[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87cz9qttdb.ffs@tglx>
Date: Sun, 13 Nov 2022 22:52:16 +0100
From: Thomas Gleixner <tglx@...utronix.de>
To: Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Stephen Boyd <sboyd@...nel.org>,
Guenter Roeck <linux@...ck-us.net>,
Anna-Maria Gleixner <anna-maria@...utronix.de>,
Andrew Morton <akpm@...ux-foundation.org>,
Julia Lawall <Julia.Lawall@...ia.fr>
Subject: Re: [PATCH v6 4/6] timers: Add timer_shutdown_sync() to be called
before freeing timers
On Thu, Nov 10 2022 at 01:41, Steven Rostedt wrote:
$Subject: -ENOPARSE
timers: Provide timer_shutdown_sync()
and then have some reasonable explanation in the change log?
> We are hitting a common bug were a timer is being triggered after it
> is
We are hitting? Talking in pluralis majestatis by now?
> freed. This causes a corruption in the timer link list and crashes the
> kernel. Unfortunately it is not easy to know what timer it was that was
Well, that's not entirely true. debugobjects can tell you exactly what
happens.
> freed. Looking at the code, it appears that there are several cases that
> del_timer() is used when del_timer_sync() should have been.
> diff --git a/kernel/time/timer.c b/kernel/time/timer.c
> index 717fcb9fb14a..111a3550b3f2 100644
> --- a/kernel/time/timer.c
> +++ b/kernel/time/timer.c
> @@ -1017,7 +1017,8 @@ __mod_timer(struct timer_list *timer, unsigned long expires, unsigned int option
> unsigned int idx = UINT_MAX;
> int ret = 0;
>
> - BUG_ON(!timer->function);
> + if (WARN_ON_ONCE(!timer->function))
> + return -EINVAL;
Can you please make these BUG -> WARN conversions a separate patch?
> +/**
> + * timer_shutdown_sync - called before freeing the timer
1) The sentence after the dash starts with an upper case letter as all
sentences do.
2) "called before freeing the timer" tells us what?
See below.
> + * @timer: The timer to be freed
> + *
> + * Shutdown the timer before freeing. This will return when all pending timers
> + * have finished and it is safe to free the timer.
"_ALL_ pending timers have finished?"
This is about exactly _ONE_ timer, i.e. the one which is handed in via
the @timer argument.
You want to educate people to do the right thing and then you go and
provide them uncomprehensible documentation garbage. How is that
supposed to work?
Can you please stop this frenzy and get your act together?
> + *
> + * Note, after calling this, if the timer is added back to the queue
> + * it will fail to be added and a WARNING will be triggered.
There is surely a way to express this so that the average driver writer
who does not have the background of you working on this understands this
"note".
> + *
> + * Returns if it deactivated a pending timer or not.
Please look up the kernel-doc syntax for documenting return values.
Thanks,
tglx
Powered by blists - more mailing lists