From patchwork Sun May  8 00:40:11 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Petros Koutoupis <petros@petroskoutoupis.com>
X-Patchwork-Id: 9038531
Return-Path: <linux-scsi-owner@kernel.org>
X-Original-To: patchwork-linux-scsi@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id CCCB6BF29F
	for <patchwork-linux-scsi@patchwork.kernel.org>;
	Sun,  8 May 2016 00:40:23 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 93A772013D
	for <patchwork-linux-scsi@patchwork.kernel.org>;
	Sun,  8 May 2016 00:40:22 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 911182011E
	for <patchwork-linux-scsi@patchwork.kernel.org>;
	Sun,  8 May 2016 00:40:20 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751186AbcEHAkR (ORCPT
	<rfc822;patchwork-linux-scsi@patchwork.kernel.org>);
	Sat, 7 May 2016 20:40:17 -0400
Received: from mout.perfora.net ([74.208.4.197]:54305 "EHLO mout.perfora.net"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751180AbcEHAkQ (ORCPT <rfc822;linux-scsi@vger.kernel.org>);
	Sat, 7 May 2016 20:40:16 -0400
Received: from [192.168.1.69] ([99.41.188.243]) by mrelay.perfora.net
	(mreueus003) with ESMTPSA (Nemesis) id 0LnzHq-1baTOX0nWK-00fxVf;
	Sun, 08 May 2016 02:40:13 +0200
Message-ID: <1462668011.32105.7.camel@petros-ultrathin>
Subject: [PATCH] megaraid: add scsi_cmnd NULL check before use
From: Petros Koutoupis <petros@petroskoutoupis.com>
To: kashyap.desai@avagotech.com, sumit.saxena@avagotech.com,
	uday.lingala@avagotech.com
Cc: megaraidlinux.pdl@avagotech.com, linux-scsi@vger.kernel.org
Date: Sat, 07 May 2016 19:40:11 -0500
X-Mailer: Evolution 3.10.4-0ubuntu2 
Mime-Version: 1.0
X-Provags-ID: V03:K0:dFutkINVSIEWLVLhSrBBmP8EwP+YJe2YJeJl/aM8ABehGhCU4il
	zxyOQ0R3R45JGUtXpswFVT5e3hCYxHUE4F92dsdozOcWyjbP4qz6aJe9eEUuDGKzSdxZRsc
	a27/F7KymVNMTGHkMFt+7XMwXOLPoioC2MXv73Y+PBHx2UDFcpzR5RbhfVTWDEI1/SJMcrR
	BkTHC3ewG8TpVma7kApUQ==
X-UI-Out-Filterresults: notjunk:1; V01:K0:zUb+lX38wbQ=:ett0+eusSKq54cie/DBbCj
	h6CxJvoOZ9TM17IDP/s8mNHtGFy3XbN1EUV3uMnWFnBVdnTb6QDvFVdoX3uITMRTATVYvgr7/
	kvMvFUM0FZz1d6NZ71IlqtrG1UneEcln/3agxz0BD3WxOoWrZgPxY4oFUmAUB8PoGMzdbeWbk
	0Dk/JPxy7FI11Yk194koGE83cHa+gkEAx//OMnjGIr8ZXKt3Gs3K93TV1ZEcN85uL9KMaz9ZF
	R6YrhGKo10aRN3HOi1N7VqA6vriOGFl43hGHsok9Fzhx7Jcn1qqBgIAORuyZadsMOTuYPevX3
	iT6ebS6WM0TJcu4nGPxHtYLdltD420/nVNPIYRRLCsCLXOrG98svJoyZf7nUASV1aWDL1cBmH
	+1fIzK0fkIAuVl57ds+D68fi3B3plWB9Qw1J8POJHzqakgIvlsUnumPD1DsouMdZP9wI1bmW1
	VQFcvACK1q4RbIJ85A6HzQd7Ek1ezfI7ONb2qJgeHonnS2bK+H3xxUxwp/MCCVqWz+wuy989n
	Iwyv5JEOTV5jJZ3aT5gJkGPTLgAdUKayPWG1l+ZgsPFLHjnk0b763RP7hRuNn9Zi7WpVxFAuQ
	X2E26b/owjV3lupIAYXV95Pq78HHgoSW7R8+K2V23j7iE1sIST+KQhbSNY6C1cT50vng20q/j
	wAq1hrbZKqOcnYFtJCTLkkNDW1Mp74jXZ7YCsEPi9kEdZPARmkqNL3gWigt2Bc1y3lPUSuyL+
	V4vAhu2C/QhHanht
Sender: linux-scsi-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-scsi.vger.kernel.org>
X-Mailing-List: linux-scsi@vger.kernel.org
X-Spam-Status: No, score=-9.0 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The current state of the code checks to see if the reference to scsi_cmnd is
not null, but it never checks to see if it is null and always assumes it is valid
before its use in below switch statement. This patch addresses that.
---
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

--- linux/drivers/scsi/megaraid/megaraid_sas_fusion.c.orig	2016-05-07 09:12:56.748969851 -0500
+++ linux/drivers/scsi/megaraid/megaraid_sas_fusion.c	2016-05-07 09:15:29.612967113 -0500
@@ -2277,6 +2277,10 @@ complete_cmd_fusion(struct megasas_insta
 
 		if (cmd_fusion->scmd)
 			cmd_fusion->scmd->SCp.ptr = NULL;
+		else if ((!cmd_fusion->scmd) &&
+			 ((scsi_io_req->Function == MPI2_FUNCTION_SCSI_IO_REQUEST) ||
+			 (scsi_io_req->Function == MEGASAS_MPI2_FUNCTION_LD_IO_REQUEST)))
+			goto next;
 
 		scmd_local = cmd_fusion->scmd;
 		status = scsi_io_req->RaidContext.status;
@@ -2336,7 +2340,7 @@ complete_cmd_fusion(struct megasas_insta
 				megasas_complete_cmd(instance, cmd_mfi, DID_OK);
 			break;
 		}
-
+next:
 		fusion->last_reply_idx[MSIxIndex]++;
 		if (fusion->last_reply_idx[MSIxIndex] >=
 		    fusion->reply_q_depth)