media-session: deal with global id race conditions

To resolve monitor and policy core global ids racing with each other, use separate registry event handlers for both cores. Each handles only their own objects, determined by where the object handle was created. Postpone handling of policy core new global events after monitor sync, which orders them after the corresponding monitor proxy and registry events. Monitor core is then more up-to-date, so we resolve id clashes in favor of monitor globals, which avoids duplicate objects. Fix use-after-free by tracking whether a monitor holds references to sm_object. Keep also objects pending for id in a list, so that they can be cleaned up on session_shutdown (monitors may leak objects at shutdown, because spa objectinfo events won't be handled then). Caveats: Zombie objects may still created if policy core is late by several events, but in those cases the corresponding remove events are already in the queue. Also, there's a (theoretical) possibility that pw_registry_bind will bind the wrong object, if the registry event is handled too late and an id is reused by the server. For details, see reverted 77e4fdb1e4 for which this is a another approach.
2025-11-11 13:30:07 -05:00 · 2021-02-27 14:55:13 +02:00 · 2021-02-27 14:55:13 +02:00 · 5b8c7c405d
commit 5b8c7c405d
parent 864d0148c2
5 changed files with 330 additions and 116 deletions
--- a/src/examples/media-session/bluez-monitor.c
+++ b/src/examples/media-session/bluez-monitor.c
@ -302,8 +302,8 @@ static void bluez_device_event(void *data, const struct spa_event *event)
 				pw_node_set_param((struct pw_node*)node->snode->obj.proxy,
 					SPA_PARAM_Props, 0, props);
 			} else {
-				pw_log_warn("device %p: node %d not ready for volume yet",
-						device, id);
+				pw_log_warn("device %p: node %d object:%p not ready for volume yet",
+						device, id, node->snode);
 			}
 		}
 		break;