Created attachment 530035 [details] [diff] [review]
v1 (landed in jsdbg2)
The comment says:
* This is shamelessly copied from emitReturn, but with several changes:
* - There was always at least one inline call.
* - We don't know if there is a call object, so we always check.
* - We don't know where we came from, so we don't know frame depth or PC.
* - There is no stub buffer.
emitReturn emits a call to stubs::ScriptDebugEpilogue in debug mode.
The trampoline generated by generateForceReturn can only be called in debug mode, so it should unconditionally emit a call to ScriptDebugEpilogue.
This patch applies on top of
Please take a look. I have no reason to believe this patch is safe. In particular I'm casting to void* without knowing anything about the types and calling conventions. (Also, ScriptDebugEpilogue can execute arbitrary JS code, due to debugging hooks; but if emitReturn does it I think it's probably safe to do it here too.)
Yeah, this is safe, the calling convention for fallible vm calls is fastcall (VMFrame &), the return value can be anything and there can be one additional parameter. The VMFrame is passed implicitly.