From 053297b1ca15d7e94f746e94ea46c7399a6b097a Mon Sep 17 00:00:00 2001 From: wm4 Date: Fri, 29 Nov 2019 20:23:27 +0100 Subject: vo_gpu: opengl: do not free "GL" sub-allocations This function always expects the GL struct pointer to be a talloc allocation. So far so bad. But the terrible thing is that _lots_ of code in mpv didn't quite get this (including the code which introduced the way it is used this way). For example, in context_glx.c you see this: struct priv { GL gl; ... GL is not a talloc allocation, but since it's at the start of a talloc allocation, it works anyway. So far so bad. But the really terrible thing is that mpgl_load_functions2() calls talloc_free_children() on the GL pointer, which means that all of priv's. This would be unintentional and could create dangling pointers. And this happens at the about 1 dozen of callers. I'm amazed it didn't broke yet anywhere. Removing this anti-pattern with making GL "implicitly" a talloc allocation would be too much effort at this point. So just manually free the only allocation that the function attached to GL. --- video/out/opengl/common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'video') diff --git a/video/out/opengl/common.c b/video/out/opengl/common.c index 86d0eec404..05db3d3d28 100644 --- a/video/out/opengl/common.c +++ b/video/out/opengl/common.c @@ -494,7 +494,7 @@ static const struct gl_functions gl_functions[] = { void mpgl_load_functions2(GL *gl, void *(*get_fn)(void *ctx, const char *n), void *fn_ctx, const char *ext2, struct mp_log *log) { - talloc_free_children(gl); + talloc_free(gl->extensions); *gl = (GL) { .extensions = talloc_strdup(gl, ext2 ? ext2 : ""), }; -- cgit v1.2.3