It appears that under some cirumstances, the lifetime of a vcpu doesn't correctly align with that of the structure describing the redistributor associated with that vcpu. That's not great. Fixing it is, unfortunately, not as trivial as it appears as the required locking gets in the way. The first two patches in this series amend that locking so that the third patch, which is the actual fix, becomes almost trivial. The last two patches are more cosmetic and only add assertions that helped me debugging the whole thing. I've earmarked the first 3 patches as stable candidates, and would love to see them in 6.7. Patches on top of -rc4. Marc Zyngier (5): KVM: arm64: vgic: Simplify kvm_vgic_destroy() KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy KVM: arm64: vgic: Ensure that slots_lock is held in vgic_register_all_redist_iodevs() KVM: Convert comment into an assertion in kvm_io_bus_register_dev() arch/arm64/kvm/arm.c | 2 +- arch/arm64/kvm/vgic/vgic-init.c | 47 ++++++++++++++++++------------ arch/arm64/kvm/vgic/vgic-mmio-v3.c | 4 ++- arch/arm64/kvm/vgic/vgic.h | 1 + virt/kvm/kvm_main.c | 3 +- 5 files changed, 36 insertions(+), 21 deletions(-) -- 2.39.2