From: "Erich E. Hoover" <ehoover@mines.edu>
Subject: [PATCH 1/1] ntdll: Fix section header heap deadlock (try 2).
Message-Id: <CAEU2+vpkp5qpVYNNAVPrJ8gyJPTcVkx4RaMze_T0TObQafmPeQ@mail.gmail.com>
Date: Wed, 4 Apr 2012 13:15:32 -0600

Real Name:
    Erich Hoover

Description:
    Free the section header memory outside of the uninterrupted
section lock.  Changing the order here stops the process heap from
potentially deadlocking (Bug #30356).

Changelog:
    ntdll: Fix section header heap deadlock.

From e8ee0cdc3ddefe20ca93f2393d6a49ffb9a2f92f Mon Sep 17 00:00:00 2001
From: Erich Hoover <ehoover@mines.edu>
Date: Wed, 4 Apr 2012 13:10:41 -0600
Subject: ntdll: Fix section header heap deadlock.

---
 dlls/ntdll/virtual.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index 7c2b1a9..0229a42 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -1374,10 +1374,10 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
     }
 
  done:
-    RtlFreeHeap( GetProcessHeap(), 0, sections );
     view->mapping = dup_mapping;
     view->map_protect = map_vprot;
     server_leave_uninterrupted_section( &csVirtual, &sigset );
+    RtlFreeHeap( GetProcessHeap(), 0, sections );
 
     *addr_ptr = ptr;
 #ifdef VALGRIND_LOAD_PDB_DEBUGINFO
@@ -1387,9 +1387,9 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
     return STATUS_SUCCESS;
 
  error:
-    RtlFreeHeap( GetProcessHeap(), 0, sections );
     if (view) delete_view( view );
     server_leave_uninterrupted_section( &csVirtual, &sigset );
+    RtlFreeHeap( GetProcessHeap(), 0, sections );
     if (dup_mapping) NtClose( dup_mapping );
     return status;
 }
-- 
1.7.5.4