[Webkit-unassigned] [Bug 245968] Crash in pas_segregated_page_switch_lock_and_rebias_while_ineligible_impl
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 7 16:19:03 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=245968
--- Comment #3 from Michael Catanzaro <mcatanzaro at gnome.org> ---
I guess the problem must be that the check:
if (*held_lock == page_lock && *held_lock == &cache_node->page_lock) {
implies that cache_node is not NULL if *helf_lock == page_lock. Then maybe the subsequent || !cache_node check can be optimized away in that case? At any rate, it looks pretty suspicious that the dereference occurs *before* the nullptr check.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221108/c858d2e0/attachment-0001.htm>
More information about the webkit-unassigned
mailing list