Bug 108861

Summary: WebProcess crashes handling repeated NetworkProcess crashes
Product: WebKit Reporter: Brady Eidson <beidson>
Component: WebKit2Assignee: Brady Eidson <beidson>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, ap, sam
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch v1 ap: review+

Brady Eidson
Reported 2013-02-04 14:39:51 PST
WebProcess crashes handling repeated NetworkProcess crashes 1 - The NetworkProcess crashed once while lots of loads were in progress. 2 - The WebProcess saw this, and started failing out all of the resource loaders, which involved messaging back to the new NetworkProcess in a tight loop. 3 - The new NetworkProcess crashed (ASSERTed) trying to remove a loader that didn't exist. This was fixed in http://trac.webkit.org/changeset/140852 but some other symptom could arise causing similar behavior. 4 - The WebProcess was still trying to fail out these resource loaders in a tight loop, and in the middle of this loop the connection once again became invalid from the crash in step 3. 5 - WebProcess crashed as a result. In radar as <rdar://problem/13049867>
Attachments
Patch v1 (8.31 KB, patch)
2013-02-04 14:43 PST, Brady Eidson
ap: review+
Brady Eidson
Comment 1 2013-02-04 14:43:45 PST
Created attachment 186464 [details] Patch v1
Alexey Proskuryakov
Comment 2 2013-02-04 14:48:38 PST
Comment on attachment 186464 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=186464&action=review > Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.cpp:135 > + ASSERT(m_interallyFailedResourceLoaders.isEmpty()); This does not look certain to me. Can't didFail() calls execute JavaScript, which will start new loaders that will fail? > Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.h:71 > + HashSet<RefPtr<WebCore::ResourceLoader> > m_interallyFailedResourceLoaders; > + WebCore::RunLoop::Timer<WebResourceLoadScheduler> m_interallyFailedLoadTimer; Typos: should be "internally".
Brady Eidson
Comment 3 2013-02-04 14:52:23 PST
(In reply to comment #2) > (From update of attachment 186464 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=186464&action=review > > > Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.cpp:135 > > + ASSERT(m_interallyFailedResourceLoaders.isEmpty()); > > This does not look certain to me. Can't didFail() calls execute JavaScript, which will start new loaders that will fail? That's a very good point. I'll remove the ASSERT.
Brady Eidson
Comment 4 2013-02-04 15:26:12 PST
Note You need to log in before you can comment on or make changes to this bug.