How can Google Chrome isolate tabs into separate processes while looking like a single application?
Basically, they use another process that glues them all together into the GUI.
Google Chrome creates three different types of processes: browser, renderers, and plug-ins.
Browser: There's only one browser process, which manages the tabs, windows, and "chrome" of the browser. This process also handles all interactions with the disk, network, user input, and display, but it makes no attempt to parse or render any content from the web.
Renderers: The browser process creates many renderer processes, each responsible for rendering web pages. The renderer processes contain all the complex logic for handling HTML, JavaScript, CSS, images, and so on. Chrome achieves this using the open source WebKit rendering engine, which is also used by Apple's Safari web browser. Each renderer process is run in a sandbox, which means it has almost no direct access to the disk, network, or display. All interactions with web apps, including user input events and screen painting, must go through the browser process. This lets the browser process monitor the renderers for suspicious activity, killing them if it suspects an exploit has occurred.
Plug-ins: The browser process also creates one process for each type of plug-in that is in use, such as Flash, Quicktime, or Adobe Reader. These processes just contain the plug-ins themselves, along with some glue code to let them interact with the browser and renderers.
In this context, the fundamental design is interesting.
Here are the relevant design documents, in particular the multi-process architecture section.
An architectural overview:
I just gave the first answer (the one explaining 'browser' vs 'renderers' vs 'plugins'an uptick...that seems the most complete and makes good sense to me.
The only thing I'll add are just a few comments more about WHY Google's designis the way it is, and give an opinion about why it's always been my first choicefor an overall/every-day browser. (Tho I realize that HOW (and not WHY) was the question being asked.)
Designing so that individual components have their code in separate processes allows the OS to'memory-protect' processes from accidently (or on purpose) modifying each other in ways not explicitly designed-in.
The only parts in such a design that can both read and write shared data are thoseparts that are designed to NEED to access that data, and allows control on whetherthat access is just 'read' access or 'read' and 'write' access, etc. And, sincethose access controls are implemented in the hardware, they are firm guaranteesthat the access rules cannot be violated. Thus, plugins and extensionsfrom other authors and companies, running in separate tabs/processes, cannotbreak each other.
Such a design has the effect that it minimises the chances of changingsome code or data that wasn't designed to be changed. This is for securityreasons and makes for more reliable, less buggy code.
The mere fact Google has such an intricate design is, to me, good testimony tofact that Google seems to have an excellent grasp of these concepts and hasbuilt a superior product. (That said, as a web-developer, we still must testour web code with multiple browsers. And, browsers such as Firefox, havingbeen around for a long time and having an excellent group of web-developer related'add-ons' still has some advantages for some tasks.)
But, for everyday overall browser use, for almost all tasks, the Chrome browserhas become my first choice. (Just my opinion, and of course, YMMV.)