[webkit-changes] [WebKit/WebKit] ac25b0: tryCreateContiguousArrayWithPattern must ensure JS...
Justin Michaud
noreply at github.com
Wed Jan 8 16:53:41 PST 2025
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: ac25b0d35045d87ea988c01b2f02beba36fb2f80
https://github.com/WebKit/WebKit/commit/ac25b0d35045d87ea988c01b2f02beba36fb2f80
Author: Justin Michaud <jmichaud at igalia.com>
Date: 2025-01-08 (Wed, 08 Jan 2025)
Changed paths:
M Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h
Log Message:
-----------
tryCreateContiguousArrayWithPattern must ensure JSString* does not get optimized away
https://bugs.webkit.org/show_bug.cgi?id=285632
Reviewed by Yusuke Suzuki.
The butterfly created in tryCreateContiguousArrayWithPattern does not mark *pattern, so
we must ensure it remains alive until after the JSArray (which will mark it) is created.
* Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h:
(JSC::tryCreateContiguousArrayWithPattern):
Canonical link: https://commits.webkit.org/288623@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list