Reviewed-by: Ewan D. Milne <emilne@xxxxxxxxxx>
On Tue, Aug 3, 2021 at 11:57 AM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
>
> The sp->free(sp); call frees "sp" and then the debug code dereferences
> it on the next line. Swap the order.
>
> Fixes: 84318a9f01ce ("scsi: qla2xxx: edif: Add send, receive, and accept for auth_els")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
> drivers/scsi/qla2xxx/qla_bsg.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/scsi/qla2xxx/qla_bsg.c b/drivers/scsi/qla2xxx/qla_bsg.c
> index 0739f8ad525a..4b5d28d89d69 100644
> --- a/drivers/scsi/qla2xxx/qla_bsg.c
> +++ b/drivers/scsi/qla2xxx/qla_bsg.c
> @@ -25,12 +25,12 @@ void qla2x00_bsg_job_done(srb_t *sp, int res)
> struct bsg_job *bsg_job = sp->u.bsg_job;
> struct fc_bsg_reply *bsg_reply = bsg_job->reply;
>
> - sp->free(sp);
> -
> ql_dbg(ql_dbg_user, sp->vha, 0x7009,
> "%s: sp hdl %x, result=%x bsg ptr %p\n",
> __func__, sp->handle, res, bsg_job);
>
> + sp->free(sp);
> +
> bsg_reply->result = res;
> bsg_job_done(bsg_job, bsg_reply->result,
> bsg_reply->reply_payload_rcv_len);
> --
> 2.20.1
>
