Issue metadata
Sign in to add a comment
|
Chrome_Linux: Crash Report - gpu::gles2::GLES2DecoderImpl::DoBlitFramebufferCHROMIUM |
||||||||||||||||||||||
Issue descriptionreporter:jmukthavaram@google.com Magic Signature: gpu::gles2::GLES2DecoderImpl::DoBlitFramebufferCHROMIUM Crash link: https://crash.corp.google.com//browse?q=product.name%3D'Chrome_Linux'AND%20custom_data.ChromeCrashProto.ptype%3D'gpu-process'%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D'gpu%3A%3Agles2%3A%3AGLES2DecoderImpl%3A%3ADoBlitFramebufferCHROMIUM'%20AND%20product.Version%3D'63.0.3239.108'%20AND%20ReportID%3D'358f6662560800f5'&sql_dialect=googlesql&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D#3 ------------------------------------------------------------------------------- Sample Report ------------------------------------------------------------------------------- Product name: Chrome_Linux Magic Signature : gpu::gles2::GLES2DecoderImpl::DoBlitFramebufferCHROMIUM Product Version: 63.0.3239.108 Process type: gpu-process Report ID: 358f6662560800f5 Report Url: https://crash.corp.google.com/358f6662560800f5 Report Time: 2017-12-27T01:46:10-08:00 Upload Time: 2017-12-27T01:46:11.823-08:00 Uptime: 8386 ms CumulativeProductUptime: 0 ms OS Name: Linux OS Version: 0.0.0 Linux 4.10.0-42-generic #46~16.04.1-Ubuntu SMP Mon Dec 4 15:57:59 UTC 2017 x86_64 CPU Architecture: amd64 CPU Info: family 16 model 5 stepping 3 ------------------------------------------------------------------------------- Crashing thread: Thread index: 0. Stack Quality: 49%. Thread id: 6999. ------------------------------------------------------------------------------- 0x00007f2bc38e104c (libGLESv2.so + 0x000f304c) 0x00007f2bcd86613e (libc-2.23.so - memmove.c: 75) __memmove_sse2 0x00007f2bc38e000b (libGLESv2.so + 0x000f200b) 0x00007f2bc38e01bf (libGLESv2.so + 0x000f21bf) 0x00007f2bc38e01f8 (libGLESv2.so + 0x000f21f8) 0x00007f2bc38e044b (libGLESv2.so + 0x000f244b) 0x00007f2bc38e07be (libGLESv2.so + 0x000f27be) 0x00007f2bc385ed4e (libGLESv2.so + 0x00070d4e) 0x00007f2bc385ae62 (libGLESv2.so + 0x0006ce62) 0x00007f2bc38764a3 (libGLESv2.so + 0x000884a3) 0x000055686086450a (chrome - gl_bindings_autogen_gl.cc: 2658) gl::GLApiBase::glBlitFramebufferFn(int, int, int, int, int, int, int, int, unsigned int, unsigned int) 0x0000556860ab2868 (chrome - gles2_cmd_decoder.cc: 8428) gpu::gles2::GLES2DecoderImpl::DoBlitFramebufferCHROMIUM(int, int, int, int, int, int, int, int, unsigned int, unsigned int) 0x0000556860a935b2 (chrome - gles2_cmd_decoder_autogen.h: 4125) gpu::gles2::GLES2DecoderImpl::HandleBlitFramebufferCHROMIUM(unsigned int, void const volatile*) 0x0000556860aaa772 (chrome - gles2_cmd_decoder.cc: 5373) gpu::error::Error gpu::gles2::GLES2DecoderImpl::DoCommandsImpl<false>(unsigned int, void const volatile*, int, int*) 0x0000556860b06270 (chrome - command_buffer_service.cc: 90) gpu::CommandBufferService::Flush(int, gpu::AsyncAPIInterface*) 0x0000556860dfaa52 (chrome - gpu_command_buffer_stub.cc: 1010) gpu::GpuCommandBufferStub::OnAsyncFlush(int, unsigned int, std::__1::vector<ui::LatencyInfo, std::__1::allocator<ui::LatencyInfo> > const&) 0x0000556860dfa811 (chrome - tuple.h: 52) bool IPC::MessageT<GpuCommandBufferMsg_AsyncFlush_Meta, std::__1::tuple<int, unsigned int, std::__1::vector<ui::LatencyInfo, std::__1::allocator<ui::LatencyInfo> > >, void>::Dispatch<gpu::GpuCommandBufferStub, gpu::GpuCommandBufferStub, void, void (gpu::GpuCommandBufferStub::*)(int, unsigned int, std::__1::vector<ui::LatencyInfo, std::__1::allocator<ui::LatencyInfo> > const&)>(IPC::Message const*, gpu::GpuCommandBufferStub*, gpu::GpuCommandBufferStub*, void*, void (gpu::GpuCommandBufferStub::*)(int, unsigned int, std::__1::vector<ui::LatencyInfo, std::__1::allocator<ui::LatencyInfo> > const&)) 0x0000556860df94e3 (chrome - gpu_command_buffer_stub.cc: 308) gpu::GpuCommandBufferStub::OnMessageReceived(IPC::Message const&) 0x0000556860df221c (chrome - gpu_channel.cc: 1037) gpu::GpuChannel::HandleMessageHelper(IPC::Message const&) 0x0000556860dec371 (chrome - gpu_channel.cc: 985) gpu::GpuChannel::HandleMessage(IPC::Message const&) 0x0000556860df5ca1 (chrome - callback.h: 64) gpu::Scheduler::RunNextTask() 0x000055685fc986a6 (chrome - callback.h: 64) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x000055685fcb0f78 (chrome - message_loop.cc: 394) base::MessageLoop::RunTask(base::PendingTask*) 0x000055685fcb15a4 (chrome - message_loop.cc: 406) base::MessageLoop::DoWork() 0x000055685fcb3ca8 (chrome - message_pump_glib.cc: 267) base::(anonymous namespace)::WorkSourceDispatch(_GSource*, int (*)(void*), void*) 0x00007f2bd2ae2196 (libglib-2.0.so.0.4800.2 + 0x0004a196) 0x00007f2bd2af127f (libglib-2.0.so.0.4800.2 + 0x0005927f) 0x00007f2bd2ae23ef (libglib-2.0.so.0.4800.2 + 0x0004a3ef) 0x00007f2bd2ae249b (libglib-2.0.so.0.4800.2 + 0x0004a49b) 0x000055685fcb3b52 (chrome - message_pump_glib.cc: 309) base::MessagePumpGlib::Run(base::MessagePump::Delegate*) 0x000055685fcd282e (chrome - run_loop.cc: 114) <name omitted> 0x0000556862dea46c (chrome - gpu_main.cc: 318) content::GpuMain(content::MainFunctionParams const&) 0x000055685f9c7630 (chrome - content_main_runner.cc: 710) content::ContentMainRunnerImpl::Run() 0x000055685f9d0700 (chrome - main.cc: 469) service_manager::Main(service_manager::MainParams const&) 0x000055685f9c5fe1 (chrome - content_main.cc: 19) content::ContentMain(content::ContentMainParams const&) 0x000055685e3e5d13 (chrome - chrome_main.cc: 123) ChromeMain 0x00007f2bcd7f782f (libc-2.23.so - libc-start.c: 291) __libc_start_main 0x000055685e3e5c6f (chrome + 0x017a5c6f) 0x000055685e2d6fff (chrome + 0x01696fff) 0x00007f2bd3da27ca (ld-2.23.so - dl-init.c: 30) _dl_init 0x000055685e2d6fff (chrome + 0x01696fff) 0x000055685e2d7028 (chrome + 0x01697028) _start 0x00007ffe264fb917
,
Jan 2 2018
Crash inside of SwiftShader
,
Jan 3 2018
The minidump shows that it's crashing on a pshufb instruction, which is part of the SSSE3 instruction set extension. The CPUs in the bug report appear to be AMD Phenom processors, which support SSE3 and SSE4a, but not SSSE3. This turns out to be a Subzero bug: https://cs.chromium.org/chromium/src/third_party/swiftshader/third_party/subzero/src/IceTargetLoweringX86BaseImpl.h?rcl=05bcbe6b7a2dffc284b38ad0f2731d2894972cd8&l=6303 I'll write an SSE2 fallback for it.
,
Jan 3 2018
Actually, Subzero does have fallback support for SSE2 generic vector swizzles. Also, as far as I can tell our CPUID feature detection is correct. However, on Linux we're building with -march=core2, which assumes up to SSSE3 support. I'll change it to only generate SSE2 instructions.
,
Jan 3 2018
The following revision refers to this bug: https://swiftshader.googlesource.com/SwiftShader.git/+/0424edcb95e0d272246e38c67b90af11669d207b commit 0424edcb95e0d272246e38c67b90af11669d207b Author: Nicolas Capens <capn@google.com> Date: Wed Jan 03 19:31:51 2018 Don't generate (S)SSE3 instructions in static code. -march=core2 implies support for both the SSE3 and SSSE3 instruction set extensions. Chrome should run on CPUs with only SSE2 as well. Also, make use of SSE on x86-32 for floating-point operations, to be consistent with x86-64, and don't favor any specific architecture for tuning. Bug chromium:797763 Change-Id: Ia17428734460ed855f3aa0f83c6d2f6b3775094c Reviewed-on: https://swiftshader-review.googlesource.com/15688 Tested-by: Nicolas Capens <nicolascapens@google.com> Reviewed-by: Alexis Hétu <sugoi@google.com> Reviewed-by: Nicolas Capens <nicolascapens@google.com> [modify] https://crrev.com/0424edcb95e0d272246e38c67b90af11669d207b/BUILD.gn [modify] https://crrev.com/0424edcb95e0d272246e38c67b90af11669d207b/CMakeLists.txt
,
Jan 16 2018
Issue 801172 has been merged into this issue.
,
Jan 17 2018
https://chromium-review.googlesource.com/c/chromium/src/+/867233 rolled in the change. Let's see if the crash reports die out.
,
Jan 31 2018
I'm assuming this is fixed now, but in case we need to double-check: Our DEPS roll landed initially in 65.0.3324.0, and the crash URL is https://crash.corp.google.com/browse?q=expanded_custom_data.ChromeCrashProto.magic_signature_1.name%3D%27%60anonymous%20namespace%5C%27%3A%3Ado_free_with_callback%27&sql_dialect=googlesql&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D#-property-selector,-samplereports,-productname,+productversion,-clientid,-operatingsystem |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by jmukthavaram@chromium.org
, Dec 27 2017Components: Internals>GPU
Labels: -Type-Bug M-63 FoundIn-64 Target-64 Target-63 FoundIn-63 TE-CrashTraige Type-Bug-Regression