From: Viswas G <Viswas.G@xxxxxxxx> In pm8001_ccb_task_free(), the dma unmapping is done based on ccb->n_elem value. This should be initialized to zero in the task_abort(). Otherwise, pm8001_ccb_task_free() will try for dma_unmap_sg() which is invalid for task abort and can lead to kernel crash. Changes From V1: None Signed-off-by: Viswas G <Viswas.G@xxxxxxxx> Reviewed-by: Suresh Thiagarajan <Suresh.Thiagarajan@xxxxxxxx> Reviewed-by: Hannes Reinecke <hare@xxxxxxxx> Reviewed-by: Jack Wang <jinpu.wang@xxxxxxxxxxxxxxxx> Reviewed-by: Tomas Henzl <thenzl@xxxxxxxxxx> --- drivers/scsi/pm8001/pm8001_sas.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/drivers/scsi/pm8001/pm8001_sas.c b/drivers/scsi/pm8001/pm8001_sas.c index 48f4627..949198c 100644 --- a/drivers/scsi/pm8001/pm8001_sas.c +++ b/drivers/scsi/pm8001/pm8001_sas.c @@ -790,6 +790,7 @@ pm8001_exec_internal_task_abort(struct pm8001_hba_info *pm8001_ha, ccb->device = pm8001_dev; ccb->ccb_tag = ccb_tag; ccb->task = task; + ccb->n_elem = 0; res = PM8001_CHIP_DISP->task_abort(pm8001_ha, pm8001_dev, flag, task_tag, ccb_tag); -- 1.7.1 -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
