Details
-
Bug
-
Resolution: Unresolved
-
P2: Important
-
6.5, 6.8
-
None
-
61d7cf160 (dev)
Description
beginPopulateDeferred creates a scope, uses its alloc function to initalize a pointer, and then the scope gets destroyed immediately, leaving a dangling pointer to the JS heap.
This needs to be fixed (either by getting rid of the need to initialize allJavaScriptObjects, or by tying the lifetime of the scope to it).