133032 – NetworkProcess can repeatedly crash handling Blob messages after any unrelated crash

Bug 133032 - NetworkProcess can repeatedly crash handling Blob messages after any unrelated crash

Summary: NetworkProcess can repeatedly crash handling Blob messages after any unrelate...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Alexey Proskuryakov

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2014-05-17 13:39 PDT by Alexey Proskuryakov
Modified:	2014-05-17 14:43 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
proposed fix (3.58 KB, patch) 2014-05-17 13:42 PDT, Alexey Proskuryakov	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexey Proskuryakov 2014-05-17 13:39:46 PDT

Some code in NetworkBlobRegistry assumes that a connection handler is already registered when executing unregisterBlob(). Normally this is is indeed the case, as WebProcess won't try to unregister a blob that it didn't register.

But if we previously lost the whole registry due to an unrelated NetworkProcess crash, then this invariant doesn't hold. In fact, we already have some of these functions check for connection, but not all.

<rdar://problem/16951630>

Comment 1 Alexey Proskuryakov 2014-05-17 13:42:37 PDT

Created attachment 231637 [details]
proposed fix

Comment 2 Geoffrey Garen 2014-05-17 14:08:42 PDT

Comment on attachment 231637 [details]
proposed fix

r=me

Comment 3 WebKit Commit Bot 2014-05-17 14:43:13 PDT

Comment on attachment 231637 [details]
proposed fix

Clearing flags on attachment: 231637

Committed r168997: <http://trac.webkit.org/changeset/168997>

Comment 4 WebKit Commit Bot 2014-05-17 14:43:15 PDT

All reviewed patches have been landed.  Closing bug.