mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-26 11:32:01 -05:00
ae01ec2823
The reference counting and isc_timer_attach()/isc_timer_detach() semantic are actually misleading because it cannot be used under normal conditions. The usual conditions under which is timer used uses the object where timer is used as argument to the "timer" itself. This means that when the caller is using `isc_timer_detach()` it needs the timer to stop and the isc_timer_detach() does that only if this would be the last reference. Unfortunately, this also means that if the timer is attached elsewhere and the timer is fired it will most likely be use-after-free, because the object used in the timer no longer exists. Remove the reference counting from the isc_timer unit, remove isc_timer_attach() function and rename isc_timer_detach() to isc_timer_destroy() to better reflect how the API needs to be used. The only caveat is that the already executed event must be destroyed before the isc_timer_destroy() is called because the timer is no longet attached to .ev_destroy_arg.
225 lines
5.2 KiB
C
225 lines
5.2 KiB
C
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
/*****
|
|
***** Module Info
|
|
*****/
|
|
|
|
/*! \file isc/timer.h
|
|
* \brief Provides timers which are event sources in the task system.
|
|
*
|
|
* Three types of timers are supported:
|
|
*
|
|
*\li 'ticker' timers generate a periodic tick event.
|
|
*
|
|
*\li 'once' timers generate an timeout event if the time reaches
|
|
* the set interval.
|
|
*
|
|
*\li 'inactive' timers generate no events.
|
|
*
|
|
* Timers can change type. It is typical to create a timer as
|
|
* an 'inactive' timer and then change it into a 'ticker' or
|
|
* 'once' timer.
|
|
*
|
|
*\li MP:
|
|
* The module ensures appropriate synchronization of data structures it
|
|
* creates and manipulates.
|
|
* Clients of this module must not be holding a timer's task's lock when
|
|
* making a call that affects that timer. Failure to follow this rule
|
|
* can result in deadlock.
|
|
* The caller must ensure that isc_timermgr_destroy() is called only
|
|
* once for a given manager.
|
|
*
|
|
* \li Reliability:
|
|
* No anticipated impact.
|
|
*
|
|
* \li Resources:
|
|
* TBS
|
|
*
|
|
* \li Security:
|
|
* No anticipated impact.
|
|
*
|
|
* \li Standards:
|
|
* None.
|
|
*/
|
|
|
|
/***
|
|
*** Imports
|
|
***/
|
|
|
|
#include <stdbool.h>
|
|
|
|
#include <isc/event.h>
|
|
#include <isc/eventclass.h>
|
|
#include <isc/lang.h>
|
|
#include <isc/time.h>
|
|
#include <isc/types.h>
|
|
|
|
ISC_LANG_BEGINDECLS
|
|
|
|
/***
|
|
*** Types
|
|
***/
|
|
|
|
/*% Timer Type */
|
|
typedef enum {
|
|
isc_timertype_undefined = -1, /*%< Undefined */
|
|
isc_timertype_ticker = 0, /*%< Ticker */
|
|
isc_timertype_once = 1, /*%< Once */
|
|
isc_timertype_inactive = 3 /*%< Inactive */
|
|
} isc_timertype_t;
|
|
|
|
typedef struct isc_timerevent isc_timerevent_t;
|
|
|
|
struct isc_timerevent {
|
|
struct isc_event common;
|
|
isc_time_t due;
|
|
ISC_LINK(isc_timerevent_t) ev_timerlink;
|
|
};
|
|
|
|
#define ISC_TIMEREVENT_TICK (ISC_EVENTCLASS_TIMER + 0)
|
|
#define ISC_TIMEREVENT_ONCE (ISC_EVENTCLASS_TIMER + 1)
|
|
|
|
/***
|
|
*** Timer and Timer Manager Functions
|
|
***
|
|
*** Note: all Ensures conditions apply only if the result is success for
|
|
*** those functions which return an isc_result_t.
|
|
***/
|
|
|
|
void
|
|
isc_timer_create(isc_timermgr_t *manager, isc_task_t *task,
|
|
isc_taskaction_t action, void *arg, isc_timer_t **timerp);
|
|
/*%<
|
|
* Create a new 'type' timer managed by 'manager'. The timers parameters
|
|
* are specified by 'expires' and 'interval'. Events will be posted to
|
|
* 'task' and when dispatched 'action' will be called with 'arg' as the
|
|
* arg value. The new timer is returned in 'timerp'.
|
|
*
|
|
* Requires:
|
|
*
|
|
*\li 'manager' is a valid manager
|
|
*
|
|
*\li 'task' is a valid task
|
|
*
|
|
*\li 'action' is a valid action
|
|
*
|
|
*\li 'expires' points to a valid time, or is NULL.
|
|
*
|
|
*\li 'interval' points to a valid interval, or is NULL.
|
|
*
|
|
*\li type == isc_timertype_inactive ||
|
|
* ('expires' and 'interval' are not both 0)
|
|
*
|
|
*\li 'timerp' is a valid pointer, and *timerp == NULL
|
|
*
|
|
* Ensures:
|
|
*
|
|
*\li '*timerp' is attached to the newly created timer
|
|
*
|
|
*\li The timer is attached to the task
|
|
*
|
|
*\li An idle timeout will not be generated until at least Now + the
|
|
* timer's interval if 'timer' is a once timer with a non-zero
|
|
* interval.
|
|
*
|
|
* Returns:
|
|
*
|
|
*\li Success
|
|
*\li No memory
|
|
*\li Unexpected error
|
|
*/
|
|
|
|
isc_result_t
|
|
isc_timer_reset(isc_timer_t *timer, isc_timertype_t type,
|
|
const isc_interval_t *interval, bool purge);
|
|
/*%<
|
|
* Change the timer's type, and interval values to the given
|
|
* values. If 'purge' is TRUE, any pending events from this timer
|
|
* are purged from its task's event queue.
|
|
*
|
|
* Notes:
|
|
*
|
|
*\li For ticker timers, the timer will generate a 'tick' event every
|
|
* 'interval' seconds.
|
|
*
|
|
*\li For once timers, 'interval' specifies how long the timer
|
|
* can be idle before it generates an idle timeout. If 0, then no
|
|
* idle timeout will be generated.
|
|
*
|
|
*\li If 'interval' is NULL, the zero interval will be used.
|
|
*
|
|
* Requires:
|
|
*
|
|
*\li 'timer' is a valid timer
|
|
*
|
|
*\li 'interval' points to a valid interval, or is NULL.
|
|
*
|
|
*
|
|
* Ensures:
|
|
*
|
|
*\li An idle timeout will not be generated until at least Now + the
|
|
* timer's interval if 'timer' is a once timer with a non-zero
|
|
* interval.
|
|
*
|
|
* Returns:
|
|
*
|
|
*\li Success
|
|
*\li No memory
|
|
*\li Unexpected error
|
|
*/
|
|
|
|
void
|
|
isc_timer_destroy(isc_timer_t **timerp);
|
|
/*%<
|
|
* Destroy *timerp.
|
|
*
|
|
* Requires:
|
|
*
|
|
*\li 'timerp' points to a valid timer.
|
|
*
|
|
* Ensures:
|
|
*
|
|
*\li *timerp is NULL.
|
|
*
|
|
*\code
|
|
* The timer will be shutdown
|
|
*
|
|
* The timer will detach from its task
|
|
*
|
|
* All resources used by the timer have been freed
|
|
*
|
|
* Any events already posted by the timer will be purged.
|
|
* Therefore, if isc_timer_destroy() is called in the context
|
|
* of the timer's task, it is guaranteed that no more
|
|
* timer event callbacks will run after the call.
|
|
*
|
|
* If this function is called from the timer event callback
|
|
* the event itself must be destroyed before the timer
|
|
* itself.
|
|
*\endcode
|
|
*/
|
|
|
|
isc_timertype_t
|
|
isc_timer_gettype(isc_timer_t *timer);
|
|
/*%<
|
|
* Return the timer type.
|
|
*
|
|
* Requires:
|
|
*
|
|
*\li 'timer' to be a valid timer.
|
|
*/
|
|
|
|
ISC_LANG_ENDDECLS
|