[PULL 15/25] hw/misc/xlnx-versal-trng: Free s->prng in finalize, not unrealize

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PULL 15/25] hw/misc/xlnx-versal-trng: Free s->prng in finalize, not unrealize
Date: Thu,  5 Sep 2024 14:00:50 +0100	[thread overview]
Message-ID: <20240905130100.298768-16-peter.maydell@linaro.org> (raw)
In-Reply-To: <20240905130100.298768-1-peter.maydell@linaro.org>

The TYPE_XLNX_VERSAL_TRNG device creates s->prng with g_rand_new()
in its init method, but it frees it in its unrealize method. This
results in a leak in the QOM introspection "initialize-inspect-finalize"
lifecycle:

Direct leak of 2500 byte(s) in 1 object(s) allocated from:
    #0 0x55ec89eae9d8 in __interceptor_calloc (/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294d9d8) (BuildId: 6d5
08874816cc47d17c8dd775e8f809ae520e8cb)
    #1 0x7f697018fc50 in g_malloc0 debian/build/deb/../../../glib/gmem.c:161:13
    #2 0x7f6970197738 in g_rand_new_with_seed_array debian/build/deb/../../../glib/grand.c:202:17
    #3 0x7f6970197816 in g_rand_new debian/build/deb/../../../glib/grand.c:286:10
    #4 0x55ec8aa3656a in trng_init hw/misc/xlnx-versal-trng.c:624:15
    #5 0x55ec8ce75da1 in object_init_with_type qom/object.c:420:9
    #6 0x55ec8ce5d07b in object_initialize_with_type qom/object.c:562:5
    #7 0x55ec8ce5e91d in object_new_with_type qom/object.c:782:5
    #8 0x55ec8ce5e9f1 in object_new qom/object.c:797:12
    #9 0x55ec8d65c81d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11

Move the free to finalize so it matches where we are initing
s->prng. Since that's the only thing our unrealize method was
doing, this essentially switches the whole function to be
a finalize implementation.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-3-peter.maydell@linaro.org
---
 hw/misc/xlnx-versal-trng.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/misc/xlnx-versal-trng.c b/hw/misc/xlnx-versal-trng.c
index 51eb7600414..c0d1dde8708 100644
--- a/hw/misc/xlnx-versal-trng.c
+++ b/hw/misc/xlnx-versal-trng.c
@@ -624,9 +624,9 @@ static void trng_init(Object *obj)
     s->prng = g_rand_new();
 }
 
-static void trng_unrealize(DeviceState *dev)
+static void trng_finalize(Object *obj)
 {
-    XlnxVersalTRng *s = XLNX_VERSAL_TRNG(dev);
+    XlnxVersalTRng *s = XLNX_VERSAL_TRNG(obj);
 
     g_rand_free(s->prng);
     s->prng = NULL;
@@ -689,7 +689,6 @@ static void trng_class_init(ObjectClass *klass, void *data)
     ResettableClass *rc = RESETTABLE_CLASS(klass);
 
     dc->vmsd = &vmstate_trng;
-    dc->unrealize = trng_unrealize;
     rc->phases.hold = trng_reset_hold;
 
     /* Clone uint64 property with set allowed after realized */
@@ -706,6 +705,7 @@ static const TypeInfo trng_info = {
     .instance_size = sizeof(XlnxVersalTRng),
     .class_init    = trng_class_init,
     .instance_init = trng_init,
+    .instance_finalize = trng_finalize,
 };
 
 static void trng_register_types(void)
-- 
2.34.1

next prev parent reply	other threads:[~2024-09-05 13:03 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-09-05 13:00 [PULL 00/25] target-arm queue Peter Maydell
2024-09-05 13:00 ` [PULL 01/25] target/arm: Allow setting the FPCR.EBF bit for FEAT_EBF16 Peter Maydell
2024-09-05 13:00 ` [PULL 02/25] target/arm: Pass env pointer through to sme_bfmopa helper Peter Maydell
2024-09-05 13:00 ` [PULL 03/25] target/arm: Pass env pointer through to gvec_bfdot helper Peter Maydell
2024-09-05 13:00 ` [PULL 04/25] target/arm: Pass env pointer through to gvec_bfdot_idx helper Peter Maydell
2024-09-05 13:00 ` [PULL 05/25] target/arm: Pass env pointer through to gvec_bfmmla helper Peter Maydell
2024-09-05 13:00 ` [PULL 06/25] target/arm: Prepare bfdotadd() callers for FEAT_EBF support Peter Maydell
2024-09-05 13:00 ` [PULL 07/25] target/arm: Implement FPCR.EBF=1 semantics for bfdotadd() Peter Maydell
2024-09-05 13:00 ` [PULL 08/25] target/arm: Enable FEAT_EBF16 in the "max" CPU Peter Maydell
2024-09-05 13:00 ` [PULL 09/25] accel/tcg: Remove dead code from rr_cpu_thread_fn() Peter Maydell
2024-09-05 13:00 ` [PULL 10/25] hw: add compat machines for 9.2 Peter Maydell
2024-09-05 13:00 ` [PULL 11/25] hw/arm/smmuv3: Update comment documenting "stage" property Peter Maydell
2024-09-05 13:00 ` [PULL 12/25] hw/arm/virt: Default to two-stage SMMU from virt-9.2 Peter Maydell
2024-09-05 13:00 ` [PULL 13/25] hw/arm/sbsa-ref: Use two-stage SMMU Peter Maydell
2024-09-05 13:00 ` [PULL 14/25] hw/misc/xlnx-versal-cfu: destroy fifo in finalize Peter Maydell
2024-09-05 13:00 ` Peter Maydell [this message]
2024-09-05 13:00 ` [PULL 16/25] hw/nvram/xlnx-bbram: Call register_finalize_block Peter Maydell
2024-09-05 13:00 ` [PULL 17/25] hw/nvram/xlnx-zynqmp-efuse: " Peter Maydell
2024-09-05 13:00 ` [PULL 18/25] hw/misc/xlnx-versal-trng: " Peter Maydell
2024-09-05 13:00 ` [PULL 19/25] hm/nvram/xlnx-versal-efuse-ctrl: " Peter Maydell
2024-09-05 13:00 ` [PULL 20/25] hw/arm/sbsa-ref: Don't leak string in sbsa_fdt_add_gic_node() Peter Maydell
2024-09-05 13:00 ` [PULL 21/25] target/arm: Correct names of VFP VFNMA and VFNMS insns Peter Maydell
2024-09-05 13:00 ` [PULL 22/25] hw/arm/xilinx_zynq: Enable Security Extensions Peter Maydell
2024-09-05 13:00 ` [PULL 23/25] hw/arm/boot: Report error msg if loading elf/dtb failed Peter Maydell
2024-09-05 13:00 ` [PULL 24/25] hw/arm/boot: Explain why load_elf_hdr() error is ignored Peter Maydell
2024-09-05 13:01 ` [PULL 25/25] platform-bus: fix refcount leak Peter Maydell
2024-09-06 14:24 ` [PULL 00/25] target-arm queue Peter Maydell

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:51eb760041 dfblob:c0d1dde870 )
 OR (
bs:"[PULL 15/25] hw/misc/xlnx-versal-trng: Free s->prng in finalize, not unrealize" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240905130100.298768-16-peter.maydell@linaro.org \
    --to=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).