[SCSI] libiscsi: fix possbile null ptr session command cleanup
authorMike Christie <michaelc@cs.wisc.edu>
Thu, 5 Mar 2009 20:46:07 +0000 (14:46 -0600)
committerJames Bottomley <James.Bottomley@HansenPartnership.com>
Fri, 13 Mar 2009 20:29:54 +0000 (15:29 -0500)
If the iscsi eh fires when the current task is a nop, then
the task->sc pointer is null. fail_all_commands could
then try to do task->sc->device and oops. We actually do
not need to access the curr task in this path, because
if it is a cmd task the fail_command call will handle
this and if it is mgmt task then the flush of the mgmt
queues will handle that.

Signed-off-by: Mike Christie <michaelc@cs.wisc.edu>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
drivers/scsi/libiscsi.c

index d07017911139804019b155d95da6234d1ad2ab21..dfaa8adf099ea2d5ef0ed577ce39411cb1393691 100644 (file)
@@ -1603,8 +1603,11 @@ static void fail_all_commands(struct iscsi_conn *conn, unsigned lun,
 {
        struct iscsi_task *task, *tmp;
 
-       if (conn->task && (conn->task->sc->device->lun == lun || lun == -1))
-               conn->task = NULL;
+       if (conn->task) {
+               if (lun == -1 ||
+                   (conn->task->sc && conn->task->sc->device->lun == lun))
+                       conn->task = NULL;
+       }
 
        /* flush pending */
        list_for_each_entry_safe(task, tmp, &conn->xmitqueue, running) {