hw/ppc: free env->tb_env in spapr_unrealize_vcpu()

The timebase is allocated during spapr_realize_vcpu() and it's not freed. This results in memory leaks when doing vcpu unplugs: ==636935== ==636935== 144 (96 direct, 48 indirect) bytes in 1 blocks are definitely lost in loss record 6 ,461 of 8,135 ==636935== at 0x4897468: calloc (vg_replace_malloc.c:760) ==636935== by 0x5077213: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.6400.4) ==636935== by 0x507757F: g_malloc0_n (in /usr/lib64/libglib-2.0.so.0.6400.4) ==636935== by 0x93C3FB: cpu_ppc_tb_init (ppc.c:1066) ==636935== by 0x97BC2B: spapr_realize_vcpu (spapr_cpu_core.c:268) ==636935== by 0x97C01F: spapr_cpu_core_realize (spapr_cpu_core.c:337) ==636935== by 0xD4626F: device_set_realized (qdev.c:531) ==636935== by 0xD55273: property_set_bool (object.c:2273) ==636935== by 0xD523DF: object_property_set (object.c:1408) ==636935== by 0xD588B7: object_property_set_qobject (qom-qobject.c:28) ==636935== by 0xD52897: object_property_set_bool (object.c:1477) ==636935== by 0xD4579B: qdev_realize (qdev.c:333) ==636935== This patch adds a cpu_ppc_tb_free() helper in hw/ppc/ppc.c to allow us to free the timebase. This leak is then solved by calling cpu_ppc_tb_free() in spapr_unrealize_vcpu(). Fixes: 6f4b5c3ec590 ("spapr: CPU hot unplug support") Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20220329124545.529145-2-danielhb413@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
author: Daniel Henrique Barboza 2022-04-04 08:49:06 +0200
committer: Cédric Le Goater 2022-04-04 08:49:06 +0200
commit: ef95a244949a15b831876fe2d4e1320784729819 (patch)
tree: 2d6fea3ede70f665461f1de13f7b7f1c4487b002 /hw/ppc
parent: Merge tag 'pull-request-2022-04-01' of https://gitlab.com/thuth/qemu into sta... (diff)
download: qemu-ef95a244949a15b831876fe2d4e1320784729819.tar.gz
qemu-ef95a244949a15b831876fe2d4e1320784729819.tar.xz
qemu-ef95a244949a15b831876fe2d4e1320784729819.zip
2 files changed, 10 insertions, 0 deletions
diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
index faa02d6710..fea70df45e 100644
--- a/hw/ppc/ppc.c
+++ b/hw/ppc/ppc.c
@@ -1083,6 +1083,13 @@ clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq)
     return &cpu_ppc_set_tb_clk;
 }
 
+void cpu_ppc_tb_free(CPUPPCState *env)
+{
+    timer_free(env->tb_env->decr_timer);
+    timer_free(env->tb_env->hdecr_timer);
+    g_free(env->tb_env);
+}
+
 /* cpu_ppc_hdecr_init may be used if the timer is not used by HDEC emulation */
 void cpu_ppc_hdecr_init(CPUPPCState *env)
 {
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index ed84713960..8a4861f45a 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -189,10 +189,13 @@ static const VMStateDescription vmstate_spapr_cpu_state = {
 
 static void spapr_unrealize_vcpu(PowerPCCPU *cpu, SpaprCpuCore *sc)
 {
+    CPUPPCState *env = &cpu->env;
+
     if (!sc->pre_3_0_migration) {
         vmstate_unregister(NULL, &vmstate_spapr_cpu_state, cpu->machine_data);
     }
     spapr_irq_cpu_intc_destroy(SPAPR_MACHINE(qdev_get_machine()), cpu);
+    cpu_ppc_tb_free(env);
     qdev_unrealize(DEVICE(cpu));
 }
author	Daniel Henrique Barboza	2022-04-04 08:49:06 +0200
committer	Cédric Le Goater	2022-04-04 08:49:06 +0200
commit	ef95a244949a15b831876fe2d4e1320784729819 (patch)
tree	2d6fea3ede70f665461f1de13f7b7f1c4487b002 /hw/ppc
parent	Merge tag 'pull-request-2022-04-01' of https://gitlab.com/thuth/qemu into sta... (diff)
download	qemu-ef95a244949a15b831876fe2d4e1320784729819.tar.gz qemu-ef95a244949a15b831876fe2d4e1320784729819.tar.xz qemu-ef95a244949a15b831876fe2d4e1320784729819.zip