On Thu, Mar 02, 2023 at 08:12:28AM +0000, Tian, Kevin wrote:
From: Jason Gunthorpe jgg@nvidia.com Sent: Saturday, February 25, 2023 8:28 AM
@@ -481,11 +481,7 @@ void iommufd_device_detach(struct iommufd_device *idev) hwpt = iommufd_hw_pagetable_detach(idev); mutex_unlock(&idev->igroup->lock);
- if (hwpt->auto_domain)
iommufd_object_destroy_user(idev->ictx, &hwpt->obj);
- else
refcount_dec(&hwpt->obj.users);
- iommufd_hw_pagetable_put(idev->ictx, hwpt); refcount_dec(&idev->obj.users);
}
As commented in patch3 this should be called in iommufd_hw_pagetable_detach() when idev->igroup->hwpt is cleared.
Same answer, has to be called after we unlock everything. The issue is not device_detach which has simple locking but iommufd_device_change_pt() in a later patch.
Jason