[PATCH AUTOSEL 4.19 16/39] scsi: qedi: Fix null ref during abort handling
From: Sasha Levin
Date: Fri Jul 09 2021 - 22:37:08 EST
From: Mike Christie <michael.christie@xxxxxxxxxx>
[ Upstream commit 5777b7f0f03ce49372203b6521631f62f2810c8f ]
If qedi_process_cmd_cleanup_resp finds the cmd it frees the work and sets
list_tmf_work to NULL, so qedi_tmf_work should check if list_tmf_work is
non-NULL when it wants to force cleanup.
Link: https://lore.kernel.org/r/20210525181821.7617-20-michael.christie@xxxxxxxxxx
Reviewed-by: Manish Rangankar <mrangankar@xxxxxxxxxxx>
Signed-off-by: Mike Christie <michael.christie@xxxxxxxxxx>
Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/scsi/qedi/qedi_fw.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/qedi/qedi_fw.c b/drivers/scsi/qedi/qedi_fw.c
index 357a0acc5ed2..b60b48f3b984 100644
--- a/drivers/scsi/qedi/qedi_fw.c
+++ b/drivers/scsi/qedi/qedi_fw.c
@@ -1466,7 +1466,7 @@ static void qedi_tmf_work(struct work_struct *work)
ldel_exit:
spin_lock_bh(&qedi_conn->tmf_work_lock);
- if (!qedi_cmd->list_tmf_work) {
+ if (qedi_cmd->list_tmf_work) {
list_del_init(&list_work->list);
qedi_cmd->list_tmf_work = NULL;
kfree(list_work);
--
2.30.2