From patchwork Sat Jan 16 02:00:40 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Marcelo Tosatti <mtosatti@redhat.com>
X-Patchwork-Id: 73265
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by demeter.kernel.org (8.14.3/8.14.2) with ESMTP id o0G24Jqa002980
	for <patchwork-kvm@patchwork.kernel.org>;
	Sat, 16 Jan 2010 02:04:19 GMT
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1758714Ab0APCER (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Fri, 15 Jan 2010 21:04:17 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1758713Ab0APCER
	(ORCPT <rfc822;kvm-outgoing>); Fri, 15 Jan 2010 21:04:17 -0500
Received: from mx1.redhat.com ([209.132.183.28]:47510 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1758113Ab0APCEQ (ORCPT <rfc822;kvm@vger.kernel.org>);
	Fri, 15 Jan 2010 21:04:16 -0500
Received: from int-mx04.intmail.prod.int.phx2.redhat.com
	(int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.17])
	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o0G24F9T005544
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <kvm@vger.kernel.org>; Fri, 15 Jan 2010 21:04:16 -0500
Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199])
	by int-mx04.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with
	ESMTP id o0G24FGJ011935; Fri, 15 Jan 2010 21:04:15 -0500
Received: from amt.cnet (vpn-9-118.rdu.redhat.com [10.11.9.118])
	by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id o0G24EHO015137;
	Fri, 15 Jan 2010 21:04:14 -0500
Received: from amt.cnet (amt.cnet [127.0.0.1])
	by amt.cnet (Postfix) with ESMTP id 1A72A68A2AB;
	Sat, 16 Jan 2010 00:00:41 -0200 (BRST)
Received: (from marcelo@localhost)
	by amt.cnet (8.14.3/8.14.3/Submit) id o0G20eV4004643;
	Sat, 16 Jan 2010 00:00:40 -0200
Date: Sat, 16 Jan 2010 00:00:40 -0200
From: Marcelo Tosatti <mtosatti@redhat.com>
To: Avi Kivity <avi@redhat.com>
Cc: kvm <kvm@vger.kernel.org>
Subject: KVM: fix cleanup_srcu_struct use-after-free 
Message-ID: <20100116020040.GA4611@amt.cnet>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-08-17)
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.17
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org


diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index e0a591d..c828a39 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -509,8 +509,8 @@ static void kvm_destroy_vm(struct kvm *kvm)
 #else
 	kvm_arch_flush_shadow(kvm);
 #endif
-	kvm_arch_destroy_vm(kvm);
 	cleanup_srcu_struct(&kvm->srcu);
+	kvm_arch_destroy_vm(kvm);
 	hardware_disable_all();
 	mmdrop(mm);
 }