summaryrefslogtreecommitdiffstats
path: root/src/3rdparty/webkit/JavaScriptCore
diff options
context:
space:
mode:
Diffstat (limited to 'src/3rdparty/webkit/JavaScriptCore')
-rw-r--r--src/3rdparty/webkit/JavaScriptCore/runtime/Arguments.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/3rdparty/webkit/JavaScriptCore/runtime/Arguments.h b/src/3rdparty/webkit/JavaScriptCore/runtime/Arguments.h
index a3941b6..1f5b600 100644
--- a/src/3rdparty/webkit/JavaScriptCore/runtime/Arguments.h
+++ b/src/3rdparty/webkit/JavaScriptCore/runtime/Arguments.h
@@ -193,6 +193,8 @@ namespace JSC {
extraArguments = d->extraArgumentsFixedBuffer;
Register* argv = callFrame->registers() - RegisterFile::CallFrameHeaderSize - numArguments - 1;
+ if (callFrame->callee() && !callFrame->callee()->isObject(&JSC::JSFunction::info))
+ ++argv; // ### off-by-one issue with native functions
for (unsigned i = 0; i < numArguments; ++i)
extraArguments[i] = argv[i];
generated by cgit v0.12 at 2025-05-01 22:10:59 (GMT)