On Wed, Oct 15, 2025 at 10:59:24AM +0200, Albert Esteve wrote:
> +static void virtio_shared_memory_mapping_instance_finalize(Object *obj)
> +{
> + VirtioSharedMemoryMapping *mapping = VIRTIO_SHARED_MEMORY_MAPPING(obj);
> +
> + /* Clean up MemoryRegion if it exists */
> + if (mapping->mr) {
> + /* Unparent the MemoryRegion to trigger cleanup */
> + object_unparent(OBJECT(mapping->mr));
> + mapping->mr = NULL;
> + }
> +
> + /* Close file descriptor */
> + if (mapping->fd >= 0) {
> + close(mapping->fd);
> + mapping->fd = -1;
> + }This looks like a double close(), which could accidentally close a reused fd in a multi-threaded program. reclaim_ramblock() already closes the file descriptor (it's stored in RAMBlock), so I think the VirtioSharedMemoryMapping struct should not hold on to fd and close it here. Other than that: Reviewed-by: Stefan Hajnoczi <[email protected]>
signature.asc
Description: PGP signature
