[Webkit-unassigned] [Bug 245968] Crash in pas_segregated_page_switch_lock_and_rebias_while_ineligible_impl
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 7 16:53:07 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=245968
--- Comment #4 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Maybe this would be as simple as:
diff --git a/Source/bmalloc/libpas/src/libpas/pas_segregated_page.c b/Source/bmalloc/libpas/src/libpas/pas_segregated_page.c
index 7d3cc2e05953..cc7350455d68 100644
--- a/Source/bmalloc/libpas/src/libpas/pas_segregated_page.c
+++ b/Source/bmalloc/libpas/src/libpas/pas_segregated_page.c
@@ -127,7 +127,7 @@ void pas_segregated_page_switch_lock_and_rebias_while_ineligible_impl(
page_lock = page->lock_ptr;
PAS_TESTING_ASSERT(page_lock);
- if (*held_lock == page_lock && *held_lock == &cache_node->page_lock) {
+ if (*held_lock == page_lock && cache_node && *held_lock == &cache_node->page_lock) {
pas_compiler_fence();
return;
}
But I'm not at all confident due to my lack of experience with assembly.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221108/f201da50/attachment-0001.htm>
More information about the webkit-unassigned
mailing list