memory.c: bugfix - ref counting mismatch in memory_region_find

'address_space_get_flatview' gets a reference to a FlatView.
If the flatview lookup fails, the code returns without
"unreferencing" the view.

Cc: qemu-stable@nongnu.org
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 6307d974f9a28bb6652352f52da97f820427d29d)

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

diff --git a/memory.c b/memory.c
index 28f64491d06fcbb217928733491dbb5e6547da9d..776431416f1827d1390fbd77c33278b6c1f37ee7 100644 (file)
--- a/memory.c
+++ b/memory.c
@@ -1596,6 +1596,7 @@ MemoryRegionSection memory_region_find(MemoryRegion *mr,
     view = address_space_get_flatview(as);
     fr = flatview_lookup(view, range);
     if (!fr) {
+        flatview_unref(view);
         return ret;
     }