The current state of the code checks to see if the reference to scsi_cmnd is not null, but it never checks to see if it is null and always assumes it is valid before its use in below switch statement. This patch addresses that. --- linux/drivers/scsi/megaraid/megaraid_sas_fusion.c.orig 2016-05-07 09:12:56.748969851 -0500 +++ linux/drivers/scsi/megaraid/megaraid_sas_fusion.c 2016-05-07 09:15:29.612967113 -0500 @@ -2277,6 +2277,10 @@ complete_cmd_fusion(struct megasas_insta if (cmd_fusion->scmd) cmd_fusion->scmd->SCp.ptr = NULL; + else if ((!cmd_fusion->scmd) && + ((scsi_io_req->Function == MPI2_FUNCTION_SCSI_IO_REQUEST) || + (scsi_io_req->Function == MEGASAS_MPI2_FUNCTION_LD_IO_REQUEST))) + goto next; scmd_local = cmd_fusion->scmd; status = scsi_io_req->RaidContext.status; @@ -2336,7 +2340,7 @@ complete_cmd_fusion(struct megasas_insta megasas_complete_cmd(instance, cmd_mfi, DID_OK); break; } - +next: fusion->last_reply_idx[MSIxIndex]++; if (fusion->last_reply_idx[MSIxIndex] >= fusion->reply_q_depth) -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
