From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 02:47:55 +0200
Subject: Adding upstream version 124.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 js/src/jit-test/tests/basic/bug639311.js | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 js/src/jit-test/tests/basic/bug639311.js

(limited to 'js/src/jit-test/tests/basic/bug639311.js')

diff --git a/js/src/jit-test/tests/basic/bug639311.js b/js/src/jit-test/tests/basic/bug639311.js
new file mode 100644
index 0000000000..277d0c3d10
--- /dev/null
+++ b/js/src/jit-test/tests/basic/bug639311.js
@@ -0,0 +1,18 @@
+/* Avoid use-after-free while sweeping type objects. */
+
+try {
+  Reflparse("")
+} catch(e) {}
+Reflect.parse("for(var a;a;j){if(a%2==0){c()}}")
+try {
+  (function() {
+    for (a = 0;; j) {
+      gc()
+    }
+  })()
+} catch(e) {
+  delete this.Math
+}
+gc()
+Reflect.parse("{ let x; }")
+gc()
-- 
cgit v1.2.3