On Sat, 16 May 2026 at 09:03, Marc-André Lureau <[email protected]> wrote: > > The PPI buffer is allocated with qemu_memalign() in instance_init but > never freed when the device is destroyed. > > Fixes: 46cd2c1050f0 ("hw/tpm: add PPI support to tpm-tis-device for ARM64 > virt") > Signed-off-by: Marc-André Lureau <[email protected]> > --- > hw/tpm/tpm_tis_sysbus.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/hw/tpm/tpm_tis_sysbus.c b/hw/tpm/tpm_tis_sysbus.c > index 6bec30c36fc..3984228c42f 100644 > --- a/hw/tpm/tpm_tis_sysbus.c > +++ b/hw/tpm/tpm_tis_sysbus.c > @@ -150,11 +150,20 @@ static void tpm_tis_sysbus_class_init(ObjectClass > *klass, const void *data) > set_bit(DEVICE_CATEGORY_MISC, dc->categories); > } > > +static void tpm_tis_sysbus_finalize(Object *obj) > +{ > + TPMStateSysBus *sbdev = TPM_TIS_SYSBUS(obj); > + TPMState *s = &sbdev->state; > + > + qemu_vfree(s->ppi.buf); > +}
https://patchew.org/QEMU/[email protected]/ (likely to land upstream shortly) moves the allocation to the realize function, so maybe this free should also be moved to unrealize ? -- PMM
