Merge 185956

Merge 185956
> Fix a crash seen in ChromeFrame when opening a non CF top level tab from a CF page.
> 
> This was a regression caused by the fix for bug http://code.google.com/p/chromium/issues/detail?id=168308
> which was to not invalidate the protocol sink mapping for CF pages which are switched in from IE.
> 
> The crash in this case occurs because the protocol sink mapping is removed in the call to IInternetProtocol::Terminate
> as this is treated as a ChromeFrame request. This is only a temporary CF url which eventually transitions to
> the actual URL which  is opened in IE. For the curious we intercept IInternetProtocol::LockRequest and for
> the special gcf://attach_external_tab requests we addref the protocol data and return without calling the original
> LockRequest API. When UnlockRequest is invoked we rely on the protocol data mapping to exist to release the
> protocol data and return without calling the original UnlockRequest API.
> 
> In this case the sequence is IInternetProtocol::LockRequest, IInternetProtocolRoot::Terminate followed by
> IInternetProtocol::UnlockRequest. In our terminate handler we remove the protocol data mapping for the attach tab
> request. When UnlockRequest is called we call the original API and end up crashing.
> 
> Fix is to not invalidate the protocol data mapping for attach tab requests.
> 
> A test for this is in the works by robertshield.
> 
> BUG=178415
> R=robertshield
> Review URL: https://chromiumcodereview.appspot.com/12395021

TBR=ananta@chromium.org
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=186289

[robertshield, 2013-03-06 00:19:50]

Committed patchset #1 manually as r186289.