New issue
Advanced search Search tips

Issue 907655 link

Starred by 1 user
Status: Assigned
Owner:
afakhry@chromium.org
Cc:
danakj@chromium.org
dcasta...@chromium.org
wutao@chromium.org
piman@chromium.org
osh...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug



Sign in to add a comment

ui::Layer::Clone doesn't clone cache_render_surface_requests_

Project Member Reported by afakhry@chromium.org, Nov 21 
- Use wm::RecreateLayers() to clone the layers of the root window while in overview mode, with wallpaper blur allowed.
- Exit overview mode.
- crash at the following DCHECK():

[170389:170389:1121/135542.915515:FATAL:layer.cc(670)] Check failed: cache_render_surface_requests_ > 0u (0 vs. 0)
#0 0x7fafd83dc8cd base::debug::StackTrace::StackTrace()
#1 0x7fafd80d6cca base::debug::StackTrace::StackTrace()
#2 0x7fafd8142b8e logging::LogMessage::~LogMessage()
#3 0x7fafc96b2b7c ui::Layer::RemoveCacheRenderSurfaceRequest()
#4 0x7fafc00c6b55 ash::WallpaperWidgetController::WidgetHandler::SetBlur()
#5 0x7fafc00c5cb9 ash::WallpaperWidgetController::SetWallpaperBlur()
#6 0x7fafc0126af3 ash::WindowSelectorController::OverviewBlurController::ApplyBlur()
#7 0x7fafc01269f5 ash::WindowSelectorController::OverviewBlurController::OnBlurChange()
#8 0x7fafc0125cda ash::WindowSelectorController::OverviewBlurController::Unblur()
#9 0x7fafc0124d97 ash::WindowSelectorController::RemoveAndDestroyAnimationObserver()
#10 0x7fafc00ee629 ash::CleanupAnimationObserver::OnImplicitAnimationsCompleted()
#11 0x7fafc96c6c19 ui::ImplicitAnimationObserver::CheckCompleted()
#12 0x7fafc96c7520 ui::ImplicitAnimationObserver::OnDetachedFromSequence()
#13 0x7fafc96c6a96 ui::LayerAnimationObserver::DetachedFromSequence()
#14 0x7fafc96ccecd ui::LayerAnimationSequence::RemoveObserver()
#15 0x7fafc96c6f31 ui::ImplicitAnimationObserver::OnLayerAnimationEnded()
#16 0x7fafc96cc6a1 ui::LayerAnimationSequence::NotifyEnded()
#17 0x7fafc96ccaf5 ui::LayerAnimationSequence::ProgressToEnd()
#18 0x7fafc96d85ef ui::LayerAnimator::ProgressAnimationToEnd()
#19 0x7fafc96d77fe ui::LayerAnimator::FinishAnimation()
#20 0x7fafc96d89d9 ui::LayerAnimator::Step()
#21 0x7fafc96e3369 ui::LayerAnimatorCollection::OnAnimationStep()
#22 0x7fafc9696a7c ui::Compositor::BeginMainFrame()
#23 0x7fafcc8b26bd cc::LayerTreeHost::BeginMainFrame()
#24 0x7fafcc9d0d1a cc::SingleThreadProxy::DoBeginMainFrame()
#25 0x7fafcc9d200b cc::SingleThreadProxy::BeginMainFrame()
#26 0x7fafcc9d48ef _ZN4base8internal13FunctorTraitsIMN2cc17SingleThreadProxyEFvRKN3viz14BeginFrameArgsEEvE6InvokeIS9_NS_7WeakPtrIS3_EEJS5_EEEvT_OT0_DpOT1_
#27 0x7fafcc9d4855 _ZN4base8internal12InvokeHelperILb1EvE8MakeItSoIMN2cc17SingleThreadProxyEFvRKN3viz14BeginFrameArgsEENS_7WeakPtrIS5_EEJS7_EEEvOT_OT0_DpOT1_
#28 0x7fafcc9d47cd _ZN4base8internal7InvokerINS0_9BindStateIMN2cc17SingleThreadProxyEFvRKN3viz14BeginFrameArgsEEJNS_7WeakPtrIS4_EES6_EEEFvvEE7RunImplISA_NSt3__15tupleIJSC_S6_EEEJLm0ELm1EEEEvOT_OT0_NSH_16integer_sequenceImJXspT1_EEEE
#29 0x7fafcc9d46d9 _ZN4base8internal7InvokerINS0_9BindStateIMN2cc17SingleThreadProxyEFvRKN3viz14BeginFrameArgsEEJNS_7WeakPtrIS4_EES6_EEEFvvEE7RunOnceEPNS0_13BindStateBaseE
#30 0x7fafd808886e _ZNO4base12OnceCallbackIFvvEE3RunEv
#31 0x7fafd80d817a base::debug::TaskAnnotator::RunTask()
#32 0x7fafd8169b0c base::MessageLoopImpl::RunTask()
#33 0x7fafd8169e0b base::MessageLoopImpl::DeferOrRunPendingTask()
#34 0x7fafd816a644 base::MessageLoopImpl::DoWork()
#35 0x7fafd842f949 base::MessagePumpLibevent::Run()
#36 0x7fafd8169326 base::MessageLoopImpl::Run()
#37 0x7fafd8214f42 base::RunLoop::Run()
#38 0x55bc360230ce ChromeBrowserMainParts::MainMessageLoopRun()
#39 0x7fafd1cfe9b3 content::BrowserMainLoop::RunMainMessageLoopParts()
#40 0x7fafd1d06d70 content::BrowserMainRunnerImpl::Run()
#41 0x7fafd1cf1ede content::BrowserMain()
#42 0x7fafd40e0270 content::RunBrowserProcessMain()
#43 0x7fafd40e2e16 content::ContentMainRunnerImpl::Run()
#44 0x7fafd40d908c content::ContentServiceManagerMainDelegate::RunEmbedderProcess()
#45 0x7fafa3e8f4c1 service_manager::Main()
#46 0x7fafd40dd9a5 content::ContentMain()
#47 0x55bc31cc7566 ChromeMain
#48 0x55bc31cc7472 main
#49 0x7fafa5e7c2b1 __libc_start_main
#50 0x55bc31cc734a _start


The fix is simple, but I want to know whether this is a bug or intentional.

Comment 1 by danakj@chromium.org, Nov 26

Cc: wutao@chromium.org
+wutao to confirm

Comment 2 by wutao@chromium.org, Nov 26 

The original design is NOT to clone the cache_render_surface_requests_.

Comment 3 by afakhry@chromium.org, Nov 26 

Can you please clarify the reasoning behind this decision? Not doing so results in very ugly artifacts.

Comment 5 by afakhry@chromium.org, Nov 26 

Sorry it's still not very clear, the comment describes the "what" not the "why". ;-)

Comment 6 by wutao@chromium.org, Nov 26 

The why is:
"The code that sets this flag would be responsible to unset it on that
// ui::Layer. We do not want to clone this flag to a cloned layer by accident,
// which could be a surprise."

Comment 7 by afakhry@chromium.org, Nov 26 

Why it "could be a surprise", that's what I'm looking for. Is it for a technical reason? Or just to prevent users from forgetting to remove the cache render surface?

Comment 8 by wutao@chromium.org, Nov 26 

The later.

IIRC, not every property is cloned in the Clone() code. If there is new use case, please feel free to modify.

Sign in to add a comment