| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
(Taken from Michal's #17274 by Lennart, and slightly adjusted)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's a concept of "rate limiting" to event sources: if specific event
sources fire too often in some time interval temporarily take them
offline, and take them back online once the interval passed.
This is a simple scheme of avoiding starvation of event sources if some
event source fires too often.
This introduces the new conceptual states of "offline" and "online" for
event sources: an event source is "online" only when enabled *and* not
ratelimited, and offline in all other cases. An event source that is
online hence has its fds registered in the epoll, its signals in the
signalfd and so on.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
source objects
So far we used these fields to organize the earliest/latest timer event
priority queue. In a follow-up commit we want to introduce ratelimiting
to event sources, at which point we want any kind of event source to be
able to trigger time wakeups, and hence they all need to be included in
the earliest/latest prioqs. Thus, in preparation let's make this
generic.
No change in behaviour, just some shifting around of struct members from
the type-specific to the generic part.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
sd_event_prepare() invokes callbacks that might drop the last user ref
on our event loop. Let's make sure we keep an explicit ref around it, so
that we won't end up with an invalid pointer. Similar in sd_event_run().
Basically, any function that is publically callable that might end up
invoking callbacks should ref the relevant objects to be protected
against callbacks destroying these objects while we still want to access
them. We did this correctly in sd_event_dispatch() and sd_event_loop(),
but these are not the only ones which are callable from the outside.
|
|
|
|
| |
Otherwise it's a bit confusing what this is about: two timestamps.
|
|
|
|
|
|
|
| |
earliest/latest prioq
Just some refactoring that makes code prettier, and will come handy
later, because we can reuse these functions at more places.
|
|
|
|
|
| |
Just some simple refactoring, that will make things easier for us later.
But it looks better this way even without the later function reuse.
|
| |
|
|
|
|
|
| |
s/sizeof/ELEMENTSOF/
Bug introduced in 34b87517749caa4142b19eb3c63bdf349fafbc49.
|
|
|
|
|
| |
With this change the pattern used for epoll_ctl() is the same in all calls in
this file. Consistency FTW!
|
|
|
|
|
| |
Neither source_child_pidfd_register() nor event_make_signal_data() look at
n_enabled_child_sources.
|
|
|
|
|
|
|
|
|
|
|
| |
Coverity in CID#1435966 was complaining that s->enabled is not "restored" in
all cases. But the code was actually correct, since it should only be
"restored" in the error paths. But let's still make this prettier by not setting
the state before all operations that may fail are done.
We need to set .enabled for the prioq reshuffling operations, so move those down.
No functional change intended.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sd_event_source_set_enabled()
So far half of sd_event_source_set_enabled() was doing enabling, the
other half was doing disabling. Let's split that into two separate
calls.
(This also adds a new shortcut to sd_event_source_set_enabled(): if the
caller toggles between "ON" and "ONESHOT" we'll now shortcut this, since
the event source is already enabled in that case and shall remain
enabled.)
This heavily borrows and is inspired from Michal Sekletár's #17284
refactoring.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We typically don't just reshuffle a single prioq at once, but always
two. Let's add two helper functions that do this, and reuse them
everywhere.
(Note that this drops one minor optimization:
sd_event_source_set_time_accuracy() previously only reshuffled the
"latest" prioq, since changing the accuracy has no effect on the
earliest time of an event source, just the latest time an event source
can run. This optimization is removed to simplify things, given that
it's not really worth the effort as prioq_reshuffle() on properly
ordered prioqs has practically zero cost O(1)).
(Slightly generalized, commented and split out of #17284 by Lennart)
|
| |
|
| |
|
|
|
|
|
|
| |
assignment
And while we are at it, fix one incorrect error propagation.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also, document this functionality more prominently, including with a
reference from sd_event_exit().
This is mostly to make things complete, as previously we supported NULL
callbacks only in _add_time() and _add_signal(). However, I think this
makes snese for IO event sources too (think: when some fd such as a pipe
end sees SIGHUP or so, exit), as well as defer or post event sources (i.e. exit
once we got nothing else to do). This also adds support for inotify
event sources, simply to complete things (I can't see the immediate use,
but maybe someone else comes up with it).
The only event source type that doesn't allow callback=NULL now are exit
callbacks, but for them they make little sense, as the event loop is
exiting then anyway.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, if an event source callback returns an error, we'll disable
the event source and continue. This adds a per-event source flag that if
turned on goes further: the event loop is also exited, propagating the
error code.
This is inspired by some patterns repeatedly seen in #15206.
The idea is that event sources that server the "primary" function of a
program are marked like this, so that if they fail the failure is
instantly propagated and terminates the program.
|
| |
|
|
|
|
|
|
|
| |
We frequently want to set a timer relative to the current time. Let's
add an explicit API for this. This not only saves us a few lines of code
everywhere and simplifies things, but also allows us to do correct
overflow checking.
|
|
|
|
|
|
|
|
|
| |
Patch contains a coccinelle script, but it only works in some cases. Many
parts were converted by hand.
Note: I did not fix errors in return value handing. This will be done separate
to keep the patch comprehensible. No functional change is intended in this
patch.
|
| |
|
|
|
|
| |
Inspired by #14353.
|
|
|
|
|
| |
Prettify certain parts of the codebase using coccinelle transformations
(no functional changes).
|
|
|
|
|
| |
We might have quite a number of event sources, hence allocate this in a
buffer we can reuse on the heap, rather than on the stack.
|
|
|
|
| |
one they are default for
|
| |
|
|
|
|
|
|
|
| |
We already refuse sd_event_add_signal() if the specified signal is not
blocked, let's do this also for sd_event_add_child(), since we might
need signalfd() to implement this, and this means the signal needs to be
blocked.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for watching for process exits via Linux new pidfd
concept. This makes watching processes and killing them race-free if
properly used, fixing a long-standing UNIX misdesign.
This patch adds implicit and explicit pidfd support to sd-event: if a
process shall be watched and is specified by PID we will now internally
create a pidfd for it and use that, if available. Alternatively a new
constructor for child process event sources is added that takes pidfds
as input.
Besides mere watching of child processes via pidfd two additional
features are added:
→ sd_event_source_send_child_signal() allows sending a signal to the
process being watched in the safest way possible (wrapping
the new pidfd_send_signal() syscall).
→ sd_event_source_set_child_process_own() allows marking a process
watched for destruction as soon as the event source is freed. This is
currently implemented in userspace, but hopefully will become a kernel
feature eventually.
Altogether this means an sd_event_source object is now a safe and stable
concept for referencing processes in race-free way, with automatic
fallback to pre-pidfd kernels.
Note that this patch adds support for this only to sd-event, not to PID
1. That's because PID 1 needs to use waitid(P_ALL) for reaping any
process that might get reparented to it. This currently semantically
conflicts with pidfd use for watching processes since we P_ALL is
undirected and thus might reap process earlier than the pidfd notifies
process end, which is hard to handle. The kernel will likely gain a
concept for excluding specific pidfds from P_ALL watching, as soon as
that is around we can start making use of this in PID 1 too.
|
| |
|
| |
|
| |
|
|
|
|
| |
This fixes fd closing if fd ownership is requested.
|
|
|
|
| |
Fixes CID#1393252
|
|
|
|
|
| |
Ubuntu autopkgtests print output from all tests, and test-event produces
a lot of it. Let's cut it down to reasonable size.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Just some source rearranging.
|
|
|
|
| |
We already have event_free_inotify_data() and event_free_inode_data().
|
|\
| |
| | |
hashmap: make hashmap_free() call destructors of key or value
|
| | |
|
|/
|
|
|
|
|
|
| |
This splits out a bunch of functions from fileio.c that have to do with
temporary files. Simply to make the header files a bit shorter, and to
group things more nicely.
No code changes, just some rearranging of source files.
|