[PATCH] Main loop cannot handle recursion in poll
@kristian
Submitted by Kristian Rietveld Link to original bug (#704374)
Description
Created attachment 249367 Proposed patch
g_main_context_iterate() creates a cached_poll_array that is passed to the various main loop functions. One of the problems is that g_main_context_iterate() keeps the address to this array around in a local variable. This way, the function cannot handle recursion in g_main_context_poll(), which happens on OS X. The recursion might re-allocate the cached poll array, so the call after g_main_context_poll() at the base level will access freed memory.
The proposed solution is to always use context->cached_poll_array. This is done in the attached patch. I chose to continue to use nfds instead of context->cached_poll_array_size, so that the number of monitored FDs does not suddenly increase in the base level invocation of g_main_context_iterate().
Pitfall: what happens if FDs are removed for monitoring in a recursing poll? We do know that the cached_poll_array never shrinks, so that's good. But what does this mean for the usage of nfds at the base level of recursion?
Patch 249367, "Proposed patch":
0001-Make-g_main_context_iterate-resilient-to-recursion-i.patch
Version: 2.37.x