drivers/periph_common/timer: protect timer_set from IRQs

[MichelRottleuthner]

Contribution description

This fixes a concurrency problem in the timer_set implementation.
Somewhere between getting the current time from timer_read(), adding the timeout, and then actually writing it to the timer a thread might be de-scheduled causing the targeted time to be already passed.

Testing procedure

Reading the code + thinking ;)
Running tests/periph_timer and tests/bench_timer but that didn't really show errors before...

Issues/PRs references

[kaspar030]

ACK. About time. 😉

[kaspar030]

I've been doing this in ztimer for a while without problems.

Note that this does not prevent underflows for very small values. E.g., samr21-xpro still underflows for values <8. tests/periph_timer_short_relative_set gives insightful results. Eventually, we should check for valid minimum values.

[MichelRottleuthner]

Eventually, we should check for valid minimum values

Yeah, either within protecting it like you did in ztimer or actually inside of the irq disabled block of this function would be the only reasonable way to do such a check, to not suffer from possible de-scheduling.

[gschorcht]

Is it necessary to use an additional local variable to read the current timer value when no further processing of the current time is taking place, such as testing for underflows?

It's just a question, the compiler will probably generate the same code and keep the current timer value in a register and not require additional stack space.

[MichelRottleuthner]

Yeah I think the compiler will be smarter than me here. There is absolutely no reason to not make it explicitly without this variable. Updated it and squashed directly, thanks!

[kaspar030]

Hah, that was a style nit I chose not to mention. 😉 I also like it much better now.

[MichelRottleuthner]

@kaspar030 I assume your ACK is still valid? Ready to merge?

[kaspar030]

@kaspar030 I assume your ACK is still valid? Ready to merge?

Yes!