NetworkProcess can repeatedly crash handling Blob messages after any unrelated crash
authorap@apple.com <ap@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 17 May 2014 21:42:43 +0000 (21:42 +0000)
committerap@apple.com <ap@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 17 May 2014 21:42:43 +0000 (21:42 +0000)
https://bugs.webkit.org/show_bug.cgi?id=133032
<rdar://problem/16951630>

Reviewed by Geoffrey Garen.

Replaced assertions with runtime checks. This can happen if NetworkProcess previously
crashed for any unrelated reason.

* NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:
(WebKit::NetworkBlobRegistry::registerBlobURL):
(WebKit::NetworkBlobRegistry::registerBlobURLForSlice):
(WebKit::NetworkBlobRegistry::unregisterBlobURL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@168997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/NetworkProcess/FileAPI/NetworkBlobRegistry.cpp

index 407f85e..f8e5d5d 100644 (file)
@@ -1,3 +1,19 @@
+2014-05-17  Alexey Proskuryakov  <ap@apple.com>
+
+        NetworkProcess can repeatedly crash handling Blob messages after any unrelated crash
+        https://bugs.webkit.org/show_bug.cgi?id=133032
+        <rdar://problem/16951630>
+
+        Reviewed by Geoffrey Garen.
+
+        Replaced assertions with runtime checks. This can happen if NetworkProcess previously
+        crashed for any unrelated reason.
+
+        * NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:
+        (WebKit::NetworkBlobRegistry::registerBlobURL):
+        (WebKit::NetworkBlobRegistry::registerBlobURLForSlice):
+        (WebKit::NetworkBlobRegistry::unregisterBlobURL):
+
 2014-05-17  Anders Carlsson  <andersca@apple.com>
 
         -[WKWebView dealloc] should close the page
index 2e44039..81a284b 100644 (file)
@@ -74,29 +74,41 @@ void NetworkBlobRegistry::registerBlobURL(NetworkConnectionToWebProcess* connect
 
 void NetworkBlobRegistry::registerBlobURL(NetworkConnectionToWebProcess* connection, const WebCore::URL& url, const WebCore::URL& srcURL)
 {
+    // The connection may not be registered if NetworkProcess prevously crashed for any reason.
+    BlobForConnectionMap::iterator mapIterator = m_blobsForConnection.find(connection);
+    if (mapIterator == m_blobsForConnection.end())
+        return;
+
     blobRegistry().registerBlobURL(url, srcURL);
 
-    ASSERT(m_blobsForConnection.contains(connection));
-    ASSERT(m_blobsForConnection.find(connection)->value.contains(srcURL));
-    m_blobsForConnection.find(connection)->value.add(url);
+    ASSERT(mapIterator->value.contains(srcURL));
+    mapIterator->value.add(url);
 }
 
 void NetworkBlobRegistry::registerBlobURLForSlice(NetworkConnectionToWebProcess* connection, const WebCore::URL& url, const WebCore::URL& srcURL, int64_t start, int64_t end)
 {
+    // The connection may not be registered if NetworkProcess prevously crashed for any reason.
+    BlobForConnectionMap::iterator mapIterator = m_blobsForConnection.find(connection);
+    if (mapIterator == m_blobsForConnection.end())
+        return;
+
     blobRegistry().registerBlobURLForSlice(url, srcURL, start, end);
 
-    ASSERT(m_blobsForConnection.contains(connection));
-    ASSERT(m_blobsForConnection.find(connection)->value.contains(srcURL));
-    m_blobsForConnection.find(connection)->value.add(url);
+    ASSERT(mapIterator->value.contains(srcURL));
+    mapIterator->value.add(url);
 }
 
 void NetworkBlobRegistry::unregisterBlobURL(NetworkConnectionToWebProcess* connection, const WebCore::URL& url)
 {
+    // The connection may not be registered if NetworkProcess prevously crashed for any reason.
+    BlobForConnectionMap::iterator mapIterator = m_blobsForConnection.find(connection);
+    if (mapIterator == m_blobsForConnection.end())
+        return;
+
     blobRegistry().unregisterBlobURL(url);
 
-    ASSERT(m_blobsForConnection.contains(connection));
-    ASSERT(m_blobsForConnection.find(connection)->value.contains(url));
-    m_blobsForConnection.find(connection)->value.remove(url);
+    ASSERT(mapIterator->value.contains(url));
+    mapIterator->value.remove(url);
 }
 
 uint64_t NetworkBlobRegistry::blobSize(NetworkConnectionToWebProcess* connection, const WebCore::URL& url)