Touch Bar crashes host apps, disproportionately affects apps linked against older SDK

Originator:jalkut
Number:rdar://29537507 Date Originated:06-Dec-2016 03:00 PM
Status:Open Resolved:
Product:macOS + SDK Product Version:10.12.2 (16C60b)
Classification:Serious Bug Reproducible:Always
 
Area:
AppKit

Summary:
I have received a fair number of crash reports from users since Touch Bar MacBookPros were released, implicating, as far as I can tell, the infrastructure supporting the Touch Bar in AppKit.

Typical crash reports come with an explanation that the user had just woken their MacBook from sleep. My theory is that sleeping and then unsleeping a MacBook with real physical Touch Bar has the same or similar effect on Touch Bar infrastructure as showing/hiding the Xcode Touch Bar simulator.

As I developed a standalone Touch Bar simulator, Touché, I was able to tweak it to "fuzz" the Touch Bar infrastructure by showing/hiding very frequently to increase the odds of a crash. With my tweaked Touch Bar simulator, I can readily crash various processes on the system, including SystemUIServer.

The most significant crash to profile to the general public seems to be the very one that is most reported against my apps: a crash in CALayer related code, culminating from -[DFRElement dealloc]. I'm attaching a crash log from Alfred just to demonstrate that this crash profile is not limited to my own apps. I suspect that apps linked against a certain vintage SDK are either exclusively, or more likely to be victimized by this crash.

I'm also including the source code for my custom version of Touché, configured in such a way that if you build and run, app such as MarsEdit should crash shortly after starting to use them.

Steps to Reproduce:
1. Download MarsEdit and launch MarsEdit.

https://red-sweater.com/marsedit/

2. Open attached project.
3. Build and run, so that Touché displays its virutal touch bar window and toggles it rapidly.
4. Navigate to MarsEdit, use it lightly. Perhaps switch away and back to it.


Expected Results:
The Touch Bar infrastructure should not expose host apps to crashing behavior.

Actual Results:
Various host apps including MarsEdit will crash in -[DFRElement dealloc] as a result of the Touch Bar infrastructure being started and stopped.


Version:
10.12.2 (16C60b) 

Notes:


Configuration:


Attachments:
'Alfred_2016-12-02-145143_Macho.crash', 'ToucheHack.zip' and 'MarsEdit_2016-12-06-145851_Macho.crash' were successfully uploaded.

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!