[wasm] Copy the signature when compiling an imported function.

src/wasm/wasm-module.cc

Index: src/wasm/wasm-module.cc
diff --git a/src/wasm/wasm-module.cc b/src/wasm/wasm-module.cc
index ddc2eba7c852e471d12a240411f4fa205ed0aefc..68254a125576f734d0181117cbfcacee22d6e1a0 100644
--- a/src/wasm/wasm-module.cc
+++ b/src/wasm/wasm-module.cc
@@ -648,15 +648,22 @@ bool CompileWrappersToImportedFunctions(Isolate* isolate,
           *thrower, isolate->factory(), ffi, index, module_name, function_name);
       if (function.is_null()) return false;
 
-      FunctionSig sig(
-          ret_count, param_count,
-          reinterpret_cast<const MachineRepresentation*>(sig_data->data()));
-
-      Handle<Code> code = compiler::CompileWasmToJSWrapper(
-          isolate, function.ToHandleChecked(), &sig, index, module_name,
-          function_name);
-
-      imports.push_back(code);
+      {
+        // Copy the signature to avoid a raw pointer into a heap object when
+        // GC can happen.
+        Zone zone(isolate->allocator());
+        MachineRepresentation* reps =
+            zone.NewArray<MachineRepresentation>(sig_data_size);
+        memcpy(reps, sig_data->data(),
+               sizeof(MachineRepresentation) * sig_data_size);
+        FunctionSig sig(ret_count, param_count, reps);
+
+        Handle<Code> code = compiler::CompileWasmToJSWrapper(
+            isolate, function.ToHandleChecked(), &sig, index, module_name,
+            function_name);
+
+        imports.push_back(code);
+      }
     }
   }
   return true;