-
Scott Violet authored
and OnNavigationCompleted. This patch differs from first in so far as some autofill classes needed to be destroyed as they keep a reference to a class owned by TabImpl. Here's the bug that has the stack trace of the crash: https://bugs.chromium.org/p/chromium/issues/detail?id=1123021 Content does not allow WebContents to be deleted from WebContentsObserver::DidFinishNavigation(). Unfortunately we keep seeing crashes because of this restriction, so I'm inclined to provide some mitigation. This patch takes the approach of detecting this scenario and delaying deletion of the WebContents. All the surrounding WebLayer classes are deleted/destroyed and ownership of the WebContents is passed to the Profile and deleted from a post-task. Doing this may introduce it's own set of problems. For example, if a callback/notification is still in flight from content that gets processed before the deletion, and the code assumes there is a Tab associated with the WebContents, then there will be problems. My preference is still to fix this in content, but in the mean time this should work. BUG=1111127 TEST=covered by test Change-Id: Ifdd07aab1303fa0ff1ab28e9736d24cd2bf2b042 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2381260Reviewed-by:
John Abd-El-Malek <jam@chromium.org> Commit-Queue: Scott Violet <sky@chromium.org> Cr-Commit-Position: refs/heads/master@{#802812}
f02e6203
