Closed Bug 1537940 Opened 5 years ago Closed 5 years ago

[Mac] With content sandbox disabled, processes "Not Responding" in Activity Monitor

Categories

(Core :: Security: Process Sandboxing, enhancement, P1)

Product:
Core
Component:
Security: Process Sandboxing
Version:
68 Branch
Platform:
Unspecified
macOS
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla68
Tracking Flags:
Tracking Status
firefox68 --- fixed

People

(Reporter: haik, Assigned: haik)

Details

Attachments

(1 file)

Bug 1537940 - [Mac] With content sandbox disabled, processes "Not Responding" in Activity Monitor r?Alex_Gaynor
47 bytes, text/x-phabricator-request
Details | Review

As reported by Jeff here https://bugzilla.mozilla.org/show_bug.cgi?id=1501121#c8, with the content sandbox disabled, content processes are showing up as "Not Responding" in the Activity Monitor.

Disabling the sandbox should only be used for testing/debugging, but we should still fix this problem.

Assignee: nobody → haftandilian
Priority: -- → P1

The call that prevents Activity Monitor from labeling content processes as "Not Responding" is CGSShutdownServerConnections(). Now that we've disabled the native event loop (bug 1426100), we need to call CGSShutdownServerConnections() regardless of whether or not the sandbox is enabled.

We normally call that from ContentChild.cpp:StartMacOSContentSandbox(), but when the sandbox is disabled, 1) StartMacOSContentSandbox() is not called because the parent doesn't send the SetProcessSandbox message and 2) we return early from StartMacOSContentSandbox() so it wouldn't be called anyway.

From ContentChild.cpp,

  static bool StartMacOSContentSandbox() {
    int sandboxLevel = GetEffectiveContentSandboxLevel();
    if (sandboxLevel < 1) {
      return false;
    }

    // Close all current connections to the WindowServer. This ensures that the
    // Activity Monitor will not label the content process as "Not responding"
    // because it's not running a native event loop. See bug 1384336.
    CGSShutdownServerConnections();

Move the CGSShutdownServerConnections() call from StartMacOSContentSandbox() to RecvInitRendering() so that it is called regardless of whether or not the sandbox is enabled. Whether or not we need CGSShutdownServerConnections() depends on whether or not we use the native event loop which is independent of sandboxing.

Pushed by haftandilian@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/7d8d318ea062
[Mac] With content sandbox disabled, processes "Not Responding" in Activity Monitor r=Alex_Gaynor

https://hg.mozilla.org/mozilla-central/rev/7d8d318ea062

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox68: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla68
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: