!7104 KVM: Always flush async #PF workqueue when vCPU is being destroyed

		swake_up_one(&vcpu->wq);

	mmput(mm);

	kvm_put_kvm(vcpu->kvm);

}

static void kvm_flush_and_free_async_pf_work(struct kvm_async_pf *work)

{

	/*

	 * The async #PF is "done", but KVM must wait for the work item itself,

	 * i.e. async_pf_execute(), to run to completion.  If KVM is a module,

	 * KVM must ensure *no* code owned by the KVM (the module) can be run

	 * after the last call to module_put().  Note, flushing the work item

	 * is always required when the item is taken off the completion queue.

	 * E.g. even if the vCPU handles the item in the "normal" path, the VM

	 * could be terminated before async_pf_execute() completes.

	 *

	 * Wake all events skip the queue and go straight done, i.e. don't

	 * need to be flushed (but sanity check that the work wasn't queued).

	 */

	if (work->wakeup_all)

		WARN_ON_ONCE(work->work.func);

	else

		flush_work(&work->work);

	kmem_cache_free(async_pf_cache, work);

}

void kvm_clear_async_pf_completion_queue(struct kvm_vcpu *vcpu)

#else

		if (cancel_work_sync(&work->work)) {

			mmput(work->mm);

			kvm_put_kvm(vcpu->kvm); /* == work->vcpu->kvm */

			kmem_cache_free(async_pf_cache, work);

		}

#endif

			list_first_entry(&vcpu->async_pf.done,

					 typeof(*work), link);

		list_del(&work->link);

		kmem_cache_free(async_pf_cache, work);

		spin_unlock(&vcpu->async_pf.lock);

		kvm_flush_and_free_async_pf_work(work);

		spin_lock(&vcpu->async_pf.lock);

	}

	spin_unlock(&vcpu->async_pf.lock);

		list_del(&work->queue);

		vcpu->async_pf.queued--;

		kmem_cache_free(async_pf_cache, work);

		kvm_flush_and_free_async_pf_work(work);

	}

}

	work->arch = *arch;

	work->mm = current->mm;

	mmget(work->mm);

	kvm_get_kvm(work->vcpu->kvm);

	/* this can't really happen otherwise gfn_to_pfn_async

	   would succeed */