On Sat, 5 Nov 2022 14:13:14 -0700
Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> And trying "when != ptr->timer" actually does the right thing in that
> it gets rid of the case where the timer is modified outside of the
> del_timer() case, *but* it also causes odd other changes to the
> output.
>
> Look at what it generates for that
>
> drivers/media/usb/pvrusb2/pvrusb2-hdw.c
>
> file, which finds a lot of triggers with the "when != ptr->timer",
> but only does one without it.
I added an expression, and it appears to work:
At least for this case.
@@
expression E;
identifier ptr, timer, rfield, slab;
@@
(
- del_timer(&ptr->timer);
+ timer_shutdown(&ptr->timer);
|
- del_timer_sync(&ptr->timer);
+ timer_shutdown_sync(&ptr->timer);
)
... when != ptr->timer.function = E;
(
kfree_rcu(ptr, rfield);
|
kmem_cache_free(slab, ptr);
|
kfree(ptr);
)
Now I need to add return and goto cases here.
-- Steve
