Changeset 62766 in webkit
- Timestamp:
- Jul 8, 2010 12:50:54 AM (14 years ago)
- Location:
- trunk/JavaScriptCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/JavaScriptCore/ChangeLog
r62765 r62766 1 2010-07-08 Andreas Kling <andreas.kling@nokia.com> 2 3 Reviewed by Oliver Hunt. 4 5 Interpreter: Crash in op_load_varargs on 64-bit 6 https://bugs.webkit.org/show_bug.cgi?id=41795 7 8 Added missing cast of argCount to int32_t in op_load_varargs. 9 10 * interpreter/Interpreter.cpp: 11 (JSC::Interpreter::privateExecute): 12 1 13 2010-07-08 Patrick Gansterer <paroga@paroga.com> 2 14 -
trunk/JavaScriptCore/interpreter/Interpreter.cpp
r62612 r62766 3777 3777 // Then we copy any additional arguments that may be further up the stack ('-1' to account for 'this') 3778 3778 for (; i < static_cast<int32_t>(argCount); i++) 3779 argStore[i] = callFrame->registers()[i - RegisterFile::CallFrameHeaderSize - expectedParams - argCount- 1];3779 argStore[i] = callFrame->registers()[i - RegisterFile::CallFrameHeaderSize - expectedParams - static_cast<int32_t>(argCount) - 1]; 3780 3780 } else if (!arguments.isUndefinedOrNull()) { 3781 3781 if (!arguments.isObject()) {
Note: See TracChangeset
for help on using the changeset viewer.