Re: Slab corruption in fanotify_free_event()

From: David Rientjes
Date: Wed Jan 22 2014 - 16:49:35 EST


On Wed, 22 Jan 2014, Jiri Kosina wrote:

> Hi,
>
> booting current Linus' tree (df32e43a), I am getting
>
> Slab corruption (Not tainted): fanotify_event_info start=ffff8800372e3320, len=64
> Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
> Last user: [<ffffffff811e0bdd>](fanotify_free_event+0x2d/0x40)
> 030: 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 6b 6b 6b a5 kkkkkkkk....kkk.
> Prev obj: start=ffff8800372e32c8, len=64
> Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
> Last user: [<ffffffff811e0bdd>](fanotify_free_event+0x2d/0x40)
> 000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
> 010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
> Next obj: start=ffff8800372e3378, len=64
> Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
> Last user: [<ffffffff811e0bdd>](fanotify_free_event+0x2d/0x40)
> 000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
> 010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
>
> I guess this is due to
>
> commit 7053aee26a3548ebaba046ae2e52396ccf56ac6c
> Author: Jan Kara <jack@xxxxxxx>
> Date: Tue Jan 21 15:48:14 2014 -0800
>
> fsnotify: do not share events between notification groups
>
> as I am not able to see any other recent changes in that area. Haven't
> been looking at the patch closely enough to debug this yet ... sending
> this as an early heads-up.
>

Dave Jones reports slab poison values getting overwritten and bisected it
to the same commit. The discussion is at
http://marc.info/?t=139037220800006.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/