Closed
Bug 763013
Opened 13 years ago
Closed 13 years ago
Race condition in async stream copier
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla16
People
(Reporter: janv, Assigned: janv)
References
Details
Attachments
(1 file)
1.20 KB,
patch
|
Biesinger
:
review+
|
Details | Diff | Splinter Review |
nsAsyncStreamCopier::AsyncCopy() calls NS_AsyncCopy()
The background thread can copy the stream so quickly that it calls the complete callback before NS_AsyncCopy() finishes.
So the main thread calls NS_AsyncCopy() and executes:
*aCopierCtx = static_cast<nsISupports*>(
static_cast<nsIRunnable*>(copier));
context switch
The background thread finishes copying, calls nsAsyncStreamCopier::OnAsyncCopyComplete() and then nsAsyncStreamCopier::Complete()
which executes:
MutexAutoLock lock(mLock);
mCopierCtx = nsnull;
context switch
The main thread executes:
NS_ADDREF(*aCopierCtx);
which is now null
Testing a fix on try ...
Assignee | ||
Comment 1•13 years ago
|
||
seems like there's a similar bug filed already, bug 559927
Assignee | ||
Comment 2•13 years ago
|
||
Assignee | ||
Comment 3•13 years ago
|
||
the fix passed on try
Assignee | ||
Comment 4•13 years ago
|
||
we need this to fix bug 762024
Updated•13 years ago
|
Attachment #631648 -
Flags: review?(cbiesinger) → review+
Assignee | ||
Comment 5•13 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla16
You need to log in
before you can comment on or make changes to this bug.
Description
•