ubifs: skip dumping tnc tree when zroot is null

Clearing slab cache will free all znode in memory and make
c->zroot.znode = NULL, then dumping tnc tree will access
c->zroot.znode which cause null pointer dereference.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=219624#c0
Fixes: 1e51764a3c2a ("UBIFS: add new flash file system")
Signed-off-by: pangliyuan <pangliyuan1@huawei.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>

diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
index 987eb5b6782ab0339bbab948236dd0014d661409..b01f382ce8db0c3f9dc8e492f5c308591d123a36 100644 (file)
--- a/fs/ubifs/debug.c
+++ b/fs/ubifs/debug.c
@@ -945,16 +945,20 @@ void ubifs_dump_tnc(struct ubifs_info *c)
 
        pr_err("\n");
        pr_err("(pid %d) start dumping TNC tree\n", current->pid);
-       znode = ubifs_tnc_levelorder_next(c, c->zroot.znode, NULL);
-       level = znode->level;
-       pr_err("== Level %d ==\n", level);
-       while (znode) {
-               if (level != znode->level) {
-                       level = znode->level;
-                       pr_err("== Level %d ==\n", level);
+       if (c->zroot.znode) {
+               znode = ubifs_tnc_levelorder_next(c, c->zroot.znode, NULL);
+               level = znode->level;
+               pr_err("== Level %d ==\n", level);
+               while (znode) {
+                       if (level != znode->level) {
+                               level = znode->level;
+                               pr_err("== Level %d ==\n", level);
+                       }
+                       ubifs_dump_znode(c, znode);
+                       znode = ubifs_tnc_levelorder_next(c, c->zroot.znode, znode);
                }
-               ubifs_dump_znode(c, znode);
-               znode = ubifs_tnc_levelorder_next(c, c->zroot.znode, znode);
+       } else {
+               pr_err("empty TNC tree in memory\n");
        }
        pr_err("(pid %d) finish dumping TNC tree\n", current->pid);
 }