[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v12 3/3] vfio-user: Fix memory region reference accounting
|
From: |
Mattias Nissler |
|
Subject: |
[PATCH v12 3/3] vfio-user: Fix memory region reference accounting |
|
Date: |
Tue, 27 Aug 2024 08:49:01 -0700 |
The memory regions created for DMA regions where leaking the original
reference the object is initialized with. This happened since we insert
the memory region as a subregion, but don't keep the reference obtained
when creating the object. Thus, drop the reference after inserting the
DMA memory region into the address space.
This fixes auto-shutdown behavior: Due to the leaked references, the
memory regions would never be released, and indirectly keep the VFU
object as their owner alive. Thus, vfu_object_finalize didn't get
invoked, and qemu wouldn't terminate. With this fix, this is now working
as originally intended.
Signed-off-by: Mattias Nissler <mnissler@rivosinc.com>
---
hw/remote/vfio-user-obj.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/remote/vfio-user-obj.c b/hw/remote/vfio-user-obj.c
index 0e93d7a7b4..d347a96e39 100644
--- a/hw/remote/vfio-user-obj.c
+++ b/hw/remote/vfio-user-obj.c
@@ -394,6 +394,14 @@ static void dma_register(vfu_ctx_t *vfu_ctx,
vfu_dma_info_t *info)
memory_region_add_subregion(dma_as->root, (hwaddr)iov->iov_base,
subregion);
+ /*
+ * Insertion into the address space grabbed a reference to keep the memory
+ * region alive. However, the memory region object was created with an
+ * original reference count of 1, so we must unref since we don't keep that
+ * reference.
+ */
+ memory_region_unref(subregion);
+
trace_vfu_dma_register((uint64_t)iov->iov_base, iov->iov_len);
}
--
2.34.1