The timer API: size or type safety?
Posted Dec 7, 2006 5:47 UTC (Thu) by thedevil
Parent article: The timer API: size or type safety?
"if we get it wrong produces a /very/ trivial crash that is trivial to fix"
Perhaps it's just me, but this sounds quite wrong. If the timer_list passed to add_timer is not embedded in any larger structure but the callback expects it to be (or if it is embedded in a larger structure of the wrong type), the callback will simply use whatever random garbage follows the timer_list in kernel memory. This is actually the *worst* kind of bug. It may appear to work most of the time because the following data is zero and the callback interprets zero as some kind of default. Ouch! I am with Viro all the way on this one.
to post comments)