Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 14:13:14 -0700 Linus Torvalds wrote: > (Comparing output is also fun because the ordering of the patches is > random, so consecutive runs with the same rule will give different > patches. I assume that it's just because it's done in parallel, but it > doesn't help the "try to see what changes when you change the script" > ;) What I do to compare is: patch -p1 < cocci1.patch git commit -a git show | patch -p1 -R patch -p1 < cocci2.patch git diff Then I see how things changed. This is how I was able to show you the tweaks I made. -- Steve
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 14:13:14 -0700 Linus Torvalds wrote: > And trying "when != ptr->timer" actually does the right thing in that > it gets rid of the case where the timer is modified outside of the > del_timer() case, *but* it also causes odd other changes to the > output. > > Look at what it generates for that > >drivers/media/usb/pvrusb2/pvrusb2-hdw.c > > file, which finds a lot of triggers with the "when != ptr->timer", > but only does one without it. I added an expression, and it appears to work: At least for this case. @@ expression E; identifier ptr, timer, rfield, slab; @@ ( - del_timer(&ptr->timer); + timer_shutdown(&ptr->timer); | - del_timer_sync(&ptr->timer); + timer_shutdown_sync(&ptr->timer); ) ... when != ptr->timer.function = E; ( kfree_rcu(ptr, rfield); | kmem_cache_free(slab, ptr); | kfree(ptr); ) Now I need to add return and goto cases here. -- Steve
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, Nov 5, 2022 at 2:03 PM Jason A. Donenfeld wrote: > > Something that might help here is changing the `...` into > `... when exists` or into `... when != ptr` or similar. I actually tried that. You don't want "when exists", you'd want "when forall", but that seems to be the default. And trying "when != ptr->timer" actually does the right thing in that it gets rid of the case where the timer is modified outside of the del_timer() case, *but* it also causes odd other changes to the output. Look at what it generates for that drivers/media/usb/pvrusb2/pvrusb2-hdw.c file, which finds a lot of triggers with the "when != ptr->timer", but only does one without it. So I gave up, just because I clearly don't understand the rules. (Comparing output is also fun because the ordering of the patches is random, so consecutive runs with the same rule will give different patches. I assume that it's just because it's done in parallel, but it doesn't help the "try to see what changes when you change the script" ;) Linus
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, Nov 05, 2022 at 12:36:42PM -0400, Steven Rostedt wrote: > --8< > @@ > identifier ptr, timer, rfield, slab; > @@ > ( > - del_timer(&ptr->timer); > + timer_shutdown(&ptr->timer); > | > - del_timer_sync(&ptr->timer); > + timer_shutdown_sync(&ptr->timer); > ) > ... > ( > kfree_rcu(ptr, rfield); > | > kmem_cache_free(slab, ptr); > | > kfree(ptr); > ) > -->8 Something that might help here is changing the `...` into `... when exists` or into `... when != ptr` or similar. See this section of the manual: https://coccinelle.gitlabpages.inria.fr/website/docs/main_grammar004.html Jason
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, Nov 05, 2022 at 02:00:24AM -0400, Steven Rostedt wrote: > > Back in April, I posted an RFC patch set to help mitigate a common issue > where a timer gets armed just before it is freed, and when the timer > goes off, it crashes in the timer code without any evidence of who the > culprit was. I got side tracked and never finished up on that patch set. > Since this type of crash is still our #1 crash we are seeing in the field, > it has become a priority again to finish it. > > The last version of that patch set is here: > > https://lore.kernel.org/all/20221104054053.431922...@goodmis.org/ > > I'm calling this version 4a as it only has obvious changes were the timer that > is being shutdown is in the same function where it will be freed or released, > as this series should be "safe" for adding. I'll be calling the other patches > 4b for the next merge window. > For the series, as far as my testbed goes: Build results: total: 152 pass: 152 fail: 0 Qemu test results: total: 500 pass: 500 fail: 0 No runtime crashes or warnings observed. Tested-by: Guenter Roeck Guenter
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, Nov 5, 2022 at 11:04 AM Steven Rostedt wrote: > > Here's the changes I made after running the script Please. No. What part of "I don't want extra crud" was I unclear on? I'm not interested in converting everything. That's clearly a 6.,2 issue, possibly even longer considering how complicated the networking side has been. I'm not AT ALL interested in "oh, I then added my own small cleanups on top to random files because I happened to notice them". Repeat after me: "If the script didn't catch them, they weren't trivially obvious". And it does seem that right now the script itself is a bit too generous, which is why it didn't notice that sometimes there wasn't a kfree after all because of a goto around it. So clearly that "..." doesn't really work, I think it accepts "_any_ path leads to the second situation" rather than "_all_ paths lead to the second situation". But yeah, my coccinelle-foo is very weak too, and maybe there's no pattern for "no flow control". I would also like the coccinelle script to notice the "timer is used afterwards", so that it does *not* modify that case that does del_timer(&dch->timer); dch->timer.function = NULL; since now the timer is modified in between the del_timer() and the kfree. Again, that timer modification is then made pointless by changing the del_timer() to a "timer_shutdown()", but at that point it is no longer a "so obvious non-semantic change that it should be scripted". At that point it's a manual thing. So I think the "..." in your script should be "no flow control, and no access to the timer", but do not know how to do that in coccinelle. Julia? And this thread has way too many participants, I suspect some email systems will just mark it as spam as a result. Which is partly *why* I would like to get rid of noisy changes that really don't matter - but I would like it to be truly mindlessly obvious that there are *zero* questions about it, and absolutely no manual intervention because the patch is so strict that it's just unquestionably correct. Linus
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 14:03:56 -0400
Steven Rostedt wrote:
> --- a/drivers/isdn/hardware/mISDN/hfcmulti.c
> +++ b/drivers/isdn/hardware/mISDN/hfcmulti.c
> @@ -4544,7 +4544,7 @@ release_port(struct hfc_multi *hc, struct dchannel *dch)
> spin_lock_irqsave(&hc->lock, flags);
>
> if (dch->timer.function) {
> - del_timer(&dch->timer);
> + timer_shutdown(&dch->timer);
> dch->timer.function = NULL;
> }
>
I still hate the above.
-- Steve
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 12:36:42 -0400 Steven Rostedt wrote: > --8< > @@ > identifier ptr, timer, rfield, slab; > @@ > ( > - del_timer(&ptr->timer); > + timer_shutdown(&ptr->timer); > | > - del_timer_sync(&ptr->timer); > + timer_shutdown_sync(&ptr->timer); > ) > ... > ( > kfree_rcu(ptr, rfield); > | > kmem_cache_free(slab, ptr); > | > kfree(ptr); > ) > -->8 Below is the result of the above patch, but I did do the following modifications because of the one case where it it exited the function after the del_timer(). And the other case was that it doesn't handle multiple timers for the same object. Here's the changes I made after running the script: diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/sta.c b/drivers/net/wireless/intel/iwlwifi/mvm/sta.c index 76ea44cebd90..cbd8053a9e35 100644 --- a/drivers/net/wireless/intel/iwlwifi/mvm/sta.c +++ b/drivers/net/wireless/intel/iwlwifi/mvm/sta.c @@ -2826,7 +2826,7 @@ int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta, /* synchronize all rx queues so we can safely delete */ iwl_mvm_free_reorder(mvm, baid_data); - timer_shutdown_sync(&baid_data->session_timer); + del_timer_sync(&baid_data->session_timer); RCU_INIT_POINTER(mvm->baid_map[baid], NULL); kfree_rcu(baid_data, rcu_head); IWL_DEBUG_HT(mvm, "BAID %d is free\n", baid); diff --git a/drivers/net/wireless/microchip/wilc1000/hif.c b/drivers/net/wireless/microchip/wilc1000/hif.c index 3414feb1763f..131f9fd97c37 100644 --- a/drivers/net/wireless/microchip/wilc1000/hif.c +++ b/drivers/net/wireless/microchip/wilc1000/hif.c @@ -1520,8 +1520,8 @@ int wilc_deinit(struct wilc_vif *vif) mutex_lock(&vif->wilc->deinit_lock); - del_timer_sync(&hif_drv->scan_timer); - del_timer_sync(&hif_drv->connect_timer); + timer_shutdown_sync(&hif_drv->scan_timer); + timer_shutdown_sync(&hif_drv->connect_timer); del_timer_sync(&vif->periodic_rssi); timer_shutdown_sync(&hif_drv->remain_on_ch_timer); And below is the script plus the above changes: Is that acceptable after adding patches 2-5 and removing the del_singleshot_timer_sync() change? -- Steve From: "Steven Rostedt (Google)" Subject: [PATCH] treewide: Convert del_timer*() to timer_shutdown*() I used the coccinelle script to make the below changes: @@ identifier ptr, timer, rfield, slab; @@ ( - del_timer(&ptr->timer); + timer_shutdown(&ptr->timer); | - del_timer_sync(&ptr->timer); + timer_shutdown_sync(&ptr->timer); ) ... ( kfree_rcu(ptr, rfield); | kmem_cache_free(slab, ptr); | kfree(ptr); ) Signed-off-by: Steven Rostedt (Google) --- arch/sh/drivers/push-switch.c | 2 +- block/blk-iocost.c | 2 +- block/blk-iolatency.c | 2 +- block/kyber-iosched.c | 2 +- drivers/acpi/apei/ghes.c | 2 +- drivers/atm/idt77252.c | 4 ++-- drivers/block/drbd/drbd_main.c | 2 +- drivers/block/loop.c | 2 +- drivers/bluetooth/hci_bcsp.c | 2 +- drivers/bluetooth/hci_qca.c| 2 +- drivers/gpu/drm/i915/i915_sw_fence.c | 2 +- drivers/hid/hid-wiimote-core.c | 2 +- drivers/input/keyboard/locomokbd.c | 2 +- drivers/input/keyboard/omap-keypad.c | 2 +- drivers/input/mouse/alps.c | 2 +- drivers/isdn/hardware/mISDN/hfcmulti.c | 2 +- drivers/isdn/mISDN/l1oip_core.c| 2 +- drivers/isdn/mISDN/timerdev.c | 4 ++-- drivers/leds/trigger/ledtrig-activity.c| 2 +- drivers/leds/trigger/ledtrig-heartbeat.c | 2 +- drivers/leds/trigger/ledtrig-pattern.c | 2 +- drivers/leds/trigger/ledtrig-transient.c | 2 +- drivers/media/pci/ivtv/ivtv-driver.c | 2 +- drivers/media/usb/pvrusb2/pvrusb2-hdw.c| 4 ++-- drivers/media/usb/s2255/s2255drv.c | 4 ++-- drivers/net/ethernet/intel/i40e/i40e_main.c| 6 +++--- drivers/net/ethernet/marvell/sky2.c| 2 +- drivers/net/ethernet/sun/sunvnet.c | 2 +- drivers/net/usb/sierra_net.c | 2 +- drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 2 +- drivers/net/wireless/intersil/hostap/hostap_ap.c | 2 +- drivers/net/wireless/marvell/mwifiex/main.c| 2 +- drivers/net/wireless/microchip/wilc1000/hif.c | 6 +++--- drivers/nfc/pn533/pn533.c | 2 +- drivers/nfc/pn533/uart.c | 2 +- drivers/pcmcia/bcm63xx_pcmcia.c
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 08:59:36 -0700
Linus Torvalds wrote:
> Others in the series were *definitely* not scripted, doing clearly
> manual cleanups:
>
> -if (dch->timer.function) {
> -del_timer(&dch->timer);
> -dch->timer.function = NULL;
> -}
> +timer_shutdown(&dch->timer);
>
> so no, this does *not* make me feel "ok, this is all trivial".
I just ran the script and the above code turned to:
diff --git a/drivers/isdn/hardware/mISDN/hfcmulti.c
b/drivers/isdn/hardware/mISDN/hfcmulti.c
index 4f7eaa17fb27..2695bbde52db 100644
--- a/drivers/isdn/hardware/mISDN/hfcmulti.c
+++ b/drivers/isdn/hardware/mISDN/hfcmulti.c
@@ -4544,7 +4544,7 @@ release_port(struct hfc_multi *hc, struct dchannel *dch)
spin_lock_irqsave(&hc->lock, flags);
if (dch->timer.function) {
- del_timer(&dch->timer);
+ timer_shutdown(&dch->timer);
dch->timer.function = NULL;
}
Which is silly. Because timer_shutdown() makes timer.function = NULL.
That's why I changed it. And it really shouldn't be touching
timer.function anyway.
-- Steve
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 12:36:42 -0400
Steven Rostedt wrote:
> On Sat, 5 Nov 2022 08:59:36 -0700
> Linus Torvalds wrote:
>
> > On Fri, Nov 4, 2022 at 11:01 PM Steven Rostedt wrote:
> >
> > >
> > > Patch 1 fixes an issue with sunrpc/xprt where it incorrectly uses
> > > del_singleshot_timer_sync() for something that is not a oneshot timer. As
> > > this
> > > will be converted to shutdown, this needs to be fixed first.
> >
> > So this is the kind of thing that I would *not* want to get eartly.
>
> So I'll have to break up patch 5 to not update the
> del_singleshot_timer_sync() to a timer_shutdown_sync(), because that
> breaks this code.
>
> Hmm, since that is a functional change, it probably should wait till
> the merge window. I'll move this patch and that part of patch 5 to the
> second part of the series for the merge window.
>
> >
> > I really would want to get just the infrastructure in to let people
> > start doing conversions.
> >
> > And then the "mindlessly obvious patches that are done by scripting
> > and can not possibly matter".
> >
> > The kinds that do not *need* review, because they are mechanical, and
> > that just cause pointless noise for the rest of the patches that *do*
> > want review.
> >
> > Not this kind of thing that is so subtle that you have to explain it.
> > That's not a "scripted patch for no semantic change".
> >
> > So leave the del_singleshot_timer_sync() cases alone, they are
> > irrelevant for the new infrastructure and for the "mindless scripted
> > conversion" patches.
> >
> > > Patches 2-4 changes existing timer_shutdown() functions used locally in
> > > ARM and
> > > some drivers to better namespace names.
> >
> > Ok, these are relevant.
> >
> > > Patch 5 implements the new timer_shutdown() and timer_shutdown_sync()
> > > functions
> > > that disable re-arming the timer after they are called.
> >
> > This is obviously what I'd want early so that people can start doign
> > this in their trees.
>
> But will need to remove the part that it changes del_singleshot_timer_sync().
>
>
> >
> > > Patches 6-28 change all the locations where there's a kfree(),
> > > kfree_rcu(),
> > > kmem_cache_free() and one call_rcu() call where the RCU function frees the
> > > timer (the workqueue patch) in the same function as the
> > > del_timer{,_sync}() is
> > > called on that timer, and there's no extra exit path between the
> > > del_timer and
> > > freeing of the timer.
> >
> > So honestly, I was literally hoping for a "this is the coccinelle
> > script" kind of patch.
>
> The above actual was, but I walked through them manually too, because I
> don't trust my conccinelle skills. All but the call_rcu() one was
> caught by conccinelle. That's why I pointed out the worqueue one. I'll
> remove that from this series.
>
> >
> > Now there seems to be a number of patches here that are actualyl
> > really hard to see that they are "obviously correct" and I can't tell
> > if they are actually scripted or not.
>
> Yes they are. The script that found these were:
>
Julia,
Perhaps you can help me here. I have the following script to find
places that call del_timer*() that need to be converted to
timer_shutdown*() if later on in the same function the timer is being
freed.
> --8<
> @@
> identifier ptr, timer, rfield, slab;
> @@
> (
> - del_timer(&ptr->timer);
> + timer_shutdown(&ptr->timer);
> |
> - del_timer_sync(&ptr->timer);
> + timer_shutdown_sync(&ptr->timer);
> )
> ...
> (
> kfree_rcu(ptr, rfield);
> |
> kmem_cache_free(slab, ptr);
> |
> kfree(ptr);
> )
> -->8
>
Above is the code I used. But it gets more than it should, see below.
> So any function that had a del_timer*(&obj->timer) and then that obj
> was freed with kfree(), kfree_rcu() or kmem_cache_free() was updated.
>
> What I did manually was to make sure there was no exit of the routine
> between those two calls. I'm sure coccinelle could do that too, but I'm
> not good enough at it to add that feature.
>
> The reason the patches don't look obvious is because the distance
> between the del_timer() and the free may be quite far. I walked through
> these patches at least 3 times manually to make sure they are all OK.
>
>
> >
> > They don't *look* scripted, but I can't really tell. I looked at the
> > patches with ten lines of context, and I didn't see the immediately
> > following kfree() even in that expanded patch context, so it's fairly
> > far away.
>
> Yes, some are like a 100 lines away.
>
> >
> > Others in the series were *definitely* not scripted, doing clearly
> > manual cleanups:
> >
> > -if (dch->timer.function) {
> > -del_timer(&dch->timer);
> > -dch->timer.function = NULL;
> > -}
> > +timer_shutdown(&dch->timer);
> >
> > so no, this does *not* make me feel "ok, this is all trivial".
>
> Sor
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 08:59:36 -0700
Linus Torvalds wrote:
> On Fri, Nov 4, 2022 at 11:01 PM Steven Rostedt wrote:
> >
> > Patch 1 fixes an issue with sunrpc/xprt where it incorrectly uses
> > del_singleshot_timer_sync() for something that is not a oneshot timer. As
> > this
> > will be converted to shutdown, this needs to be fixed first.
>
> So this is the kind of thing that I would *not* want to get eartly.
So I'll have to break up patch 5 to not update the
del_singleshot_timer_sync() to a timer_shutdown_sync(), because that
breaks this code.
Hmm, since that is a functional change, it probably should wait till
the merge window. I'll move this patch and that part of patch 5 to the
second part of the series for the merge window.
>
> I really would want to get just the infrastructure in to let people
> start doing conversions.
>
> And then the "mindlessly obvious patches that are done by scripting
> and can not possibly matter".
>
> The kinds that do not *need* review, because they are mechanical, and
> that just cause pointless noise for the rest of the patches that *do*
> want review.
>
> Not this kind of thing that is so subtle that you have to explain it.
> That's not a "scripted patch for no semantic change".
>
> So leave the del_singleshot_timer_sync() cases alone, they are
> irrelevant for the new infrastructure and for the "mindless scripted
> conversion" patches.
>
> > Patches 2-4 changes existing timer_shutdown() functions used locally in ARM
> > and
> > some drivers to better namespace names.
>
> Ok, these are relevant.
>
> > Patch 5 implements the new timer_shutdown() and timer_shutdown_sync()
> > functions
> > that disable re-arming the timer after they are called.
>
> This is obviously what I'd want early so that people can start doign
> this in their trees.
But will need to remove the part that it changes del_singleshot_timer_sync().
>
> > Patches 6-28 change all the locations where there's a kfree(), kfree_rcu(),
> > kmem_cache_free() and one call_rcu() call where the RCU function frees the
> > timer (the workqueue patch) in the same function as the del_timer{,_sync}()
> > is
> > called on that timer, and there's no extra exit path between the del_timer
> > and
> > freeing of the timer.
>
> So honestly, I was literally hoping for a "this is the coccinelle
> script" kind of patch.
The above actual was, but I walked through them manually too, because I
don't trust my conccinelle skills. All but the call_rcu() one was
caught by conccinelle. That's why I pointed out the worqueue one. I'll
remove that from this series.
>
> Now there seems to be a number of patches here that are actualyl
> really hard to see that they are "obviously correct" and I can't tell
> if they are actually scripted or not.
Yes they are. The script that found these were:
--8<
@@
identifier ptr, timer, rfield, slab;
@@
(
- del_timer(&ptr->timer);
+ timer_shutdown(&ptr->timer);
|
- del_timer_sync(&ptr->timer);
+ timer_shutdown_sync(&ptr->timer);
)
...
(
kfree_rcu(ptr, rfield);
|
kmem_cache_free(slab, ptr);
|
kfree(ptr);
)
-->8
So any function that had a del_timer*(&obj->timer) and then that obj
was freed with kfree(), kfree_rcu() or kmem_cache_free() was updated.
What I did manually was to make sure there was no exit of the routine
between those two calls. I'm sure coccinelle could do that too, but I'm
not good enough at it to add that feature.
The reason the patches don't look obvious is because the distance
between the del_timer() and the free may be quite far. I walked through
these patches at least 3 times manually to make sure they are all OK.
>
> They don't *look* scripted, but I can't really tell. I looked at the
> patches with ten lines of context, and I didn't see the immediately
> following kfree() even in that expanded patch context, so it's fairly
> far away.
Yes, some are like a 100 lines away.
>
> Others in the series were *definitely* not scripted, doing clearly
> manual cleanups:
>
> -if (dch->timer.function) {
> -del_timer(&dch->timer);
> -dch->timer.function = NULL;
> -}
> +timer_shutdown(&dch->timer);
>
> so no, this does *not* make me feel "ok, this is all trivial".
Sorry, I'll remove that. It's basically open-coding the
timer_shutdown() as the way it shuts down the timer is simply by
setting the timer.function to NULL.
>
> IOW, I'd really want *just* the infrastructure and *just* the provably
> trivial stuff. If it wasn't some scripted really obvious thing that
> cannot possibly change anything and that wasn't then edited manually
> for some reason, I really don't want it early.
>
> IOW, any early conversions I'd take are literally about removing pure
> mindless noise. Not about doing conversions.
>
> And I wouldn't mind it as a single conversion patch that has the
> coccinelle script as
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Fri, Nov 4, 2022 at 11:01 PM Steven Rostedt wrote:
>
> Patch 1 fixes an issue with sunrpc/xprt where it incorrectly uses
> del_singleshot_timer_sync() for something that is not a oneshot timer. As this
> will be converted to shutdown, this needs to be fixed first.
So this is the kind of thing that I would *not* want to get eartly.
I really would want to get just the infrastructure in to let people
start doing conversions.
And then the "mindlessly obvious patches that are done by scripting
and can not possibly matter".
The kinds that do not *need* review, because they are mechanical, and
that just cause pointless noise for the rest of the patches that *do*
want review.
Not this kind of thing that is so subtle that you have to explain it.
That's not a "scripted patch for no semantic change".
So leave the del_singleshot_timer_sync() cases alone, they are
irrelevant for the new infrastructure and for the "mindless scripted
conversion" patches.
> Patches 2-4 changes existing timer_shutdown() functions used locally in ARM
> and
> some drivers to better namespace names.
Ok, these are relevant.
> Patch 5 implements the new timer_shutdown() and timer_shutdown_sync()
> functions
> that disable re-arming the timer after they are called.
This is obviously what I'd want early so that people can start doign
this in their trees.
> Patches 6-28 change all the locations where there's a kfree(), kfree_rcu(),
> kmem_cache_free() and one call_rcu() call where the RCU function frees the
> timer (the workqueue patch) in the same function as the del_timer{,_sync}() is
> called on that timer, and there's no extra exit path between the del_timer and
> freeing of the timer.
So honestly, I was literally hoping for a "this is the coccinelle
script" kind of patch.
Now there seems to be a number of patches here that are actualyl
really hard to see that they are "obviously correct" and I can't tell
if they are actually scripted or not.
They don't *look* scripted, but I can't really tell. I looked at the
patches with ten lines of context, and I didn't see the immediately
following kfree() even in that expanded patch context, so it's fairly
far away.
Others in the series were *definitely* not scripted, doing clearly
manual cleanups:
-if (dch->timer.function) {
-del_timer(&dch->timer);
-dch->timer.function = NULL;
-}
+timer_shutdown(&dch->timer);
so no, this does *not* make me feel "ok, this is all trivial".
IOW, I'd really want *just* the infrastructure and *just* the provably
trivial stuff. If it wasn't some scripted really obvious thing that
cannot possibly change anything and that wasn't then edited manually
for some reason, I really don't want it early.
IOW, any early conversions I'd take are literally about removing pure
mindless noise. Not about doing conversions.
And I wouldn't mind it as a single conversion patch that has the
coccinelle script as the explanation.
Really just THAT kind of "100% mindless conversion".
Linus
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, 5 Nov 2022 07:18:17 -0700 Guenter Roeck wrote: > Just in case you didn't notice: > > Looking through the resulting code, I think some of the remaining > calls to del_singleshot_timer_sync() can be converted as well. > > The calls in drivers/staging/wlan-ng/prism2usb.c:prism2sta_disconnect_usb() > are obvious (the containing data structure is freed in the same function). > For drivers/char/tpm/tpm-dev-common.c:tpm_common_release(), the containing > data structure is freed in the calling code. Well, actually it is. In patch 5/38: -#define del_singleshot_timer_sync(t) del_timer_sync(t) +#define del_singleshot_timer_sync(t) timer_shutdown_sync(t) This was the reason for patch 1. It was the only user of that function that reused the timer after calling that function. -- Steve
Re: [PATCH v4a 00/38] timers: Use timer_shutdown*() before freeing timers
On Sat, Nov 05, 2022 at 02:00:24AM -0400, Steven Rostedt wrote: > > Back in April, I posted an RFC patch set to help mitigate a common issue > where a timer gets armed just before it is freed, and when the timer > goes off, it crashes in the timer code without any evidence of who the > culprit was. I got side tracked and never finished up on that patch set. > Since this type of crash is still our #1 crash we are seeing in the field, > it has become a priority again to finish it. > > The last version of that patch set is here: > > https://lore.kernel.org/all/20221104054053.431922...@goodmis.org/ > > I'm calling this version 4a as it only has obvious changes were the timer that > is being shutdown is in the same function where it will be freed or released, > as this series should be "safe" for adding. I'll be calling the other patches > 4b for the next merge window. > Just in case you didn't notice: Looking through the resulting code, I think some of the remaining calls to del_singleshot_timer_sync() can be converted as well. The calls in drivers/staging/wlan-ng/prism2usb.c:prism2sta_disconnect_usb() are obvious (the containing data structure is freed in the same function). For drivers/char/tpm/tpm-dev-common.c:tpm_common_release(), the containing data structure is freed in the calling code. Thanks, Guenter
