coreaudio: unregister interruption observer unconditionally on close

update_audio_session()'s existing close-path observer teardown lived at
the bottom of the function, after two [AVAudioSession setCategory:] and
one [setActive:] calls that early-return on failure. When setCategory
fails during close (phone call, Siri, CarPlay / AirPlay handoff, or a
session owned by another app), the early-return skipped the unregister
and the SDLInterruptionListener stayed subscribed to NSNotificationCenter
with a stale device pointer. The next UIApplicationWillEnterForeground
or UIApplicationDidBecomeActive notification then dispatched into
interruption_end() on freed memory, crashing with EXC_BAD_ACCESS.

Move the close-path unregister to the top of the function so it runs
unconditionally, before any early-return. Also add self.device == NULL
guards in both listener callbacks as defense in depth so that any future
cleanup-flow edit can't silently reintroduce the crash.

The sibling setActive:YES leak on last-device close was fixed in 2018
(issue #2900). This closes the setCategory: leak that has remained
since. The same root cause is reported in SDL3 as #12660.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: jonameson

src/audio/coreaudio/SDL_coreaudio.m

@@ -351,6 +351,10 @@ @implementation SDLInterruptionListener
 - (void)audioSessionInterruption:(NSNotification *)note
 {
     @synchronized(self) {
+        /* Defensive: skip if the device was already torn down. */
+        if (self.device == NULL) {
+            return;
+        }
         NSNumber *type = note.userInfo[AVAudioSessionInterruptionTypeKey];
         if (type.unsignedIntegerValue == AVAudioSessionInterruptionTypeBegan) {
             interruption_begin(self.device);
@@ -363,6 +367,9 @@ - (void)audioSessionInterruption:(NSNotification *)note
 - (void)applicationBecameActive:(NSNotification *)note
 {
     @synchronized(self) {
+        if (self.device == NULL) {
+            return;
+        }
         interruption_end(self.device);
     }
 }
@@ -375,6 +382,23 @@ static BOOL update_audio_session(_THIS, SDL_bool open, SDL_bool allow_playandrec
         AVAudioSession *session = [AVAudioSession sharedInstance];
         NSNotificationCenter *center = [NSNotificationCenter defaultCenter];
 
+        /* Close path: unregister the interruption observer FIRST, before any
+           code that can early-return. [AVAudioSession setCategory:] failures
+           (phone call, Siri, CarPlay / AirPlay handoff, etc.) would otherwise
+           leave the listener registered with a stale device pointer;
+           NotificationCenter later delivers foreground events to freed memory.
+           See #2900 for the sibling setActive:YES leak fix; this closes the
+           setCategory: leak. */
+        if (!open && this->hidden->interruption_listener != NULL) {
+            SDLInterruptionListener *listener =
+                (SDLInterruptionListener *)CFBridgingRelease(this->hidden->interruption_listener);
+            this->hidden->interruption_listener = NULL;
+            [center removeObserver:listener];
+            @synchronized(listener) {
+                listener.device = NULL;
+            }
+        }
+
         NSString *category = AVAudioSessionCategoryPlayback;
         NSString *mode = AVAudioSessionModeDefault;
         NSUInteger options = AVAudioSessionCategoryOptionMixWithOthers;
@@ -498,13 +522,6 @@ static BOOL update_audio_session(_THIS, SDL_bool open, SDL_bool allow_playandrec
                          object:nil];
 
             this->hidden->interruption_listener = CFBridgingRetain(listener);
-        } else {
-            SDLInterruptionListener *listener = nil;
-            listener = (SDLInterruptionListener *)CFBridgingRelease(this->hidden->interruption_listener);
-            [center removeObserver:listener];
-            @synchronized(listener) {
-                listener.device = NULL;
-            }
         }
     }