Issue 3311: Crash at web_contents.cc:832 WebContents::ShowWidget(int,gfx::Rect const &) http://code.google.com/p/chromium/issues/detail?id=3311
Comment #11 by [EMAIL PROTECTED]: This is accessibility-related. In the browser, I see a call to BrowserAccessibilityManager::RequestAccessibilityInfo. This creates a synchronous message to the renderer, blocking the browser. The problem is that it seems to be reentrant, and the RenderViewHost is destroyed before the function returns (I'm not sure what actually causes this). When the RenderViewHost is destroyed in this way, it does not update the BrowserAccessibilityManager's list. I'm not sure why. The next time through this function, the list is now invalid, and the crash occurs. On my Vista laptop, this crash happens without even having to select anything in the popup most times, it crashes as soon as you expand the popup. Another interesting piece of information is that the renderer gives an assertion. The first request for the accessibility information fails because RenderWidget does not implement ViewMsg_GetAccessibilityInfo. This is implemented by RenderView normally, but for popups which don't have a RenderView for them, this message goes unhandled. This should mean that the call takes longer to happen, possibly making the reentrancy problem happen when it would normally have a very small window to happen before. This is not strictly the bug, however, but it should be fixed. Maybe one way to try to repro this is to increase the timeout by a lot in the browser and not process the message in the renderer. This will make any reentrancy problems even more noticeable. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Chromium-bugs" group. To post to this group, send email to chromium-bugs@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/chromium-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
