How does this make sense? To get a crash address of 0x0 like in the linked crash report, in the test "run->mMagic == ARENA_RUN_MAGIC", you'd need run to be null. Except three lines above with have this:
```
if (MOZ_UNLIKELY(!run)) {
return nullptr;
}
```
IOW, a null run should have returned.
Bug 1865569 Comment 1 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
How does this make sense? To get a crash address of 0x0 like in the linked crash report, in the test "run->mMagic == ARENA_RUN_MAGIC", you'd need run to be null. Except three lines above we have this:
```
if (MOZ_UNLIKELY(!run)) {
return nullptr;
}
```
IOW, a null run should have returned.