staging/lustre/ptlrpc: Fix a crash when dereferencing NULL pointer
authorAmir Shehata <amir.shehata@intel.com>
Tue, 3 Dec 2013 13:58:47 +0000 (21:58 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 3 Dec 2013 16:45:29 +0000 (08:45 -0800)
When a system runs out of memory and the function
ptlrpc_register_bulk() is called from ptl_send_rpc() the call to
LNetMEAttach() fails due to failure to allocate memory.  This forces
the code into an error path, which most probably previously went
untested.  The error path:
if (rc != 0) {
        CERROR("%s: LNetMEAttach failed x"LPU64"/%d: rc = %dn",
                desc->bd_export->exp_obd->obd_name, xid,
                posted_md, rc);
        break;
}
This print assumes that desc->bd_export is not NULL.  However, it is.
In fact it is expected to be NULL.  desc->bd_import is the correct
structure to access in this case.

Lustre-change: http://review.whamcloud.com/7121
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-3585
Cc: stable <stable@vger.kernel.org> # 3.12
Signed-off-by: Amir Shehata <amir.shehata@intel.com>
Reviewed-by: Liang Zhen <liang.zhen@intel.com>
Reviewed-by: Doug Oucharek <doug.s.oucharek@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/lustre/lustre/ptlrpc/niobuf.c

index 5f2aa7aa17ea7a7738aab307c851ef3a3d1465b0..3c6bf23415f9862b8cbd2f61241ac4da4f8fa36b 100644 (file)
@@ -180,7 +180,7 @@ int ptlrpc_register_bulk(struct ptlrpc_request *req)
                                  LNET_UNLINK, LNET_INS_AFTER, &me_h);
                if (rc != 0) {
                        CERROR("%s: LNetMEAttach failed x"LPU64"/%d: rc = %d\n",
-                              desc->bd_export->exp_obd->obd_name, xid,
+                              desc->bd_import->imp_obd->obd_name, xid,
                               posted_md, rc);
                        break;
                }
@@ -190,7 +190,7 @@ int ptlrpc_register_bulk(struct ptlrpc_request *req)
                                  &desc->bd_mds[posted_md]);
                if (rc != 0) {
                        CERROR("%s: LNetMDAttach failed x"LPU64"/%d: rc = %d\n",
-                              desc->bd_export->exp_obd->obd_name, xid,
+                              desc->bd_import->imp_obd->obd_name, xid,
                               posted_md, rc);
                        rc2 = LNetMEUnlink(me_h);
                        LASSERT(rc2 == 0);
@@ -220,7 +220,7 @@ int ptlrpc_register_bulk(struct ptlrpc_request *req)
        /* Holler if peer manages to touch buffers before he knows the xid */
        if (desc->bd_md_count != total_md)
                CWARN("%s: Peer %s touched %d buffers while I registered\n",
-                     desc->bd_export->exp_obd->obd_name, libcfs_id2str(peer),
+                     desc->bd_import->imp_obd->obd_name, libcfs_id2str(peer),
                      total_md - desc->bd_md_count);
        spin_unlock(&desc->bd_lock);