audio: plug leak and skip redundant copy in mixer add_stream

audio_driver_mixer_add_stream unconditionally malloc+memcpy'd the
incoming buf before handing it to the format loader.  This was both
wasteful and leaky:

  * For OGG/FLAC/MP3/MOD, the loader stores the pointer into
    sound->types.XXX.data and audio_mixer_destroy() free()s it on
    sound completion.  With the internal memcpy, that destroy path
    freed the internal copy, not the caller-owned original - and the
    original had no free path at all.  Every one of the ten callers
    in task_audio_mixer.c passes img->buf without freeing it after
    the call, expecting the mixer to take ownership, so every loaded
    mixer sound leaked the entire source buffer (typical size: tens
    of kB to a few MB per sound).

  * For WAV, the loader converts to PCM and free()s the input buffer
    inline, so only the per-call copy was wasted - no leak, just the
    duplicate.

task_translation.c has the opposite expectation: it passes
response->sound_data and explicitly free()s it after the call,
requiring a copy.

Resolve the ambiguity with an explicit buf_owned flag on
audio_mixer_stream_params_t:

  * true  => add_stream takes ownership, either free()ing directly
             (WAV) or via audio_mixer_destroy (OGG/FLAC/MP3/MOD).  On
             any early failure (bad params, no free slot, loader
             returns NULL), the buffer is freed so ownership is
             respected uniformly.
  * false => add_stream makes a private copy (previous behavior).
             Caller retains ownership of the original.

All ten task_audio_mixer.c callers are updated to set
buf_owned = true; the single task_translation.c caller sets it false
explicitly with an explanatory comment.

This also restructures the early-failure paths to a single 'error:'
label so the ownership discipline is expressed once and can't drift.

Scope note: the modified API (audio_driver_mixer_add_stream, the
audio_mixer_stream_params_t struct) is frontend-only.  It lives in
audio/audio_driver.{c,h}, is not exposed via libretro.h, is not
part of libretro-common, and cannot be reached from cores.  The
lower-level audio_mixer_* API in libretro-common/audio/audio_mixer.c
is unchanged.

Thread-safety: add_stream runs on the main thread (task callbacks
fire from task_queue_check, which is called from retroarch.c's main
loop).  audio_mixer_mix runs on the main thread in the normal case
and on the audio thread when a core uses the libretro audio-callback
extension.  The existing code had no locking around mixer slot state;
this patch neither introduces nor closes that pre-existing race.  The
only state change relative to the old code is which pointer lives in
stream->buf - same publication visibility, same memory ordering
concerns as before.

Author: LibretroAdmin

audio/audio_driver.c

@@ -1419,7 +1419,7 @@ bool audio_driver_mixer_add_stream(audio_mixer_stream_params_t *params)
    void *buf                     = NULL;
 
    if (params->stream_type == AUDIO_STREAM_TYPE_NONE)
-      return false;
+      goto error;
 
    switch (params->slot_selection_type)
    {
@@ -1436,17 +1436,27 @@ bool audio_driver_mixer_add_stream(audio_mixer_stream_params_t *params)
       default:
          if (!audio_driver_mixer_get_free_stream_slot(
                   &free_slot, params->stream_type))
-            return false;
+            goto error;
          break;
    }
 
    if (params->state == AUDIO_STREAM_STATE_NONE)
-      return false;
-
-   if (!(buf = malloc(params->bufsize)))
-      return false;
+      goto error;
 
-   memcpy(buf, params->buf, params->bufsize);
+   /* If the caller transferred buffer ownership, use it directly;
+    * otherwise make a private copy.  The OGG/FLAC/MP3/MOD loaders
+    * retain the pointer for streaming decode, so taking ownership
+    * avoids a needless per-sound duplication and a matching leak
+    * (the original caller-owned buffer has nowhere to be freed,
+    * since the mixer frees only the internal copy). */
+   if (params->buf_owned)
+      buf = params->buf;
+   else
+   {
+      if (!(buf = malloc(params->bufsize)))
+         return false;
+      memcpy(buf, params->buf, params->bufsize);
+   }
 
    switch (params->type)
    {
@@ -1521,6 +1531,14 @@ bool audio_driver_mixer_add_stream(audio_mixer_stream_params_t *params)
       audio_driver_st.mixer_streams_playing++;
 
    return true;
+
+error:
+   /* On early failure (bad params / no slot), honor the ownership
+    * contract: if the caller transferred buf to us, we free it so
+    * the caller does not double-free and does not leak. */
+   if (params->buf_owned)
+      free(params->buf);
+   return false;
 }
 
 enum audio_mixer_state audio_driver_mixer_get_stream_state(unsigned i)

audio/audio_driver.h

@@ -73,6 +73,14 @@ typedef struct audio_mixer_stream_params
    enum audio_mixer_stream_type stream_type;
    enum audio_mixer_type type;
    enum audio_mixer_state state;
+   /* If true, add_stream takes ownership of buf and the caller must
+    * not free or otherwise reference it after the call returns.  The
+    * buffer will be free()d either directly (WAV, once converted to
+    * PCM) or when the mixer sound is destroyed (OGG/FLAC/MP3/MOD,
+    * which retain the buffer for streaming decode).
+    * If false, add_stream copies buf internally and the caller retains
+    * ownership of the original memory. */
+   bool buf_owned;
 } audio_mixer_stream_params_t;
 #endif
 

tasks/task_audio_mixer.c

@@ -116,6 +116,7 @@ static void task_audio_mixer_handle_upload_ogg(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -147,6 +148,7 @@ static void task_audio_mixer_handle_upload_ogg_and_play(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -178,6 +180,7 @@ static void task_audio_mixer_handle_upload_flac(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -209,6 +212,7 @@ static void task_audio_mixer_handle_upload_flac_and_play(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -240,6 +244,7 @@ static void task_audio_mixer_handle_upload_mp3(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -271,6 +276,7 @@ static void task_audio_mixer_handle_upload_mp3_and_play(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -302,6 +308,7 @@ static void task_audio_mixer_handle_upload_mod(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -333,6 +340,7 @@ static void task_audio_mixer_handle_upload_mod_and_play(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -365,6 +373,7 @@ static void task_audio_mixer_handle_upload_wav(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 
@@ -396,6 +405,7 @@ static void task_audio_mixer_handle_upload_wav_and_play(retro_task_t *task,
    params.bufsize              = img->bufsize;
    params.cb                   = NULL;
    params.basename             = (img->path && *img->path) ? strdup(path_basename_nocompression(img->path)) : NULL;
+   params.buf_owned            = true;
 
    audio_driver_mixer_add_stream(&params);
 

tasks/task_translation.c

@@ -559,6 +559,8 @@ static void handle_translation_response(
       params.bufsize              = response->sound_size;
       params.cb                   = NULL;
       params.basename             = NULL;
+      /* Caller frees response->sound_data below; request a copy. */
+      params.buf_owned            = false;
 
       audio_driver_mixer_add_stream(&params);
    }