On Tue, Apr 19, 2022 at 04:44:19PM -0400, Jagannathan Raman wrote:
> +static size_t vfu_object_bar_rw(PCIDevice *pci_dev, int pci_bar,
> +                                hwaddr bar_offset, char * const buf,
> +                                hwaddr len, const bool is_write)
> +{
> +    MemoryRegionSection section = { 0 };
> +    uint8_t *ptr = (uint8_t *)buf;
> +    MemoryRegion *section_mr = NULL;
> +    uint64_t section_size;
> +    hwaddr section_offset;
> +    hwaddr size = 0;
> +
> +    while (len) {
> +        section = memory_region_find(pci_dev->io_regions[pci_bar].memory,
> +                                     bar_offset, len);
> +
> +        if (!section.mr) {
> +            warn_report("vfu: invalid address 0x%"PRIx64"", bar_offset);
> +            return size;
> +        }
> +
> +        section_mr = section.mr;
> +        section_offset = section.offset_within_region;
> +        section_size = int128_get64(section.size);
> +
> +        if (is_write && section_mr->readonly) {
> +            warn_report("vfu: attempting to write to readonly region in "
> +                        "bar %d - [0x%"PRIx64" - 0x%"PRIx64"]",
> +                        pci_bar, bar_offset,
> +                        (bar_offset + section_size));
> +            memory_region_unref(section_mr);
> +            return size;
> +        }
> +
> +        if (vfu_object_mr_rw(section_mr, ptr, section_offset,
> +                             section_size, is_write)) {
> +            warn_report("vfu: failed to %s "
> +                        "[0x%"PRIx64" - 0x%"PRIx64"] in bar %d",
> +                        is_write ? "write to" : "read from", bar_offset,
> +                        (bar_offset + section_size), pci_bar);
> +            return size;

Missing memory_region_unref(section_mr).