On opening devtools, it looks like an observer in extensions:: is trying to broadcast a related event (chrome.tabs.onCreated?)

Can you add logs or use a debugger and find out what  browser_context_ and event->restrict_to_browser_context are pointing to?

Added debug log:

[105958:105958:1111/112031:VERBOSE2:event_router.cc(475)] EventRouter::DispatchEventImpl [event name]: webNavigation.onCommitted [restrict_to_browser_context]: 0x5e0cbe3a40 [browser_context_]: 0x5e0c8ff220

[105958:105958:1111/112031:FATAL:event_router.cc(482)] Check failed: !event->restrict_to_browser_context || ExtensionsBrowserClient::Get()->IsSameContext( browser_context_, event->restrict_to_browser_context). 

Which one corresponds to the profile that is running chrome://inspect?  And which one corresponds to the profile hosting the offscreen webcontents?

It may be that devtools doesn't work cross-profile, in which case, we'll need to add a special case, or maybe another category of things to inspect that lists only offscreen webcontents.

(Just guess) [browser_context_] corresponds to profile running chrome://inspect, [restrict_to_browser_context] corresponds to profile hosting the offscreen webcontents.

Derek and I tried open chrome://inspect in a normal tab, start a incognito tab, and inspect the incognito tab with chrome://inspect. That works fine, the incognito tab shows up in "Page" section instead of "Other" though.

Derek suggests that it might because we create a seperate incognito profile for offscreen tab, not sure why it is different though. 

miu@ implemented the offscreen tab capture API and might know details.

Ping, miu@.

The offscreen tab creates its own off-the-record profile (https://cs.chromium.org/chromium/src/chrome/browser/extensions/api/tab_capture/offscreen_tab.cc?rcl=0&l=83). This is *not* the same as the shared off-the-record profile. The reason for this is that we did not want user activity in the on-screen incognito windows to affect changes in the offscreen tab (and vice versa).

Just above the DCHECK, I see this comment:

  // We don't expect to get events from a completely different browser context.

Okay, but we *are* getting events from a completely different browser context. So, it seems that the code calling into extensions::EventRouter is broken somehow?

Looking at DispatchOnCommitted() in web_navigation_api_helpers.cc (https://cs.chromium.org/chromium/src/chrome/browser/extensions/api/web_navigation/web_navigation_api_helpers.cc?rcl=1479284732&l=104), note that the call to ExtensionTabUtil::GetTabId() will be returning -1 for the offscreen tab's WebContents. This is because the offscreen tab is does not get a tab ID or a window ID. It is, by design, unknowable to the browser or other extension APIs since it is supposed to simulate a separate device's user agent. So, this might be a good place to detect that we're dealing with an offscreen tab and proceed differently (probably just drop the event?).

Then, following along the stack to the DispatchEvent() call (https://cs.chromium.org/chromium/src/chrome/browser/extensions/api/web_navigation/web_navigation_api_helpers.cc?rcl=1479284732&l=54), we see a call to EventRouter::Get(profile). Now, it's not clear that the EventRouter instance is a separate one being created on-demand for the offscreen tab's profile; or if it is just pulling the one associated with the parent profile (the normal, ON-THE-RECORD user profile used by the MR Extension). This is likely where the profile mismatch begins.

In other words, we are likely using the wrong EventRouter instance.

Finally, at the top of the stack, we look at the DCHECK() at the top of the EventRouter::DispatchEventImpl() method, and see that |event->restrict_to_browser_context| does not match |this->browser_context_|. So, that would seem to prove my theory where the EventRouter instance is *not* the correct one for the offscreen tab.

I'm not sure how to proceed: Either we want to detect this case and ignore these events, or else there is something broken in the object graph and we do want to access an EventRouter instance that is associated with the offscreen tab's profile.

- At a high level we should figure out if it makes sense to expose offscreen webcontents to the extension system.  I'm leaning no but need to think about it.

- If we do, then the fix suggested by miu@ is probably the right one, I just worry that we will be playing whack-a-mole with other web contents observers until we get all these issues resolved.

offscreen_tab.cc uses Profile::CreateOffTheRecordProfile() to create incognito_profile. This method does not register incognito_profile with original_profile. So 

incognito_profile.IsSameProfile(original_profile) returns true original_profile.IsSameProfile(incognito_profile) returns false

causing DCHECK failure. We can fix it by changing DCHECK to take (incognito_profile, original_profile) instead of (original_profile, incognito_profile).

After fixing this, inspection window opens correctly. Got another crash when closing inspection window because dev tools window will destroy incognito profile in ~Browser().

 crbug.com/527035  reports similar issue. There is a fix in ~Browser() adding checks for incognito profile:

if (profile_->IsOffTheRecord() &&
      !BrowserList::IsIncognitoSessionActiveForProfile(profile_) &&
      !profile_->GetOriginalProfile()->IsSystemProfile())

https://cs.chromium.org/chromium/src/chrome/browser/ui/browser.cc?rcl=cd998d5dfe613f3e9bd096aec1e7cb9980bcf565&l=535

BrowserList::IsIncognitoSessionActiveForProfile(profile_) does not work for offscreen tab. It returns true only if original profile is also incognito. But for offscreen tab, original profile is normal.

We may add a new function IsOffscreenTabActiveForProfile(incognito_profile) to skip destroying incognito profile for offscreen tabl with condition: (!browser->profile()->IsSameProfile(incognito_profile) &&
          incognito_profile->IsSameProfile(browser->profile())). It does not look straight forward though... Any better suggestion?

If we are using incognito profiles, they should follow the rules for IsSameProfile() correctly.  The problem appears to be that there is a hard-coded assumption that there is only one incognito profile per regular profile.

This is going to run into problems when the user has created an incognito window: its profile will be shared with the offscreen tab's, and thus can outlive the offscreen tab, which is going to violate the spec in various ways.

I think the long term answer is to fix Bug 727487.  In the meantime it sound like you've found a short term fix to prevent crashing? 

Issue 705771 has been merged into this issue.

+takumif@

clairedu@ is hitting this.  Going to take a look.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/06ff810b4b71839d8af536d66bada008c848ab27

commit 06ff810b4b71839d8af536d66bada008c848ab27
Author: mark a. foltz <mfoltz@chromium.org>
Date: Tue Sep 05 20:18:09 2017

[Presentation API] Allow offscreen tabs to be inspected with DevTools.

This fixes two DCHECK() failures when offscreen tabs are inspected with DevTools:

1. Extension events for web_navigation trigger a DCHECK in
EventRouter::DispatchEventImpl, because the off the recored profile for the
presentation is not registered with the extension profile.  Switch the order of
the check to handle this case.

2. When the DevTools window is closed, the Browser object created by DevTools
deletes the OTR profile for the offscreen tab.  Avoid destroying the OTR profile
in this case.

Tested by inspecting an offscreen tab via chrome://inspect from the same profile
that started the presentation, an incognito profile, and a different profile without
DCHECK() failures.

Long term, presentations should get their own profile type, which is a much bigger
change tracked under Bug 727487.

Bug:  664351 
Change-Id: Icc8cdf2fbe6dc83761c090a80eb292ff332f2023
Reviewed-on: https://chromium-review.googlesource.com/630257
Commit-Queue: mark a. foltz <mfoltz@chromium.org>
Reviewed-by: Ben Wells <benwells@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: Yuri Wiitala <miu@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499727}
[modify] https://crrev.com/06ff810b4b71839d8af536d66bada008c848ab27/chrome/browser/extensions/api/tab_capture/offscreen_tab.cc
[modify] https://crrev.com/06ff810b4b71839d8af536d66bada008c848ab27/chrome/browser/extensions/api/tab_capture/offscreen_tab.h
[modify] https://crrev.com/06ff810b4b71839d8af536d66bada008c848ab27/chrome/browser/extensions/api/tab_capture/tab_capture_apitest.cc
[modify] https://crrev.com/06ff810b4b71839d8af536d66bada008c848ab27/chrome/browser/extensions/chrome_extensions_browser_client.cc
[modify] https://crrev.com/06ff810b4b71839d8af536d66bada008c848ab27/chrome/browser/ui/browser.cc

clairedu@, please let me know if you hit this after the patch rolls into tomorrow's canary.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7adfa2d52607a71519432fbe05bc1bdb93f7ba75

commit 7adfa2d52607a71519432fbe05bc1bdb93f7ba75
Author: btolsch <btolsch@chromium.org>
Date: Sat Dec 16 23:35:44 2017

Add PresentationReceiverWindow for wired screen presentations

This change adds a class which shows a Presentation API receiver page in
a popup-style window that is started fullscreen on a specific wired
display.

It also changes the handling of one-off OTR profiles used by
presentations, which affects this class and offscreen tabs.  Previously,
offscreen tabs assumed ownership of their OTR profiles.  However, it was
possible for this to be violated by opening a DevTools window and
Browser would think that it could destroy the profile.  Additionally,
there was no handling of the original profile being destroyed, which
would leave dangling references in the OTR profile.  This has been
addressed by adding an IndependentOTRProfileManager class, which helps
both offscreen tabs and PresentationReceiverWindow manage the lifetime
of these one-off OTR profiles.

Bug:  777654 ,  786158 ,  664351 , 727487
Change-Id: I64d032419d341affbdde4ee80b57d45c99648588
Reviewed-on: https://chromium-review.googlesource.com/742122
Commit-Queue: Brandon Tolsch <btolsch@chromium.org>
Reviewed-by: mark a. foltz <mfoltz@chromium.org>
Reviewed-by: Derek Cheng <imcheng@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: Yuri Wiitala <miu@chromium.org>
Cr-Commit-Position: refs/heads/master@{#524615}
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/chromeos/profiles/profile_helper.h
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/extensions/api/tab_capture/offscreen_tab.cc
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/extensions/api/tab_capture/offscreen_tab.h
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/BUILD.gn
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/independent_otr_profile_manager.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/independent_otr_profile_manager.h
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/independent_otr_profile_manager_browsertest.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/presentation_navigation_policy.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/presentation_navigation_policy.h
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/media/router/receiver_presentation_service_delegate_impl.cc
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/BUILD.gn
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/browser.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/media_router/presentation_receiver_window.h
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/media_router/presentation_receiver_window_controller.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/media_router/presentation_receiver_window_controller.h
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/media_router/presentation_receiver_window_controller_browsertest.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/media_router/presentation_receiver_window_delegate.h
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/location_bar/location_bar_view.cc
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/location_bar/location_bar_view.h
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/media_router/presentation_receiver_window_factory.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/media_router/presentation_receiver_window_frame.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/media_router/presentation_receiver_window_frame.h
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/media_router/presentation_receiver_window_view.cc
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/browser/ui/views/media_router/presentation_receiver_window_view.h
[modify] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/test/BUILD.gn
[add] https://crrev.com/7adfa2d52607a71519432fbe05bc1bdb93f7ba75/chrome/test/data/media/router/presentation_receiver.html