Breakpad's exception handler for macOS catches the following exceptions:

• EXC_BAD_ACCESS
• EXC_BAD_INSTRUCTION
• EXC_ARITHMETIC
• EXC_BREAKPOINT

Looking at macOS headers and Crashpad's implementation we're probably missing quite a few. It's worth investigating if we want to catch the following ones too which should cover OOM crashes:

• EXC_RESOURCE
• EXC_GUARD

There's a few more that we might also want to include but they're not well documented so it's hard to tell what they do exactly (and if we should catch them):

• EXC_SYSCALL
• EXC_MACH_SYSCALL
• EXC_RPC_ALERT
• EXC_CRASH
• EXC_CORPSE_NOTIFY

EXC_SYSCALL and EXC_MACH_SYSCALL might be useful for the sandbox but the documentation doesn't clarify if they're raised for all syscalls or just the ones that would trigger an issue (like SIGSYS on Linux). It is unclear what EXC_RPC_ALERT and EXC_CORPSE_NOTIFY are. EXC_CRASH seems to be a catch-all for crashes so it might also be worth investigating.

Since there's no detailed documentation I'll have to dig in the macOS kernel sources and do some experiments. Crashpad is also a useful resource but the exception handler has moved away from catching mach exceptions to catching signals like on Linux. This is because over time the macOS kernel has been modified to deliver some mach exceptions as signals (presumably if they aren't caught first). I'd rather stick to the exceptions if possible in our exception handler because the exception-to-signal translation seems to have changed over time, so I don't want to rely too much on it, it doesn't appear to be a stable interface.

Bug 1722827 is an example of a recent crash with an exception type EXC_GUARD that we know about because of user reports. (In this case it appears to be a new macOS Beta bug.)

After a thorough round of code reading in Apple's sources it seems like EXC_RESOURCE is what we're looking for OOMs, but also stands in for a bunch of other limits such as CPU ones (think SIGXCPU on Linux). EXC_GUARD is thrown by a bunch of different errors such as doing invalid operations on files, hitting guard pages or messing up with mach ports. Everty type of exception has a bunch of subcodes, flavors and fields that describe what actually happened (e.g. if we attempted a write to a guarded file descriptor we'll get both the operation and the file descriptor number in the subcode). Both will require some surgery to Breakpad and the corresponding functionality should be implemented in rust-minidump too.

Since it's a bunch of stuff and not all of it is straightforward I'll turn this bug into a meta and file bugs for every single exception we need to add.

/me sighs heavily

I'm also adding bug 1035892 as a dependency because - unknown to me - without the change I did there we wouldn't have been able to extract the information from these exceptions.