Issue metadata
Sign in to add a comment
|
Follow-up on 10.12-specific crashes for 27__CFPasteboardDeallocate |
||||||||||||||||||||||
Issue descriptionChrome Version : 70.0.3534.4 OS Version: Mac 10.12 Follow-up to Issue 877979 to ensure the crashes are properly dealt with. """ nothing appears on m71 or m70 beta/stable channels. That CL will change stack signatures, so let's use this link (27__CFPasteboardDeallocate): https://crash.corp.google.com/browse?q=EXISTS+%28SELECT+1+FROM+UNNEST%28CrashedStackTrace.StackFrame%29+WHERE+FunctionName%3D%27__CFPasteboardDeallocate%27%29#-propertyselector,samplereports,productname:1000,+productversion,magicsignature:50,-magicsignature2:50,-stablesignature:50,-magicsignaturesorted:50 there are actually 5 magic signatures that are hit, this bug is just one of them (at 23%) more are actually under -[WebDragSource startDrag] (71%), and that one is *only* on 10.13, with no crashes on 10.12 :/. There's an old bug - Issue 509652 - I guess that regressed in 10.13. Filed Issue 879412. Restricting to 10.12: https://crash.corp.google.com/browse?q=EXISTS+%28SELECT+1+FROM+UNNEST%28CrashedStackTrace.StackFrame%29+WHERE+FunctionName%3D%27__CFPasteboardDeallocate%27%29+AND+expanded_custom_data.ChromeCrashProto.os_family%3D%2710.12+%28Sierra%29%27#-propertyselector,productname:1000,+magicsignature:50,-magicsignature2:50,-stablesignature:50,operatingsystem,-magicsignaturesorted:50 that shows the crashes also coming from -[CocoaDragDropDataProvider .cxx_destruct], but they went away in m67. """
,
Sep 15
The NextAction date has arrived: 2018-09-15
,
Sep 16
still nothing since 70.0.3535.0 but there are crashes on m69 stable, now with a new stack: - https://crash.corp.google.com/browse?q=expanded_custom_data.ChromeCrashProto.magic_signature_1.name%3D%27DragDownloadItem%27 So the merge didn't fix anything, but it has allowed us to confirm this is still a problem a lot sooner than we would otherwise have been able to. 0x00007fffb010ee89 (libdispatch.dylib + 0x00008e89 ) _dispatch_semaphore_dispose 0x00007fffb0108854 (libdispatch.dylib + 0x00002854 ) _dispatch_dispose 0x00007fff9aa71c36 (CoreFoundation + 0x0014dc36 ) ____CFPasteboardDeallocate_block_invoke 0x00007fff9aa68bf6 (CoreFoundation + 0x00144bf6 ) __CFPasteboardCacheAccessSandboxExtensionState 0x00007fff9aa324f6 (CoreFoundation + 0x0010e4f6 ) __CFPasteboardDeallocate 0x00007fff9aa791a2 (CoreFoundation + 0x001551a2 ) _CFRelease 0x00007fff98b66299 (AppKit + 0x00708299 ) -[NSPasteboard dealloc] 0x00007fffaf84c3bc (libobjc.A.dylib + 0x0000a3bc ) (anonymous namespace)::AutoreleasePoolPage::pop(void*) 0x00007fff9a96a025 (CoreFoundation + 0x00046025 ) _CFAutoreleasePoolPop 0x00007fff98743b89 (AppKit + 0x002e5b89 ) NSCoreDragTrackingProc 0x00007fff9967fbbe (HIServices + 0x0000bbbe ) DoTrackingMessage 0x00007fff99680df7 (HIServices + 0x0000cdf7 ) SendTrackingMessage 0x00007fff99680028 (HIServices + 0x0000c028 ) DragInApplication 0x00007fff9967f0b2 (HIServices + 0x0000b0b2 ) CoreDragStartDragging 0x00007fff9874292b (AppKit + 0x002e492b ) -[NSCoreDragManager _dragUntilMouseUp:accepted:] 0x00007fff9873f8b5 (AppKit + 0x002e18b5 ) -[NSCoreDragManager dragImage:fromWindow:at:offset:event:pasteboard:source:slideBack:] 0x00007fff9873f3fb (AppKit + 0x002e13fb ) -[NSWindow(NSDrag) dragImage:at:offset:event:pasteboard:source:slideBack:] 0x0000000115277c96 (Google Chrome Framework -download_item_drag_mac.mm:41 ) DragDownloadItem(download::DownloadItem const*, gfx::Image*, NSView*) 0x00000001153f983d (Google Chrome Framework -download_item_view.cc:433 ) DownloadItemView::OnMouseDragged(ui::MouseEvent const&) 0x0000000114399b52 (Google Chrome Framework -view.cc:2466 ) views::View::ProcessMouseDragged(ui::MouseEvent const&) 0x0000000114399739 (Google Chrome Framework -view.cc:1105 ) views::View::OnMouseEvent(ui::MouseEvent*) 0x000000011431fb18 (Google Chrome Framework -ink_drop_host_view.cc:279 ) views::InkDropHostView::OnMouseEvent(ui::MouseEvent*) 0x0000000113552df9 (Google Chrome Framework -event_handler.cc:32 ) ui::EventHandler::OnEvent(ui::Event*) 0x000000011355278d (Google Chrome Framework -event_dispatcher.cc:191 ) ui::EventDispatcher::ProcessEvent(ui::EventTarget*, ui::Event*) 0x00000001135525c3 (Google Chrome Framework -event_dispatcher.cc:86 ) ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget*, ui::Event*) 0x00000001143a382e (Google Chrome Framework -root_view.cc:426 ) views::internal::RootView::OnMouseDragged(ui::MouseEvent const&) 0x00000001143a8c32 (Google Chrome Framework -widget.cc:1242 ) views::Widget::OnMouseEvent(ui::MouseEvent*) 0x000000011432ea2c (Google Chrome Framework -bridged_content_view.mm:703 ) -[BridgedContentView mouseEvent:] 0x00000001143354a1 (Google Chrome Framework -cocoa_mouse_capture.mm:91 ) ___ZN5views17CocoaMouseCapture14ActiveEventTap4InitEv_block_invoke 0x00007fff986257f9 (AppKit + 0x001c77f9 ) _NSSendEventToObservers 0x00007fff98c1e23e (AppKit + 0x007c023e ) -[NSApplication(NSEvent) sendEvent:] 0x000000011272f73b (Google Chrome Framework -chrome_browser_application_mac.mm:328 ) __34-[BrowserCrApplication sendEvent:]_block_invoke 0x0000000112b0a279 (Google Chrome Framework + 0x02296279 ) base::mac::CallWithEHFrame(void () block_pointer) 0x000000011272f3e6 (Google Chrome Framework -chrome_browser_application_mac.mm:311 ) -[BrowserCrApplication sendEvent:] 0x00007fff98499426 (AppKit + 0x0003b426 ) -[NSApplication run]
,
Sep 16
Interestingly.. that signature points to Issue 883360 in the crash reporter, which suggests a fix in 70.0.3536.0 (r586903). So.. I think it's likely that avi has fixed the root cause of this already, but only for m70.
,
Oct 9
Last crash in 27__CFPasteboardDeallocate is still 70.0.3535.0 which was ~40 days ago. All still 10.12-only. I think we are out of the woods here. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by tapted@chromium.org
, Sep 6