From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756314AbbFPLea (ORCPT ); Tue, 16 Jun 2015 07:34:30 -0400 Received: from mx1.redhat.com ([209.132.183.28]:46070 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752672AbbFPLeV (ORCPT ); Tue, 16 Jun 2015 07:34:21 -0400 Subject: [BUG] fs: inotify_handle_event() reading un-init memory From: Jesper Dangaard Brouer To: Jan Kara Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Jesper Dangaard Brouer Date: Tue, 16 Jun 2015 13:33:18 +0200 Message-ID: <20150616113300.10621.35439.stgit@devil> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Caught by kmemcheck. Don't know the fix... just pointed at the bug. Introduced in commit 7053aee26a3 ("fsnotify: do not share events between notification groups"). --- fs/notify/inotify/inotify_fsnotify.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/notify/inotify/inotify_fsnotify.c b/fs/notify/inotify/inotify_fsnotify.c index 2cd900c2c737..370d66dc4ddb 100644 --- a/fs/notify/inotify/inotify_fsnotify.c +++ b/fs/notify/inotify/inotify_fsnotify.c @@ -96,11 +96,12 @@ int inotify_handle_event(struct fsnotify_group *group, i_mark = container_of(inode_mark, struct inotify_inode_mark, fsn_mark); + // new object alloc here event = kmalloc(alloc_len, GFP_KERNEL); if (unlikely(!event)) return -ENOMEM; - fsn_event = &event->fse; + fsn_event = &event->fse; // This looks wrong!?! read from un-init mem? fsnotify_init_event(fsn_event, inode, mask); event->wd = i_mark->wd; event->sync_cookie = cookie;