Commit 1749d209 authored by ap@webkit.org's avatar ap@webkit.org

Reviewed by Darin.

        <rdar://problem/6058368> REGRESSION: Crash occurs in KJS::Machine after launching
        Apple Installer

        The problem was that JSUserObject::getCallData() was setting call type to native, but
        left callData.native.function uninitialized.

        * JSObject.cpp:
        (JSUserObject::getCallData): Initialize callData.native.function.
        (nativeCallFunction): Call UserObjectImp::callAsFunction().



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@35060 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent eac7ce6d
2008-07-08 Alexey Proskuryakov <ap@webkit.org>
Reviewed by Darin.
<rdar://problem/6058368> REGRESSION: Crash occurs in KJS::Machine after launching
Apple Installer
The problem was that JSUserObject::getCallData() was setting call type to native, but
left callData.native.function uninitialized.
* JSObject.cpp:
(JSUserObject::getCallData): Initialize callData.native.function.
(nativeCallFunction): Call UserObjectImp::callAsFunction().
2008-07-04 Sam Weinig <sam@webkit.org>
Rubber-stamped by Dan Bernstein.
......
......@@ -29,6 +29,8 @@
#include "config.h"
#include "JSObject.h"
#include "UserObjectImp.h"
JSUserObject::JSUserObject(JSObjectCallBacksPtr callBacks, JSObjectMarkProcPtr markProc, void *data, int dataType)
: JSBase(kJSObjectTypeID), fCallBacks(*callBacks), fMarkProc(markProc), fData(data), fDataType(dataType)
{
......@@ -71,9 +73,18 @@ void JSUserObject::SetProperty(CFStringRef propertyName, JSUserObject* value)
}
CallType JSUserObject::getCallData(CallData&)
static JSValue* nativeCallFunction(ExecState* exec, JSObject* functionObject, JSValue* thisValue, const ArgList& args)
{
return fCallBacks.callFunction ? CallTypeNative : CallTypeNone;
return static_cast<UserObjectImp*>(functionObject)->callAsFunction(exec, static_cast<JSObject*>(thisValue), args);
}
CallType JSUserObject::getCallData(CallData& callData)
{
if (!fCallBacks.callFunction)
return CallTypeNone;
callData.native.function = nativeCallFunction;
return CallTypeNative;
}
JSUserObject* JSUserObject::CallFunction(JSUserObject* thisObj, CFArrayRef args)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment