Closed Bug 554466 Opened 12 years ago Closed 12 years ago

RPCChannel CxxStack helpers can enqueue tons of messages

Categories

(Core :: IPC, defect)

defect
Not set
critical

Tracking

()

RESOLVED FIXED
Tracking Status
status1.9.2 --- .4-fixed

People

(Reporter: bent.mozilla, Assigned: cjones)

References

Details

(Keywords: verified1.9.2, Whiteboard: [fixed-lorentz])

Attachments

(2 files)

Attached patch Patch, v1Splinter Review
cjones could explain better, but basically we are over-enqueuing our Dequeue task now with async messages. The async NPIdentifier patch in bug 547359 made this more visible. Patch attached that seems to fix the issue for me.
Attachment #434365 - Flags: review?(jones.chris.g)
Comment on attachment 434365 [details] [diff] [review]
Patch, v1

This won't catch the case of

  OnMaybeDequeueOne()
    -> RecvFoo()
       -> CallBar()
          [rpc out]
Attachment #434365 - Flags: review?(jones.chris.g) → review-
Blocks: LorentzBeta1
Severity: normal → critical
Comment on attachment 434370 [details] [diff] [review]
Only EnqueuePending when there've been sync out-message or rpc out-calls

Works fine for me!
Attachment #434370 - Flags: review?(bent.mozilla) → review+
I looked over this code again, and we actually only need to EnqueuePending when there's been an *RPC* out-call, as that's the only time received messages get stuffed into mPending without corresponding dequeue tasks.

http://hg.mozilla.org/mozilla-central/rev/add0b286ced6
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Blanket approval for Lorentz merge to mozilla-1.9.2
a=beltzner for 1.9.2.4 - please make sure to mark status1.9.2:.4-fixed
I assume that there is nothing for QA to do here to verify this fix?
Sure, you can try the testcase from bug 554447, which was a symptom of this bug.  The site (http://now.sprint.com/android/) would be a good litmus test, actually.
Using the testcase in bug 554447, I'm not getting a crash with Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4pre) Gecko/20100409 Namoroka/3.6.4pre. Marking verified for 1.9.2.
Keywords: verified1.9.2
Assignee: nobody → jones.chris.g
You need to log in before you can comment on or make changes to this bug.