On Sat, Nov 05, 2022 at 02:00:24AM -0400, Steven Rostedt wrote:
Back in April, I posted an RFC patch set to help mitigate a common issue where a timer gets armed just before it is freed, and when the timer goes off, it crashes in the timer code without any evidence of who the culprit was. I got side tracked and never finished up on that patch set. Since this type of crash is still our #1 crash we are seeing in the field, it has become a priority again to finish it.
The last version of that patch set is here:
https://lore.kernel.org/all/20221104054053.431922658@goodmis.org/
I'm calling this version 4a as it only has obvious changes were the timer that is being shutdown is in the same function where it will be freed or released, as this series should be "safe" for adding. I'll be calling the other patches 4b for the next merge window.
Just in case you didn't notice:
Looking through the resulting code, I think some of the remaining calls to del_singleshot_timer_sync() can be converted as well.
The calls in drivers/staging/wlan-ng/prism2usb.c:prism2sta_disconnect_usb() are obvious (the containing data structure is freed in the same function). For drivers/char/tpm/tpm-dev-common.c:tpm_common_release(), the containing data structure is freed in the calling code.
Thanks, Guenter