-
ananta authored
Fix for a crasher in the browser seen while dispatching mouse enter or mouse exit messages via the root view. Based on a number of crash dumps I looked at starting from M40 onwards, the crash occurs in the RootView::NotifyEnterExitOfDescendant function while dereferencing a NULL view parameter. The parameter passed as the view, is the mouse_move_handler_ member which is checked for validity before calling this function. However the disassembly in the crash dump clearly suggests that the parameter passed on the stack is NULL. Looking at the code the only way that could happen if we end up in a nested invocation to the root view, which could potentially happen in the context of a modal loop. I could not repro that hypothesis however. Given that this is a browser crash and seems to be occurring frequently enough, I think this warrants a NULL check for the mouse_move_handler_ before calling the RootView::NotifyEnterExitOfDescendant function. I added a CHECK for the view parameter in the NotifyEnterExitOfDescendant function in case there are additional callsites added in the future. BUG=467356 TEST=No test at the moment as I could not verify the hypothesis with actions in the UI. Review URL: https://codereview.chromium.org/996103009 Cr-Commit-Position: refs/heads/master@{#321414}
43dc9613
