ManagePasswordsUIController should make a deep copy of values which it doesn't own.

chrome/browser/ui/passwords/manage_passwords_ui_controller.h

Index: chrome/browser/ui/passwords/manage_passwords_ui_controller.h
diff --git a/chrome/browser/ui/passwords/manage_passwords_ui_controller.h b/chrome/browser/ui/passwords/manage_passwords_ui_controller.h
index 9fb6c4ee98483e52be2c7e29f274a223ef6e73ed..f35d7959255746b40afa4ecc5a8278e8a59790d4 100644
--- a/chrome/browser/ui/passwords/manage_passwords_ui_controller.h
+++ b/chrome/browser/ui/passwords/manage_passwords_ui_controller.h
@@ -114,16 +114,17 @@ class ManagePasswordsUIController
       const content::LoadCommittedDetails& details,
       const content::FrameNavigateParams& params) OVERRIDE;
 
+  // We create copies of PasswordForm objects that come in with unclear lifetime
+  // and store them in this vector as well as in |password_form_map_| to ensure
+  // that we destroy them correctly. If |new_password_forms_| gets cleared then
+  // |password_form_map_| is to be cleared too.
+  ScopedVector<autofill::PasswordForm> new_password_forms_;
+
   // All previously stored credentials for a specific site.
   // Protected, not private, so we can mess with the value in
   // ManagePasswordsUIControllerMock.
   autofill::ConstPasswordFormMap password_form_map_;
 
-  // We create copies of PasswordForm objects that come in via OnLoginsChanged()
-  // and store them in this vector as well as in |password_form_map_| to ensure
-  // that we destroy them correctly.
-  ScopedVector<autofill::PasswordForm> new_password_forms_;
-
   // The current state of the password manager. Protected so we can manipulate
   // the value in tests.
   password_manager::ui::State state_;