App crashes on opening a new incognito tab from history menu in tabswitcher mode. |
|||||||||||||||||
Issue descriptionApp Version: 69.0.3497.0 canary iOS Version: iOS 11.4 Device: iPads only Steps to reproduce: 1. Launch Chrome in landscape mode. 2. Tap on tabswithcer. 3. Scroll to Recent tabs. 4. Tap on Show full history. 5. Tap on Search in history screen. 6. Change the device orientation to portrait mode. 7. Long tap on any url in history screen. 8. Tap on Open in New Incognito tab Observed results: App crashes Expected results: App should not crash Number of times you were able to reproduce: 3/5 Bug reproducible after clean install: Yes Bug reproducible after clearing cache and cookies: Yes Bug reproducible on Chrome Mobile on Android: NA Bug reproducible on Dolphin/Safari/Firefox: NA Bug reproducible on the current beta channel build : NA New UI on M68 Bug reproducible on the current beta channel build : Yes in M69 Type-bug-regression? NA Link to video/image: https://drive.google.com/file/d/1c-V3_LSCF6v9rBK7AB_Un2Mdo81o1_Jl/view?usp=sharing Crash Log: https://crash.corp.google.com/browse?stbtiq=38f5e4a6eb48fc4b Stack trace : Stack Quality84%Show frame trust levels 0x000000010102ae2c (Chrome -web_state_list.mm:177 ) WebStateList::InsertWebState(int, std::__1::unique_ptr<web::WebState, std::__1::default_delete<web::WebState> >, int, WebStateOpener) 0x0000000101785abc (Chrome -tab_grid_url_loader.mm:26 ) (anonymous namespace)::AppendAndActivateWebState(WebStateList*, std::__1::unique_ptr<web::WebState, std::__1::default_delete<web::WebState> >) 0x0000000101785abc (Chrome -tab_grid_url_loader.mm:26 ) (anonymous namespace)::AppendAndActivateWebState(WebStateList*, std::__1::unique_ptr<web::WebState, std::__1::default_delete<web::WebState> >) 0x0000000101785c34 (Chrome -tab_grid_url_loader.mm:115 ) -[TabGridURLLoader webPageOrderedOpen:referrer:inIncognito:inBackground:originPoint:appendTo:] 0x00000001016009ec (Chrome -history_table_view_controller.mm:963 ) __55-[HistoryTableViewController openURLInNewIncognitoTab:]_block_invoke 0x00000001b2d9d79c (UIKitCore + 0x0069279c ) -[UIPresentationController transitionDidFinish:] 0x00000001b2da17ac (UIKitCore + 0x006967ac ) __56-[UIPresentationController runTransitionForCurrentState]_block_invoke.440 0x00000001b31573cc (UIKitCore + 0x00a4c3cc ) -[_UIViewControllerTransitionContext completeTransition:] 0x00000001b310c468 (UIKitCore + 0x00a01468 ) -[UIViewAnimationBlockDelegate _didEndBlockAnimation:finished:context:] 0x00000001b30e1fe0 (UIKitCore + 0x009d6fe0 ) -[UIViewAnimationState sendDelegateAnimationDidStop:finished:] 0x00000001b30e25cc (UIKitCore + 0x009d75cc ) -[UIViewAnimationState animationDidStop:finished:] 0x00000001b30e266c (UIKitCore + 0x009d766c ) -[UIViewAnimationState animationDidStop:finished:] 0x000000018bc52698 (QuartzCore + 0x0014d698 ) CA::Layer::run_animation_callbacks(void*) 0x0000000186f13470 (libdispatch.dylib + 0x00062470 ) _dispatch_client_callout 0x0000000186ebea9c (libdispatch.dylib + 0x0000da9c ) _dispatch_main_queue_callback_4CF$VARIANT$mp 0x000000018746870c (CoreFoundation + 0x000ac70c ) __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ 0x00000001874635a8 (CoreFoundation + 0x000a75a8 ) __CFRunLoopRun 0x0000000187462ad4 (CoreFoundation + 0x000a6ad4 ) CFRunLoopRunSpecific 0x00000001896ce56c (GraphicsServices + 0x0000b56c ) GSEventRunModal 0x00000001b2a6e754 (UIKitCore + 0x00363754 ) UIApplicationMain 0x0000000100d75850 (Chrome -chrome_exe_main.mm:54 ) main 0x0000000186f23e50 (libdyld.dylib + 0x00000e50 ) start
,
Jul 20
,
Jul 24
Note : Issue is seen in iPhones too tested on iPhone7+(11.4.1)
,
Jul 24
,
Jul 26
I haven't been able to reproduce this issue. Apparently it was still reproducible 2 days ago, so it might still exist. Could you please try reproducing again and maybe sharing the account where you were able to reproduce? Is this happening constantly? Which iPad did you use? Any additional info would be helpful. Ed, this is crashing on TabGridURLLoader, I'll keep trying to fix it but might re-assign it to you if the fix seems complicated since you own that class.
,
Jul 26
,
Jul 26
,
Jul 26
Tested in 70.0.3503.0 Canary, iPad Air iOS11.4 Also tested on iPhone 8plus iOS 11.4.1 (comment #3) Not able to reproduce the crash.
,
Jul 26
Could we also test on M69 dev? This might have been fixed on ToT but a cherrypick to M69 might be needed?
,
Jul 26
Tested in 69.0.3497.15 dev, iPad Air iOS11.4 Not able to reproduce the issue. https://drive.google.com/file/d/19-IgvkZ9-K2O9cWkJd6LLG3jG7eqR9gr/view
,
Jul 27
,
Jul 27
Able to repro the issue in the build 69.0.3497.16 beta tested on iPhone 7+(iOS 11.4),iPad (iOS 10.3.3). Steps to Repro: Precondition : Enable UI+refresh if bijou hasnt been enabled. Steps : 1.Launch Chrome in Portrait mode. 2. Tap on Menu > tap on new incognito tab. 3. Tap on tabswithcer > Close all the incognito tabs 4. Scroll to Recent tabs. 4. Tap on Show full history > Tap on Search in history screen. 5. Change the device orientation to landscape mode. 6. Long tap on any url in history screen. 7. Tap on Open in New Incognito tab Video : iPhone : https://drive.google.com/file/d/1Wr4GZtX6ieJLvYO8fktzIuOyRGu_Eu3q/view?usp=sharing iPad : https://drive.google.com/file/d/1vfjXvv-QojQhXu_6t0MoCxXECEuS5XUO/view?usp=sharing Crash Id : https://crash.corp.google.com/browse?stbtiq=4bcb361418b79d8e
,
Jul 27
Thanks pmadalla@ I was able to repro with these simplified steps as well: 1.Launch Chrome. 2. Tap on Menu > tap on new incognito tab. 3. Tap on tabswithcer > Close all the incognito tabs 4. Scroll to Recent tabs. 4. Tap on Show full history 5. Long tap on any url in history screen. 6. Tap on Open in New Incognito tab
,
Jul 30
Sent https://chromium-review.googlesource.com/c/chromium/src/+/1154146 for review.
,
Jul 31
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e8077c5445db3ad3acedcdaa51b6a12b3f46f05c commit e8077c5445db3ad3acedcdaa51b6a12b3f46f05c Author: sczs <sczs@chromium.org> Date: Tue Jul 31 00:48:48 2018 [ios] Updates TabGrid loader when incognito TabModel changes. When the last incognito tab is closed, it re-creates the TabModel. This CL updates the tabGridLoader with the new TabModel browserState and WebstateList. Bug: 865937 Cq-Include-Trybots: luci.chromium.try:ios-simulator-full-configs;master.tryserver.chromium.mac:ios-simulator-cronet Change-Id: I707dc818eed50736fc0d35922075ecb3360d014a Reviewed-on: https://chromium-review.googlesource.com/1154146 Commit-Queue: edchin <edchin@chromium.org> Reviewed-by: edchin <edchin@chromium.org> Cr-Commit-Position: refs/heads/master@{#579265} [modify] https://crrev.com/e8077c5445db3ad3acedcdaa51b6a12b3f46f05c/ios/chrome/browser/ui/tab_grid/tab_grid_adaptor.h [modify] https://crrev.com/e8077c5445db3ad3acedcdaa51b6a12b3f46f05c/ios/chrome/browser/ui/tab_grid/tab_grid_adaptor.mm [modify] https://crrev.com/e8077c5445db3ad3acedcdaa51b6a12b3f46f05c/ios/chrome/browser/ui/tab_grid/tab_grid_coordinator.mm [modify] https://crrev.com/e8077c5445db3ad3acedcdaa51b6a12b3f46f05c/ios/chrome/browser/ui/tab_grid/tab_grid_url_loader.h [modify] https://crrev.com/e8077c5445db3ad3acedcdaa51b6a12b3f46f05c/ios/chrome/browser/ui/tab_grid/tab_grid_url_loader.mm
,
Jul 31
,
Jul 31
[Auto-generated comment by a script] We noticed that this issue is targeted for M-69; it appears the fix may have landed after branch point, meaning a merge might be required. Please confirm if a merge is required here - if so add Merge-Request-69 label, otherwise remove Merge-TBD label. Thanks.
,
Jul 31
Please add merge request label if this needs to be merged to M69.
,
Jul 31
Still waiting for the latest canary to verify. Adding the Merque-Request label per c18
,
Aug 1
Your change meets the bar and is auto-approved for M69. Please go ahead and merge the CL to branch 3497 manually. Please contact milestone owner if you have questions. Owners: amineer@(Android), kariahda@(iOS), cindyb@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Aug 1
I've verified this on Canary, Kariah PTAL for manual approval
,
Aug 1
Manual approval.
,
Aug 1
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/158379246451092577f5802c758d17362ba850fd commit 158379246451092577f5802c758d17362ba850fd Author: sczs <sczs@chromium.org> Date: Wed Aug 01 20:58:27 2018 [ios] Updates TabGrid loader when incognito TabModel changes. When the last incognito tab is closed, it re-creates the TabModel. This CL updates the tabGridLoader with the new TabModel browserState and WebstateList. TBR=sczs@chromium.org (cherry picked from commit e8077c5445db3ad3acedcdaa51b6a12b3f46f05c) Bug: 865937 Cq-Include-Trybots: luci.chromium.try:ios-simulator-full-configs;master.tryserver.chromium.mac:ios-simulator-cronet Change-Id: I707dc818eed50736fc0d35922075ecb3360d014a Reviewed-on: https://chromium-review.googlesource.com/1154146 Commit-Queue: edchin <edchin@chromium.org> Reviewed-by: edchin <edchin@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#579265} Reviewed-on: https://chromium-review.googlesource.com/1159235 Reviewed-by: Sergio Collazos <sczs@chromium.org> Cr-Commit-Position: refs/branch-heads/3497@{#321} Cr-Branched-From: 271eaf50594eb818c9295dc78d364aea18c82ea8-refs/heads/master@{#576753} [modify] https://crrev.com/158379246451092577f5802c758d17362ba850fd/ios/chrome/browser/ui/tab_grid/tab_grid_adaptor.h [modify] https://crrev.com/158379246451092577f5802c758d17362ba850fd/ios/chrome/browser/ui/tab_grid/tab_grid_adaptor.mm [modify] https://crrev.com/158379246451092577f5802c758d17362ba850fd/ios/chrome/browser/ui/tab_grid/tab_grid_coordinator.mm [modify] https://crrev.com/158379246451092577f5802c758d17362ba850fd/ios/chrome/browser/ui/tab_grid/tab_grid_url_loader.h [modify] https://crrev.com/158379246451092577f5802c758d17362ba850fd/ios/chrome/browser/ui/tab_grid/tab_grid_url_loader.mm
,
Aug 3
This has been merged. Removing Merge-TBD.
,
Aug 8
Verified as per steps in #12 Verified in build 69.0.3497.31 Beta on iPhoneX iOS 11.4, iPhone 7+ iOS 10.3.3, iPad Pro 12'9 iOs 11.4 App does not crash. |
|||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||
Comment 1 by pmadalla@chromium.org
, Jul 20