Ignore:
Timestamp:
Apr 16, 2009, 9:41:29 PM (16 years ago)
Author:
[email protected]
Message:

Fix subtle error in optimised VM reentry in Array.sort

Reviewed by Gavin Barraclough

Basically to ensure we don't accidentally invalidate the cached callframe
we should be using the cached callframe rather than our own exec state.
While the old behaviour was wrong i have been unable to actually create a
test case where anything actually ends up going wrong.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/runtime/JSArray.cpp

    r42571 r42605  
    789789            m_cachedCall->setArgument(0, va);
    790790            m_cachedCall->setArgument(1, vb);
    791             compareResult = m_cachedCall->call().toNumber(m_exec);
     791            compareResult = m_cachedCall->call().toNumber(m_cachedCall->newCallFrame());
    792792        } else {
    793793            ArgList arguments;
Note: See TracChangeset for help on using the changeset viewer.