Restore actual arguments of inlined frames (Bug 732853 part 1, r=dvander)
authorNicolas Pierron <nicolas.b.pierron@mozilla.com>
Fri, 23 Mar 2012 03:29:12 -0700
changeset 91260 c65c9f9dfe70
parent 91259 0ff7a7bd318f
child 91261 083f0d4215c3
push id755
push usernpierron@mozilla.com
push date2012-03-23 10:30 +0000
reviewersdvander
bugs732853
milestone14.0a1
Restore actual arguments of inlined frames (Bug 732853 part 1, r=dvander)
js/src/ion/Bailouts.cpp
--- a/js/src/ion/Bailouts.cpp
+++ b/js/src/ion/Bailouts.cpp
@@ -265,17 +265,17 @@ PushInlinedFrame(JSContext *cx, StackFra
     // JSOP_GETPROP). That will have to be handled differently.
     FrameRegs &regs = cx->regs();
     JS_ASSERT(JSOp(*regs.pc) == JSOP_CALL || JSOp(*regs.pc) == JSOP_NEW);
     int callerArgc = GET_ARGC(regs.pc);
     const Value &calleeVal = regs.sp[-callerArgc - 2];
 
     JSFunction *fun = calleeVal.toObject().toFunction();
     JSScript *script = fun->script();
-    CallArgs inlineArgs = CallArgsFromArgv(fun->nargs, regs.sp - callerArgc);
+    CallArgs inlineArgs = CallArgsFromSp(callerArgc, regs.sp);
     
     // Bump the stack pointer to make it look like the inline args have been pushed, but they will
     // really get filled in by RestoreOneFrame.
     regs.sp = inlineArgs.end();
 
     InitialFrameFlags flags = INITIAL_NONE;
     if (JSOp(*regs.pc) == JSOP_NEW)
         flags = INITIAL_CONSTRUCT;