mirror of
https://gitlab.freedesktop.org/pipewire/pipewire.git
synced 2025-10-29 05:40:27 -04:00
f93b3b23a3
Because we can now destroy sources (and free the source structure) by simply holding the lock, there is a window where we might access the freed source. When we in iterate release the lock and go into the epoll, another thread might acquire the lock and delete the fd from epoll. This might happen right after epoll detected activity on the fd. When iterate manages to acquire the lock again, it will process to dispatch the active fd and deref the ep.data pointer, which is now pointing to freed memory. Fix this by incrementing a removed_count whenever we remove a source. Check the counter if it was the same as before the epoll otherwise we can't assume all sources are alive still. Return in that case as if there were no fds to poll. The caller should reenter the iterate at some point and we will return all the fds with activity, minus the one that got destroyed. We need to give control to the caller because part of the removal could be to stop the loop iteration all together. |
||
|---|---|---|
| .. | ||
| cpu-arm.c | ||
| cpu-riscv.c | ||
| cpu-x86.c | ||
| cpu.c | ||
| dbus.c | ||
| evl-plugin.c | ||
| evl-system.c | ||
| journal.c | ||
| logger.c | ||
| loop.c | ||
| meson.build | ||
| node-driver.c | ||
| null-audio-sink.c | ||
| plugin.c | ||
| system.c | ||