From: Thomas Gleixner tglx@linutronix.de
mainline inclusion from mainline-v6.2-rc1 commit d02e382cef06cc73561dd32dfdc171c00dcc416d category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I7R8WG
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
Tearing down timers which have circular dependencies to other functionality, e.g. workqueues, where the timer can schedule work and work can arm timers, is not trivial.
In those cases it is desired to shutdown the timer in a way which prevents rearming of the timer. The mechanism to do so is to set timer->function to NULL and use this as an indicator for the timer arming functions to ignore the (re)arm request.
In preparation for that replace the warnings in the relevant code paths with checks for timer->function == NULL. If the pointer is NULL, then discard the rearm request silently.
Add debug_assert_init() instead of the WARN_ON_ONCE(!timer->function) checks so that debug objects can warn about non-initialized timers.
The warning of debug objects does not warn if timer->function == NULL. It warns when timer was not initialized using timer_setup[_on_stack]() or via DEFINE_TIMER(). If developers fail to enable debug objects and then waste lots of time to figure out why their non-initialized timer is not firing, they deserve it. Same for initializing a timer with a NULL function.
Co-developed-by: Steven Rostedt rostedt@goodmis.org Signed-off-by: Steven Rostedt rostedt@goodmis.org Signed-off-by: Thomas Gleixner tglx@linutronix.de Tested-by: Guenter Roeck linux@roeck-us.net Reviewed-by: Jacob Keller jacob.e.keller@intel.com Reviewed-by: Anna-Maria Behnsen anna-maria@linutronix.de Link: https://lore.kernel.org/all/20220407161745.7d6754b3@gandalf.local.home Link: https://lore.kernel.org/all/20221110064101.429013735@goodmis.org Link: https://lore.kernel.org/r/87wn7kdann.ffs@tglx
Conflicts: kernel/time/timer.c Signed-off-by: Yu Liao liaoyu15@huawei.com --- kernel/time/timer.c | 47 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-)
diff --git a/kernel/time/timer.c b/kernel/time/timer.c index fed6a1572fad..93e6c7ffa15e 100644 --- a/kernel/time/timer.c +++ b/kernel/time/timer.c @@ -968,7 +968,7 @@ __mod_timer(struct timer_list *timer, unsigned long expires, unsigned int option unsigned long clk = 0, flags; int ret = 0;
- BUG_ON(!timer->function); + debug_assert_init(timer);
/* * This is a common optimization triggered by the networking code - if @@ -995,6 +995,14 @@ __mod_timer(struct timer_list *timer, unsigned long expires, unsigned int option * dequeue/enqueue dance. */ base = lock_timer_base(timer, &flags); + /* + * Has @timer been shutdown? This needs to be evaluated + * while holding base lock to prevent a race against the + * shutdown code. + */ + if (!timer->function) + goto out_unlock; + forward_timer_base(base);
if (timer_pending(timer) && (options & MOD_TIMER_REDUCE) && @@ -1021,6 +1029,14 @@ __mod_timer(struct timer_list *timer, unsigned long expires, unsigned int option } } else { base = lock_timer_base(timer, &flags); + /* + * Has @timer been shutdown? This needs to be evaluated + * while holding base lock to prevent a race against the + * shutdown code. + */ + if (!timer->function) + goto out_unlock; + forward_timer_base(base); }
@@ -1083,6 +1099,8 @@ __mod_timer(struct timer_list *timer, unsigned long expires, unsigned int option * but will not re-activate and modify already deleted timers. * * It is useful for unserialized use of timers. + * If @timer->function == NULL then the start operation is silently + * discarded. */ int mod_timer_pending(struct timer_list *timer, unsigned long expires) { @@ -1109,6 +1127,9 @@ EXPORT_SYMBOL(mod_timer_pending); * The function returns whether it has modified a pending timer or not. * (ie. mod_timer() of an inactive timer returns 0, mod_timer() of an * active timer returns 1.) + * + * If @timer->function == NULL then the start operation is silently + * discarded. In this case the return value is 0 and meaningless. */ int mod_timer(struct timer_list *timer, unsigned long expires) { @@ -1124,6 +1145,9 @@ EXPORT_SYMBOL(mod_timer); * timer_reduce() is very similar to mod_timer(), except that it will only * modify a running timer if that would reduce the expiration time (it will * start a timer that isn't running). + * + * If @timer->function == NULL then the start operation is silently + * discarded. */ int timer_reduce(struct timer_list *timer, unsigned long expires) { @@ -1142,6 +1166,9 @@ EXPORT_SYMBOL(timer_reduce); * The timer's ->expires, ->function fields must be set prior calling this * function. * + * If @timer->function == NULL then the start operation is silently + * discarded. + * * Timers with an ->expires field in the past will be executed in the next * timer tick. */ @@ -1165,7 +1192,9 @@ void add_timer_on(struct timer_list *timer, int cpu) struct timer_base *new_base, *base; unsigned long flags;
- if (WARN_ON_ONCE(timer_pending(timer) || !timer->function)) + debug_assert_init(timer); + + if (WARN_ON_ONCE(timer_pending(timer))) return;
new_base = get_timer_cpu_base(timer->flags, cpu); @@ -1176,6 +1205,13 @@ void add_timer_on(struct timer_list *timer, int cpu) * wrong base locked. See lock_timer_base(). */ base = lock_timer_base(timer, &flags); + /* + * Has @timer been shutdown? This needs to be evaluated while + * holding base lock to prevent a race against the shutdown code. + */ + if (!timer->function) + goto out_unlock; + if (base != new_base) { timer->flags |= TIMER_MIGRATING;
@@ -1189,6 +1225,7 @@ void add_timer_on(struct timer_list *timer, int cpu)
debug_activate(timer, timer->expires); internal_add_timer(base, timer); +out_unlock: raw_spin_unlock_irqrestore(&base->lock, flags); } EXPORT_SYMBOL_GPL(add_timer_on); @@ -1369,6 +1406,12 @@ static void expire_timers(struct timer_base *base, struct hlist_head *head)
fn = timer->function;
+ if (WARN_ON_ONCE(!fn)) { + /* Should never happen. Emphasis on should! */ + base->running_timer = NULL; + continue; + } + if (timer->flags & TIMER_IRQSAFE) { raw_spin_unlock(&base->lock); call_timer_fn(timer, fn);