307564 2026-02-11 10:11:29 -0800 JSPI polish: revise the scanning of EvacuatedStackSlices 2026-04-28 18:09:06 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 v_bykov v_bykov webkit-bug-importer oldest_to_newest 2180329 0 v_bykov 2026-02-11 10:11:29 -0800 In the MVP, EvacuatedStackSlices are registered as conservative roots. It's possible, even if unlikely, to have a WasmGC object in an evacuated slice that transitively references the PinballCompletion owning the slice. If the suspending promise of that pinball is forgotten everywhere else and never resolved, the remaining reference from the evacuated stack will keep it alive forever. Because evacuated stacks are conceptually owned by a pinball, they should be scanned as part of its children, not be treated as independent roots. 2180330 1 webkit-bug-importer 2026-02-11 10:11:35 -0800 <rdar://problem/170156450> 2201236 2 v_bykov 2026-04-16 14:43:25 -0700 Pull request: https://github.com/WebKit/WebKit/pull/62925 2205604 3 ews-feeder 2026-04-28 18:09:04 -0700 Committed 312253@main (4c00d7bcee95): <https://commits.webkit.org/312253@main> Reviewed commits have been landed. Closing PR #62925 and removing active labels.