From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steven Rostedt Subject: Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers Date: Sat, 5 Nov 2022 17:45:42 -0400 Message-ID: <20221105174542.21bd7e86@rorschach.local.home> References: <20221105060024.598488967@goodmis.org> <20221105123642.596371c7@rorschach.local.home> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-ID: Content-Type: text/plain; charset="us-ascii" To: Linus Torvalds Cc: "Jason A. Donenfeld" , linux-kernel@vger.kernel.org, Thomas Gleixner , Stephen Boyd , Guenter Roeck , Anna-Maria Gleixner , Andrew Morton , rcu@vger.kernel.org, linux-doc@vger.kernel.org, linux-s390@vger.kernel.org, linux-sh@vger.kernel.org, linux-edac@vger.kernel.org, cgroups@vger.kernel.org, linux-block@vger.kernel.org, linux-acpi@vger.kernel.org, linux-atm-general@lists.sourceforge.net, netdev@vger.kernel.org, linux-pm@vger.kernel.org, drbd-dev@lists.linbit.com, linux-bluetooth@vger.kernel.org, openipmi-developer@lists.sourceforge.net, linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, intel-gfx On Sat, 5 Nov 2022 14:13:14 -0700 Linus Torvalds wrote: > And trying "when != ptr->timer" actually does the right thing in that > it gets rid of the case where the timer is modified outside of the > del_timer() case, *but* it also causes odd other changes to the > output. > > Look at what it generates for that > > drivers/media/usb/pvrusb2/pvrusb2-hdw.c > > file, which finds a lot of triggers with the "when != ptr->timer", > but only does one without it. I added an expression, and it appears to work: At least for this case. @@ expression E; identifier ptr, timer, rfield, slab; @@ ( - del_timer(&ptr->timer); + timer_shutdown(&ptr->timer); | - del_timer_sync(&ptr->timer); + timer_shutdown_sync(&ptr->timer); ) ... when != ptr->timer.function = E; ( kfree_rcu(ptr, rfield); | kmem_cache_free(slab, ptr); | kfree(ptr); ) Now I need to add return and goto cases here. -- Steve