265721 2023-12-02 10:30:18 -0800 [Wasm-GC] Typedef unrolling cache should hold values strongly 2023-12-13 19:14:58 -0800 1 1 1 Unclassified WebKit WebAssembly WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 247394 1 asumu webkit-unassigned webkit-bug-importer oldest_to_newest 1996459 0 asumu 2023-12-02 10:30:18 -0800 There is a cache used for unrolling rec/sub types, to avoid re-computing this constantly. The cache holds keys weakly (when the key is collected, it should be explicitly removed from the cache map) but it should hold values strongly to avoid deallocation. Right now the values are also held weakly. Changing this to use a `RefPtr` instead fixes some crashes related to this. It's been difficult to construct a example to reproduce the issue, but it comes up in real programs. 1998332 1 webkit-bug-importer 2023-12-09 10:31:13 -0800 <rdar://problem/119435998> 1999291 2 asumu 2023-12-13 09:32:30 -0800 Pull request: https://github.com/WebKit/WebKit/pull/21739 1999469 3 ews-feeder 2023-12-13 19:14:56 -0800 Committed 272016@main (456ffae07aa8): <https://commits.webkit.org/272016@main> Reviewed commits have been landed. Closing PR #21739 and removing active labels.