The incorrect size was used in the memory copy of the requested
cpts to net->lnet_cpts. This lead to the following in testing
RIP: 0010:lnet_match2mt.isra.8+0x2b/0x40 [lnet]
lnet_mt_of_attach+0x72/0x1b0 [lnet]
LNetMEAttach+0x60/0x1f0 [lnet]
ptl_send_rpc+0x26f/0xbb0 [ptlrpc]
libcfs_debug_msg+0x57/0x80 [libcfs]
ptlrpc_send_new_req+0x4c9/0x860 [ptlrpc]
ptlrpc_check_set.part.21+0x855/0x18b0 [ptlrpc]
? try_to_del_timer_sync+0x4d/0x80
? del_timer_sync+0x35/0x40
ptlrpcd_check+0x3ae/0x3f0 [ptlrpc]
ptlrpcd+0x2be/0x320 [ptlrpc]
? wait_woken+0x80/0x80
Changing the size from ncpts to ncpts * sizeof(*net->net_cpts)
Lustre-change: https://review.whamcloud.com/33229
Lustre-commit:
5afe99cac9a7be5bf776d68c65b2fe51b31591ae
Change-Id: I10832430e53ccc5b40ebce3ddfd2cf9ea330b0df
Signed-off-by: James Simmons <uja.ornl@yahoo.com>
Reviewed-by: Amir Shehata <ashehata@whamcloud.com>
Reviewed-by: Sonia Sharma <sharmaso@whamcloud.com>
Signed-off-by: Minh Diep <mdiep@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/33312
Tested-by: Jenkins
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
LIBCFS_ALLOC(net->net_cpts, sizeof(*net->net_cpts) * ncpts);
if (net->net_cpts == NULL)
return -ENOMEM;
- memcpy(net->net_cpts, cpts, ncpts);
+ memcpy(net->net_cpts, cpts, ncpts * sizeof(*net->net_cpts));
net->net_ncpts = ncpts;
return 0;
}