From nobody Mon Feb 9 07:05:21 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1505868718624517.2275841247965; Tue, 19 Sep 2017 17:51:58 -0700 (PDT) Received: from localhost ([::1]:46052 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1duTF7-0000LW-S4 for importer@patchew.org; Tue, 19 Sep 2017 20:51:57 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41920) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1duTAw-0005d9-UE for qemu-devel@nongnu.org; Tue, 19 Sep 2017 20:47:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1duTAs-0006n9-1u for qemu-devel@nongnu.org; Tue, 19 Sep 2017 20:47:38 -0400 Received: from mail-oi0-x241.google.com ([2607:f8b0:4003:c06::241]:36888) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1duTAr-0006lJ-St; Tue, 19 Sep 2017 20:47:33 -0400 Received: by mail-oi0-x241.google.com with SMTP id h9so220321oia.4; Tue, 19 Sep 2017 17:47:32 -0700 (PDT) Received: from localhost (76-251-165-188.lightspeed.austtx.sbcglobal.net. [76.251.165.188]) by smtp.gmail.com with ESMTPSA id p40sm1012683otd.18.2017.09.19.17.47.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 19 Sep 2017 17:47:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=YbhF6uymSNjML4v1Jh7A4Mo982hSfkuUJ1Yd12C06JI=; b=KprcMVQReq5XFNldR15ethDq289x7kco1YqhqDU3Ij3wizUyYgWazjH9Lm+v88C9Ps HhvfkPoXJH7j2p/0BjmKfCIxr1lKRoR/ncNQLNRWZSQDWbcA/7s7BlUVqQK32PB/Qy1Z B4yPglY6E6yH3YiCZmY+M/hzPjE2xnzASJOOao18IwtFtD+1QV+EX+1FMqs8sxYuTYVu eHukRUfDDK249XXa8uQAROeWYNPUG6rTbg5aGx6wq6uLQXp94edCpWn/qgPEgy8MlYeR ohnO3epXMggcKGOZ3MXtIgSg9RJlI35IaEm5cBH5tnXvodqWqPDMxxldFf7trEfngl+y RLUQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=YbhF6uymSNjML4v1Jh7A4Mo982hSfkuUJ1Yd12C06JI=; b=XJJQJPkIrQoPf5euQ3xiYlz+w9k5OlLi4XdmZvUFPJX5hxmMs1VOEGzBUUw9EEKG1f BqobSNbohBYpXLpckFQwc5uy4tXynj4J7UZg0WmFkiivJMaxBid8CqsdWTvxAiP3rlLf ZGRJRI6g7HoYUNTgWYUNceMFC4YOLgD2WbQ4HDb5hFbn+CEaTB0nLOvKeJIVqJ1y67UM S6zsgq2CTKjYe9zt4mEFwn6FyA3JnjlaM+WMgp0reVAULK0tG6gjon4IVn0IUkBqPlPz Wmn1VfRxYCX4RBYu2g5oQarTgTUrngVoyup+YesSIAwQ1e1HBBbLUoQyK7SScp3eLwTo 8YYQ== X-Gm-Message-State: AHPjjUiFcwBNfzIyP7+CoFKw5gGHDkVEs/jKwzgQLTkixWlcInUbztVw 5ulRwscicFoxvvAh7iIbx+LjuSim X-Google-Smtp-Source: AOwi7QCFew16N2R12Cq4J1fQ1GX7kRflArDAFlprsTS2Renya7m2iVIYyuqVdrbg14Z9bc6DYsnfVQ== X-Received: by 10.202.178.133 with SMTP id b127mr3491780oif.319.1505868451220; Tue, 19 Sep 2017 17:47:31 -0700 (PDT) From: Michael Roth To: qemu-devel@nongnu.org Date: Tue, 19 Sep 2017 19:45:17 -0500 Message-Id: <20170920004521.9417-9-mdroth@linux.vnet.ibm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170920004521.9417-1-mdroth@linux.vnet.ibm.com> References: <20170920004521.9417-1-mdroth@linux.vnet.ibm.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4003:c06::241 Subject: [Qemu-devel] [PATCH 08/12] vhost: Release memory references on cleanup X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Alex Williamson , qemu-stable@nongnu.org, "Michael S . Tsirkin" Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Alex Williamson vhost registers a MemoryListener where it adds and removes references to MemoryRegions as the MemoryRegionSections pass through. The region_add callback is invoked for each existing section when the MemoryListener is registered, but unregistering the MemoryListener performs no reciprocal region_del callback. It's therefore the owner of the MemoryListener's responsibility to cleanup any persistent changes, such as these memory references, after unregistering. The consequence of this bug is that if we have both a vhost device and a vfio device, the vhost device will reference any mmap'd MMIO of the vfio device via this MemoryListener. If the vhost device is then removed, those references remain outstanding. If we then attempt to remove the vfio device, it never gets finalized and the only way to release the kernel file descriptors is to terminate the QEMU process. Fixes: dfde4e6e1a86 ("memory: add ref/unref calls") Cc: Michael S. Tsirkin Cc: Paolo Bonzini Cc: qemu-stable@nongnu.org # v1.6.0+ Signed-off-by: Alex Williamson Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin (cherry picked from commit ee4c112846a0f2ac4fe5601918b0a2642ac8e2ed) Signed-off-by: Michael Roth --- hw/virtio/vhost.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c index 6eddb099b0..b737ca915b 100644 --- a/hw/virtio/vhost.c +++ b/hw/virtio/vhost.c @@ -1356,6 +1356,10 @@ void vhost_dev_cleanup(struct vhost_dev *hdev) if (hdev->mem) { /* those are only safe after successful init */ memory_listener_unregister(&hdev->memory_listener); + for (i =3D 0; i < hdev->n_mem_sections; ++i) { + MemoryRegionSection *section =3D &hdev->mem_sections[i]; + memory_region_unref(section->mr); + } QLIST_REMOVE(hdev, entry); } if (hdev->migration_blocker) { --=20 2.11.0