Give the main frame a RenderWidget.

content/browser/security_exploit_browsertest.cc

Index: content/browser/security_exploit_browsertest.cc
diff --git a/content/browser/security_exploit_browsertest.cc b/content/browser/security_exploit_browsertest.cc
index 2c5acc4c48df74d295c899470cd33b4f0c7943b9..1358af28fd98e39ce08854b993b5e1544661e6c9 100644
--- a/content/browser/security_exploit_browsertest.cc
+++ b/content/browser/security_exploit_browsertest.cc
@@ -196,7 +196,7 @@ IN_PROC_BROWSER_TEST_F(SecurityExploitBrowserTest, SetWebUIProperty) {
 // process.
 IN_PROC_BROWSER_TEST_F(SecurityExploitBrowserTest,
                        AttemptDuplicateRenderViewHost) {
-  int duplicate_routing_id = MSG_ROUTING_NONE;
+  int32_t duplicate_routing_id = MSG_ROUTING_NONE;
   RenderViewHostImpl* pending_rvh =
       PrepareToDuplicateHosts(shell(), &duplicate_routing_id);
   EXPECT_NE(MSG_ROUTING_NONE, duplicate_routing_id);
@@ -213,10 +213,12 @@ IN_PROC_BROWSER_TEST_F(SecurityExploitBrowserTest,
   scoped_refptr<SessionStorageNamespaceImpl> session_storage(
       new SessionStorageNamespaceImpl(dom_storage_context));
   // Cause a deliberate collision in routing ids.
-  int main_frame_routing_id = duplicate_routing_id + 1;
-  pending_rvh->CreateNewWindow(duplicate_routing_id,
-                               main_frame_routing_id,
-                               params,
+  int32_t main_frame_routing_id = duplicate_routing_id + 1;
+  // TODO(avi): This should be made unique from the view routing ID once
+  // RenderViewHostImpl has-a RenderWidgetHostImpl. https://crbug.com/545684
+  int32_t main_frame_widget_routing_id = duplicate_routing_id;
+  pending_rvh->CreateNewWindow(duplicate_routing_id, main_frame_routing_id,
+                               main_frame_widget_routing_id, params,
                                session_storage.get());
 
   // If the above operation doesn't cause a crash, the test has succeeded!