cef
cef copied to clipboard
Published
20 hours ago •
chromiumembedded
chromiumembedded
mac: `window.close()` breaks the cefclient with `--hide-window-on-close`
Description
When using the window.close() method in the cefclient application on macOS with the --hide-window-on-close flag enabled, the application breaks. The page is rendered white, it's impossible to close the application.
To Reproduce
Steps to reproduce the behavior:
- Launch the cefclient application with the
--hide-window-on-closeflag enabled. - Navigate within the application to a webpage where window.close() is invoked.
- Invoke window.close() programmatically or through an action in the webpage.
- Notice that the window is close, but the app still present in the dock
Expected behavior
The application should gracefully close the window or hide it according to the --hide-window-on-close flag setting, without breaking or exhibiting unexpected behavior when window.close() is invoked.
Screenshots
With hidden frame
Versions (please complete the following information):
- OS: MacOS 14.3.1
- CEF Version: 121, 122 and latest main
Additional context
It seems that CloseWithReason exits prematurely because OnWindowCloseRequested returns CloseRequestResult::kCannotClose. As a result, the application ends up in an invalid partially closed state.
void Widget::CloseWithReason(ClosedReason closed_reason) {
if (widget_closed_) {
// It appears we can hit this code path if you close a modal dialog then
// close the last browser before the destructor is hit, which triggers
// invoking Close again.
return;
}
if (block_close_) {
return;
}
if (non_client_view_ && non_client_view_->OnWindowCloseRequested() ==
CloseRequestResult::kCannotClose) {
return;
}
Still reproduces with M127 (enter javascript:window.close() in the address bar)
Still reproduces at M130 after fixing a raw_ptr leak at shutdown.
[6690:259:1022/134437.277869:ERROR:partition_alloc_support.cc(566)] Detected dangling raw_ptr with id=0x0000012c0042b5f8:
[DanglingSignature] base::debug::CollectStackTrace(base::span<void IPC::ChannelAssociatedGroupController::Accept(mojo::Message*) void IPC::ChannelAssociatedGroupController::Accept(mojo::Message*)
The memory was freed at:
0 Chromium Embedded Framework 0x00000003d9aa4350 base::debug::CollectStackTrace(base::span<void const*, 18446744073709551615ul, void const**>) + 84
1 Chromium Embedded Framework 0x00000003d9a71ae0 base::debug::StackTrace::StackTrace(unsigned long) + 156
2 Chromium Embedded Framework 0x00000003d9a71b88 base::debug::StackTrace::StackTrace(unsigned long) + 36
3 Chromium Embedded Framework 0x00000003d9ab2d54 base::allocator::(anonymous namespace)::DanglingRawPtrDetected(unsigned long) + 516
4 Chromium Embedded Framework 0x00000003c42da458 partition_alloc::internal::InSlotMetadata::CheckDanglingPointersOnFree(unsigned long long) + 108
5 Chromium Embedded Framework 0x00000003c42d8290 partition_alloc::internal::InSlotMetadata::PreReleaseFromAllocator() + 52
6 Chromium Embedded Framework 0x00000003c42d7df8 void partition_alloc::PartitionRoot::FreeInline<(partition_alloc::internal::FreeFlags)12>(void*) + 556
7 Chromium Embedded Framework 0x00000003c42d7bc0 void partition_alloc::PartitionRoot::Free<(partition_alloc::internal::FreeFlags)12>(void*) + 32
8 Chromium Embedded Framework 0x00000003c42d7b80 void base::internal::HandleMemorySafetyCheckedOperatorDelete<(base::internal::MemorySafetyCheck)7>(void*) + 28
9 Chromium Embedded Framework 0x00000003d019f100 content::RenderFrameHost::operator delete(void*) + 24
10 Chromium Embedded Framework 0x00000003d019f0dc content::RenderFrameHostImpl::~RenderFrameHostImpl() + 36
11 Chromium Embedded Framework 0x00000003d02c5a34 std::__Cr::default_delete<content::RenderFrameHostImpl>::operator()(content::RenderFrameHostImpl*) const + 52
12 Chromium Embedded Framework 0x00000003d02a7f3c std::__Cr::unique_ptr<content::RenderFrameHostImpl, std::__Cr::default_delete<content::RenderFrameHostImpl>>::reset(content::RenderFrameHostImpl*) + 96
13 Chromium Embedded Framework 0x00000003d02c1664 std::__Cr::unique_ptr<content::RenderFrameHostImpl, std::__Cr::default_delete<content::RenderFrameHostImpl>>::~unique_ptr() + 32
14 Chromium Embedded Framework 0x00000003d02a1ae4 std::__Cr::unique_ptr<content::RenderFrameHostImpl, std::__Cr::default_delete<content::RenderFrameHostImpl>>::~unique_ptr() + 28
15 Chromium Embedded Framework 0x00000003d02a1458 content::RenderFrameHostManager::~RenderFrameHostManager() + 396
16 Chromium Embedded Framework 0x00000003d02a1b68 content::RenderFrameHostManager::~RenderFrameHostManager() + 28
17 Chromium Embedded Framework 0x00000003cfe974c8 content::FrameTreeNode::~FrameTreeNode() + 1856
18 Chromium Embedded Framework 0x00000003cfe97f68 content::FrameTreeNode::~FrameTreeNode() + 28
19 Chromium Embedded Framework 0x00000003cfe7d228 content::FrameTree::~FrameTree() + 180
20 Chromium Embedded Framework 0x00000003cfe7d470 content::FrameTree::~FrameTree() + 28
21 Chromium Embedded Framework 0x00000003cf2b5610 std::__Cr::default_delete<content::FrameTree>::operator()(content::FrameTree*) const + 44
22 Chromium Embedded Framework 0x00000003cf2b3630 std::__Cr::unique_ptr<content::FrameTree, std::__Cr::default_delete<content::FrameTree>>::reset(content::FrameTree*) + 96
23 Chromium Embedded Framework 0x00000003cf2b5280 std::__Cr::unique_ptr<content::FrameTree, std::__Cr::default_delete<content::FrameTree>>::~unique_ptr() + 32
24 Chromium Embedded Framework 0x00000003cf2b3688 std::__Cr::unique_ptr<content::FrameTree, std::__Cr::default_delete<content::FrameTree>>::~unique_ptr() + 28
25 Chromium Embedded Framework 0x00000003cfcc9088 content::PrerenderHost::~PrerenderHost() + 540
26 Chromium Embedded Framework 0x00000003cfcc97c0 content::PrerenderHost::~PrerenderHost() + 28
27 Chromium Embedded Framework 0x00000003cfcc9808 content::PrerenderHost::~PrerenderHost() + 28
28 Chromium Embedded Framework 0x00000003cfcff2ac std::__Cr::default_delete<content::PrerenderHost>::operator()(content::PrerenderHost*) const + 52
29 Chromium Embedded Framework 0x00000003cfcff220 std::__Cr::unique_ptr<content::PrerenderHost, std::__Cr::default_delete<content::PrerenderHost>>::reset(content::PrerenderHost*) + 96
30 Chromium Embedded Framework 0x00000003cfcff1b0 std::__Cr::unique_ptr<content::PrerenderHost, std::__Cr::default_delete<content::PrerenderHost>>::~unique_ptr() + 32
31 Chromium Embedded Framework 0x00000003cfce45f4 std::__Cr::unique_ptr<content::PrerenderHost, std::__Cr::default_delete<content::PrerenderHost>>::~unique_ptr() + 28
Task trace:
0 Chromium Embedded Framework 0x00000003dabda1c0 IPC::ChannelAssociatedGroupController::Accept(mojo::Message*) + 1084
1 Chromium Embedded Framework 0x00000003d9e90934 mojo::SimpleWatcher::Context::Notify(unsigned int, MojoHandleSignalsState, unsigned int) + 312
The dangling raw_ptr was released at:
0 Chromium Embedded Framework 0x00000003d9aa4350 base::debug::CollectStackTrace(base::span<void const*, 18446744073709551615ul, void const**>) + 84
1 Chromium Embedded Framework 0x00000003d9a71ae0 base::debug::StackTrace::StackTrace(unsigned long) + 156
2 Chromium Embedded Framework 0x00000003d9a71b88 base::debug::StackTrace::StackTrace(unsigned long) + 36
3 Chromium Embedded Framework 0x00000003d9ab2ef8 void base::allocator::(anonymous namespace)::DanglingRawPtrReleased<(base::features::DanglingPtrMode)0, (base::features::DanglingPtrType)0>(unsigned long) + 80
4 Chromium Embedded Framework 0x00000003d9bb5c90 base::internal::RawPtrBackupRefImpl<false, false>::ReleaseInternal(unsigned long) + 448
5 Chromium Embedded Framework 0x00000003c42424fc void base::internal::RawPtrBackupRefImpl<false, false>::ReleaseWrappedPtr<content::RenderFrameHost>(content::RenderFrameHost*) + 204
6 Chromium Embedded Framework 0x00000003c432a548 base::raw_ptr<content::RenderFrameHost, (partition_alloc::internal::RawPtrTraits)0>::operator=(std::nullptr_t) + 36
7 Chromium Embedded Framework 0x00000003c432a324 CefFrameHostImpl::Detach(CefFrameHostImpl::DetachReason) + 940
8 Chromium Embedded Framework 0x00000003c426c490 CefBrowserInfo::SetMainFrame(scoped_refptr<CefBrowserHostBase>, scoped_refptr<CefFrameHostImpl>) + 684
9 Chromium Embedded Framework 0x00000003c426b59c CefBrowserInfo::RemoveAllFrames(scoped_refptr<CefBrowserHostBase>) + 500
10 Chromium Embedded Framework 0x00000003c426b330 CefBrowserInfo::WebContentsDestroyed() + 232
11 Chromium Embedded Framework 0x00000003c424b310 CefBrowserHostBase::DestroyWebContents(content::WebContents*) + 408
12 Chromium Embedded Framework 0x00000003c42b5568 ChromeBrowserHostImpl::OnWebContentsDestroyed(content::WebContents*) + 60
13 Chromium Embedded Framework 0x00000003c4223b5c CefBrowserContentsDelegate::WebContentsDestroyed() + 324
14 Chromium Embedded Framework 0x00000003d095afe8 void content::WebContentsImpl::WebContentsObserverList::NotifyObservers<void (content::WebContentsObserver::*)()>(void (content::WebContentsObserver::*)()) + 528
15 Chromium Embedded Framework 0x00000003d0959e00 content::WebContentsImpl::~WebContentsImpl() + 1812
16 Chromium Embedded Framework 0x00000003d095b678 content::WebContentsImpl::~WebContentsImpl() + 28
17 Chromium Embedded Framework 0x00000003d095b7bc content::WebContentsImpl::~WebContentsImpl() + 28
18 Chromium Embedded Framework 0x00000003c42021a0 std::__Cr::default_delete<content::WebContents>::operator()(content::WebContents*) const + 52
19 Chromium Embedded Framework 0x00000003c4202114 std::__Cr::unique_ptr<content::WebContents, std::__Cr::default_delete<content::WebContents>>::reset(content::WebContents*) + 96
20 Chromium Embedded Framework 0x00000003c42020a4 std::__Cr::unique_ptr<content::WebContents, std::__Cr::default_delete<content::WebContents>>::~unique_ptr() + 32
21 Chromium Embedded Framework 0x00000003c41edd9c std::__Cr::unique_ptr<content::WebContents, std::__Cr::default_delete<content::WebContents>>::~unique_ptr() + 28
22 Chromium Embedded Framework 0x00000003ee0c1fa0 tabs::TabModel::~TabModel() + 188
23 Chromium Embedded Framework 0x00000003ee0c2110 tabs::TabModel::~TabModel() + 28
24 Chromium Embedded Framework 0x00000003d3bd0a8c std::__Cr::default_delete<tabs::TabModel>::operator()(tabs::TabModel*) const + 44
25 Chromium Embedded Framework 0x00000003d3bd0a08 std::__Cr::unique_ptr<tabs::TabModel, std::__Cr::default_delete<tabs::TabModel>>::reset(tabs::TabModel*) + 96
26 Chromium Embedded Framework 0x00000003ee0e9c7c TabStripModel::SendDetachWebContentsNotifications(TabStripModel::DetachNotifications*) + 724
27 Chromium Embedded Framework 0x00000003ee0ee518 TabStripModel::CloseTabs(base::span<content::WebContents* const, 18446744073709551615ul, content::WebContents* const*>, unsigned int) + 1096
28 Chromium Embedded Framework 0x00000003ee0eeb70 TabStripModel::CloseWebContentsAt(int, unsigned int) + 220
29 Chromium Embedded Framework 0x00000003edf07ee4 chrome::CloseWebContents(Browser*, content::WebContents*, bool) + 192
30 Chromium Embedded Framework 0x00000003edea80d0 Browser::CloseContents(content::WebContents*) + 68
31 Chromium Embedded Framework 0x00000003d099ad1c content::WebContentsImpl::Close() + 188
Task trace:
0 Chromium Embedded Framework 0x00000003dabda1c0 IPC::ChannelAssociatedGroupController::Accept(mojo::Message*) + 1084
1 Chromium Embedded Framework 0x00000003d9e90934 mojo::SimpleWatcher::Context::Notify(unsigned int, MojoHandleSignalsState, unsigned int) + 312