From: Hannes Reinecke <hare@suse.de>

When requeuing a request, clear the unused map_context pointer to ensure we
can't later access an invalid memory location.

Cc: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Hannes Reinecke <hare@suse.de>
Tested-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Acked-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>

FIXME: Be consistent - all 4 mempool_frees should clear this?
---
drivers/md/dm-mpath.c |    4 +++-
 drivers/md/dm-mpath.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Index: linux-3.3-rc7/drivers/md/dm-mpath.c
===================================================================
--- linux-3.3-rc7.orig/drivers/md/dm-mpath.c
+++ linux-3.3-rc7/drivers/md/dm-mpath.c
@@ -920,8 +920,10 @@ static int multipath_map(struct dm_targe
 	map_context->ptr = mpio;
 	clone->cmd_flags |= REQ_FAILFAST_TRANSPORT;
 	r = map_io(m, clone, mpio, 0);
-	if (r < 0 || r == DM_MAPIO_REQUEUE)
+	if (r < 0 || r == DM_MAPIO_REQUEUE) {
+		map_context->ptr = NULL;
 		mempool_free(mpio, m->mpio_pool);
+	}
 
 	return r;
 }