From patchwork Tue Nov 15 20:28:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Gleixner X-Patchwork-Id: 13044140 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7976AC4332F for ; Tue, 15 Nov 2022 20:30:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238370AbiKOUaU (ORCPT ); Tue, 15 Nov 2022 15:30:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37908 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231646AbiKOU3v (ORCPT ); Tue, 15 Nov 2022 15:29:51 -0500 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A4F3C2C65C; Tue, 15 Nov 2022 12:28:51 -0800 (PST) Message-ID: <20221115202117.560506554@linutronix.de> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1668544130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: references:references; bh=SxmsamQKO8OkpV2q7TQuf2k1ewfFDi/3K4xIkU+U+FA=; b=ZrKO38gF+2iYdI0mZW42EdhLVffO2HDAY5Qlmu6U35oVTvzQgn37kNusNfS4zFw/Xv1IpI Cfhqi84/3Pj3FWCF1Rmk76SbVjJ3RXrUGSshc9S336mQ/za9grPJhelKgpNXVRkBJSAfXC M4vEhW5clGgEpri/vWQ5KHUH5KJo7tI2OSIyqrGW3HscobQSuEiGrcsCntOWeO23Hkd/U2 sQpzzrRzLS99G4MWjLeu9ylvpUA1pslVF8K/0mO43BzkugatvNYAE1gxwt2n4MNAL75G8E anACnCNlMLl3L0TPN0rYjbBuwCyV72FniUoluZo2o9eziNmauPZn0mdLdj1Ozw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1668544130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: references:references; bh=SxmsamQKO8OkpV2q7TQuf2k1ewfFDi/3K4xIkU+U+FA=; b=d6TOZiz/wlnmLvLXJoDwcXe/phqBW/oIPCdnJ5iSWkiCzcYNsyrfqVUqvxafZVM6bZsDOA yQTgdVhsGI5jPTCg== From: Thomas Gleixner To: LKML Cc: Linus Torvalds , Steven Rostedt , Anna-Maria Behnsen , Peter Zijlstra , Stephen Boyd , Guenter Roeck , Andrew Morton , Julia Lawall , Arnd Bergmann , Viresh Kumar , Marc Zyngier , Marcel Holtmann , Johan Hedberg , Luiz Augusto von Dentz , linux-bluetooth@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org Subject: [patch 10/15] timers: Silently ignore timers with a NULL function References: <20221115195802.415956561@linutronix.de> MIME-Version: 1.0 Date: Tue, 15 Nov 2022 21:28:49 +0100 (CET) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Tearing down timers which have circular dependencies to other functionality, e.g. workqueues, where the timer can schedule work and work can arm timers is not trivial. In those cases it is desired to shutdown the timer in a way which prevents rearming of the timer. The mechanism to do so it to set timer->function to NULL and use this as an indicator for the timer arming functions to ignore the (re)arm request. In preparation for that replace the warnings in the relevant code pathes with checks for timer->function == NULL and discard the rearm request silently. Add debug_assert_init() instead of the WARN_ON_ONCE(!timer->function) checks so that debug objects can warn about non-initialized timers. If developers fail to enable debug objects and then waste lots of time to figure out why their non-initialized timer is not firing, they deserve it. Co-developed-by: Steven Rostedt Signed-off-by: Steven Rostedt Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20220407161745.7d6754b3@gandalf.local.home Link: https://lore.kernel.org/all/20221110064101.429013735@goodmis.org --- kernel/time/timer.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-) --- a/kernel/time/timer.c +++ b/kernel/time/timer.c @@ -1017,7 +1017,7 @@ static inline int unsigned int idx = UINT_MAX; int ret = 0; - BUG_ON(!timer->function); + debug_assert_init(timer); /* * This is a common optimization triggered by the networking code - if @@ -1044,6 +1044,14 @@ static inline int * dequeue/enqueue dance. */ base = lock_timer_base(timer, &flags); + /* + * Has @timer been shutdown? This needs to be evaluated + * while holding base lock to prevent a race against the + * shutdown code. + */ + if (!timer->function) + goto out_unlock; + forward_timer_base(base); if (timer_pending(timer) && (options & MOD_TIMER_REDUCE) && @@ -1070,6 +1078,14 @@ static inline int } } else { base = lock_timer_base(timer, &flags); + /* + * Has @timer been shutdown? This needs to be evaluated + * while holding base lock to prevent a race against the + * shutdown code. + */ + if (!timer->function) + goto out_unlock; + forward_timer_base(base); } @@ -1128,6 +1144,9 @@ static inline int * mod_timer_pending() is the same for pending timers as mod_timer(), but * will not activate inactive timers. * + * If @timer->function == NULL then the start operation is silently + * discarded. + * * Return: * * %0 - The timer was inactive and not modified * * %1 - The timer was active and requeued to expire at @expires @@ -1154,6 +1173,9 @@ EXPORT_SYMBOL(mod_timer_pending); * same timer, then mod_timer() is the only safe way to modify the timeout, * since add_timer() cannot modify an already running timer. * + * If @timer->function == NULL then the start operation is silently + * discarded, the return value is 0 and meaningless. + * * Return: * * %0 - The timer was inactive and started * * %1 - The timer was active and requeued to expire at @expires or @@ -1175,6 +1197,9 @@ EXPORT_SYMBOL(mod_timer); * modify an enqueued timer if that would reduce the expiration time. If * @timer is not enqueued it starts the timer. * + * If @timer->function == NULL then the start operation is silently + * discarded. + * * Return: * * %0 - The timer was inactive and started * * %1 - The timer was active and requeued to expire at @expires or @@ -1201,6 +1226,9 @@ EXPORT_SYMBOL(timer_reduce); * * If @timer->expires is already in the past @timer will be queued to * expire at the next timer tick. + * + * If @timer->function == NULL then the start operation is silently + * discarded. */ void add_timer(struct timer_list *timer) { @@ -1217,13 +1245,18 @@ EXPORT_SYMBOL(add_timer); * * This can only operate on an inactive timer. Attempts to invoke this on * an active timer are rejected with a warning. + * + * If @timer->function == NULL then the start operation is silently + * discarded. */ void add_timer_on(struct timer_list *timer, int cpu) { struct timer_base *new_base, *base; unsigned long flags; - if (WARN_ON_ONCE(timer_pending(timer) || !timer->function)) + debug_assert_init(timer); + + if (WARN_ON_ONCE(timer_pending(timer))) return; new_base = get_timer_cpu_base(timer->flags, cpu); @@ -1234,6 +1267,13 @@ void add_timer_on(struct timer_list *tim * wrong base locked. See lock_timer_base(). */ base = lock_timer_base(timer, &flags); + /* + * Has @timer been shutdown? This needs to be evaluated while + * holding base lock to prevent a race against the shutdown code. + */ + if (!timer->function) + goto out_unlock; + if (base != new_base) { timer->flags |= TIMER_MIGRATING; @@ -1247,6 +1287,7 @@ void add_timer_on(struct timer_list *tim debug_timer_activate(timer); internal_add_timer(base, timer); +out_unlock: raw_spin_unlock_irqrestore(&base->lock, flags); } EXPORT_SYMBOL_GPL(add_timer_on); @@ -1532,6 +1573,12 @@ static void expire_timers(struct timer_b fn = timer->function; + if (WARN_ON_ONCE(!fn)) { + /* Should never happen. Emphasis on should! */ + base->running_timer = NULL; + return; + } + if (timer->flags & TIMER_IRQSAFE) { raw_spin_unlock(&base->lock); call_timer_fn(timer, fn, baseclk);