Array.prototype.join creates unrooted C heap references to ejsvals

Question

Array.prototype.join creates unrooted C heap references to ejsvals

Opened this issue 10 years ago · 0 comments

from _ejs_Array_prototype_join:

    ejsval* strings = (ejsval*)malloc (sizeof (ejsval) * num_strings);
    int i;

    for (i = 0; i < num_strings; i ++) {
        strings[i] = ToString(EJS_DENSE_ARRAY_ELEMENTS(_this)[i]);
        result_len += EJSVAL_TO_STRLEN(strings[i]);
    }

If a collection is run during the course of that loop, the strings allocated prior to the allocation causing the collection will become garbage.