From 77b6473314e40b2d28779d5cc14a156ca38d6f2c Mon Sep 17 00:00:00 2001
From: Cedric BAIL <cedric.bail@free.fr>
Date: Sat, 10 Mar 2012 12:47:54 +0000
Subject: [PATCH] ecore: fix Ecore_Thread double free and update
 ChangeLog/NEWS.

SVN revision: 69172
---
 legacy/ecore/ChangeLog                    |  8 ++++
 legacy/ecore/NEWS                         |  5 +++
 legacy/ecore/src/lib/ecore/ecore_thread.c | 45 +++++++++++++----------
 3 files changed, 39 insertions(+), 19 deletions(-)

diff --git a/legacy/ecore/ChangeLog b/legacy/ecore/ChangeLog
index ad6662acef..fc7bda8642 100644
--- a/legacy/ecore/ChangeLog
+++ b/legacy/ecore/ChangeLog
@@ -566,3 +566,11 @@
 2012-03-07  Mike Blumenkrantz (discomfitor/zmike)
 
         * Add ecore_con_url_status_code_get() to check return code at any time
+
+2012-03-09  Carsten Haitzler (The Rasterman)
+
+	* Fix ecore_thread_feedback_run to work as the documentation and logic tell us.
+
+2012-03-10  Cedric Bail
+
+	* Fix double free at end of execution of Ecore_Thread with feedback.
diff --git a/legacy/ecore/NEWS b/legacy/ecore/NEWS
index 346bc0bc06..d8c5d9439a 100644
--- a/legacy/ecore/NEWS
+++ b/legacy/ecore/NEWS
@@ -38,6 +38,11 @@ Additions:
      - ecore_imf_context_input_panel_caps_lock_mode_set()
      - ecore_imf_context_input_panel_caps_lock_mode_get()
 
+Fixes:
+    * ecore_thread:
+     - ecore_thread_feedback_run now handle try_no_queue the way it logically should.
+     - prevent double free that could cause crash when an Ecore_Thread stop.
+
 Improvements:
     * ecore:
      - most allocations moved to mempools
diff --git a/legacy/ecore/src/lib/ecore/ecore_thread.c b/legacy/ecore/src/lib/ecore/ecore_thread.c
index 901d4b333b..55ef2aeef7 100644
--- a/legacy/ecore/src/lib/ecore/ecore_thread.c
+++ b/legacy/ecore/src/lib/ecore/ecore_thread.c
@@ -528,6 +528,7 @@ _ecore_feedback_job(PH(thread))
 static void *
 _ecore_direct_worker(Ecore_Pthread_Worker *work)
 {
+   Ecore_Pthread_Worker *end;
    Ecore_Pthread_Data *pth;
 
 #ifdef EFL_POSIX_THREADS
@@ -548,33 +549,39 @@ _ecore_direct_worker(Ecore_Pthread_Worker *work)
    else
      work->u.feedback_run.func_heavy((void *) work->data, (Ecore_Thread *) work);
 
+   if (work->message_run)
+     {
+        end = work->u.message_run.direct_worker;
+        work->u.message_run.direct_worker = NULL;
+     }
+   else
+     {
+        end = work->u.feedback_run.direct_worker;
+        work->u.feedback_run.direct_worker = NULL;
+     }
+
    ecore_main_loop_thread_safe_call_async(_ecore_thread_handler, work);
 
-   if (work->message_run)
-     work = work->u.message_run.direct_worker;
-   else
-     work = work->u.feedback_run.direct_worker;
-   if (!work)
+   if (!end)
      {
         free(pth);
         return NULL;
      }
 
-   work->data = pth;
-   work->u.short_run.func_blocking = NULL;
-   work->func_end = (void *)_ecore_thread_end;
-   work->func_cancel = NULL;
-   work->cancel = EINA_FALSE;
-   work->feedback_run = EINA_FALSE;
-   work->message_run = EINA_FALSE;
-   work->no_queue = EINA_FALSE;
-   work->kill = EINA_FALSE;
-   work->hash = NULL;
-   LKI(work->mutex);
-   CDI(work->cond, work->mutex);
+   end->data = pth;
+   end->u.short_run.func_blocking = NULL;
+   end->func_end = (void *)_ecore_thread_end;
+   end->func_cancel = NULL;
+   end->cancel = EINA_FALSE;
+   end->feedback_run = EINA_FALSE;
+   end->message_run = EINA_FALSE;
+   end->no_queue = EINA_FALSE;
+   end->kill = EINA_FALSE;
+   end->hash = NULL;
+   LKI(end->mutex);
+   CDI(end->cond, end->mutex);
 
-// don't queue this - this is deleted by _ecore_thread_kill() already deleting work->u.feedback_run.direct_worker
-//   ecore_main_loop_thread_safe_call_async(_ecore_thread_handler, work);
+   ecore_main_loop_thread_safe_call_async(_ecore_thread_handler, end);
 
    return NULL;
 }