Re: sw_perf_event_destroy() oops while fuzzing

From: Peter Zijlstra
Date: Fri Apr 12 2013 - 05:01:10 EST

On Fri, 2013-04-12 at 08:34 +0300, Tommi Rantala wrote:

> [92759.011005] RIP [<ffffffff811a7200>] sw_perf_event_destroy+0x30/0x90

> [114607.070003] RIP: 0010:[<ffffffff811a7200>] [<ffffffff811a7200>]
> sw_perf_event_destroy+0x30/0x90

> [114607.070003] RIP [<ffffffff811a7200>] sw_perf_event_destroy+0x30/0x90

Would you have a source line for me that goes with that.. I can't seem
to poke any holes just by looking.

perf_swevent_init() only sets event->destroy() (to
sw_perf_event_destroy) _after_ it increments the static key thing and
enqueues (and allocates) the hash list stuff.

Obviously something is funny, but I'm not seeing it.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at