, Error **errp)
 {
     UserDefTwo *ret;
-    UserDefOne *ud1c = g_malloc0(sizeof(UserDefOne));
-    UserDefOne *ud1d = g_malloc0(sizeof(UserDefOne));
+    UserDefOne *ud1c = g_new0(UserDefOne, 1);
+    UserDefOne *ud1d = g_new0(UserDefOne, 1);
 
     ud1c->string = strdup(ud1a->string);
     ud1c->integer = ud1a->integer;
     ud1d->string = strdup(ud1b->string);
     ud1d->integer = ud1b->integer;
 
-    ret = g_malloc0(sizeof(UserDefTwo));
+    ret = g_new0(UserDefTwo, 1);
     ret->string = strdup("blah1");
     ret->dict.string = strdup("blah2");
     ret->dict.dict.userdef = ud1c;
@@ -104,21 +104,21 @@  static void test_dealloc_types(void)
     UserDefOne *ud1test, *ud1a, *ud1b;
     UserDefOneList *ud1list;
 
-    ud1test = g_malloc0(sizeof(UserDefOne));
+    ud1test = g_new0(UserDefOne, 1);
     ud1test->integer = 42;
     ud1test->string = g_strdup("hi there 42");
 
     qapi_free_UserDefOne(ud1test);
 
-    ud1a = g_malloc0(sizeof(UserDefOne));
+    ud1a = g_new0(UserDefOne, 1);
     ud1a->integer = 43;
     ud1a->string = g_strdup("hi there 43");
 
-    ud1b = g_malloc0(sizeof(UserDefOne));
+    ud1b = g_new0(UserDefOne, 1);
     ud1b->integer = 44;
     ud1b->string = g_strdup("hi there 44");
 
-    ud1list = g_malloc0(sizeof(UserDefOneList));
+    ud1list = g_new0(UserDefOneList, 1);
     ud1list->value = ud1a;
     ud1list->next = g_malloc0(sizeof(UserDefOneList));
     ud1list->next->value = ud1b;
diff --git a/test-visitor.c b/test-visitor.c
index 847ce14..9fa16ea 100644
--- a/test-visitor.c
+++ b/test-visitor.c
@@ -282,7 +282,7 @@  static void test_nested_enums(void)
     QObject *obj;
     QString *str;
 
-    nested_enums = g_malloc0(sizeof(NestedEnumsOne));
+    nested_enums = g_new0(NestedEnumsOne, 1);
     nested_enums->enum1 = ENUM_ONE_VALUE1;
     nested_enums->enum2 = ENUM_ONE_VALUE2;
     nested_enums->enum3 = ENUM_ONE_VALUE3;
diff --git a/ui/keymaps.c b/ui/keymaps.c
index 54bfee7..1f5980c 100644
--- a/ui/keymaps.c
+++ b/ui/keymaps.c
@@ -94,7 +94,7 @@  static kbd_layout_t *parse_keyboard_layout(const name2keysym_t *table,
     filename = qemu_find_file(QEMU_FILE_TYPE_KEYMAP, language);
 
     if (!k)
-	k = g_malloc0(sizeof(kbd_layout_t));
+	k = g_new0(kbd_layout_t, 1);
     if (!(filename && (f = fopen(filename, "r")))) {
 	fprintf(stderr,
 		"Could not read keymap file: '%s'\n", language);
diff --git a/ui/sdl.c b/ui/sdl.c
index 298bacd..4590961 100644
--- a/ui/sdl.c
+++ b/ui/sdl.c
@@ -1019,7 +1019,7 @@  void sdl_display_init(DisplayState *ds, int full_screen, int no_frame)
         sdl_grab_start();
     }
 
-    dcl = g_malloc0(sizeof(DisplayChangeListener));
+    dcl = g_new0(DisplayChangeListener, 1);
     dcl->dpy_update = sdl_update;
     dcl->dpy_resize = sdl_resize;
     dcl->dpy_refresh = sdl_refresh;
@@ -1029,7 +1029,7 @@  void sdl_display_init(DisplayState *ds, int full_screen, int no_frame)
     ds->cursor_define = sdl_mouse_define;
     register_displaychangelistener(ds, dcl);
 
-    da = g_malloc0(sizeof(DisplayAllocator));
+    da = g_new0(DisplayAllocator, 1);
     da->create_displaysurface = sdl_create_displaysurface;
     da->resize_displaysurface = sdl_resize_displaysurface;
     da->free_displaysurface = sdl_free_displaysurface;
diff --git a/ui/vnc-jobs-async.c b/ui/vnc-jobs-async.c
index de5ea6b..ce13fa6 100644
--- a/ui/vnc-jobs-async.c
+++ b/ui/vnc-jobs-async.c
@@ -77,7 +77,7 @@  static void vnc_unlock_queue(VncJobQueue *queue)
 
 VncJob *vnc_job_new(VncState *vs)
 {
-    VncJob *job = g_malloc0(sizeof(VncJob));
+    VncJob *job = g_new0(VncJob, 1);
 
     job->vs = vs;
     vnc_lock_queue(queue);
@@ -88,7 +88,7 @@  VncJob *vnc_job_new(VncState *vs)
 
 int vnc_job_add_rect(VncJob *job, int x, int y, int w, int h)
 {
-    VncRectEntry *entry = g_malloc0(sizeof(VncRectEntry));
+    VncRectEntry *entry = g_new0(VncRectEntry, 1);
 
     entry->rect.x = x;
     entry->rect.y = y;
@@ -282,7 +282,7 @@  disconnected:
 
 static VncJobQueue *vnc_queue_init(void)
 {
-    VncJobQueue *queue = g_malloc0(sizeof(VncJobQueue));
+    VncJobQueue *queue = g_new0(VncJobQueue, 1);
 
     qemu_cond_init(&queue->cond);
     qemu_mutex_init(&queue->mutex);
diff --git a/ui/vnc.c b/ui/vnc.c
index 2ae9121..4e28e34 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2496,7 +2496,7 @@  static void vnc_remove_timer(VncDisplay *vd)
 
 static void vnc_connect(VncDisplay *vd, int csock, int skipauth)
 {
-    VncState *vs = g_malloc0(sizeof(VncState));
+    VncState *vs = g_new0(VncState, 1);
     int i;
 
     vs->csock = csock;
@@ -2578,7 +2578,7 @@  void vnc_display_init(DisplayState *ds)
 {
     VncDisplay *vs = g_new0(VncDisplay, 1);
 
-    dcl = g_malloc0(sizeof(DisplayChangeListener));
+    dcl = g_new0(DisplayChangeListener, 1);
 
     ds->opaque = vs;
     dcl->idle = 1;
diff --git a/usb-linux.c b/usb-linux.c
index 77c0252..dcd4149 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -287,7 +287,7 @@  struct AsyncURB
 
 static AsyncURB *async_alloc(USBHostDevice *s)
 {
-    AsyncURB *aurb = g_malloc0(sizeof(AsyncURB));
+    AsyncURB *aurb = g_new0(AsyncURB, 1);
     aurb->hdev = s;
     QLIST_INSERT_HEAD(&s->aurbs, aurb, next);
     return aurb;
diff --git a/usb-redir.c b/usb-redir.c
index a764cc8..e7a9b44 100644
--- a/usb-redir.c
+++ b/usb-redir.c
@@ -286,7 +286,7 @@  static void usbredir_cancel_packet(USBDevice *udev, USBPacket *p)
 static struct buf_packet *bufp_alloc(USBRedirDevice *dev,
     uint8_t *data, int len, int status, uint8_t ep)
 {
-    struct buf_packet *bufp = g_malloc(sizeof(struct buf_packet));
+    struct buf_packet *bufp = g_new(struct buf_packet, 1);
     bufp->data   = data;
     bufp->len    = len;
     bufp->status = status;
diff --git a/vl.c b/vl.c
index df96c11..e6a8498 100644
--- a/vl.c
+++ b/vl.c
@@ -564,7 +564,7 @@  static struct bt_scatternet_s *qemu_find_bt_vlan(int id)
         if (vlan->id == id)
             return &vlan->net;
     }
-    vlan = g_malloc0(sizeof(struct bt_vlan_s));
+    vlan = g_new0(struct bt_vlan_s, 1);
     vlan->id = id;
     pvlan = &first_bt_vlan;
     while (*pvlan != NULL)
@@ -853,7 +853,7 @@  void add_boot_device_path(int32_t bootindex, DeviceState *dev,
 
     assert(dev != NULL || suffix != NULL);
 
-    node = g_malloc0(sizeof(FWBootEntry));
+    node = g_new0(FWBootEntry, 1);
     node->bootindex = bootindex;
     node->suffix = suffix ? g_strdup(suffix) : NULL;
     node->dev = dev;
@@ -1112,7 +1112,7 @@  void pcmcia_socket_register(PCMCIASocket *socket)
 {
     struct pcmcia_socket_entry_s *entry;
 
-    entry = g_malloc(sizeof(struct pcmcia_socket_entry_s));
+    entry = g_new(struct pcmcia_socket_entry_s, 1);
     entry->socket = socket;
     entry->next = pcmcia_sockets;
     pcmcia_sockets = entry;
@@ -1339,7 +1339,7 @@  static bool qemu_vmstop_requested(RunState *r)
 
 void qemu_register_reset(QEMUResetHandler *func, void *opaque)
 {
-    QEMUResetEntry *re = g_malloc0(sizeof(QEMUResetEntry));
+    QEMUResetEntry *re = g_new0(QEMUResetEntry, 1);
 
     re->func = func;
     re->opaque = opaque;
diff --git a/xen-all.c b/xen-all.c
index d0988c9..415fde6 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -267,7 +267,7 @@  go_physmap:
         }
     }
 
-    physmap = g_malloc(sizeof (XenPhysmap));
+    physmap = g_new(XenPhysmap, 1);
 
     physmap->start_addr = start_addr;
     physmap->size = size;
@@ -890,7 +890,7 @@  int xen_hvm_init(void)
     unsigned long ioreq_pfn;
     XenIOState *state;
 
-    state = g_malloc0(sizeof (XenIOState));
+    state = g_new0(XenIOState, 1);
 
     state->xce_handle = xen_xc_evtchn_open(NULL, 0);
     if (state->xce_handle == XC_HANDLER_INITIAL_VALUE) {
diff --git a/xen-mapcache.c b/xen-mapcache.c
index 8162b69..04a8196 100644
--- a/xen-mapcache.c
+++ b/xen-mapcache.c
@@ -94,7 +94,7 @@  void xen_map_cache_init(void)
     unsigned long size;
     struct rlimit rlimit_as;
 
-    mapcache = g_malloc0(sizeof (MapCache));
+    mapcache = g_new0(MapCache, 1);
 
     QTAILQ_INIT(&mapcache->locked_entries);
     mapcache->last_address_index = -1;
@@ -145,8 +145,8 @@  static void xen_remap_bucket(MapCacheEntry *entry,
 
     trace_xen_remap_bucket(address_index);
 
-    pfns = g_malloc0(nb_pfn * sizeof (xen_pfn_t));
-    err = g_malloc0(nb_pfn * sizeof (int));
+    pfns = g_new0(xen_pfn_t, nb_pfn);
+    err = g_new0(int, nb_pfn);
 
     if (entry->vaddr_base != NULL) {
         if (munmap(entry->vaddr_base, entry->size) != 0) {
@@ -220,7 +220,7 @@  uint8_t *xen_map_cache(target_phys_addr_t phys_addr, target_phys_addr_t size,
         entry = entry->next;
     }
     if (!entry) {
-        entry = g_malloc0(sizeof (MapCacheEntry));
+        entry = g_new0(MapCacheEntry, 1);
         pentry->next = entry;
         xen_remap_bucket(entry, __size, address_index);
     } else if (!entry->lock) {
@@ -242,7 +242,7 @@  uint8_t *xen_map_cache(target_phys_addr_t phys_addr, target_phys_addr_t size,
     mapcache->last_address_index = address_index;
     mapcache->last_address_vaddr = entry->vaddr_base;
     if (lock) {
-        MapCacheRev *reventry = g_malloc0(sizeof(MapCacheRev));
+        MapCacheRev *reventry = g_new0(MapCacheRev, 1);
         entry->lock++;
         reventry->vaddr_req = mapcache->last_address_vaddr + address_offset;
         reventry->paddr_index = mapcache->last_address_index;