While looping over shost's sdev list it is possible that one
of the drive is getting removed and it's sas_target object is
freed but it's sdev object is still intact with the sdev list.
So, kernel panic occurred while driver trying to access the sas_address
field of sas_target object without checking the sas_target object
for NULL pointer.
Fixes: f92363d12359("mpt3sas: add new driver supporting 12GB SAS")
Signed-off-by: Sreekanth Reddy <sreekanth.reddy@xxxxxxxxxxxx>
---
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/mpt3sas/mpt3sas_scsih.c b/drivers/scsi/mpt3sas/mpt3sas_scsih.c
index cee7170beae8..bb0036b41825 100644
--- a/drivers/scsi/mpt3sas/mpt3sas_scsih.c
+++ b/drivers/scsi/mpt3sas/mpt3sas_scsih.c
@@ -3869,7 +3869,7 @@ _scsih_ublock_io_device(struct MPT3SAS_ADAPTER *ioc,
shost_for_each_device(sdev, ioc->shost) {
sas_device_priv_data = sdev->hostdata;
- if (!sas_device_priv_data)
+ if (!sas_device_priv_data || !sas_device_priv_data->sas_target)
continue;
if (sas_device_priv_data->sas_target->sas_address
!= sas_address)
--
2.27.0
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
