Repro steps:
1. Use a build with DCHECK on.
2. Turn on chrome://flags/#omnibox-ui-hide-steady-state-url-scheme-and-subdomains
3. Navigate to "https://www.google.com/"
4. Observe that the scheme and www are hidden in the steady state Omnibox.
5. Click on the Omnibox and observe they are re-shown.
6. Press shift-tab.
7. Observe a DCHECK crash.
The root cause is:
1. In the OnBlur handler, we call RevertAll on the view
2. This fires an observer in the location bar, which re-layouts the location bar.
3. As part of the relayout, it initially hides the Secure icon.
4. Since pressing shift-tab focuses the Secure icon, this causes Views to advance the focus.
5. But now we are re-focusing what we just blurred..., and causing re-entrant behavior into FocusManager::SetFocusedViewWithReason.
6. FocusManager::SetFocusedViewWithReason really does not like reentrancy - it hits a DCHECK.
Some possible solutions (any one of these should work):
1. Maybe Views should defer post OnBlur, OnFocus event handlers onto the message loop...
2. During LocationBarView::Layout(), it doesn't seem like we should unconditionally hide the Secure icon control.
3. Maybe the OmniboxEditModel should post the RevertAll call onto the message loop instead of doing it directly within the OnBlur handler.
--
Note -- this bug likely existed previously too, since ZeroSuggest can trigger a RevertAll call during the OnBlur call. It's just much easier to trigger now that we have steady state elisions causing a RevertAll call on any defocus event.
|
Deleted:
RootCause.PNG
159 KB
|
|
Deleted:
CrashStack.PNG
137 KB
|
Comment 1 by tommycli@chromium.org
, Feb 8 2018