In fixing a Mac bug, I recently added a layer to intercept
-[NSApplication sendAction:to:from:] and make sure a certain message
wasn't forwarded if the target was known to be freed.  Since this is
sort of a core function for event dispatch, now we're seeing
crashdumps with my new method on the stack.  I don't think it's a new
problem.

In researching it, I realize that it maybe gives us a hook for
tracking down some very random browser crashers we see, where there's
a stack of generic Cocoa methods.  I could register a crash key which
would report the action that is being sent, and the class of the
sender.  If there is anything interesting which could be derived about
the potentially-freed target, that could be reported, too.  AFAICT,
it's a matter of calling SetCrashKeyValue() and ClearCrashKeyValue()
at the appropriate spots.

AFAICT, we don't dynamically call SetCrashKeyValue() anywhere, we
mostly just call it a couple times at startup.  Is the approach I
suggest feasible?

-scott

PS: The kind of backtrace I'm speaking of are those associated with
http://crbug.com/13111 .  They used to look like:
0x9518c688       [libobjc.A.dylib        + 0x00015688]   objc_msgSend
0x953fddcb       [AppKit         + 0x00111dcb]   -[NSControl sendAction:to:]
0x953fdc51       [AppKit         + 0x00111c51]   -[NSCell _sendActionFrom:]
0x953fd2aa       [AppKit         + 0x001112aa]   -[NSCell
trackMouse:inRect:ofView:untilMouseUp:]
0x953fcafd       [AppKit         + 0x00110afd]   -[NSButtonCell
trackMouse:inRect:ofView:untilMouseUp:]
0x953fc3b7       [AppKit         + 0x001103b7]   -[NSControl mouseDown:]
0x953faaf6       [AppKit         + 0x0010eaf6]   -[NSWindow sendEvent:]
0x953c76a4       [AppKit         + 0x000db6a4]   -[NSApplication sendEvent:]
0x95324fe6       [AppKit         + 0x00038fe6]   -[NSApplication run]
0x02517eb2       [Google Chrome Framework        -
message_pump_mac.mm:482]
base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*)
0x02517f97       [Google Chrome Framework        -
message_pump_mac.mm:146]
base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*)
0x025148f3       [Google Chrome Framework        -
message_loop.cc:199]  MessageLoop::Run()
0x0218a0da       [Google Chrome Framework        -
browser_main.cc:152] BrowserMain(MainFunctionParams const&)
0x020cadcf       [Google Chrome Framework        -
chrome_dll_main.cc:603]       ChromeMain
0x00001fc5       [Google Chrome  + 0x00000fc5]

Now they'll have a line like this at the top:
0x000ec978       [Google Chrome Framework        -
chrome_application_mac.mm:83] -[CrApplication sendAction:to:from:]

That's where I can hook in to record a bit for breakpad.

--~--~---------~--~----~------------~-------~--~----~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
    http://groups.google.com/group/chromium-dev
-~----------~----~----~----~------~----~------~--~---

Reply via email to