-
Aaron Colwell authored
This change prevents code from creating RenderProcessHostImpl objects that will reference a BrowserContext that is in the process of shutting down. Since RPHI's reference to a BrowserContext is a raw pointer it is easy to accidentally introduce a potential use after free if an RPHI is created as the BrowserContext is shutting down. The goal of the CHECK is to help detect code that might be trying to create RPHIs at inappropriate times. Also added logic to avoid creating a spare RPHI for BrowserContexts that are in the process of shutting down. This should help mitigate crashes that we are seeing where destruction of the spare appears to be referencing a BrowserContext that has already been destroyed. Added a DWOC on this path to help us detect potentially problematic callers. Bug: 1099998 1038844 Change-Id: I9a02e6f9cf19394a990afe3ca41f7d370ff3e2c4 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2317827Reviewed-by:
Nasko Oskov <nasko@chromium.org> Commit-Queue: Aaron Colwell <acolwell@chromium.org> Cr-Commit-Position: refs/heads/master@{#791377}
bc961340
