On Sat, 5 Nov 2022 14:13:14 -0700 Linus Torvalds torvalds@linux-foundation.org wrote:
And trying "when != ptr->timer" actually does the right thing in that it gets rid of the case where the timer is modified outside of the del_timer() case, *but* it also causes odd other changes to the output.
Look at what it generates for that
drivers/media/usb/pvrusb2/pvrusb2-hdw.c
file, which finds a lot of triggers with the "when != ptr->timer", but only does one without it.
I added an expression, and it appears to work:
At least for this case.
@@ expression E; identifier ptr, timer, rfield, slab; @@ ( - del_timer(&ptr->timer); + timer_shutdown(&ptr->timer); | - del_timer_sync(&ptr->timer); + timer_shutdown_sync(&ptr->timer); ) ... when != ptr->timer.function = E; ( kfree_rcu(ptr, rfield); | kmem_cache_free(slab, ptr); | kfree(ptr); )
Now I need to add return and goto cases here.
-- Steve