The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/81a813fcee09c1ed0f299aba3b589e3705238875

commit 81a813fcee09c1ed0f299aba3b589e3705238875
Author: tobiasjs <tobiasjs@chromium.org>
Date: Thu Mar 17 09:43:40 2016

Ensure that native WindowAndroid outlives native AwContents.

ContentViewCore holds a window pointer that is used during
destruction of native AwContents to remove observers. However the
current CleanupReference based finalization scheme does not enforce
an ordering on the destruction of native WindowAndroid and AwContents
instances. Satisfaction of the constraint that AwContents is destroyed
before WindowAndroid is therefore dependent on the CleanupReference
implementation, and possibly the implementation of the JVM as well.

Making the AwContents DestroyRunnable strongly reference the
associated WindowAndroidWrapper enforces the correct ordering.

BUG= 595336 

Review URL: https://codereview.chromium.org/1809643002

Cr-Commit-Position: refs/heads/master@{#381675}

[modify] https://crrev.com/81a813fcee09c1ed0f299aba3b589e3705238875/android_webview/java/src/org/chromium/android_webview/AwContents.java

Issue 595496 has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/123f5ecc991d4c7ebddc3ffde79fa8baf0592234

commit 123f5ecc991d4c7ebddc3ffde79fa8baf0592234
Author: Alex Mineer <amineer@chromium.org>
Date: Thu Mar 17 18:38:17 2016

Ensure that native WindowAndroid outlives native AwContents.

ContentViewCore holds a window pointer that is used during
destruction of native AwContents to remove observers. However the
current CleanupReference based finalization scheme does not enforce
an ordering on the destruction of native WindowAndroid and AwContents
instances. Satisfaction of the constraint that AwContents is destroyed
before WindowAndroid is therefore dependent on the CleanupReference
implementation, and possibly the implementation of the JVM as well.

Making the AwContents DestroyRunnable strongly reference the
associated WindowAndroidWrapper enforces the correct ordering.

BUG= 595336 

Review URL: https://codereview.chromium.org/1809643002

(cherry picked from commit 81a813fcee09c1ed0f299aba3b589e3705238875)

Cr-Original-Commit-Position: refs/heads/master@{#381675}
Cr-Commit-Position: refs/branch-heads/2681@{#3}
Cr-Branched-From: 2668bea689fd4a5ce07011903bca095aaf67bb07-refs/heads/master@{#381614}

[modify] https://crrev.com/123f5ecc991d4c7ebddc3ffde79fa8baf0592234/android_webview/java/src/org/chromium/android_webview/AwContents.java

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/beebc994b0b69df0b32921601ff32506f2664254

commit beebc994b0b69df0b32921601ff32506f2664254
Author: Bo Liu <boliu@chromium.org>
Date: Wed Mar 30 21:46:50 2016

[Merge M50] Ensure that native WindowAndroid outlives native AwContents.

ContentViewCore holds a window pointer that is used during
destruction of native AwContents to remove observers. However the
current CleanupReference based finalization scheme does not enforce
an ordering on the destruction of native WindowAndroid and AwContents
instances. Satisfaction of the constraint that AwContents is destroyed
before WindowAndroid is therefore dependent on the CleanupReference
implementation, and possibly the implementation of the JVM as well.

Making the AwContents DestroyRunnable strongly reference the
associated WindowAndroidWrapper enforces the correct ordering.

BUG= 595336 

Review URL: https://codereview.chromium.org/1809643002

Cr-Commit-Position: refs/heads/master@{#381675}
(cherry picked from commit 81a813fcee09c1ed0f299aba3b589e3705238875)

BUG=599216

Review URL: https://codereview.chromium.org/1845073002 .

Cr-Commit-Position: refs/branch-heads/2661@{#437}
Cr-Branched-From: ef6f6ae5e4c96622286b563658d5cd62a6cf1197-refs/heads/master@{#378081}

[modify] https://crrev.com/beebc994b0b69df0b32921601ff32506f2664254/android_webview/java/src/org/chromium/android_webview/AwContents.java