summaryrefslogtreecommitdiffstats
path: root/media/libcubeb/prevent-double-free.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media/libcubeb/prevent-double-free.patch')
-rw-r--r--media/libcubeb/prevent-double-free.patch46
1 files changed, 46 insertions, 0 deletions
diff --git a/media/libcubeb/prevent-double-free.patch b/media/libcubeb/prevent-double-free.patch
new file mode 100644
index 000000000..aa5356d7f
--- /dev/null
+++ b/media/libcubeb/prevent-double-free.patch
@@ -0,0 +1,46 @@
+From f82f15635e09aac4f07d2ddac3d53c84b593d911 Mon Sep 17 00:00:00 2001
+From: Paul Adenot <paul@paul.cx>
+Date: Mon, 16 Jan 2017 04:49:41 -0800
+Subject: [PATCH 1/1] Prevent double-free when doing an emergency bailout from
+ the rendering thread.
+
+This caused gecko bug 1326176.
+
+This was caused by the fact that we would null out `stm->thread` when in
+fact it was still running, so we would delete `stm->emergency_bailout`
+twice, because we would return true from `stop_and_join_thread`.
+---
+ src/cubeb_wasapi.cpp | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/src/cubeb_wasapi.cpp b/src/cubeb_wasapi.cpp
+index 63c12ac..2920b5d 100644
+--- a/src/cubeb_wasapi.cpp
++++ b/src/cubeb_wasapi.cpp
+@@ -1230,13 +1230,18 @@ bool stop_and_join_render_thread(cubeb_stream * stm)
+ rv = false;
+ }
+
+- LOG("Closing thread.");
+
+- CloseHandle(stm->thread);
+- stm->thread = NULL;
++ // Only attempts to close and null out the thread and event if the
++ // WaitForSingleObject above succeeded, so that calling this function again
++ // attemps to clean up the thread and event each time.
++ if (rv) {
++ LOG("Closing thread.");
++ CloseHandle(stm->thread);
++ stm->thread = NULL;
+
+- CloseHandle(stm->shutdown_event);
+- stm->shutdown_event = 0;
++ CloseHandle(stm->shutdown_event);
++ stm->shutdown_event = 0;
++ }
+
+ return rv;
+ }
+--
+2.7.4
+