On 04/09, Prashant Bhole wrote:
>
> It occurs because task_struct is freed before perf_event which refers
> to the task and task flags are checked while teardown of the event.
> perf_event_alloc() assigns task_struct to hw.target of perf_event,
> but there is no reference counting for it.
>
> As a fix we get_task_struct() in perf_event_alloc() at above mentioned
> assignment and put_task_struct() in _free_event().
>
> Signed-off-by: Prashant Bhole <bhole_prashant...@lab.ntt.co.jp>
Agreed, lets make a simple fix for the start. I'd suggest cc:stable,
afaics this fixes the commit 63b6da39bb38e8f1a1ef3180d32a39d6
("perf: Fix perf_event_exit_task() race").
Reviewed-by: Oleg Nesterov <o...@redhat.com>
