Renaming destroy_stream to free_stream_buffers because that's what it does.
wg_parser_disconnect frees all streams on the wg_parser, but free_stream_buffers later calls wg_parser_stream_release_buffer on those streams. It has saved pointers to those in wm_stream->wg_stream, which became dangling pointers after wg_parser_disconnect.
From: Yuxuan Shui yshui@codeweavers.com
Renaming destroy_stream to free_stream_buffers because that's what it does.
wg_parser_disconnect frees all streams on the wg_parser, but free_stream_buffers later calls wg_parser_stream_release_buffer on those streams. It has saved pointers to those in wm_stream->wg_stream, which became dangling pointers after wg_parser_disconnect. --- dlls/winegstreamer/wm_reader.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/dlls/winegstreamer/wm_reader.c b/dlls/winegstreamer/wm_reader.c index 8507d35233a..467662b964c 100644 --- a/dlls/winegstreamer/wm_reader.c +++ b/dlls/winegstreamer/wm_reader.c @@ -1454,7 +1454,7 @@ static const IWMReaderTimecodeVtbl timecode_vtbl = timecode_GetTimecodeRangeBounds, };
-static void destroy_stream(struct wm_reader *reader) +static void free_stream_buffers(struct wm_reader *reader) { unsigned int i;
@@ -1587,6 +1587,9 @@ static HRESULT reinit_stream(struct wm_reader *reader, bool read_compressed) WORD i;
ReleaseSemaphore(reader->read_sem, 1, NULL); + + free_stream_buffers(reader); + wg_parser_disconnect(reader->wg_parser);
EnterCriticalSection(&reader->shutdown_cs); @@ -1598,7 +1601,6 @@ static HRESULT reinit_stream(struct wm_reader *reader, bool read_compressed) reader->read_thread = NULL; reader->read_sem = NULL;
- destroy_stream(reader); wg_parser_destroy(reader->wg_parser); reader->wg_parser = 0;
@@ -1665,7 +1667,7 @@ out_destroy_parser: CloseHandle(reader->read_sem); reader->read_sem = NULL; } - destroy_stream(reader); + free_stream_buffers(reader); wg_parser_destroy(reader->wg_parser); reader->wg_parser = 0;
@@ -1945,6 +1947,9 @@ static HRESULT WINAPI reader_Close(IWMSyncReader2 *iface) }
ReleaseSemaphore(reader->read_sem, 1, NULL); + + free_stream_buffers(reader); + wg_parser_disconnect(reader->wg_parser);
EnterCriticalSection(&reader->shutdown_cs); @@ -1956,7 +1961,6 @@ static HRESULT WINAPI reader_Close(IWMSyncReader2 *iface) reader->read_thread = NULL; reader->read_sem = NULL;
- destroy_stream(reader); wg_parser_destroy(reader->wg_parser); reader->wg_parser = 0;
(not discovered by ASan this time, since it's from unix heap which is not covered yet. found by @alexhenrie)
This merge request was approved by Alex Henrie.
This merge request was approved by Elizabeth Figura.
Rémi Bernon (@rbernon) commented about dlls/winegstreamer/wm_reader.c:
CloseHandle(reader->read_sem); reader->read_sem = NULL; }
- destroy_stream(reader);
- free_stream_buffers(reader);
I doesn't seem to be needed here, is it? Or if it does, it should also be added to init_stream don't you think?
On Thu Sep 11 17:51:08 2025 +0000, Rémi Bernon wrote:
I doesn't seem to be needed here, is it? Or if it does, it should also be added to init_stream don't you think?
Yes, it should be removed here. I won't call that necessary for this patch series, although it'd certainly be appreciated.
-
Alex Henrie (@alexhenrie) -
Elizabeth Figura (@zfigura)
-
Rémi Bernon (@rbernon)
-
Yuxuan Shui
-
Yuxuan Shui (@yshui)