diff --git a/runtime/interpreter/ecma-interpreter-inl.h b/runtime/interpreter/ecma-interpreter-inl.h
index 5e97cf044f3cda3dbbb86431983a92ab2c5a10eb..0d3848fefa75945ce5d862bb8947ed27723c08fb 100644
--- a/runtime/interpreter/ecma-interpreter-inl.h
+++ b/runtime/interpreter/ecma-interpreter-inl.h
@@ -359,7 +359,9 @@ public:
             }
         } else {  // Interpreter
 
+            [[maybe_unused]] EcmaHandleScope scope(js_thread);
             UPDATE_CALL_PROFILE(this_func);
+            JSHandle<JSFunction> function_handle(js_thread, js_function);
 
             method->DecrementHotnessCounter(0, nullptr, false, JSTaggedValue(function));
 
@@ -372,15 +374,12 @@ public:
                 return;
             }
 
-            // CSA reports js_function usage after GC triggered in ThrowStackOverflowException.
-            // In this case control doesn't reach this point.
-            // SUPPRESS_CSA_NEXTLINE(alpha.core.WasteObjHeader)
-            ConstantPool *constant_pool = ConstantPool::Cast(js_function->GetConstantPool().GetHeapObject());
-            JSTaggedValue lexical_env = js_function->GetLexicalEnv();
+            ConstantPool *constant_pool = ConstantPool::Cast(function_handle->GetConstantPool().GetHeapObject());
+            JSTaggedValue lexical_env = function_handle->GetLexicalEnv();
 
             // Init EcmascriptEnvironment
             EcmascriptEnvironment *new_env = JSFrame::GetJSEnv(this->GetFrame());
-            new (new_env) EcmascriptEnvironment(prev_env, constant_pool, lexical_env.GetHeapObject(), this_func);
+            new (new_env) EcmascriptEnvironment(prev_env, constant_pool, lexical_env.GetHeapObject(), *function_handle);
 
             // Update EcmascriptEnvironment
             js_thread->SetEcmascriptEnv(new_env);
@@ -478,14 +477,13 @@ public:
                         .SetValue(this_obj.GetRawData());
 
                     // Init EcmascriptEnvironment
-                    // CSA report ctor_func usage after GC in ThrowStackOverflowException.
-                    // In this case control shouldn't reach this line.
-                    // SUPPRESS_CSA_NEXTLINE(alpha.core.WasteObjHeader)
-                    ConstantPool *constant_pool = ConstantPool::Cast(ctor_func->GetConstantPool().GetHeapObject());
-                    JSTaggedValue lexical_env = ctor_func->GetLexicalEnv();
+                    auto ctor_func_handle = JSHandle<JSFunction>(ctor_handle);
+                    ConstantPool *constant_pool =
+                        ConstantPool::Cast(ctor_func_handle->GetConstantPool().GetHeapObject());
+                    JSTaggedValue lexical_env = ctor_func_handle->GetLexicalEnv();
                     EcmascriptEnvironment *new_env = JSFrame::GetJSEnv(this->GetFrame());
                     new (new_env)
-                        EcmascriptEnvironment(prev_env, constant_pool, lexical_env.GetHeapObject(), ctor_func);
+                        EcmascriptEnvironment(prev_env, constant_pool, lexical_env.GetHeapObject(), *ctor_func_handle);
 
                     // Update EcmascriptEnvironment
                     thread->SetEcmascriptEnv(new_env);
diff --git a/runtime/interpreter/interpreter-inl.h b/runtime/interpreter/interpreter-inl.h
index 4f988086b06cdd0b2292e2ec925eb1eda2a117b7..a89db3460053fbe08418897303af7952b54cc646 100644
--- a/runtime/interpreter/interpreter-inl.h
+++ b/runtime/interpreter/interpreter-inl.h
@@ -206,7 +206,7 @@ JSTaggedValue EcmaInterpreter::GeneratorReEnterInterpreter(JSThread *thread, JSH
         // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
         method->GetInstructions() + static_cast<uint32_t>(pc_offset.GetInt()) + BytecodeInstruction::Size(format);
 
-    TaggedValue acc(context->GetAcc().GetRawData());
+    auto *acc = reinterpret_cast<TaggedValue *>(ToUintPtr(*context) + context->GetAccOffset());
     uint32_t nregs = context->GetNRegs().GetInt();
     TaggedArray *regs_array = TaggedArray::Cast(context->GetRegsArray().GetHeapObject());
     auto *regs = reinterpret_cast<coretypes::TaggedValue *>(regs_array->GetData());
diff --git a/runtime/js_thread.cpp b/runtime/js_thread.cpp
index d0d8454a6716f99a2955c90f70464467555943e5..0b9eeaf6c5a548f04833f651471e0920c0c3cf2f 100644
--- a/runtime/js_thread.cpp
+++ b/runtime/js_thread.cpp
@@ -102,6 +102,7 @@ void JSThread::Iterate(const RootVisitor &v0, const RootRangeVisitor &v1)
         });
     }
     IterateEcmascriptEnvironment(v0, v1);
+    v0(Root::ROOT_VM, ObjectSlot(ToUintPtr(&invocation_lexical_env_)));
 
     // visit internal call params；
     internal_call_params_->Iterate(v1);
diff --git a/runtime/js_thread.h b/runtime/js_thread.h
index 62bf9bfb09b4d8ed93b9b0ace86448aa787e5754..9606618f319cc0b1ddf0079df34777e63b40ab14 100644
--- a/runtime/js_thread.h
+++ b/runtime/js_thread.h
@@ -173,7 +173,8 @@ public:
 
     JSTaggedValue GetInvocationLexicalEnv() const
     {
-        return invocation_lexical_env_;
+        // SUPPRESS_CSA_NEXTLINE(alpha.core.WasteObjHeader)
+        return invocation_lexical_env_;  // GC root
     }
 
     void SetInvocationLexicalEnv(JSTaggedValue invocation_lexical_env)