Ignore:
Timestamp:
Oct 1, 2008, 10:06:59 PM (17 years ago)
Author:
[email protected]
Message:

2008-10-01 Cameron Zwarich <[email protected]>

Reviewed by Maciej Stachowiak.

Bug 21289: REGRESSION (r37160): Inspector crashes on load
<https://bugs.webkit.org/show_bug.cgi?id=21289>

The code in Arguments::mark() in r37160 was wrong. It marks indices in
d->registers, but that makes no sense (they are local variables, not
arguments). It should mark those indices in d->registerArray instead.

This patch also changes Arguments::copyRegisters() to use d->numParameters
instead of recomputing it.

  • kjs/Arguments.cpp: (JSC::Arguments::mark):
  • kjs/Arguments.h: (JSC::Arguments::copyRegisters):
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/kjs/Arguments.cpp

    r37160 r37182  
    4444}
    4545
    46 void Arguments::mark() 
     46void Arguments::mark()
    4747{
    4848    JSObject::mark();
    4949
    50     for (unsigned i = 0; i < d->numParameters; ++i) {
    51         if (!d->registers[i].marked())
    52             d->registers[i].mark();
     50    if (d->registerArray) {
     51        for (unsigned i = 0; i < d->numParameters; ++i) {
     52            if (!d->registerArray[i].marked())
     53                d->registerArray[i].mark();
     54        }
    5355    }
    5456
Note: See TracChangeset for help on using the changeset viewer.