Changeset 58779 in webkit for trunk/JavaScriptCore/debugger


Ignore:
Timestamp:
May 4, 2010, 3:01:38 PM (15 years ago)
Author:
[email protected]
Message:

2010-05-04 Yongjun Zhang <[email protected]>

Reviewed by Darin Adler.

WebKit crashes at DebuggerCallFrame::functionName() if m_callFrame is the top global callframe.
https://bugs.webkit.org/show_bug.cgi?id=38535

Don't call asFunction if callee is not a FunctionType to prevent assertion failure
in JSCell::isObject().

  • debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::functionName): (JSC::DebuggerCallFrame::calculatedFunctionName):
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/debugger/DebuggerCallFrame.cpp

    r54464 r58779  
    4242        return 0;
    4343
     44    if (!m_callFrame->callee())
     45        return 0;
     46
    4447    JSFunction* function = asFunction(m_callFrame->callee());
    4548    if (!function)
     
    5255    if (!m_callFrame->codeBlock())
    5356        return UString();
    54    
     57
     58    if (!m_callFrame->callee())
     59        return UString();
     60
    5561    JSFunction* function = asFunction(m_callFrame->callee());
    5662    if (!function)
Note: See TracChangeset for help on using the changeset viewer.