Codegen::print_char, a public API, can be used to construct invalid UTF-8 in safe code. When Codegen::into_source_text gets called, String::from_utf8_unchecked's invariants will not be upheld, producing undefined behavior.

I do not think this bug is causing any problem in internal oxc crates. However, Codegen and both problematic methods are publically available to anyone using oxc_codegen, and this could introduce unsound code into their projects.

Example:

use oxc::codegen::Codegen;

let mut code = Codegen::new();
code.push_char(0xFF); // past ASCII char boundary for single-byte UTF-8 code points
let invalid = code.into_source_string();