diff --git a/lib/load_gen/activities/add_email.js b/lib/load_gen/activities/add_email.js
index 6ec6a4bd87bbcf073f3f0c2687a9091527c91e12..ba02e14aceeeeddfb922ea615498588ddfa38b26 100644
--- a/lib/load_gen/activities/add_email.js
+++ b/lib/load_gen/activities/add_email.js
@@ -87,7 +87,7 @@ exports.startFunc = function(cfg, cb) {
       email: email,
       site: userdb.any(user.sites)
     }, function (r) {
-      if (r.code !== 200) {
+      if (!r || r.code !== 200) {
         var msg = 'failed to add email: ' + email + ' to existing user ' +
           user.emails[0];
         winston.error(msg);
@@ -97,7 +97,7 @@ exports.startFunc = function(cfg, cb) {
       wcli.get(cfg, '/wsapi/fake_verification', context, {
         email: email
       }, function (r) {
-        if (r.code !== 200) {
+        if (!r || r.code !== 200) {
           var err ='failed to fetch verification token for email: ' + email;
           winston.error(err);
           return cb(err);
diff --git a/lib/load_gen/activities/reset_pass.js b/lib/load_gen/activities/reset_pass.js
index 4f4d02a5869a1c14431fddafe8287aa6265cfda4..e051eca168c8a307ff152eabb88ec247c1dbd133 100644
--- a/lib/load_gen/activities/reset_pass.js
+++ b/lib/load_gen/activities/reset_pass.js
@@ -80,21 +80,25 @@ exports.startFunc = function(cfg, cb) {
     email: email,
     site: userdb.any(user.sites)
   }, function (r) {
-    if (r.code !== 200) return cb(false);
+    if (!r || r.code !== 200) return cb(false);
     // now get the verification secret
     wcli.get(cfg, '/wsapi/fake_verification', context, {
       email: email
     }, function (r) {
-      if (r.code !== 200) return cb(false);
+      if (!r || r.code !== 200) return cb(false);
       // and simulate clickthrough
       wcli.post(cfg, '/wsapi/complete_user_creation', context, {
         token: r.body,
         pass: user.password
       }, function (r) {
-        r.body = JSON.parse(r.body);
-        if (r.code !== 200 || r.body.success !== true) {
+        if (!r || r.code !== 200) {
           return cb("failed to complete user creation");
         }
+        try {
+          if (JSON.parse(r.body).success !== true) throw "failed";
+        } catch(e) {
+          return cb("failed to complete user creation (body doesn't have .success === true)");
+        }
         // and now let's log in with this email address
         common.authAndKey(cfg, user, context, email, function(err) {
           if (err) return cb(err);
diff --git a/lib/load_gen/activities/signup.js b/lib/load_gen/activities/signup.js
index cd62201a22edef67b4f3d05ff14e669465b915e9..0ea44f1c230778d0143970a6ccf388e01fe10049 100644
--- a/lib/load_gen/activities/signup.js
+++ b/lib/load_gen/activities/signup.js
@@ -95,20 +95,24 @@ exports.startFunc = function(cfg, cb) {
     email: email,
     site: userdb.any(user.sites)
   }, function (r) {
-    if (r.code !== 200) return cb(false);
+    if (!r || r.code !== 200) return cb(false);
     // now get the verification secret
     wcli.get(cfg, '/wsapi/fake_verification', context, {
       email: email
     }, function (r) {
-      if (r.code !== 200) return cb(false);
+      if (!r || r.code !== 200) return cb(false);
       // and simulate clickthrough
       wcli.post(cfg, '/wsapi/complete_user_creation', context, {
         token: r.body,
         pass: user.password
       }, function (r) {
-        r.body = JSON.parse(r.body);
-        if (r.code !== 200 || r.body.success !== true) {
-          return cb("failed to complete user creation");
+        try {
+          r.body = JSON.parse(r.body);
+          if (r.code !== 200 || r.body.success !== true) {
+            throw "non-success";
+          }
+        } catch(e) {
+          return cb("failed to complete user creation: " + e);
         }
         // and now let's log in with this email address
         common.authAndKey(cfg, user, context, email, function(err) {