search

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.61k stars 2.28k forks source link

crash when attempting to drag a tab group from one window to another #40739

Closed LaurenWags closed 3 weeks ago

LaurenWags commented 1 month ago

Description

Reported by @AlanBreck via https://bravesoftware.slack.com/archives/C01826CM3J9/p1724872978400479 - he's getting a crash when attempting to drag a tab group from one window to another.

Wasn't able to reproduce but here's the crash ID and the callstack:

4fb50000-5a73-850c-0000-000000000000

[ 00 ] TabStripModel::GetTabHandleAt(int) const ( immediate_crash.h:176 )
[ 01 ] TabDragController::DetachAndAttachToNewContext(TabDragControllerChromium::ReleaseCapture, TabDragContext*, gfx::Point const&, bool) ( tab_drag_controller.cc:191 )
[ 02 ] TabDragControllerChromium::DragBrowserToNewTabStrip(TabDragContext*, gfx::Point const&) ( tab_drag_controller.cc:1677 )
[ 03 ] TabDragControllerChromium::ContinueDragging(gfx::Point const&) ( tab_drag_controller.cc:995 )
[ 04 ] TabDragController::ContinueDragging(gfx::Point const&) ( tab_drag_controller.cc:336 )
[ 05 ] TabDragControllerChromium::Drag(gfx::Point const&) ( tab_drag_controller.cc:755 )
[ 06 ] TabStrip::TabDragContextImpl::ContinueDrag(views::View*, ui::LocatedEvent const&) ( tab_strip.cc:361 )
[ 07 ] TabStrip::TabDragContextImpl::OnMouseDragged(ui::MouseEvent const&) ( tab_strip.cc:187 )
[ 08 ] views::View::ProcessMouseDragged(ui::MouseEvent*) ( view.cc:3590 )
[ 09 ] views::View::ProcessMouseDragged(ui::MouseEvent*) ( view.cc:3590 )
[ 10 ] ui::EventDispatcher::DispatchEvent(ui::EventHandler*, ui::Event*) ( event_dispatcher.cc:187 )
[ 11 ] ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget*, ui::Event*) ( event_dispatcher.cc:82 )
[ 12 ] ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget*, ui::Event*) ( event_dispatcher.cc:54 )
[ 13 ] views::internal::RootView::OnMouseDragged(ui::MouseEvent const&) ( root_view.cc:545 )
[ 14 ] views::Widget::OnMouseEvent(ui::MouseEvent*) ( widget.cc:1882 )
[ 15 ] views::Widget::OnMouseEvent(ui::MouseEvent*) ( widget.cc:1882 )
[ 16 ] views::NativeWidgetMacNSWindowHost::OnMouseEvent(std::__Cr::unique_ptr<ui::Event, std::__Cr::default_delete<ui::Event>>) ( native_widget_mac_ns_window_host.mm:1046 )
[ 17 ] -[BridgedContentView mouseEvent:] ( bridged_content_view.mm:666 )
[ 18 ] -[BridgedContentView processCapturedMouseEvent:] ( bridged_content_view.mm:317 )
[ 19 ] remote_cocoa::NativeWidgetNSWindowBridge::PostCapturedEvent(NSEvent*) ( native_widget_ns_window_bridge.mm:1477 )
[ 20 ] non-virtual thunk to remote_cocoa::NativeWidgetNSWindowBridge::PostCapturedEvent(NSEvent*) ( native_widget_ns_window_bridge.mm:0 )
[ 21 ] invocation function for block in remote_cocoa::CocoaMouseCapture::ActiveEventTap::Init() ( mouse_capture.mm:94 )
[ 22 ] 0x192baaa0c
[ 23 ] 0x193273f1c
[ 24 ] __34-[BrowserCrApplication sendEvent:]_block_invoke ( chrome_browser_application_mac.mm:441 )
[ 25 ] base::apple::CallWithEHFrame(void () block_pointer)
[ 26 ] 0x192ec1d98
[ 27 ] 0x192ec1d98
[ 28 ] 0x192a7201c
[ 29 ] base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*) ( message_pump_apple.mm:808 )
[ 30 ] base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) ( message_pump_apple.mm:161 )
[ 31 ] base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) ( thread_controller_with_message_pump_impl.cc:654 )
[ 32 ] non-virtual thunk to base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) ( run_loop.cc:0 )
[ 33 ] base::RunLoop::Run(base::Location const&) ( run_loop.cc:134 )
[ 34 ] content::BrowserMainLoop::RunMainMessageLoop() ( browser_main_loop.cc:1097 )
[ 35 ] content::BrowserMainRunnerImpl::Run() ( browser_main_runner_impl.cc:160 )
[ 36 ] content::BrowserMain(content::MainFunctionParams) ( browser_main.cc:34 )
[ 37 ] content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) ( content_main.cc:333 )
[ 38 ] content::ContentMain(content::ContentMainParams) ( content_main.cc:346 )
[ 39 ] content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) ( content_main.cc:333 )
[ 40 ] content::ContentMain(content::ContentMainParams) ( content_main.cc:346 )
[ 41 ] ChromeMain ( chrome_main.cc:230 )
[ 42 ] main ( chrome_exe_main_mac.cc:217 )

Steps to reproduce

Was not able to reproduce, neither could @kjozwiak or @MadhaviSeelam

Actual result

See video under https://bravesoftware.slack.com/archives/C01826CM3J9/p1724874952160199?thread_ts=1724872978.400479&cid=C01826CM3J9

Expected result

no crash

Reproduces how often

Easily reproduced

Brave version (brave://version info)

1.70.92

Channel information

Reproducibility

Miscellaneous information

cc @rebron @iefremov @brave/qa-team

MadhaviSeelam commented 1 month ago

Couldn't reproduce in Win 11 x64 or macOS arm64 using 1.70.92 Chromium: 128.0.6613.85.

Ilie-Lesan commented 3 weeks ago

@LaurenWags I think this might be a duplicate of: https://github.com/brave/brave-browser/issues/39486

LaurenWags commented 3 weeks ago

@tech-zilla could be! Good suggestion, will inquire about if the split view flag is enabled.

LaurenWags commented 3 weeks ago

Good find @tech-zilla - confirmed internally that turning the split view flag off fixes the issue. Will close this one as a duplicate.