-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=121737 Source/JavaScriptCore: Reviewed by Sam Weinig. This was meant to be easy, but I kept wondering if it was safe to remove the inline call frame check in Arguments::tearOff(). The check was clearly dead since the bit wasn't being set anywhere. It turns out that the unwindCallFrame() function was relying on tearOff() doing the right thing for inlined code, but it wasn't even passing it an inline call frame. I fixed this by having unwindCallFrame() inlining check, while also making sure that the code uses the right operand index for the arguments register. * interpreter/CallFrame.h: * interpreter/CallFrameInlines.h: * interpreter/Interpreter.cpp: (JSC::unwindCallFrame): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::r): * interpreter/StackVisitor.h: * runtime/Arguments.cpp: (JSC::Arguments::tearOff): LayoutTests: Reviewed by Sam Weinig. * js/dfg-inline-arguments-capture-throw-exception-expected.txt: Added. * js/dfg-inline-arguments-capture-throw-exception.html: Added. * js/script-tests/dfg-inline-arguments-capture-throw-exception.js: Added. (foo): (bar): (makeF): (recurse): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@156229 268f45cc-cd09-0410-ab3c-d52691b4dbfc
71309443