@@ -394,6 +394,14 @@ static void dma_register(vfu_ctx_t *vfu_ctx, vfu_dma_info_t *info)
memory_region_add_subregion(dma_as->root, (hwaddr)iov->iov_base, subregion);
+ /*
+ * Insertion into the address space grabbed a reference to keep the memory
+ * region alive. However, the memory region object was created with an
+ * original reference count of 1, so we must unref since we don't keep that
+ * reference.
+ */
+ memory_region_unref(subregion);
+
trace_vfu_dma_register((uint64_t)iov->iov_base, iov->iov_len);
}
The memory regions created for DMA regions where leaking the original reference the object is initialized with. This happened since we insert the memory region as a subregion, but don't keep the reference obtained when creating the object. Thus, drop the reference after inserting the DMA memory region into the address space. This fixes auto-shutdown behavior: Due to the leaked references, the memory regions would never be released, and indirectly keep the VFU object as their owner alive. Thus, vfu_object_finalize didn't get invoked, and qemu wouldn't terminate. With this fix, this is now working as originally intended. Signed-off-by: Mattias Nissler <mnissler@rivosinc.com> --- hw/remote/vfio-user-obj.c | 8 ++++++++ 1 file changed, 8 insertions(+)