Assertion on shutdown: WebCore::freeV8NPObject

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Open several browser windows
2. Attempt to shut down CEF

What version of the product are you using? On what operating system?

Windows 7 SP 1
HEAD (r593)

Please provide any additional information below.

I get the following output in the debugger:

SHOULD NEVER BE REACHED
..\bindings\v8\NPV8Object.cpp(91) : WebCore::freeV8NPObject
(14f8.710): Break instruction exception - code 80000003 (first chance)
eax=00000000 ebx=00000000 ecx=1bc426b4 edx=00000000 esi=1307f77c edi=1307f770
eip=06f17e16 esp=1307f71c ebp=1307f770 iopl=0         nv up ei pl nz na po nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000202
*** WARNING: Unable to verify checksum for C:\Private\Src\Debug\libcef.dll
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for 
C:\Private\Src\Debug\libcef.dll -
libcef!cef_time_from_doublet+0x9e73a6:
06f17e16 cc              int     3
0:012> k
ChildEBP RetAddr 
1307f770 06f052e5 libcef!WebCore::freeV8NPObject+0x106 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webcore\bindings\v8\
npv8object.cpp @ 91]
1307f780 06c49d00 libcef!_NPN_DeallocateObject+0x75 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webcore\bindings\v8\
npruntime.cpp @ 310]
1307f7d0 06b58f47 libcef!WebCore::ScriptController::clearScriptObjects+0x120 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webcore\bindings\v8\
scriptcontroller.cpp @ 140]
1307f828 06bb9cbd libcef!WebCore::Frame::willDetachPage+0x107 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webcore\page\frame.c
pp @ 700]
1307f848 06bb9bc2 libcef!WebCore::FrameLoader::detachFromParent+0xdd 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webcore\loader\frame
loader.cpp @ 2421]
1307f85c 07f9bfe8 libcef!WebCore::FrameLoader::frameDetached+0x52 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webcore\loader\frame
loader.cpp @ 2397]
1307f874 064f01b7 libcef!WebKit::WebViewImpl::close+0x98 
[c:\dev\cef\chromium\chromium\src\third_party\webkit\source\webkit\chromium\src\
webviewimpl.cpp @ 1249]
1307f8b4 064f047b libcef!CefBrowserImpl::UIT_DestroyBrowser+0x197 
[c:\dev\cef\chromium\chromium\src\cef\libcef\browser_impl.cc @ 779]
1307f984 065011d4 libcef!CefBrowserImpl::UIT_CloseBrowser+0xcb 
[c:\dev\cef\chromium\chromium\src\cef\libcef\browser_impl.cc @ 800]
1307f994 06500b9a libcef!base::internal::RunnableAdapter<void (__thiscall 
CefBrowserImpl::*)(void)>::Run+0x34 
[c:\dev\cef\chromium\chromium\src\base\bind_internal.h @ 132]
1307f9a0 064ff9ef 
libcef!base::internal::InvokeHelper<0,void,base::internal::RunnableAdapter<void 
(__thiscall CefBrowserImpl::*)(void)>,void __cdecl(CefBrowserImpl * const 
&)>::MakeItSo+0x1a [c:\dev\cef\chromium\chromium\src\base\bind_internal.h @ 869]
1307f9c4 0647abdf 
libcef!base::internal::Invoker<1,base::internal::BindState<base::internal::Runna
bleAdapter<void (__thiscall CefBrowserImpl::*)(void)>,void 
__cdecl(CefBrowserImpl *),void __cdecl(CefBrowserImpl *)>,void 
__cdecl(CefBrowserImpl *)>::Run+0x5f 
[c:\dev\cef\chromium\chromium\src\base\bind_internal.h @ 1170]
1307f9dc 074ce81f libcef!base::Callback<void __cdecl(void)>::Run+0x2f 
[c:\dev\cef\chromium\chromium\src\base\callback.h @ 272]
1307fb1c 074cea53 libcef!MessageLoop::RunTask+0x1ef 
[c:\dev\cef\chromium\chromium\src\base\message_loop.cc @ 464]
1307fb2c 074cf43d libcef!MessageLoop::DeferOrRunPendingTask+0x33 
[c:\dev\cef\chromium\chromium\src\base\message_loop.cc @ 477]
1307fb8c 075068d4 libcef!MessageLoop::DoWork+0xdd 
[c:\dev\cef\chromium\chromium\src\base\message_loop.cc @ 651]
1307fba4 07506142 libcef!base::MessagePumpForUI::DoRunLoop+0x54 
[c:\dev\cef\chromium\chromium\src\base\message_pump_win.cc @ 203]
1307fbd4 075063ac libcef!base::MessagePumpWin::RunWithDispatcher+0x82 
[c:\dev\cef\chromium\chromium\src\base\message_pump_win.cc @ 51]
1307fbe8 074ce486 libcef!base::MessagePumpWin::Run+0x1c 
[c:\dev\cef\chromium\chromium\src\base\message_pump_win.h @ 48]
1307fcc0 074ce25b libcef!MessageLoop::RunInternal+0xf6 
[c:\dev\cef\chromium\chromium\src\base\message_loop.cc @ 421]
1307fccc 074cda3a libcef!MessageLoop::RunHandler+0x2b 
[c:\dev\cef\chromium\chromium\src\base\message_loop.cc @ 395]
1307fcf4 074da5f6 libcef!MessageLoop::Run+0x3a 
[c:\dev\cef\chromium\chromium\src\base\message_loop.cc @ 301]
1307fd00 074da761 libcef!base::Thread::Run+0x16 
[c:\dev\cef\chromium\chromium\src\base\threading\thread.cc @ 127]
1307fef4 06460030 libcef!base::Thread::ThreadMain+0xe1 
[c:\dev\cef\chromium\chromium\src\base\threading\thread.cc @ 161]
1307ff0c 754a339a libcef!base::`anonymous namespace'::ThreadFunc+0x60 
[c:\dev\cef\chromium\chromium\src\base\threading\platform_thread_win.cc @ 58]
1307ff18 77a59ef2 KERNEL32!BaseThreadInitThunk+0xe
1307ff58 77a59ec5 ntdll!__RtlUserThreadStart+0x70
1307ff70 00000000 ntdll!_RtlUserThreadStart+0x1b

Original issue reported on code.google.com by dreijer...@gmail.com on 16 Apr 2012 at 2:42

[GoogleCodeExporter]

I just wanted to add that this appears to be happening when I manually call 
CloseBrowser() on each of my browser instances *before* calling CefShutdown().

For the record, I'm using CEF 1 in multithreaded and offscreen rendering mode.

Some more observations on triggering this issue:

 * If I use the middle-mouse button to open a new browser instance when clicking on a link, the issue does not occur when I later attempt to call CloseBrowser().

 * If open a second browser instance manually with an empty URL and then browse somewhere, the issue then occurs when I later attempt to call CloseBrowser().

Original comment by dreijer...@gmail.com on 16 Apr 2012 at 3:04

[GoogleCodeExporter]

This appears to be an assertion and not a crash. Do you see the same problem 
when running using the release executable?

Original comment by magreenb...@gmail.com on 16 Apr 2012 at 4:08

• Changed title: Assertion on shutdown: WebCore::freeV8NPObject

[GoogleCodeExporter]

Right, it's not a crash, but it happens on a thread that isn't my main thread 
so I never get a chance to see the assertion and thus my application is 
essentially hung forcing me to kill it (same end result essentially :).

I'm not sure how I'd see this problem if I link against a release build since 
assertions are then turned off.

Original comment by dreijer...@gmail.com on 16 Apr 2012 at 4:15

[GoogleCodeExporter]

@comment#3: If there are no crashes or unexpected behavior in release build 
then this assertion is unlikely to be a production issue. 

Original comment by magreenb...@gmail.com on 16 Apr 2012 at 4:35

[GoogleCodeExporter]

Haha, I'll definitely check it, but it certainly depends on what the assertion 
is about. If I'm triggering a code path in Chromium that absolutely shouldn't 
be hit simply by closing a browser instance, how do I know this won't affect 
other browser windows I'll be creating subsequently, which might or might not 
bring down my entire application? :)

Original comment by dreijer...@gmail.com on 16 Apr 2012 at 4:38

[GoogleCodeExporter]

#comment#5: I looked at the code in question. My opinion is that, unless it's 
crashing in release build, it's unlikely to be a production issue :-).

Original comment by magreenb...@gmail.com on 16 Apr 2012 at 4:52

[GoogleCodeExporter]

We should, of course, fix it if possible since it's annoying to developers and 
likely indicates a bug somewhere, even if that bug isn't a production issue 
per-say.

Original comment by magreenb...@gmail.com on 16 Apr 2012 at 4:54

[GoogleCodeExporter]

#comment#7: Yeah, was just about to say that. It might get a little annoying 
for us developers in the long run. :)

Anywho, release builds seem to be okay. I'm seeing no WerFaults or anything 
else and my application shuts down fine.

Original comment by dreijer...@gmail.com on 16 Apr 2012 at 5:01

[GoogleCodeExporter]

Original comment by magreenb...@gmail.com on 22 May 2012 at 3:44

• Changed state: Accepted

[GoogleCodeExporter]

Should be filed as a bug with the Chromium/V8 project if it still occurs with 
the newest CEF release build.

Original comment by magreenb...@gmail.com on 3 Oct 2012 at 5:49

• Changed state: WontFix