133032 2014-05-17 13:39:46 -0700 NetworkProcess can repeatedly crash handling Blob messages after any unrelated crash 2014-05-17 14:43:15 -0700 1 1 1 Unclassified WebKit WebKit2 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 ap ap andersca beidson commit-queue oldest_to_newest 1009988 0 ap 2014-05-17 13:39:46 -0700 Some code in NetworkBlobRegistry assumes that a connection handler is already registered when executing unregisterBlob(). Normally this is is indeed the case, as WebProcess won't try to unregister a blob that it didn't register. But if we previously lost the whole registry due to an unrelated NetworkProcess crash, then this invariant doesn't hold. In fact, we already have some of these functions check for connection, but not all. <rdar://problem/16951630> 1009989 1 231637 ap 2014-05-17 13:42:37 -0700 Created attachment 231637 proposed fix 1009990 2 231637 ggaren 2014-05-17 14:08:42 -0700 Comment on attachment 231637 proposed fix r=me 1009994 3 231637 commit-queue 2014-05-17 14:43:13 -0700 Comment on attachment 231637 proposed fix Clearing flags on attachment: 231637 Committed r168997: <http://trac.webkit.org/changeset/168997> 1009995 4 commit-queue 2014-05-17 14:43:15 -0700 All reviewed patches have been landed. Closing bug. 231637 2014-05-17 13:42:37 -0700 2014-05-17 14:43:13 -0700 proposed fix CrashinUnregisterBlob.txt text/plain 3665 ap SW5kZXg6IFNvdXJjZS9XZWJLaXQyL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi S2l0Mi9DaGFuZ2VMb2cJKHJldmlzaW9uIDE2ODk5NSkKKysrIFNvdXJjZS9XZWJLaXQyL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE5IEBACisyMDE0LTA1LTE3ICBBbGV4ZXkg UHJvc2t1cnlha292ICA8YXBAYXBwbGUuY29tPgorCisgICAgICAgIE5ldHdvcmtQcm9jZXNzIGNh biByZXBlYXRlZGx5IGNyYXNoIGhhbmRsaW5nIEJsb2IgbWVzc2FnZXMgYWZ0ZXIgYW55IHVucmVs YXRlZCBjcmFzaAorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/ aWQ9MTMzMDMyCisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS8xNjk1MTYzMD4KKworICAgICAgICBS ZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBSZXBsYWNlZCBhc3NlcnRpb25z IHdpdGggcnVudGltZSBjaGVja3MuIFRoaXMgY2FuIGhhcHBlbiBpZiBOZXR3b3JrUHJvY2VzcyBw cmV2aW91c2x5CisgICAgICAgIGNyYXNoZWQgZm9yIGFueSB1bnJlbGF0ZWQgcmVhc29uLgorCisg ICAgICAgICogTmV0d29ya1Byb2Nlc3MvRmlsZUFQSS9OZXR3b3JrQmxvYlJlZ2lzdHJ5LmNwcDoK KyAgICAgICAgKFdlYktpdDo6TmV0d29ya0Jsb2JSZWdpc3RyeTo6cmVnaXN0ZXJCbG9iVVJMKToK KyAgICAgICAgKFdlYktpdDo6TmV0d29ya0Jsb2JSZWdpc3RyeTo6cmVnaXN0ZXJCbG9iVVJMRm9y U2xpY2UpOgorICAgICAgICAoV2ViS2l0OjpOZXR3b3JrQmxvYlJlZ2lzdHJ5Ojp1bnJlZ2lzdGVy QmxvYlVSTCk6CisKIDIwMTQtMDUtMTcgIEFuZGVycyBDYXJsc3NvbiAgPGFuZGVyc2NhQGFwcGxl LmNvbT4KIAogICAgICAgICAtW1dLV2ViVmlldyBkZWFsbG9jXSBzaG91bGQgY2xvc2UgdGhlIHBh Z2UKSW5kZXg6IFNvdXJjZS9XZWJLaXQyL05ldHdvcmtQcm9jZXNzL0ZpbGVBUEkvTmV0d29ya0Js b2JSZWdpc3RyeS5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYktpdDIvTmV0d29ya1Byb2Nl c3MvRmlsZUFQSS9OZXR3b3JrQmxvYlJlZ2lzdHJ5LmNwcAkocmV2aXNpb24gMTY4OTk0KQorKysg U291cmNlL1dlYktpdDIvTmV0d29ya1Byb2Nlc3MvRmlsZUFQSS9OZXR3b3JrQmxvYlJlZ2lzdHJ5 LmNwcAkod29ya2luZyBjb3B5KQpAQCAtNzQsMjkgKzc0LDQxIEBAIHZvaWQgTmV0d29ya0Jsb2JS ZWdpc3RyeTo6cmVnaXN0ZXJCbG9iVVIKIAogdm9pZCBOZXR3b3JrQmxvYlJlZ2lzdHJ5OjpyZWdp c3RlckJsb2JVUkwoTmV0d29ya0Nvbm5lY3Rpb25Ub1dlYlByb2Nlc3MqIGNvbm5lY3Rpb24sIGNv bnN0IFdlYkNvcmU6OlVSTCYgdXJsLCBjb25zdCBXZWJDb3JlOjpVUkwmIHNyY1VSTCkKIHsKKyAg ICAvLyBUaGUgY29ubmVjdGlvbiBtYXkgbm90IGJlIHJlZ2lzdGVyZWQgaWYgTmV0d29ya1Byb2Nl c3MgcHJldm91c2x5IGNyYXNoZWQgZm9yIGFueSByZWFzb24uCisgICAgQmxvYkZvckNvbm5lY3Rp b25NYXA6Oml0ZXJhdG9yIG1hcEl0ZXJhdG9yID0gbV9ibG9ic0ZvckNvbm5lY3Rpb24uZmluZChj b25uZWN0aW9uKTsKKyAgICBpZiAobWFwSXRlcmF0b3IgPT0gbV9ibG9ic0ZvckNvbm5lY3Rpb24u ZW5kKCkpCisgICAgICAgIHJldHVybjsKKwogICAgIGJsb2JSZWdpc3RyeSgpLnJlZ2lzdGVyQmxv YlVSTCh1cmwsIHNyY1VSTCk7CiAKLSAgICBBU1NFUlQobV9ibG9ic0ZvckNvbm5lY3Rpb24uY29u dGFpbnMoY29ubmVjdGlvbikpOwotICAgIEFTU0VSVChtX2Jsb2JzRm9yQ29ubmVjdGlvbi5maW5k KGNvbm5lY3Rpb24pLT52YWx1ZS5jb250YWlucyhzcmNVUkwpKTsKLSAgICBtX2Jsb2JzRm9yQ29u bmVjdGlvbi5maW5kKGNvbm5lY3Rpb24pLT52YWx1ZS5hZGQodXJsKTsKKyAgICBBU1NFUlQobWFw SXRlcmF0b3ItPnZhbHVlLmNvbnRhaW5zKHNyY1VSTCkpOworICAgIG1hcEl0ZXJhdG9yLT52YWx1 ZS5hZGQodXJsKTsKIH0KIAogdm9pZCBOZXR3b3JrQmxvYlJlZ2lzdHJ5OjpyZWdpc3RlckJsb2JV UkxGb3JTbGljZShOZXR3b3JrQ29ubmVjdGlvblRvV2ViUHJvY2VzcyogY29ubmVjdGlvbiwgY29u c3QgV2ViQ29yZTo6VVJMJiB1cmwsIGNvbnN0IFdlYkNvcmU6OlVSTCYgc3JjVVJMLCBpbnQ2NF90 IHN0YXJ0LCBpbnQ2NF90IGVuZCkKIHsKKyAgICAvLyBUaGUgY29ubmVjdGlvbiBtYXkgbm90IGJl IHJlZ2lzdGVyZWQgaWYgTmV0d29ya1Byb2Nlc3MgcHJldm91c2x5IGNyYXNoZWQgZm9yIGFueSBy ZWFzb24uCisgICAgQmxvYkZvckNvbm5lY3Rpb25NYXA6Oml0ZXJhdG9yIG1hcEl0ZXJhdG9yID0g bV9ibG9ic0ZvckNvbm5lY3Rpb24uZmluZChjb25uZWN0aW9uKTsKKyAgICBpZiAobWFwSXRlcmF0 b3IgPT0gbV9ibG9ic0ZvckNvbm5lY3Rpb24uZW5kKCkpCisgICAgICAgIHJldHVybjsKKwogICAg IGJsb2JSZWdpc3RyeSgpLnJlZ2lzdGVyQmxvYlVSTEZvclNsaWNlKHVybCwgc3JjVVJMLCBzdGFy dCwgZW5kKTsKIAotICAgIEFTU0VSVChtX2Jsb2JzRm9yQ29ubmVjdGlvbi5jb250YWlucyhjb25u ZWN0aW9uKSk7Ci0gICAgQVNTRVJUKG1fYmxvYnNGb3JDb25uZWN0aW9uLmZpbmQoY29ubmVjdGlv biktPnZhbHVlLmNvbnRhaW5zKHNyY1VSTCkpOwotICAgIG1fYmxvYnNGb3JDb25uZWN0aW9uLmZp bmQoY29ubmVjdGlvbiktPnZhbHVlLmFkZCh1cmwpOworICAgIEFTU0VSVChtYXBJdGVyYXRvci0+ dmFsdWUuY29udGFpbnMoc3JjVVJMKSk7CisgICAgbWFwSXRlcmF0b3ItPnZhbHVlLmFkZCh1cmwp OwogfQogCiB2b2lkIE5ldHdvcmtCbG9iUmVnaXN0cnk6OnVucmVnaXN0ZXJCbG9iVVJMKE5ldHdv cmtDb25uZWN0aW9uVG9XZWJQcm9jZXNzKiBjb25uZWN0aW9uLCBjb25zdCBXZWJDb3JlOjpVUkwm IHVybCkKIHsKKyAgICAvLyBUaGUgY29ubmVjdGlvbiBtYXkgbm90IGJlIHJlZ2lzdGVyZWQgaWYg TmV0d29ya1Byb2Nlc3MgcHJldm91c2x5IGNyYXNoZWQgZm9yIGFueSByZWFzb24uCisgICAgQmxv YkZvckNvbm5lY3Rpb25NYXA6Oml0ZXJhdG9yIG1hcEl0ZXJhdG9yID0gbV9ibG9ic0ZvckNvbm5l Y3Rpb24uZmluZChjb25uZWN0aW9uKTsKKyAgICBpZiAobWFwSXRlcmF0b3IgPT0gbV9ibG9ic0Zv ckNvbm5lY3Rpb24uZW5kKCkpCisgICAgICAgIHJldHVybjsKKwogICAgIGJsb2JSZWdpc3RyeSgp LnVucmVnaXN0ZXJCbG9iVVJMKHVybCk7CiAKLSAgICBBU1NFUlQobV9ibG9ic0ZvckNvbm5lY3Rp b24uY29udGFpbnMoY29ubmVjdGlvbikpOwotICAgIEFTU0VSVChtX2Jsb2JzRm9yQ29ubmVjdGlv bi5maW5kKGNvbm5lY3Rpb24pLT52YWx1ZS5jb250YWlucyh1cmwpKTsKLSAgICBtX2Jsb2JzRm9y Q29ubmVjdGlvbi5maW5kKGNvbm5lY3Rpb24pLT52YWx1ZS5yZW1vdmUodXJsKTsKKyAgICBBU1NF UlQobWFwSXRlcmF0b3ItPnZhbHVlLmNvbnRhaW5zKHVybCkpOworICAgIG1hcEl0ZXJhdG9yLT52 YWx1ZS5yZW1vdmUodXJsKTsKIH0KIAogdWludDY0X3QgTmV0d29ya0Jsb2JSZWdpc3RyeTo6Ymxv YlNpemUoTmV0d29ya0Nvbm5lY3Rpb25Ub1dlYlByb2Nlc3MqIGNvbm5lY3Rpb24sIGNvbnN0IFdl YkNvcmU6OlVSTCYgdXJsKQo=