creis@, is there a chrome/-accessible way to remove a specific RFH?  All that jumped out at me was FrameTree::RemoveFrame(), but that's not public.

This is back on our radar from issue 613335.  The RDH_ILLEGAL_ORIGIN kill is now a top crasher, though we think most of the cases might be for content scripts rather than subframes.

Still, the subframe case is real, and something we know how to repro.  Moreover, it's a bit worse now that --isolate-extensions has launched, because the extension subframes are running in OOPIFs inside an extension process.  That means the extension process sticks around *after* uninstalling the extension.  (And to the degree that unblessed extension pages are gone, it might still have some of the privileges it had when installed?  Or maybe that would get it killed another way?)

Let's revisit this and find a way to unload those iframes.  For comment 1, there's no good way to remove a frame from the browser process, but we could navigate it to an error page from the browser process.  That won't be synchronous with the uninstallation of the extension, but I think it's probably sufficient given the other changes we're proposing on issue 613335.  Note that we'll want to make sure the error page isn't in the extension process-- ideally it'd be in the parent process.

Devlin, would you or someone from extensions be able to help with this part while I put together a fix on issue 613335?  Feel free to post here if there are more questions about how to do it.