Changeset 39198 in webkit
- Timestamp:
- Dec 10, 2008 10:27:36 PM (15 years ago)
- Location:
- trunk/JavaScriptCore
- Files:
-
- 3 edited
-
ChangeLog (modified) (1 diff)
-
bytecompiler/BytecodeGenerator.cpp (modified) (1 diff)
-
debugger/DebuggerCallFrame.cpp (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/JavaScriptCore/ChangeLog
r39197 r39198 1 2008-12-10 Cameron Zwarich <zwarich@apple.com> 2 3 Reviewed by Oliver Hunt. 4 5 Bug 22734: Debugger crashes when stepping into a function call in a return statement 6 <https://bugs.webkit.org/show_bug.cgi?id=22734> 7 <rdar://problem/6426796> 8 9 * bytecompiler/BytecodeGenerator.cpp: 10 (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses 11 the 'this' value stored in a callFrame, so op_convert_this should be 12 emitted at the beginning of a function body when generating bytecode 13 with debug hooks. 14 * debugger/DebuggerCallFrame.cpp: 15 (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call 16 to asObject() here is valid, because any 'this' value should have been 17 converted to a JSObject*. 18 1 19 2008-12-10 Gavin Barraclough <barraclough@apple.com> 2 20 -
trunk/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
r39157 r39198 332 332 ++m_codeBlock->m_numParameters; 333 333 334 if (functionBody->usesThis() ) {334 if (functionBody->usesThis() || m_shouldEmitDebugHooks) { 335 335 emitOpcode(op_convert_this); 336 336 instructions().append(m_thisRegister.index()); -
trunk/JavaScriptCore/debugger/DebuggerCallFrame.cpp
r38511 r39198 61 61 return 0; 62 62 63 // FIXME: Why is it safe to assume this is an object?64 63 return asObject(m_callFrame->thisValue()); 65 64 }
Note: See TracChangeset
for help on using the changeset viewer.
