Last Comment Bug 763013 - Race condition in async stream copier
: Race condition in async stream copier
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: Networking (show other bugs)
: unspecified
: All All
: -- normal (vote)
: mozilla16
Assigned To: Jan Varga [:janv]
:
Mentors:
: 559927 (view as bug list)
Depends on:
Blocks: 762024
  Show dependency treegraph
 
Reported: 2012-06-08 12:28 PDT by Jan Varga [:janv]
Modified: 2012-06-09 22:09 PDT (History)
6 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
fix (1.20 KB, patch)
2012-06-09 03:58 PDT, Jan Varga [:janv]
cbiesinger: review+
Details | Diff | Splinter Review

Description Jan Varga [:janv] 2012-06-08 12:28:24 PDT
nsAsyncStreamCopier::AsyncCopy() calls NS_AsyncCopy()
The background thread can copy the stream so quickly that it calls the complete callback before NS_AsyncCopy() finishes.

So the main thread calls NS_AsyncCopy() and executes:
*aCopierCtx = static_cast<nsISupports*>(
              static_cast<nsIRunnable*>(copier));

context switch

The background thread finishes copying, calls nsAsyncStreamCopier::OnAsyncCopyComplete() and then nsAsyncStreamCopier::Complete()
which executes:
MutexAutoLock lock(mLock);
mCopierCtx = nsnull;

context switch

The main thread executes:
NS_ADDREF(*aCopierCtx);
which is now null


Testing a fix on try ...
Comment 1 Jan Varga [:janv] 2012-06-08 12:36:47 PDT
seems like there's a similar bug filed already, bug 559927
Comment 2 Jan Varga [:janv] 2012-06-09 03:58:48 PDT
Created attachment 631648 [details] [diff] [review]
fix
Comment 3 Jan Varga [:janv] 2012-06-09 03:59:12 PDT
the fix passed on try
Comment 4 Jan Varga [:janv] 2012-06-09 04:11:19 PDT
we need this to fix bug 762024
Comment 5 Jan Varga [:janv] 2012-06-09 22:05:34 PDT
http://hg.mozilla.org/mozilla-central/rev/72419c5d84df
Comment 6 Jan Varga [:janv] 2012-06-09 22:09:24 PDT
*** Bug 559927 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.