Crash on running --mus on device |
||||||||
Issue descriptionHere's the stack: [24158:24158:1214/121827.729861:FATAL:interface_endpoint_client.cc(224)] Check failed: (sequence_checker_).CalledOnValidSequence(). #0 0x7f7d56a67e6c base::debug::StackTrace::StackTrace() #1 0x7f7d56a86be3 logging::LogMessage::~LogMessage() #2 0x7f7d576d8e85 mojo::InterfaceEndpointClient::Accept() #3 0x7f7d54346647 display::mojom::NativeDisplayObserverProxy::OnConfigurationChanged() #4 0x7f7d54324efe ui::DrmNativeDisplayDelegate::OnConfigurationChanged() #5 0x7f7d54320543 ui::DrmDisplayHostManager::OnGpuThreadReady() #6 0x7f7d543223a2 ui::DrmGpuPlatformSupportHost::OnChannelEstablished() #7 0x7f7d53f8ffb4 _ZN4base8internal7InvokerINS0_9BindStateIMN11google_apis19UrlFetchRequestBaseEFvvEJNS_7WeakPtrINS3_5drive30SingleBatchableDelegateRequestEEEEEEFvvEE3RunEPNS0_13BindStateBaseE #8 0x7f7d56a686c8 base::debug::TaskAnnotator::RunTask() #9 0x7f7d56b33cb6 base::internal::IncomingTaskQueue::RunTask() #10 0x7f7d56a8e39d base::MessageLoop::RunTask() #11 0x7f7d56a8e7a4 base::MessageLoop::DeferOrRunPendingTask() #12 0x7f7d56a8ea50 base::MessageLoop::DoWork() #13 0x7f7d56a90e09 base::MessagePumpLibevent::Run() #14 0x7f7d56a8dc0c base::MessageLoop::Run() #15 0x7f7d56abbff6 base::RunLoop::Run() #16 0x7f7d5667ee67 ChromeBrowserMainParts::MainMessageLoopRun() #17 0x7f7d54972c44 content::BrowserMainLoop::RunMainMessageLoopParts() #18 0x7f7d549761b3 content::BrowserMainRunnerImpl::Run() #19 0x7f7d5496e6fe content::BrowserMain() #20 0x7f7d56664ea4 content::RunNamedProcessTypeMain() #21 0x7f7d566659b7 content::ContentMainRunnerImpl::Run() #22 0x7f7d56671f49 service_manager::Main() #23 0x7f7d56664231 content::ContentMain() #24 0x7f7d53ecdf16 ChromeMain #25 0x7f7d51cab736 __libc_start_main #26 0x7f7d53ecdb79 _start I can pretty reliably (2 out of 2) reproduce this on tip of tree (524134) with a release build with DCHECKs enabled running on a pixel1. I added --mus and --enable-presentation-callback. I don't think the latter matters, but I mention it for completeness. Rob, are you the right owner for this?
,
Dec 14 2017
I think this is happening because with --mus, the display config is happening on the UI thread but the NDD delegate is running on the mus thread yes? sadrul@ your changes are most likely to have affected this? Care to take a look?
,
Dec 14 2017
Namely, this is problematic line where ozone is going to UI instead of WS. https://cs.chromium.org/chromium/src/ui/ozone/platform/drm/host/drm_gpu_platform_support_host.cc?type=cs&q=DrmGpuPlatformSupportHost::OnChannelEstablished&sq=package:chromium&l=123
,
Dec 16 2017
,
Jan 4 2018
With Sadrul's patch I get a hang. Specifically chrome main is blocked waiting for a sync call to finish. AFAICT this occurs because DrmDisplayHostManager::GpuHasUpdatedNativeDisplays() is no longer called with the patch. This is important as it appears GpuHasUpdatedNativeDisplays() is what triggers calling a callback that is responsible for triggering the sync call to complete. I don't know enough of the specifics of GpuHasUpdatedNativeDisplays to know why it isn't completing with Sadrul's patch.
,
Jan 5 2018
The CL referenced in comment #5: https://chromium-review.googlesource.com/c/chromium/src/+/830749 I think kylechar@ is going to look at it?
,
Jan 5 2018
Yep, I can look into this.
,
Jan 5 2018
,
Jan 5 2018
With sadruls patch the UI thread is deadlocked waiting the synchronous IPC mojom::NativeDisplayDelegate::Initialize(). An IPC response from the GPU process is routed to the UI thread, which is blocking waiting for mojom::NativeDisplayDelegate::Initialize, because the IPC is routed to the wrong thread here: https://cs.chromium.org/chromium/src/content/browser/gpu/gpu_process_host.cc?l=696&rcl=15d5aac54f5b11b8a9feff54ecb5c450d0e60515 There are a couple of places where we end up on the UI thread instead of the mus thread. We can try to fix all of them for --mus or if the new mojo Ozone path is workable that could be a cleaner solution?
,
Jan 5 2018
In hopes of shipping --mus sooner I'm looking to minimize risk. I suspect launching mojo ozone would bring additional risk. Is it possible to fix up the threading issues?
,
Jan 8 2018
Is possibly shipping the current --mus configuration slightly sooner worth taking engineers off finishing ozone/drm/mojo? The mojo path makes for a much cleaner fix for this that doesn't risk destabilizing CrOS or increase code debt.
,
Jan 8 2018
,
Jan 8 2018
I don't think we need to wit for ozone-mojo. I have updated https://chromium-review.googlesource.com/c/chromium/src/+/830749 to include a change that I *think* is going to address the deadlock mentioned in comment #9. (but I am WFH'ing, so can't test on a device yet; but I suspect something similar should help). I continue to think ozone-mojo should just replace ozone-legacy-ipc in all chrome, whether mus is turned on or not. Tying this with mus does not make a lot of sense to me.
,
Jan 11 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/53ce638c710f10525dc55b46bcb01b6a37e775bc commit 53ce638c710f10525dc55b46bcb01b6a37e775bc Author: Sadrul Habib Chowdhury <sadrul@chromium.org> Date: Thu Jan 11 00:52:46 2018 ozone/drm: Use the ctor task-runner if available. When running with --mus, OzonePlatform instance is created after the thread already has a task-runner. Use that as the task-runner for the UI thread from ozone-drm. If the task runner is not available during creation (which is the case with regular chrome), then get the task runner from the caller of OnGpuProcessLaunched(). Also, update GpuPlatformSupportHost so that OnMessageReceived() can be called from any thread. The implementation itself (in drm) is then responsible for making sure the message is handled in the right thread. This allows the message to be handled in the UI thread when not running with mus, and from the window-service thread when mus is running. Additionally, introduce a lock for the overlay cache, since it can now be accessed from multiple threads with mus (UI thread by the layer compositor, and the window-server thread for handling the relevant IPC messages from the viz/gpu process). BUG= 795069 Change-Id: Ieeba8ec5a536bc180d3d8a8ca06cce03e6e39f10 Reviewed-on: https://chromium-review.googlesource.com/830749 Reviewed-by: Antoine Labour <piman@chromium.org> Reviewed-by: Kenneth Russell <kbr@chromium.org> Reviewed-by: Robert Kroeger <rjkroege@chromium.org> Commit-Queue: Sadrul Chowdhury <sadrul@chromium.org> Cr-Commit-Position: refs/heads/master@{#528509} [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/content/browser/gpu/gpu_process_host.cc [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/platform/drm/DEPS [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/platform/drm/host/drm_gpu_platform_support_host.cc [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/platform/drm/host/drm_gpu_platform_support_host.h [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/platform/drm/host/drm_overlay_manager.cc [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/platform/drm/host/drm_overlay_manager.h [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/public/gpu_platform_support_host.cc [modify] https://crrev.com/53ce638c710f10525dc55b46bcb01b6a37e775bc/ui/ozone/public/gpu_platform_support_host.h
,
Jan 11 2018
This is fixed now, right?
,
Jan 11 2018
This should now be fixed, yes.
,
Feb 26 2018
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by sky@chromium.org
, Dec 14 2017