From 8db5ff2bddd8ee1a4211c7e44263b7245b4c1aa6 Mon Sep 17 00:00:00 2001
From: wuzhouhui <wuzhouhui@kingsoft.com>
Date: Fri, 14 Dec 2018 16:55:11 +0800
Subject: [PATCH] reduce: _allocate_vol_requests: set pointer to NULL after
 freed

If _allocate_vol_requests() failed, the caller will call
_init_load_cleanup() to free memory that _allocate_vol_requests()
already freed, and cause segment fault. Setting pointer to NULL keeps
_init_load_cleanup() is safe to free it again.

Change-Id: I9ad09eabf6b65350f174bd5a4faf5ee643cbd23f
Signed-off-by: wuzhouhui <wuzhouhui@kingsoft.com>
Reviewed-on: https://review.gerrithub.io/437292
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Chandler-Test-Pool: SPDK Automated Test System <sys_sgsw@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
---
 lib/reduce/reduce.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/reduce/reduce.c b/lib/reduce/reduce.c
index fd5e6f0d4..045f52827 100644
--- a/lib/reduce/reduce.c
+++ b/lib/reduce/reduce.c
@@ -287,6 +287,7 @@ _allocate_vol_requests(struct spdk_reduce_vol *vol)
 	vol->request_mem = calloc(REDUCE_NUM_VOL_REQUESTS, sizeof(*req));
 	if (vol->request_mem == NULL) {
 		spdk_dma_free(vol->reqbufspace);
+		vol->reqbufspace = NULL;
 		return -ENOMEM;
 	}
 
@@ -295,6 +296,8 @@ _allocate_vol_requests(struct spdk_reduce_vol *vol)
 	if (vol->buf_iov_mem == NULL) {
 		free(vol->request_mem);
 		spdk_dma_free(vol->reqbufspace);
+		vol->request_mem = NULL;
+		vol->reqbufspace = NULL;
 		return -ENOMEM;
 	}