Closed Bug 1116358 Opened 9 years ago Closed 9 years ago

Directly call Release() on |this| when closing a GMP encoder/decoder proxies

Categories

(Core :: Audio/Video, defect)

Product:
Core
Component:
Audio/Video
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla37

People

(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)

References

Details

Attachments

(1 file, 1 obsolete file)

Directly call Release() on |this| when closing a GMP encoder/decoder proxies
3.01 KB, patch
cpearce
: review+
Details | Diff | Splinter Review 
      No description provided.

        Attachment #8542367 -
        Flags: review?(cpearce)

    
  
Assignee: nobody → ehsan
Blocks: 1114999

    
    

    
  
Comment on attachment 8542367 [details] [diff] [review]
Prevent double releasing |this| in the GMP code

Review of attachment 8542367 [details] [diff] [review]:
-----------------------------------------------------------------

::: dom/media/gmp/GMPAudioDecoderParent.cpp
@@ +147,5 @@
>    mCallback = nullptr;
>    // Let Shutdown mark us as dead so it knows if we had been alive
>  
>    // In case this is the last reference
> +  Release();

Since this could be the last reference, Release() could lead to destructor and Shutdown() will be use-after-free?

    
    

    
  
Comment on attachment 8542367 [details] [diff] [review]
Prevent double releasing |this| in the GMP code

Review of attachment 8542367 [details] [diff] [review]:
-----------------------------------------------------------------

What JW said; the caller actually holds a raw pointer to this object (via a GMP*ParentProxy raw interface pointer), so the release done in Close() could drop the last reference on the object.

        Attachment #8542367 -
        Flags: review?(cpearce) → review-

    
    

    
  


  
This is needed in order to avoid calling Release() on a smart pointer.

        Attachment #8542582 -
        Flags: review?(cpearce)

    
  
Summary: Prevent double releasing |this| in the GMP code → Directly call Release() on |this| when closing a GMP encoder/decoder proxies

    
  

        Attachment #8542367 -
        Attachment is obsolete: true

        Attachment #8542582 -
        Flags: review?(cpearce) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/28af302f47f4
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla37

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: