From: "KAMBAROV, ZAUR" <kambarov@berkeley.edu>

cpufreq_cpu_get() called in line

199  		data = cpufreq_cpu_get(cpu);

and defined in /drivers/cpufreq/cpufreq.c
can return NULL and its return value is checked after 11  out of 12 calls.
We have added checks before places/calls where "data" is dereferenced

Signed-off-by: Zaur Kambarov <zkambarov@coverity.com>
Cc: Dave Jones <davej@codemonkey.org.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 drivers/cpufreq/cpufreq_stats.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletion(-)

diff -puN drivers/cpufreq/cpufreq_stats.c~coverity-cpufreq-check-cpufreq_cpu_get-return drivers/cpufreq/cpufreq_stats.c
--- 25/drivers/cpufreq/cpufreq_stats.c~coverity-cpufreq-check-cpufreq_cpu_get-return	2005-06-15 16:58:59.000000000 -0700
+++ 25-akpm/drivers/cpufreq/cpufreq_stats.c	2005-06-15 16:58:59.000000000 -0700
@@ -190,6 +190,7 @@ cpufreq_stats_create_table (struct cpufr
 	struct cpufreq_policy *data;
 	unsigned int alloc_size;
 	unsigned int cpu = policy->cpu;
+
 	if (cpufreq_stats_table[cpu])
 		return -EBUSY;
 	if ((stat = kmalloc(sizeof(struct cpufreq_stats), GFP_KERNEL)) == NULL)
@@ -197,6 +198,10 @@ cpufreq_stats_create_table (struct cpufr
 	memset(stat, 0, sizeof (struct cpufreq_stats));
 
 	data = cpufreq_cpu_get(cpu);
+	if (!data) {
+		ret = -EINVAL;
+		goto error_out_1;
+	}
 	if ((ret = sysfs_create_group(&data->kobj, &stats_attr_group)))
 		goto error_out;
 
@@ -242,8 +247,9 @@ cpufreq_stats_create_table (struct cpufr
 	spin_unlock(&cpufreq_stats_lock);
 	cpufreq_cpu_put(data);
 	return 0;
-error_out:
+error_out_1:
 	cpufreq_cpu_put(data);
+error_out:
 	kfree(stat);
 	cpufreq_stats_table[cpu] = NULL;
 	return ret;
_