[Webkit-unassigned] [Bug 99686] Web Inspector: Crash in inspector when using strict mode
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 18 05:02:38 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=99686
--- Comment #5 from yeecheng.chin+webkit at gmail.com 2012-10-18 05:03:32 PST ---
I've found the problem in the code. Basically in DebuggerCallFrame.cpp, there's a line that is like this:
JSValue result = globalData.interpreter->execute(eval, m_callFrame, thisObject(), m_callFrame->scope());
The problem is thisObject() will return 0 in strict mode, and it then gets cast to a JSValue which is a bogus empty value. Seems like the interpreter requires the this object passed in to be a real JS value or it will break in multiple places.
A fix would be to do this instead:
JSObject* thisObj = thisObject();
JSValue result = globalData.interpreter->execute(eval, m_callFrame, thisObj ? JSValue(thisObj) : jsUndefined(), m_callFrame->scopeChain());
This way the this pointer gets bound to undefined which is the correct behavior in strict mode. This is similar to what JSJavaScriptCallFrame::thisObject(ExecState*) does
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list