212601 – [JSC] JSBigInt::rightTrim can miss |this| pointer and leads to incorrect GC collection

RESOLVED FIXED 212601

[JSC] JSBigInt::rightTrim can miss |this| pointer and leads to incorrect GC collection

https://bugs.webkit.org/show_bug.cgi?id=212601

Summary [JSC] JSBigInt::rightTrim can miss |this| pointer and leads to incorrect GC c...

Yusuke Suzuki

Reported 2020-06-01 10:49:55 PDT

[JSC] JSBigInt::rightTrim can miss |this| pointer and leads to incorrect GC collection

Attachments
Patch (2.80 KB, patch) 2020-06-01 10:51 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Yusuke Suzuki

Comment 1 2020-06-01 10:51:22 PDT

Yusuke Suzuki

Comment 2 2020-06-01 10:51:50 PDT

EWS

Comment 3 2020-06-01 13:27:16 PDT

Committed r262392: <https://trac.webkit.org/changeset/262392> All reviewed patches have been landed. Closing bug and clearing flags on attachment 400740 [details].

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component New Bugs

Assignee

Yusuke Suzuki

Reported

2020-06-01 10:49 PDT

Modified

2020-06-01 13:27 PDT History

CC List

7 users Show

URL

Keywords InRadar

Depends on

Blocks