From 5f8e93c3e262ab518c9e8f9a5bb2b391b3d64be9 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Tue, 15 Dec 2020 15:41:04 +0000 Subject: [PATCH] util/qemu-timer: Make timer_free() imply timer_del() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently timer_free() is a simple wrapper for g_free(). This means that the timer being freed must not be currently active, as otherwise QEMU might crash later when the active list is processed and still has a pointer to freed memory on it. As a result almost all calls to timer_free() are preceded by a timer_del() call, as can be seen in the output of git grep -B1 '\' This is unfortunate API design as it makes it easy to accidentally misuse (by forgetting the timer_del()), and the correct use is annoyingly verbose. Make timer_free() imply a timer_del(). Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Message-id: 20201215154107.3255-2-peter.maydell@linaro.org --- include/qemu/timer.h | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/include/qemu/timer.h b/include/qemu/timer.h index bdecc5b41f..61296ea980 100644 --- a/include/qemu/timer.h +++ b/include/qemu/timer.h @@ -609,17 +609,6 @@ static inline QEMUTimer *timer_new_ms(QEMUClockType type, QEMUTimerCB *cb, */ void timer_deinit(QEMUTimer *ts); -/** - * timer_free: - * @ts: the timer - * - * Free a timer (it must not be on the active list) - */ -static inline void timer_free(QEMUTimer *ts) -{ - g_free(ts); -} - /** * timer_del: * @ts: the timer @@ -631,6 +620,19 @@ static inline void timer_free(QEMUTimer *ts) */ void timer_del(QEMUTimer *ts); +/** + * timer_free: + * @ts: the timer + * + * Free a timer. This will call timer_del() for you to remove + * the timer from the active list if it was still active. + */ +static inline void timer_free(QEMUTimer *ts) +{ + timer_del(ts); + g_free(ts); +} + /** * timer_mod_ns: * @ts: the timer