Code Monkey home page Code Monkey logo

Comments (4)

krackers avatar krackers commented on August 21, 2024

That seems to be a crash report for the crash reporter itself, which crashed when trying to demangle a symbol. It was responding to a chromium crash through. Very weird, is there another way on osx to get core dumps (running in lldb would certainly do it, but not sure if there's a less heavy-handed way)

from chromium-legacy.

aeiouaeiouaeiouaeiouaeiouaeiou avatar aeiouaeiouaeiouaeiouaeiouaeiou commented on August 21, 2024

lldb result:

Process 43053 stopped
* thread #1: tid = 0x1aa1c, 0x00007fff8f8fc259 libobjc.A.dylib`objc_msgSend + 25, name = 'CrBrowserMain', queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x1e3513900)
    frame #0: 0x00007fff8f8fc259 libobjc.A.dylib`objc_msgSend + 25
libobjc.A.dylib`objc_msgSend + 25:
-> 0x7fff8f8fc259:  movq   0x10(%r10,%rax,8), %r11
   0x7fff8f8fc25e:  incl   %eax
   0x7fff8f8fc260:  testq  %r11, %r11
   0x7fff8f8fc263:  je     0x7fff8f8fc29b            ; objc_msgSend + 91
(lldb) bt
* thread #1: tid = 0x1aa1c, 0x00007fff8f8fc259 libobjc.A.dylib`objc_msgSend + 25, name = 'CrBrowserMain', queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x1e3513900)
  * frame #0: 0x00007fff8f8fc259 libobjc.A.dylib`objc_msgSend + 25
    frame #1: 0x0000000108d2c537 Chromium Framework`-[MenuControllerCocoaDelegateImpl dealloc] + 119
    frame #2: 0x000000010b25d90d Chromium Framework`RenderViewContextMenuMacCocoa::~RenderViewContextMenuMacCocoa() + 109
    frame #3: 0x000000010b25d9be Chromium Framework`RenderViewContextMenuMacCocoa::~RenderViewContextMenuMacCocoa() + 14
    frame #4: 0x000000010b270d41 Chromium Framework`ChromeWebContentsViewDelegateViewsMac::~ChromeWebContentsViewDelegateViewsMac() + 81
    frame #5: 0x0000000103e66834 Chromium Framework`content::WebContentsViewMac::~WebContentsViewMac() + 356
    frame #6: 0x0000000103e6697e Chromium Framework`content::WebContentsViewMac::~WebContentsViewMac() + 14
    frame #7: 0x0000000103d7a8f5 Chromium Framework`content::WebContentsImpl::~WebContentsImpl() + 2965
    frame #8: 0x0000000103d7b1ce Chromium Framework`content::WebContentsImpl::~WebContentsImpl() + 14
    frame #9: 0x000000010b0c1692 Chromium Framework`TabStripModel::SendDetachWebContentsNotifications(TabStripModel::DetachNotifications*) + 770
    frame #10: 0x000000010b0c3f92 Chromium Framework`TabStripModel::CloseTabs(base::span<content::WebContents* const, 18446744073709551615ul>, unsigned int) + 786
    frame #11: 0x000000010b0c43f6 Chromium Framework`TabStripModel::CloseWebContentsAt(int, unsigned int) + 70
    frame #12: 0x0000000103da491c Chromium Framework`content::WebContentsImpl::Close(content::RenderViewHost*) + 140
    frame #13: 0x00000001021705b9 Chromium Framework`blink::mojom::LocalMainFrame_ClosePage_ForwardToCallback::Accept(mojo::Message*) + 41
    frame #14: 0x0000000105a2b198 Chromium Framework`mojo::InterfaceEndpointClient::HandleValidatedMessage(mojo::Message*) + 1080
    frame #15: 0x0000000105a2fc63 Chromium Framework`mojo::MessageDispatcher::Accept(mojo::Message*) + 211
    frame #16: 0x0000000105a2c590 Chromium Framework`mojo::InterfaceEndpointClient::HandleIncomingMessage(mojo::Message*) + 80
    frame #17: 0x000000010604c7c3 Chromium Framework`IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread(mojo::Message) + 291
    frame #18: 0x000000010604a146 Chromium Framework`base::internal::Invoker<base::internal::BindState<void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::*)(mojo::Message), scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController>, mojo::Message>, void ()>::RunOnce(base::internal::BindStateBase*) + 70
    frame #19: 0x000000010584fdf1 Chromium Framework`base::TaskAnnotator::RunTaskImpl(base::PendingTask&) + 257
    frame #20: 0x00000001058683af Chromium Framework`base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*) + 1103
    frame #21: 0x0000000105867d26 Chromium Framework`base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() + 134
    frame #22: 0x0000000105868a45 Chromium Framework`non-virtual thunk to base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() + 21
    frame #23: 0x00000001058afd67 Chromium Framework`base::MessagePumpCFRunLoopBase::RunWork() + 215
    frame #24: 0x00000001058a90c2 Chromium Framework`base::mac::CallWithEHFrame(void () block_pointer) + 10
    frame #25: 0x00000001058af3ef Chromium Framework`base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 63
    frame #26: 0x00007fff90117b31 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
    frame #27: 0x00007fff90117455 CoreFoundation`__CFRunLoopDoSources0 + 245
    frame #28: 0x00007fff9013a7f5 CoreFoundation`__CFRunLoopRun + 789
    frame #29: 0x00007fff9013a0e2 CoreFoundation`CFRunLoopRunSpecific + 290
    frame #30: 0x00007fff8c874eb4 HIToolbox`RunCurrentEventLoopInMode + 209
    frame #31: 0x00007fff8c874c52 HIToolbox`ReceiveNextEventCommon + 356
    frame #32: 0x00007fff8c874ae3 HIToolbox`BlockUntilNextEventMatchingListInMode + 62
    frame #33: 0x00007fff95c82533 AppKit`_DPSNextEvent + 685
    frame #34: 0x00007fff95c81df2 AppKit`-[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
    frame #35: 0x00000001056a87d0 Chromium Framework`__71-[BrowserCrApplication nextEventMatchingMask:untilDate:inMode:dequeue:]_block_invoke + 64
    frame #36: 0x00000001058a90c2 Chromium Framework`base::mac::CallWithEHFrame(void () block_pointer) + 10
    frame #37: 0x00000001056a8709 Chromium Framework`-[BrowserCrApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 153
    frame #38: 0x00007fff95c791a3 AppKit`-[NSApplication run] + 517
    frame #39: 0x00000001058b051c Chromium Framework`base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*) + 300
    frame #40: 0x00000001058aeeac Chromium Framework`base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 140
    frame #41: 0x0000000105868d45 Chromium Framework`base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) + 293
    frame #42: 0x000000010582d8de Chromium Framework`base::RunLoop::Run(base::Location const&) + 414
    frame #43: 0x000000010371e4fb Chromium Framework`content::BrowserMainLoop::RunMainMessageLoop() + 187
    frame #44: 0x000000010371ffc2 Chromium Framework`content::BrowserMainRunnerImpl::Run() + 18
    frame #45: 0x000000010371c088 Chromium Framework`content::BrowserMain(content::MainFunctionParams) + 136
    frame #46: 0x00000001051f3528 Chromium Framework`content::RunBrowserProcessMain(content::MainFunctionParams, content::ContentMainDelegate*) + 152
    frame #47: 0x00000001051f43ef Chromium Framework`content::ContentMainRunnerImpl::RunBrowser(content::MainFunctionParams, bool) + 303
    frame #48: 0x00000001051f4217 Chromium Framework`content::ContentMainRunnerImpl::Run() + 647
    frame #49: 0x00000001051f2757 Chromium Framework`content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) + 295
    frame #50: 0x00000001051f2eaf Chromium Framework`content::ContentMain(content::ContentMainParams) + 95
    frame #51: 0x00000001010036f5 Chromium Framework`ChromeMain + 517
    frame #52: 0x0000000100000ef1 _Chromium`main + 289

from chromium-legacy.

krackers avatar krackers commented on August 21, 2024

I'm not too comfortable with obj-c debugging, but it seems like this is somehow a use after free? Or in objc terms, somehow involving a "zombie object"?

There seems to be an env var NSZombieEnabled that you can set which you can use that will print out more information

https://gist.github.com/JeOam/e62c95a0b4c21974bcf6

http://shrdlu.ch/debugging-bad_access-with-nszombieenabled/

But I think this would probably blow up memory usage if tried with Chromium so it may not be practical.

Have you verified whether it occurs on upstream or not?

from chromium-legacy.

aeiouaeiouaeiouaeiouaeiouaeiou avatar aeiouaeiouaeiouaeiouaeiouaeiou commented on August 21, 2024

1094596 work like a charm and apparently this problem has been fixed.

from chromium-legacy.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.