LibJS: Skip null entries in numeric string cache when gathering roots

tcl3 · awesomekling · commit ab00a4dc1f5b · 2025-11-04T10:34:43.000+01:00
This caused a crash when dumping the GC graph.
diff --git a/Libraries/LibJS/Runtime/VM.cpp b/Libraries/LibJS/Runtime/VM.cpp
@@ -246,8 +246,12 @@ void VM::gather_roots(HashMap<GC::Cell*, GC::HeapRoot>& roots)
     for (auto string : m_single_ascii_character_strings)
         roots.set(string, GC::HeapRoot { .type = GC::HeapRoot::Type::VM });
 
-    for (auto string : m_numeric_string_cache)
+    for (auto string : m_numeric_string_cache) {
+        // The numeric string cache is populated lazily, so skip null entries.
+        if (!string)
+            continue;
         roots.set(string, GC::HeapRoot { .type = GC::HeapRoot::Type::VM });
+    }
 
     roots.set(cached_strings.number, GC::HeapRoot { .type = GC::HeapRoot::Type::VM });
     roots.set(cached_strings.undefined, GC::HeapRoot { .type = GC::HeapRoot::Type::VM });
