On Wed, 27 Jan 2021 00:56:41 +0300 Alexander Ovechkin wrote:
> Commit e5f0e8f8e456 ("net: sched: introduce and use qdisc tree flush/purge
> helpers")
> introduced qdisc tree flush/purge helpers, but erroneously used flush helper
> instead of purge helper in qdisc_replace function.
> This issue was found in our CI, that tests various qdisc setups by configuring
> qdisc and sending data through it. Call of invalid helper sporadically leads
> to corruption of vt_tree/cf_tree of hfsc_class that causes kernel oops:
The patch in question indeed does change the code, but I wonder if the
problem isn't in HFSC. Why would the caller depend on the old qdisc
being purged by qdisc_replace()?
Please add some more info on this..
> Fixes: e5f0e8f8e456 ("net: sched: introduce and use qdisc tree flush/purge
> helpers")
... fix the tag (it shouldn't be wrapped), and CC the right people
(especially the author of the patch you're pointing the tag at -
scripts/get_maintainer is your friend), and repost.
> Signed-off-by: Alexander Ovechkin <o...@yandex-team.ru>
> Reported-by: Alexander Kuznetsov <w...@yandex-team.ru>
> Acked-by: Dmitry Monakhov <dmtrmonak...@yandex-team.ru>
> Acked-by: Dmitry Yakunin <z...@yandex-team.ru>
> ---
> include/net/sch_generic.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/net/sch_generic.h b/include/net/sch_generic.h
> index 639e465a108f..5b490b5591df 100644
> --- a/include/net/sch_generic.h
> +++ b/include/net/sch_generic.h
> @@ -1143,7 +1143,7 @@ static inline struct Qdisc *qdisc_replace(struct Qdisc
> *sch, struct Qdisc *new,
> old = *pold;
> *pold = new;
> if (old != NULL)
> - qdisc_tree_flush_backlog(old);
> + qdisc_purge_queue(old);
> sch_tree_unlock(sch);
>
> return old;
