New issue
Advanced search Search tips

Issue 754342 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Aug 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 1
Type: Bug-Regression
Proj-XR

Blocked on:
issue 762018

Blocking:
issue 753534



Sign in to add a comment

Attempting to enter VR too soon after canceling DON results in browser crash

Project Member Reported by bsheedy@chromium.org, Aug 10 2017

Issue description

Reproduction steps:
1. Go to https://webvr.info/samples/03-vr-presentation.html
2. Press the Enter VR button
3. Once the DON flow appears, immediately press the system back button
4. Once back on the WebVR page, press the Enter VR button again

Expected result: We return to the DON flow

Actual result: Browser crashes

Reproducible on ToT and Canary, but not Beta. VrCore 1.7.161000338

Stack trace from logcat:
08-10 17:37:01.073  9628  9628 F libc    : Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 9628 (m.chrome.canary)
08-10 17:37:01.073   521   521 W         : debuggerd: handling request: pid=9628 uid=10160 gid=10160 tid=9628
08-10 17:37:01.162 10082 10082 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
08-10 17:37:01.162 10082 10082 F DEBUG   : Build fingerprint: 'google/sailfish/sailfish:7.1.1/NMF26U/3562008:userdebug/dev-keys'
08-10 17:37:01.162 10082 10082 F DEBUG   : Revision: '0'
08-10 17:37:01.163 10082 10082 F DEBUG   : ABI: 'arm'
08-10 17:37:01.163 10082 10082 F DEBUG   : pid: 9628, tid: 9628, name: m.chrome.canary  >>> com.chrome.canary <<<
08-10 17:37:01.163 10082 10082 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
08-10 17:37:01.163 10082 10082 F DEBUG   :     r0 00000000  r1 00000000  r2 80000000  r3 68d30b52
08-10 17:37:01.163 10082 10082 F DEBUG   :     r4 00000000  r5 f1c91008  r6 00000000  r7 f1c91008
08-10 17:37:01.163 10082 10082 F DEBUG   :     r8 12e57b80  r9 ef685400  sl 12ef1448  fp 12e4bf60
08-10 17:37:01.163 10082 10082 F DEBUG   :     ip c9e09ab1  sp ffb6f770  lr c9e47249  pc c9e47256  cpsr 800f0030
08-10 17:37:01.165 10082 10082 F DEBUG   : 
08-10 17:37:01.165 10082 10082 F DEBUG   : backtrace:
08-10 17:37:01.165 10082 10082 F DEBUG   :     #00 pc 001b4256  /data/app/com.google.vr.vrcore-1/lib/arm/libvrcore_native.so (gvr_resume_tracking_set_state+33)
08-10 17:37:01.165 10082 10082 F DEBUG   :     #01 pc 00176b01  /data/app/com.google.vr.vrcore-1/lib/arm/libvrcore_native.so (Java_com_google_vr_ndk_base_GvrApi_nativeResumeTrackingSetState+80)
08-10 17:37:01.166 10082 10082 F DEBUG   :     #02 pc 00685eed  /data/app/com.google.vr.vrcore-1/oat/arm/base.odex (offset 0x443000)
 
Blocking: 753534
Labels: M-62
Owner: mthiesse@chromium.org
Status: Assigned (was: Available)
Status: Started (was: Assigned)
Labels: -Type-Bug -M-62 M-61 ReleaseBlock-Stable Type-Bug-Regression
This is showing up in M61. Trying to track down when this regressed, I think it's a combination of our DON flow changes since M60, and probably VrCore bugs.

It's not looking good for actually fixing though. We can probably work around this by delaying VR entry when failing the DON flow.
Filed b/64899104 to track the proper fix. Workaround in https://chromium-review.googlesource.com/c/624294
Project Member

Comment 7 by bugdroid1@chromium.org, Aug 21 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e3933714711e80b2123f7f0b8c951c2960a2653d

commit e3933714711e80b2123f7f0b8c951c2960a2653d
Author: Michael Thiessen <mthiesse@chromium.org>
Date: Mon Aug 21 20:08:30 2017

VR: Work around Daydream crash when entering VR after cancelling DON.

This CL adds a timeout when the DON flow fails to prevent triggering
the DON flow again before VrCore's internal state has been reset.
The long timeout is necessary because we have no insight into when the
VrCore internal state will be reset, though it usually happens in ~5
seconds.

Bug:  754342 
Change-Id: I7634c080581fa2eb65ca113ed393dcba5677407b
Reviewed-on: https://chromium-review.googlesource.com/624294
Reviewed-by: Biao She <bshe@chromium.org>
Commit-Queue: Michael Thiessen <mthiesse@chromium.org>
Cr-Commit-Position: refs/heads/master@{#496035}
[modify] https://crrev.com/e3933714711e80b2123f7f0b8c951c2960a2653d/chrome/android/java/src/org/chromium/chrome/browser/vr_shell/VrShellDelegate.java

Unfortunately I think we're too close to stable cut to wait for the VrCore fix, so we'll have to merge back the workaround and live with it for M61. M62 should be able to remove the workaround and bump the minimum support gvr version.

Will wait for this to hit canary then request a merge.
Labels: Merge-Request-61
Project Member

Comment 10 by sheriffbot@chromium.org, Aug 23 2017

Labels: -Merge-Request-61 Merge-Review-61 Hotlist-Merge-Review
This bug requires manual review: We are only 12 days from stable.
Please contact the milestone owner if you have questions.
Owners: amineer@(Android), cmasso@(iOS), ketakid@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: -Merge-Review-61 Merge-Approved-61
We can take this final change, but we won't be accepting any more for VR past this.  Approved for 61 branch 3163.
Project Member

Comment 12 by bugdroid1@chromium.org, Aug 28 2017

Labels: -merge-approved-61 merge-merged-3163
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d990489c4b01bfe11624eab31d99c29d70fe0459

commit d990489c4b01bfe11624eab31d99c29d70fe0459
Author: Michael Thiessen <mthiesse@chromium.org>
Date: Mon Aug 28 14:24:08 2017

VR: Work around Daydream crash when entering VR after cancelling DON.

This CL adds a timeout when the DON flow fails to prevent triggering
the DON flow again before VrCore's internal state has been reset.
The long timeout is necessary because we have no insight into when the
VrCore internal state will be reset, though it usually happens in ~5
seconds.

TBR=mthiesse@chromium.org

(cherry picked from commit e3933714711e80b2123f7f0b8c951c2960a2653d)

Bug:  754342 
Change-Id: I7634c080581fa2eb65ca113ed393dcba5677407b
Reviewed-on: https://chromium-review.googlesource.com/624294
Reviewed-by: Biao She <bshe@chromium.org>
Commit-Queue: Michael Thiessen <mthiesse@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#496035}
Reviewed-on: https://chromium-review.googlesource.com/638251
Reviewed-by: Michael Thiessen <mthiesse@chromium.org>
Cr-Commit-Position: refs/branch-heads/3163@{#922}
Cr-Branched-From: ff259bab28b35d242e10186cd63af7ed404fae0d-refs/heads/master@{#488528}
[modify] https://crrev.com/d990489c4b01bfe11624eab31d99c29d70fe0459/chrome/android/java/src/org/chromium/chrome/browser/vr_shell/VrShellDelegate.java

Status: Fixed (was: Started)
Blockedon: 762018
Labels: Test-Manual
Components: Internals>XR

Sign in to add a comment