I think this stems from a misunderstanding of how the ata error handler
works.  ata_scsi_cmd_error_handler() gets called with a passed in list
of commands to handle.  However, that list may still not be empty when
it exits.  The command ata_scsi_port_error_handler() must be called
(which takes no list) before the list will be completely emptied.  This
bites the sas error handler because the two are called from different
functions and the original list has gone out of scope before
ata_scsi_port_error_handler() is called. leading to some commands
dangling on bare stack, which is a potential memory corruption issue.
Fix this by manually deleting all outstanding commands from the on-stack
list before it goes out of scope.
Signed-off-by: NJames Bottomley <James.Bottomley@suse.de>