LibJS: Do not invoke Cell::vm in constructors before Cell is constructed

In a subclass of Cell, we cannot use Cell::vm() before the base Cell object itself is constructed. Use the Realm's VM instead. This was caught by UBSAN with vptr sanitation enabled.
Author: https://github.com/trflynn89 Commit: 85e313077a Pull-request: https://github.com/SerenityOS/serenity/pull/15247 Reviewed-by: https://github.com/bgianfo ✅
2025-07-30 04:39:06 +00:00 · 2022-09-14 19:10:27 -04:00 · 2022-09-14 19:10:27 -04:00 · 85e313077a · 2024-07-17 14:33:07 +09:00
commit 85e313077a
parent 3efe611dbf
46 changed files with 97 additions and 97 deletions
--- a/Userland/Libraries/LibJS/Runtime/Temporal/InstantConstructor.cpp
+++ b/Userland/Libraries/LibJS/Runtime/Temporal/InstantConstructor.cpp
@ -14,7 +14,7 @@ namespace JS::Temporal {

 // 8.1 The Temporal.Instant Constructor, https://tc39.es/proposal-temporal/#sec-temporal-instant-constructor
 InstantConstructor::InstantConstructor(Realm& realm)
-    : NativeFunction(vm().names.Instant.as_string(), *realm.intrinsics().function_prototype())
+    : NativeFunction(realm.vm().names.Instant.as_string(), *realm.intrinsics().function_prototype())
 {
 }