New issue
Advanced search Search tips

Issue 912273 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Dec 7
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 3
Type: Bug

Blocking:
issue 891670



Sign in to add a comment

Timer invalidation causes nested native Mac run loop to live-lock

Project Member Reported by skyostil@google.com, Dec 5

Issue description

The use of private APIs to invalidate CFRunLoopTimers in the Mac message pump causes a live-lock with nested native run loop.
 
Blocking: 891670
Project Member

Comment 2 by bugdroid1@chromium.org, Dec 7

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5ced2c85be2a0d0cb4ac73933578a4373fcb4275

commit 5ced2c85be2a0d0cb4ac73933578a4373fcb4275
Author: Sami Kyostila <skyostil@chromium.org>
Date: Fri Dec 07 10:36:43 2018

mac: Add workaround for native run loop live-lock

This patch adds a workaround and a test for a scenario where the invalidation
of the delayed work timer (using non-public APIs) causes a nested native run
loop to hang. The exact root cause of the hang is unknown since it involves the
closed-source Core Foundation runtime, but the steps needed to trigger it are:

  1. Post a delayed task that will run some time after step #4.
  2. Allow Chrome tasks to run in nested run loops (with
     ScopedNestableTaskAllower).
  3. Allow running Chrome tasks during private run loop modes (with
     ScopedPumpMessagesInPrivateModes).
  4. Open a pop-up menu via [NSMenu popupContextMenu]. This will start a
     private native run loop to process menu interaction.
  5. In a posted task, close the menu with [NSMenu cancelTracking].

At this point the menu closes visually but the nested run loop (flakily)
hangs forever in a live-lock, i.e., Chrome tasks keep executing but the
NSMenu call in #4 never returns.

The workaround is to avoid timer invalidation during nested native run loops.

DANGER: As the pop-up menu captures keyboard input, the bug will make the
machine's keyboard inoperable during the live-lock. Use a TTY-based remote
terminal such as SSH (as opposed to Chromoting) to investigate the issue.

Bug:  912273 , 891670
Change-Id: I76562ddbf45f714397d7cb385f5f690d64e377d0
Reviewed-on: https://chromium-review.googlesource.com/c/1363208
Commit-Queue: Sami Kyöstilä <skyostil@chromium.org>
Reviewed-by: François Doray <fdoray@chromium.org>
Cr-Commit-Position: refs/heads/master@{#614658}
[modify] https://crrev.com/5ced2c85be2a0d0cb4ac73933578a4373fcb4275/base/message_loop/message_pump_mac.h
[modify] https://crrev.com/5ced2c85be2a0d0cb4ac73933578a4373fcb4275/base/message_loop/message_pump_mac.mm
[modify] https://crrev.com/5ced2c85be2a0d0cb4ac73933578a4373fcb4275/base/message_loop/message_pump_mac_unittest.mm

Status: Fixed (was: Started)

Sign in to add a comment