Issue metadata
Sign in to add a comment
|
App crashes upon removing most visited icon and closing all the tabs and then tapping on UNDO. |
||||||||||||||||||||||
Issue descriptionApp Version: 61.0.3128.0 canary iOS Version: iOS 10 Device : iPhone6 Precondition: 1.Have most visited icons in ntp. Steps to reproduce: 1. Launch chrome 2. Long tap on Most visited icon. 3. Tap on Remove. 4. Close all the tabs 5. Tap on Undo. Observed results: App Crashes Expected results: App should not crash Number of times you were able to reproduce: 5/5 Bug reproducible after clean install: Yes Bug reproducible after clearing cache and cookies: Yes Bug reproducible on Chrome Mobile on Android: NA Bug reproducible on Safari/Firefox: Firefox: Not tested, Safari: NA Bug reproducible on current stable build (App Version, iOS Version): No in M59.0.3071.84 Bug reproducible on the current beta channel build (App Version, iOS Version): Yes in M60.0.3112.16 dev Link to video/image: https://drive.google.com/a/google.com/file/d/0B--UpU2GW2Epc191VHhDSVVYRkU/view?usp=sharing Crash Log : https://crash.corp.google.com/browse?stbtiq=d11267ec58000000 Stack Trace : Thread 0 (id: 1027) CRASHED [EXC_BAD_ACCESS / KERN_INVALID_ADDRESS @ 0xffffffffacc2c000 ] MAGIC SIGNATURE THREAD Stack Quality81%Show frame trust levels 0x000000018b9d6f70 (libobjc.A.dylib + 0x0001af70 ) objc_msgSend 0x000000010020e540 (Chrome -google_landing_view_controller.mm:1027 ) __57-[GoogleLandingViewController showMostVisitedUndoForURL:]_block_invoke 0x00000001001bfbdc (Chrome -MDCSnackbarMessage.m:143 ) __54-[MDCSnackbarMessage executeActionHandler:completion:]_block_invoke 0x000000018be161f8 (libdispatch.dylib + 0x000011f8 ) _dispatch_call_block_and_release 0x000000018be161b8 (libdispatch.dylib + 0x000011b8 ) _dispatch_client_callout 0x000000018be1ad64 (libdispatch.dylib + 0x00005d64 ) _dispatch_main_queue_callback_4CF 0x000000018cf3a80c (CoreFoundation + 0x000dd80c ) __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ 0x000000018cf383f8 (CoreFoundation + 0x000db3f8 ) __CFRunLoopRun 0x000000018ce662b4 (CoreFoundation + 0x000092b4 ) CFRunLoopRunSpecific 0x000000018e91a194 (GraphicsServices + 0x0000c194 ) GSEventRunModal 0x0000000192ead7f8 (UIKit + 0x0007a7f8 ) -[UIApplication _run] 0x0000000192ea8530 (UIKit + 0x00075530 ) UIApplicationMain 0x000000010007c78c (Chrome -chrome_exe_main.mm:63 ) main 0x000000018be495b4 (libdyld.dylib + 0x000045b4 ) start
,
Jun 16 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c7765512eae644492ecc71c9d0bb0d571e5bdd62 commit c7765512eae644492ecc71c9d0bb0d571e5bdd62 Author: gambard <gambard@chromium.org> Date: Fri Jun 16 14:07:12 2017 Back property with weak ivar in GoogleLandingVC The property used by GoogleLandingViewController were "assign" and synthesized. This CL creates WeakNSProtocol ivar to back them. BUG= 732778 Change-Id: I8129b9456bd9a8dc3990e17992eaaf4f5a4999e7 Reviewed-on: https://chromium-review.googlesource.com/536753 Reviewed-by: Justin Cohen <justincohen@chromium.org> Commit-Queue: Gauthier Ambard <gambard@chromium.org> Cr-Commit-Position: refs/heads/master@{#480033} [modify] https://crrev.com/c7765512eae644492ecc71c9d0bb0d571e5bdd62/ios/chrome/browser/ui/ntp/google_landing_view_controller.mm
,
Jun 19 2017
,
Jun 19 2017
,
Jun 19 2017
This bug requires manual review: M60 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: amineer@(Android), cmasso@(iOS), josafat@(ChromeOS), bustamante@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 19 2017
cmasso@: merge request for https://chromium-review.googlesource.com/536753 The fix is really minor.
,
Jun 19 2017
if the fix is really minor then we should not merge it into branch :) However since it is a crash I could possibly approve the merge as this stage of the release. Is this fix risky?
,
Jun 19 2017
By minor I was meaning "not risky" :) The only change should be "doing nothing instead of crashing". But looking back at the repro steps, the crash is hard to reproduce. I think it is fine to not cherry-pick to M60.
,
Jun 20 2017
Verified on chrome canary version 61.0.3136.0 on iPhone 7 with iOS 10.3.2, following the steps mentioned in comment #0. No crashes observed. Looks good.
,
Jul 28 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6b8f96b892467ec521b27e231c05bd479806a9f8 commit 6b8f96b892467ec521b27e231c05bd479806a9f8 Author: Justin Cohen <justincohen@google.com> Date: Fri Jul 28 12:38:25 2017 Back property with weak ivar in GoogleLandingVC The property used by GoogleLandingViewController were "assign" and synthesized. This CL creates WeakNSProtocol ivar to back them. BUG= 732778 , 749453 (cherry picked from commit c7765512eae644492ecc71c9d0bb0d571e5bdd62) Change-Id: I57e899fed6515ec4384cf3aa611f928ac6a6f97a Reviewed-on: https://chromium-review.googlesource.com/590767 Reviewed-by: Gauthier Ambard <gambard@chromium.org> Reviewed-by: Rohit Rao <rohitrao@chromium.org> Cr-Commit-Position: refs/branch-heads/3112@{#688} Cr-Branched-From: b6460e24cf59f429d69de255538d0fc7a425ccf9-refs/heads/master@{#474897} [modify] https://crrev.com/6b8f96b892467ec521b27e231c05bd479806a9f8/ios/chrome/browser/ui/ntp/google_landing_view_controller.mm
,
Aug 1 2017
Verified the steps from the actual bug report. No Crashes seen. But also not UNDO in step#5 didn't put back the last tile on NTP. Will report a new bug for that. Verified on M60.0.3112.89 beta Device: iPhone6s, iPad5 iOS: 10.3.3, 10.2.1 |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by sczs@chromium.org
, Jun 14 2017Owner: gambard@chromium.org
Status: Assigned (was: Untriaged)