Fix 'NULL pointer dereference' defects found by Coverity version
6.5.0:
Dereference after null check (FORWARD_NULL)
For instance, Passing null pointer to a function which dereferences
it.
Dereference before null check (REVERSE_INULL)
Null-checking variable suggests that it may be null, but it has
already been dereferenced on all paths leading to the check.
Dereference null return value (NULL_RETURNS)
Signed-off-by: Sebastien Buisson <sebastien.buisson@bull.net>
Signed-off-by: James Nunez <james.a.nunez@intel.com>
Change-Id: Ie04698f49ec7804466962511e3035c00b14b3d8c
Reviewed-on: http://review.whamcloud.com/5868
Tested-by: Hudson
Tested-by: Maloo <whamcloud.maloo@gmail.com>
Reviewed-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>
LUSTRE_SEQ_ZERO_RANGE:
LUSTRE_SEQ_SPACE_RANGE;
LUSTRE_SEQ_ZERO_RANGE:
LUSTRE_SEQ_SPACE_RANGE;
seq->lss_space.lsr_index = ss->ss_node_id;
LCONSOLE_INFO("%s: No data found "
"on store. Initialize space\n",
seq->lss_space.lsr_index = ss->ss_node_id;
LCONSOLE_INFO("%s: No data found "
"on store. Initialize space\n",
int result;
ptr = update_get_buf_internal(reply, index, &size);
int result;
ptr = update_get_buf_internal(reply, index, &size);
result = *(int *)ptr;
if (result < 0)
return result;
result = *(int *)ptr;
if (result < 0)
return result;
- LASSERT((ptr != NULL && size >= sizeof(int)));
+ LASSERT(size >= sizeof(int));
*buf = ptr + sizeof(int);
return size - sizeof(int);
}
*buf = ptr + sizeof(int);
return size - sizeof(int);
}
struct inode *inode = filp->f_dentry->d_inode;
struct ll_file_data *lfd = LUSTRE_FPRIVATE(filp);
struct ll_sb_info *sbi = ll_i2sbi(inode);
struct inode *inode = filp->f_dentry->d_inode;
struct ll_file_data *lfd = LUSTRE_FPRIVATE(filp);
struct ll_sb_info *sbi = ll_i2sbi(inode);
- __u64 pos = lfd->lfd_pos;
int hash64 = sbi->ll_flags & LL_SBI_64BIT_HASH;
int api32 = ll_need_32bit_api(sbi);
int rc;
int hash64 = sbi->ll_flags & LL_SBI_64BIT_HASH;
int api32 = ll_need_32bit_api(sbi);
int rc;
+ if (lfd != NULL)
+ pos = lfd->lfd_pos;
+ else
+ pos = 0;
+
CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p) pos %lu/%llu "
" 32bit_api %d\n", inode->i_ino, inode->i_generation,
inode, (unsigned long)pos, i_size_read(inode), api32);
CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p) pos %lu/%llu "
" 32bit_api %d\n", inode->i_ino, inode->i_generation,
inode, (unsigned long)pos, i_size_read(inode), api32);
GOTO(out, rc = 0);
rc = ll_dir_read(inode, &pos, cookie, filldir);
GOTO(out, rc = 0);
rc = ll_dir_read(inode, &pos, cookie, filldir);
+ if (lfd != NULL)
+ lfd->lfd_pos = pos;
if (pos == MDS_DIR_END_OFF) {
if (api32)
filp->f_pos = LL_DIR_END_OFF_32BIT;
if (pos == MDS_DIR_END_OFF) {
if (api32)
filp->f_pos = LL_DIR_END_OFF_32BIT;
* on 2.4, we use OBD_CONNECT_LVB_TYPE to detect whether the
* server will support REINT_RMENTRY XXX*/
if (!(exp_connect_flags(sbi->ll_md_exp) & OBD_CONNECT_LVB_TYPE))
* on 2.4, we use OBD_CONNECT_LVB_TYPE to detect whether the
* server will support REINT_RMENTRY XXX*/
if (!(exp_connect_flags(sbi->ll_md_exp) & OBD_CONNECT_LVB_TYPE))
filename = ll_getname((const char *)arg);
if (IS_ERR(filename))
filename = ll_getname((const char *)arg);
if (IS_ERR(filename))
static int lov_io_subio_init(const struct lu_env *env, struct lov_io *lio,
struct cl_io *io)
{
static int lov_io_subio_init(const struct lu_env *env, struct lov_io *lio,
struct cl_io *io)
{
- struct lov_stripe_md *lsm = lio->lis_object->lo_lsm;
+ struct lov_stripe_md *lsm;
- LASSERT(lio->lis_object != NULL);
- ENTRY;
+ LASSERT(lio->lis_object != NULL);
+ lsm = lio->lis_object->lo_lsm;
/*
* Need to be optimized, we can't afford to allocate a piece of memory
/*
* Need to be optimized, we can't afford to allocate a piece of memory
*/
rc = -EPROTO;
} else {
*/
rc = -EPROTO;
} else {
- if (info->mti_mdt->mdt_opts.mo_compat_resname)
+ if (info->mti_mdt &&
+ info->mti_mdt->mdt_opts.mo_compat_resname)
rc = mdt_lock_resname_compat(
info->mti_mdt,
dlm_req);
rc = mdt_lock_resname_compat(
info->mti_mdt,
dlm_req);
LASSERT(current->journal_info == NULL);
LASSERT(current->journal_info == NULL);
- if (rc == 0 && (flags & HABEO_CLAVIS) &&
+ if (rc == 0 && (flags & HABEO_CLAVIS) && info->mti_mdt &&
info->mti_mdt->mdt_opts.mo_compat_resname) {
struct ldlm_reply *dlmrep;
info->mti_mdt->mdt_opts.mo_compat_resname) {
struct ldlm_reply *dlmrep;
ENTRY;
env = req->rq_svc_thread->t_env;
ENTRY;
env = req->rq_svc_thread->t_env;
/* Refill(initilize) the context(mdt_thread_info), in case it is
* not initialized yet. Usually it happens during start up, after
* MDS(ptlrpc threads) is start up, it gets the first CONNECT request,
* before MDT_thread_info is initialized */
lu_env_refill(env);
/* Refill(initilize) the context(mdt_thread_info), in case it is
* not initialized yet. Usually it happens during start up, after
* MDS(ptlrpc threads) is start up, it gets the first CONNECT request,
* before MDT_thread_info is initialized */
lu_env_refill(env);
LASSERT(env->le_ses != NULL);
LASSERT(env->le_ctx.lc_thread == req->rq_svc_thread);
info = lu_context_key_get(&env->le_ctx, &mdt_thread_key);
LASSERT(env->le_ses != NULL);
LASSERT(env->le_ctx.lc_thread == req->rq_svc_thread);
info = lu_context_key_get(&env->le_ctx, &mdt_thread_key);
* XXX: probably not very appropriate method is used now
* at some point we should find a better one
*/
* XXX: probably not very appropriate method is used now
* at some point we should find a better one
*/
- if (!test_bit(MDT_FL_SYNCED, &mdt->mdt_state) &&
+ if (!test_bit(MDT_FL_SYNCED, &mdt->mdt_state) && data != NULL &&
!(data->ocd_connect_flags & OBD_CONNECT_LIGHTWEIGHT)) {
rc = obd_health_check(env, mdt->mdt_child_exp->exp_obd);
if (rc)
!(data->ocd_connect_flags & OBD_CONNECT_LIGHTWEIGHT)) {
rc = obd_health_check(env, mdt->mdt_child_exp->exp_obd);
if (rc)
reply = req_capsule_server_sized_get(&req->rq_pill, &RMF_UPDATE_REPLY,
UPDATE_BUFFER_SIZE);
reply = req_capsule_server_sized_get(&req->rq_pill, &RMF_UPDATE_REPLY,
UPDATE_BUFFER_SIZE);
- if (reply->ur_version != UPDATE_REPLY_V1)
+ if (reply == NULL || reply->ur_version != UPDATE_REPLY_V1)
return -EPROTO;
size = update_get_reply_buf(reply, (void **)&wobdo, index);
return -EPROTO;
size = update_get_reply_buf(reply, (void **)&wobdo, index);
if (req != NULL)
ptlrpc_req_finished(req);
if (req != NULL)
ptlrpc_req_finished(req);
- if (update != NULL)
- osp_destroy_update_req(update);
+ osp_destroy_update_req(update);
if (req != NULL)
ptlrpc_req_finished(req);
if (req != NULL)
ptlrpc_req_finished(req);
- if (update != NULL)
- osp_destroy_update_req(update);
+ osp_destroy_update_req(update);
if (req != NULL)
ptlrpc_req_finished(req);
if (req != NULL)
ptlrpc_req_finished(req);
- if (update != NULL)
- osp_destroy_update_req(update);
+ osp_destroy_update_req(update);
/* Prepare the update reply buffer */
update_reply = req_capsule_server_get(pill, &RMF_UPDATE_REPLY);
/* Prepare the update reply buffer */
update_reply = req_capsule_server_get(pill, &RMF_UPDATE_REPLY);
+ if (update_reply == NULL)
+ RETURN(err_serious(-EPROTO));
update_init_reply_buf(update_reply, count);
tti->tti_u.update.tti_update_reply = update_reply;
update_init_reply_buf(update_reply, count);
tti->tti_u.update.tti_update_reply = update_reply;
chk_major = strtok_r(buf, ":", &savept);
chk_minor = savept;
chk_major = strtok_r(buf, ":", &savept);
chk_minor = savept;
- if (major == atoi(chk_major) &&minor == atoi(chk_minor))
+ if (chk_major != NULL && major == atoi(chk_major) &&
+ chk_minor != NULL && minor == atoi(chk_minor))