RESOLVED FIXED 108861
WebProcess crashes handling repeated NetworkProcess crashes 
https://bugs.webkit.org/show_bug.cgi?id=108861
Summary WebProcess crashes handling repeated NetworkProcess crashes
Brady Eidson
Reported 2013-02-04 14:39:51 PST
WebProcess crashes handling repeated NetworkProcess crashes 1 - The NetworkProcess crashed once while lots of loads were in progress. 2 - The WebProcess saw this, and started failing out all of the resource loaders, which involved messaging back to the new NetworkProcess in a tight loop. 3 - The new NetworkProcess crashed (ASSERTed) trying to remove a loader that didn't exist. This was fixed in http://trac.webkit.org/changeset/140852 but some other symptom could arise causing similar behavior. 4 - The WebProcess was still trying to fail out these resource loaders in a tight loop, and in the middle of this loop the connection once again became invalid from the crash in step 3. 5 - WebProcess crashed as a result. In radar as <rdar://problem/13049867>
Attachments
Patch v1 (8.31 KB, patch)
2013-02-04 14:43 PST, Brady Eidson 		ap: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Brady Eidson
Comment 1 2013-02-04 14:43:45 PST
Created attachment 186464 [details] Patch v1
Alexey Proskuryakov
Comment 2 2013-02-04 14:48:38 PST
Comment on attachment 186464 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=186464&action=review > Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.cpp:135 > + ASSERT(m_interallyFailedResourceLoaders.isEmpty()); This does not look certain to me. Can't didFail() calls execute JavaScript, which will start new loaders that will fail? > Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.h:71 > + HashSet<RefPtr<WebCore::ResourceLoader> > m_interallyFailedResourceLoaders; > + WebCore::RunLoop::Timer<WebResourceLoadScheduler> m_interallyFailedLoadTimer; Typos: should be "internally".
Brady Eidson
Comment 3 2013-02-04 14:52:23 PST
(In reply to comment #2) > (From update of attachment 186464 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=186464&action=review > > > Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.cpp:135 > > + ASSERT(m_interallyFailedResourceLoaders.isEmpty()); > > This does not look certain to me. Can't didFail() calls execute JavaScript, which will start new loaders that will fail? That's a very good point. I'll remove the ASSERT.
Brady Eidson
Comment 4 2013-02-04 15:26:12 PST
http://trac.webkit.org/changeset/141824
Note You need to log in before you can comment on or make changes to this bug.