Commit 1e8ba6fb authored Feb 12, 2007 by Ingo Molnar Committed by Linus Torvalds Feb 12, 2007

[PATCH] kvm: fix vcpu freeing bug



vcpu_load() can return NULL and it sometimes does in failure paths (for
example when the userspace ABI version is too old) - causing a preemption
count underflow in the ->vcpu_free() later on.  So check for NULL.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent 8cd13307

drivers/kvm/kvm_main.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -272,7 +272,9 @@ static void kvm_free_physmem(struct kvm *kvm)

		static void kvm_free_vcpu(struct kvm_vcpu *vcpu)
		{
		vcpu_load(vcpu->kvm, vcpu_slot(vcpu));
		if (!vcpu_load(vcpu->kvm, vcpu_slot(vcpu)))
		return;

		kvm_mmu_destroy(vcpu);
		vcpu_put(vcpu);
		kvm_arch_ops->vcpu_free(vcpu);