winealsa: Avoid deadlock in AudioClient_Stop.

[Joerg-Cyril.Hoehle at t-systems.com]

Hi,

my patch is not the final word about robust design.

Consider what happens when
DeleteTimerQueueTimer(g_timer_q, This->timer, INVALID_HANDLE_VALUE)
cannot allocate its CompletionEvent.  The function will return with an
(ignored) error and not stop the timers.  Do you see a check in
wineoss or winecoreaudio?  The later Audio_Release will destroy
critical sections and free memory while the timers are still running!

A tiny allocation failure => big crash

Deallocators should not fail when resources are scarce.

A more robust design would see Audio_Start allocate the completion
event that DeleteTimerQ requires and not start if it can't be sure to stop.
Why require a completion event?  Because there's
*no* other way of telling whether a callback might still be invoked.
Even sleeping for more than the timer period is no guarantee rather
than mere heuristics that works on a slightly loaded system.

Back to my patch.  It's funny to think that it would mostly work
without error checking: DeleteTimerQ(event) does something with
event NULL or not, Wait(NULL) would immediately return and
DeleteTimerQ always signals the event when successful.

Regards,
	Jörg Höhle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-winealsa-Avoid-deadlock-in-AudioClient_Stop.patch
Type: application/octet-stream
Size: 2219 bytes
Desc: 0002-winealsa-Avoid-deadlock-in-AudioClient_Stop.patch
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20110617/49b9ba14/attachment.obj>