I got a NULL derefrence in cdev_del+1 when called from sg_remove. By looking at
the code of sg_add, sg_alloc and sg_remove (all in drivers/scsi/sg.c) I found
out that sg_add is calling sg_alloc but if it fails afterwards it does not
deallocate the space that was allocated in sg_alloc and the redundant entry has
NULL in cdev. When sg_remove is being called, it tries to perform cdev_del to
this NULL cdev and fails.
Signed-off-by: NIshai Rabinovitz <ishai@mellanox.co.il>
Acked-by: NDouglas Gilbert <dougg@torque.net>
Signed-off-by: NJames Bottomley <James.Bottomley@SteelEye.com>