GitLab

RenderProcessWillExit is dispatched to observers from
RPHI::ShutdownRequest during renderer-initiated process shutdown, when
the renderer process is allowed to continue shutting down but before
it does actually shut down.  This is routed through
SiteInstanceImpl::RenderProcessWillExit, which calls
RenderFrameHostManager::RenderProcessGone() to mark all proxies living
in that process as non-live.  Unfortunately, this might lead to
duplicate routing ID crashes if one of these proxies is reused and
recreated before the process goes away completely.  See
https://crbug.com/794625#c14 for full details.

This CL fixes these races by completely removing
RenderProcessWillExit.  The affected RenderFrameProxyHosts will still
be marked as non-live later when the process actually goes away, as
part of SiteInstanceImpl::RenderProcessExited(), called from either
RPHI::Cleanup() or RPHI::ProcessDied().  That is, today we try to mark
proxies as non-live twice, and arguably only the second path is really
needed.  RenderProcessWillExit also used to trigger
RenderFrameHostImpl::RenderProcessGone() to perform some navigation
cleanup work, but the same cleanup will still happen via the
RenderProcessExited path.

Bug: 794625, 575400
Change-Id: I6b6c776e179a1048c9634ad323d45302423246f1
Reviewed-on: https://chromium-review.googlesource.com/1155790Reviewed-by: Charlie Reis <creis@chromium.org>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#580069}