Reviewers: rossberg,
Description:
Version 4.2.77.4 (cherry-pick)
Merged 290ee378ea44bda379cb3e1864631895c7dea774
Disallow subclassing Arrays.
BUG=v8:3930
LOG=N
[email protected]
Please review this at https://codereview.chromium.org/1000633002/
Base URL: https://chromium.googlesource.com/v8/[email protected]
Affected files (+84, -3 lines):
M include/v8-version.h
M src/arm/builtins-arm.cc
M src/arm/code-stubs-arm.cc
M src/arm/full-codegen-arm.cc
M src/arm64/builtins-arm64.cc
M src/arm64/code-stubs-arm64.cc
M src/arm64/full-codegen-arm64.cc
M src/ia32/builtins-ia32.cc
M src/ia32/code-stubs-ia32.cc
M src/ia32/full-codegen-ia32.cc
M src/messages.js
M src/mips/builtins-mips.cc
M src/mips/code-stubs-mips.cc
M src/mips/full-codegen-mips.cc
M src/mips64/builtins-mips64.cc
M src/mips64/code-stubs-mips64.cc
M src/mips64/full-codegen-mips64.cc
M src/runtime/runtime.h
M src/runtime/runtime-classes.cc
M src/x64/builtins-x64.cc
M src/x64/code-stubs-x64.cc
M src/x64/full-codegen-x64.cc
Index: include/v8-version.h
diff --git a/include/v8-version.h b/include/v8-version.h
index
76c90bd3e150d1d40e86d69cb6ceb157767fa0a6..00eb7fc52ea3db01d2fb307257f8dbd8da11eb18
100644
--- a/include/v8-version.h
+++ b/include/v8-version.h
@@ -11,7 +11,7 @@
#define V8_MAJOR_VERSION 4
#define V8_MINOR_VERSION 2
#define V8_BUILD_NUMBER 77
-#define V8_PATCH_LEVEL 3
+#define V8_PATCH_LEVEL 4
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
Index: src/arm/builtins-arm.cc
diff --git a/src/arm/builtins-arm.cc b/src/arm/builtins-arm.cc
index
ba92ff8e34f326c483d710f4d6f16482e343e746..d13d4ffa25fd2a054ffe3835dbdf487932dc77ff
100644
--- a/src/arm/builtins-arm.cc
+++ b/src/arm/builtins-arm.cc
@@ -129,6 +129,7 @@ void Builtins::Generate_ArrayCode(MacroAssembler* masm)
{
__ Assert(eq, kUnexpectedInitialMapForArrayFunction);
}
+ __ mov(r3, r1);
// Run the native code for the Array function called as a normal
function.
// tail call a stub
__ LoadRoot(r2, Heap::kUndefinedValueRootIndex);
Index: src/arm/code-stubs-arm.cc
diff --git a/src/arm/code-stubs-arm.cc b/src/arm/code-stubs-arm.cc
index
ad04cb5454adff449c9d3236ce65ae0aa80330a7..56a93274abe130fe453cd2ac1ec57f30f8184d13
100644
--- a/src/arm/code-stubs-arm.cc
+++ b/src/arm/code-stubs-arm.cc
@@ -2663,6 +2663,7 @@ void CallIC_ArrayStub::Generate(MacroAssembler* masm)
{
__ b(ne, &miss);
__ mov(r2, r4);
+ __ mov(r3, r1);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -4573,6 +4574,7 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
// -- r0 : argc (only if argument_count() == ANY)
// -- r1 : constructor
// -- r2 : AllocationSite or undefined
+ // -- r3 : original constructor
// -- sp[0] : return address
// -- sp[4] : last argument
// -----------------------------------
@@ -4593,6 +4595,10 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ AssertUndefinedOrAllocationSite(r2, r4);
}
+ Label subclassing;
+ __ cmp(r3, r1);
+ __ b(ne, &subclassing);
+
Label no_info;
// Get the elements kind and case on that.
__ CompareRoot(r2, Heap::kUndefinedValueRootIndex);
@@ -4606,6 +4612,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ bind(&no_info);
GenerateDispatchToArrayStub(masm, DISABLE_ALLOCATION_SITES);
+
+ __ bind(&subclassing);
+ __ TailCallRuntime(Runtime::kThrowArrayNotSubclassableError, 0, 1);
}
Index: src/arm/full-codegen-arm.cc
diff --git a/src/arm/full-codegen-arm.cc b/src/arm/full-codegen-arm.cc
index
15958ccf54561149055489f32188e1530473fb81..7311d7e8c923b52cb39e2283336c7d633e53f69e
100644
--- a/src/arm/full-codegen-arm.cc
+++ b/src/arm/full-codegen-arm.cc
@@ -4230,6 +4230,7 @@ void
FullCodeGenerator::EmitDefaultConstructorCallSuper(CallRuntime* expr) {
__ bind(&args_set_up);
__ ldr(r1, MemOperand(sp, r0, LSL, kPointerSizeLog2));
+ __ LoadRoot(r2, Heap::kUndefinedValueRootIndex);
CallConstructStub stub(isolate(), SUPER_CONSTRUCTOR_CALL);
__ Call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL);
Index: src/arm64/builtins-arm64.cc
diff --git a/src/arm64/builtins-arm64.cc b/src/arm64/builtins-arm64.cc
index
8adec6a51e08ccfe644737fe2671afe75c810cb3..89e304051abf6b426a7eff0505c5f68d1349271d
100644
--- a/src/arm64/builtins-arm64.cc
+++ b/src/arm64/builtins-arm64.cc
@@ -126,6 +126,7 @@ void Builtins::Generate_ArrayCode(MacroAssembler* masm)
{
// Run the native code for the Array function called as a normal
function.
__ LoadRoot(x2, Heap::kUndefinedValueRootIndex);
+ __ Mov(x3, x1);
ArrayConstructorStub stub(masm->isolate());
__ TailCallStub(&stub);
}
Index: src/arm64/code-stubs-arm64.cc
diff --git a/src/arm64/code-stubs-arm64.cc b/src/arm64/code-stubs-arm64.cc
index
3179972d4bdbdd3a91b5e401819654b3d227b559..b8f63b40801644ca205cf26f6483cc55b8191818
100644
--- a/src/arm64/code-stubs-arm64.cc
+++ b/src/arm64/code-stubs-arm64.cc
@@ -3071,6 +3071,9 @@ void CallIC_ArrayStub::Generate(MacroAssembler* masm)
{
Register allocation_site = feedback_vector;
__ Mov(allocation_site, scratch);
+
+ Register original_constructor = x3;
+ __ Mov(original_constructor, function);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -5006,11 +5009,13 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
// -- x0 : argc (only if argument_count() == ANY)
// -- x1 : constructor
// -- x2 : AllocationSite or undefined
+ // -- x3 : original constructor
// -- sp[0] : return address
// -- sp[4] : last argument
// -----------------------------------
Register constructor = x1;
Register allocation_site = x2;
+ Register original_constructor = x3;
if (FLAG_debug_code) {
// The array construct code is only set for the global and natives
@@ -5032,6 +5037,10 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ AssertUndefinedOrAllocationSite(allocation_site, x10);
}
+ Label subclassing;
+ __ Cmp(original_constructor, constructor);
+ __ B(ne, &subclassing);
+
Register kind = x3;
Label no_info;
// Get the elements kind and case on that.
@@ -5045,6 +5054,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ Bind(&no_info);
GenerateDispatchToArrayStub(masm, DISABLE_ALLOCATION_SITES);
+
+ __ Bind(&subclassing);
+ __ TailCallRuntime(Runtime::kThrowArrayNotSubclassableError, 0, 1);
}
Index: src/arm64/full-codegen-arm64.cc
diff --git a/src/arm64/full-codegen-arm64.cc
b/src/arm64/full-codegen-arm64.cc
index
265f75f97c4fd994e0f00373c5d21d89d9417105..88b31a4da54c7eba97d0b75d0e3a38b90bfd2333
100644
--- a/src/arm64/full-codegen-arm64.cc
+++ b/src/arm64/full-codegen-arm64.cc
@@ -3937,6 +3937,7 @@ void
FullCodeGenerator::EmitDefaultConstructorCallSuper(CallRuntime* expr) {
__ bind(&args_set_up);
__ Peek(x1, Operand(x0, LSL, kPointerSizeLog2));
+ __ LoadRoot(x2, Heap::kUndefinedValueRootIndex);
CallConstructStub stub(isolate(), SUPER_CONSTRUCTOR_CALL);
__ Call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL);
Index: src/ia32/builtins-ia32.cc
diff --git a/src/ia32/builtins-ia32.cc b/src/ia32/builtins-ia32.cc
index
537ffcd129c40551e61b6c5f0f063d4586c7303e..9aa4e073f7fa54473e38ed6d6ab2b1a0d803ca8a
100644
--- a/src/ia32/builtins-ia32.cc
+++ b/src/ia32/builtins-ia32.cc
@@ -1192,6 +1192,7 @@ void Builtins::Generate_ArrayCode(MacroAssembler*
masm) {
// Get the Array function.
__ LoadGlobalFunction(Context::ARRAY_FUNCTION_INDEX, edi);
+ __ mov(edx, edi);
if (FLAG_debug_code) {
// Initial map for the builtin Array function should be a map.
Index: src/ia32/code-stubs-ia32.cc
diff --git a/src/ia32/code-stubs-ia32.cc b/src/ia32/code-stubs-ia32.cc
index
b5cf5cec5c1ac71ca6f14e4fed3f68e0d57fbd9b..fff1e2fda32749257fcff41646e4812c6920a74b
100644
--- a/src/ia32/code-stubs-ia32.cc
+++ b/src/ia32/code-stubs-ia32.cc
@@ -2252,6 +2252,7 @@ void CallIC_ArrayStub::Generate(MacroAssembler* masm)
{
__ j(not_equal, &miss);
__ mov(ebx, ecx);
+ __ mov(edx, edi);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -4630,6 +4631,7 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
// -- eax : argc (only if argument_count() == ANY)
// -- ebx : AllocationSite or undefined
// -- edi : constructor
+ // -- edx : Original constructor
// -- esp[0] : return address
// -- esp[4] : last argument
// -----------------------------------
@@ -4649,12 +4651,20 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ AssertUndefinedOrAllocationSite(ebx);
}
+ Label subclassing;
+
+ __ cmp(edx, edi);
+ __ j(not_equal, &subclassing);
+
Label no_info;
// If the feedback vector is the undefined value call an array
constructor
// that doesn't use AllocationSites.
__ cmp(ebx, isolate()->factory()->undefined_value());
__ j(equal, &no_info);
+ __ cmp(edx, edi);
+ __ j(not_equal, &subclassing);
+
// Only look at the lower 16 bits of the transition info.
__ mov(edx, FieldOperand(ebx, AllocationSite::kTransitionInfoOffset));
__ SmiUntag(edx);
@@ -4664,6 +4674,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ bind(&no_info);
GenerateDispatchToArrayStub(masm, DISABLE_ALLOCATION_SITES);
+
+ __ bind(&subclassing);
+ __ TailCallRuntime(Runtime::kThrowArrayNotSubclassableError, 0, 1);
}
Index: src/ia32/full-codegen-ia32.cc
diff --git a/src/ia32/full-codegen-ia32.cc b/src/ia32/full-codegen-ia32.cc
index
b76592238d732a643d98f0cd32649feb6f875891..cf181597aaa25a3977bc2cefa6fe7c391e854efd
100644
--- a/src/ia32/full-codegen-ia32.cc
+++ b/src/ia32/full-codegen-ia32.cc
@@ -4124,7 +4124,7 @@ void
FullCodeGenerator::EmitDefaultConstructorCallSuper(CallRuntime* expr) {
__ bind(&args_set_up);
__ mov(edi, Operand(esp, eax, times_pointer_size, 0));
-
+ __ mov(ebx, Immediate(isolate()->factory()->undefined_value()));
CallConstructStub stub(isolate(), SUPER_CONSTRUCTOR_CALL);
__ call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL);
Index: src/messages.js
diff --git a/src/messages.js b/src/messages.js
index
049f7f602bdd113244e058450a8b7759a63a7b00..b49556c6a1bac8eccf968c68d7cad9f61bf1e20e
100644
--- a/src/messages.js
+++ b/src/messages.js
@@ -185,7 +185,8 @@ var kMessages = {
super_constructor_call: ["A 'super' constructor call may only
appear as the first statement of a function, and its arguments may not
access 'this'. Other forms are not yet supported."],
duplicate_proto: ["Duplicate __proto__ fields are not
allowed in object literals"],
param_after_rest: ["Rest parameter must be last formal
parameter"],
- constructor_noncallable: ["Class constructors cannot be invoked
without 'new'"]
+ constructor_noncallable: ["Class constructors cannot be invoked
without 'new'"],
+ array_not_subclassable: ["Subclassing Arrays is not currently
supported."]
};
Index: src/mips/builtins-mips.cc
diff --git a/src/mips/builtins-mips.cc b/src/mips/builtins-mips.cc
index
f4a34591961f987200f6f2d33530000ed7b000ee..42a0bbe58bc12a2689f49586a577e2046b1a2ee1
100644
--- a/src/mips/builtins-mips.cc
+++ b/src/mips/builtins-mips.cc
@@ -138,6 +138,7 @@ void Builtins::Generate_ArrayCode(MacroAssembler* masm)
{
// Run the native code for the Array function called as a normal
function.
// Tail call a stub.
+ __ mov(a3, a1);
__ LoadRoot(a2, Heap::kUndefinedValueRootIndex);
ArrayConstructorStub stub(masm->isolate());
__ TailCallStub(&stub);
Index: src/mips/code-stubs-mips.cc
diff --git a/src/mips/code-stubs-mips.cc b/src/mips/code-stubs-mips.cc
index
74705f97efdd8947c992589abb81974d574a789d..795469998372545bfe05ac0d0f58c1ea4c7bd947
100644
--- a/src/mips/code-stubs-mips.cc
+++ b/src/mips/code-stubs-mips.cc
@@ -2808,6 +2808,7 @@ void CallIC_ArrayStub::Generate(MacroAssembler* masm)
{
__ Branch(&miss, ne, t1, Operand(at));
__ mov(a2, t0);
+ __ mov(a3, a1);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -4799,6 +4800,7 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
// -- a0 : argc (only if argument_count() == ANY)
// -- a1 : constructor
// -- a2 : AllocationSite or undefined
+ // -- a3 : Original constructor
// -- sp[0] : return address
// -- sp[4] : last argument
// -----------------------------------
@@ -4821,6 +4823,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ AssertUndefinedOrAllocationSite(a2, t0);
}
+ Label subclassing;
+ __ Branch(&subclassing, ne, a1, Operand(a3));
+
Label no_info;
// Get the elements kind and case on that.
__ LoadRoot(at, Heap::kUndefinedValueRootIndex);
@@ -4834,6 +4839,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ bind(&no_info);
GenerateDispatchToArrayStub(masm, DISABLE_ALLOCATION_SITES);
+
+ __ bind(&subclassing);
+ __ TailCallRuntime(Runtime::kThrowArrayNotSubclassableError, 0, 1);
}
Index: src/mips/full-codegen-mips.cc
diff --git a/src/mips/full-codegen-mips.cc b/src/mips/full-codegen-mips.cc
index
c5749fcf3a6d472e83df5dc93e5403223c824698..1f12011803d2d7225f719165b61584b4b83b5176
100644
--- a/src/mips/full-codegen-mips.cc
+++ b/src/mips/full-codegen-mips.cc
@@ -4232,6 +4232,7 @@ void
FullCodeGenerator::EmitDefaultConstructorCallSuper(CallRuntime* expr) {
__ sll(at, a0, kPointerSizeLog2);
__ Addu(at, at, Operand(sp));
__ lw(a1, MemOperand(at, 0));
+ __ LoadRoot(a2, Heap::kUndefinedValueRootIndex);
CallConstructStub stub(isolate(), SUPER_CONSTRUCTOR_CALL);
__ Call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL);
Index: src/mips64/builtins-mips64.cc
diff --git a/src/mips64/builtins-mips64.cc b/src/mips64/builtins-mips64.cc
index
2d676a1fa9600e39d80323e793f91a553bab80b4..89fda10b0596e28bbac4ff7cd40e8df50f1c26d7
100644
--- a/src/mips64/builtins-mips64.cc
+++ b/src/mips64/builtins-mips64.cc
@@ -137,6 +137,7 @@ void Builtins::Generate_ArrayCode(MacroAssembler* masm)
{
// Run the native code for the Array function called as a normal
function.
// Tail call a stub.
+ __ mov(a3, a1);
__ LoadRoot(a2, Heap::kUndefinedValueRootIndex);
ArrayConstructorStub stub(masm->isolate());
__ TailCallStub(&stub);
Index: src/mips64/code-stubs-mips64.cc
diff --git a/src/mips64/code-stubs-mips64.cc
b/src/mips64/code-stubs-mips64.cc
index
5c1b897699866b1f5f584d6976a033274b40a751..cb889ca454b3c0aa52ba6c55ac48edbad0d1aa49
100644
--- a/src/mips64/code-stubs-mips64.cc
+++ b/src/mips64/code-stubs-mips64.cc
@@ -2886,6 +2886,7 @@ void CallIC_ArrayStub::Generate(MacroAssembler* masm)
{
__ Branch(&miss, ne, a5, Operand(at));
__ mov(a2, a4);
+ __ mov(a3, a1);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -4842,6 +4843,7 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
// -- a0 : argc (only if argument_count() == ANY)
// -- a1 : constructor
// -- a2 : AllocationSite or undefined
+ // -- a3 : original constructor
// -- sp[0] : return address
// -- sp[4] : last argument
// -----------------------------------
@@ -4864,6 +4866,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ AssertUndefinedOrAllocationSite(a2, a4);
}
+ Label subclassing;
+ __ Branch(&subclassing, ne, a1, Operand(a3));
+
Label no_info;
// Get the elements kind and case on that.
__ LoadRoot(at, Heap::kUndefinedValueRootIndex);
@@ -4877,6 +4882,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ bind(&no_info);
GenerateDispatchToArrayStub(masm, DISABLE_ALLOCATION_SITES);
+
+ __ bind(&subclassing);
+ __ TailCallRuntime(Runtime::kThrowArrayNotSubclassableError, 0, 1);
}
Index: src/mips64/full-codegen-mips64.cc
diff --git a/src/mips64/full-codegen-mips64.cc
b/src/mips64/full-codegen-mips64.cc
index
5fe0c5a6ee9f8e349761b3b0a9e5c2e78a8d6ef8..c400a8ba3342c3e921eefaae19061e54710e2f15
100644
--- a/src/mips64/full-codegen-mips64.cc
+++ b/src/mips64/full-codegen-mips64.cc
@@ -4234,6 +4234,7 @@ void
FullCodeGenerator::EmitDefaultConstructorCallSuper(CallRuntime* expr) {
__ dsll(at, a0, kPointerSizeLog2);
__ Daddu(at, at, Operand(sp));
__ ld(a1, MemOperand(at, 0));
+ __ LoadRoot(a2, Heap::kUndefinedValueRootIndex);
CallConstructStub stub(isolate(), SUPER_CONSTRUCTOR_CALL);
__ Call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL);
Index: src/runtime/runtime-classes.cc
diff --git a/src/runtime/runtime-classes.cc b/src/runtime/runtime-classes.cc
index
1be0341eae2557e7d00dc8e02aaea4de1e4015ec..e88a76ac9e7d7b834ccfc818f37bd9e7533dd1b2
100644
--- a/src/runtime/runtime-classes.cc
+++ b/src/runtime/runtime-classes.cc
@@ -47,6 +47,15 @@
RUNTIME_FUNCTION(Runtime_ThrowConstructorNonCallableError) {
}
+RUNTIME_FUNCTION(Runtime_ThrowArrayNotSubclassableError) {
+ HandleScope scope(isolate);
+ DCHECK(args.length() == 0);
+ THROW_NEW_ERROR_RETURN_FAILURE(
+ isolate,
+ NewTypeError("array_not_subclassable", HandleVector<Object>(NULL,
0)));
+}
+
+
RUNTIME_FUNCTION(Runtime_ToMethod) {
HandleScope scope(isolate);
DCHECK(args.length() == 2);
Index: src/runtime/runtime.h
diff --git a/src/runtime/runtime.h b/src/runtime/runtime.h
index
1ea85c83ab936f518683f02a762b8ecb4ded056c..04107ee5423114f149ba8e3af428d47ac13bbb4c
100644
--- a/src/runtime/runtime.h
+++ b/src/runtime/runtime.h
@@ -191,6 +191,7 @@ namespace internal {
F(LoadFromSuper, 3, 1) \
F(LoadKeyedFromSuper, 3, 1) \
F(ThrowConstructorNonCallableError, 0, 1) \
+ F(ThrowArrayNotSubclassableError, 0, 1) \
F(ThrowNonMethodError, 0, 1) \
F(ThrowUnsupportedSuperError, 0, 1) \
F(HandleStepInForDerivedConstructors, 1, 1) \
Index: src/x64/builtins-x64.cc
diff --git a/src/x64/builtins-x64.cc b/src/x64/builtins-x64.cc
index
60a291acf5a27c070349ffcdb3bd532d206911b8..f43084b13f6bd6011a3d81a6970c1a8206ce35f9
100644
--- a/src/x64/builtins-x64.cc
+++ b/src/x64/builtins-x64.cc
@@ -1272,6 +1272,7 @@ void Builtins::Generate_ArrayCode(MacroAssembler*
masm) {
__ Check(equal, kUnexpectedInitialMapForArrayFunction);
}
+ __ movp(rdx, rdi);
// Run the native code for the Array function called as a normal
function.
// tail call a stub
__ LoadRoot(rbx, Heap::kUndefinedValueRootIndex);
Index: src/x64/code-stubs-x64.cc
diff --git a/src/x64/code-stubs-x64.cc b/src/x64/code-stubs-x64.cc
index
23c43e359baf1c009f151a36d7e45c63070f649e..9ef0c0330cb4270f25fc0e885a2b6bf518b5f86a
100644
--- a/src/x64/code-stubs-x64.cc
+++ b/src/x64/code-stubs-x64.cc
@@ -2122,6 +2122,7 @@ void CallIC_ArrayStub::Generate(MacroAssembler* masm)
{
__ j(not_equal, &miss);
__ movp(rbx, rcx);
+ __ movp(rdx, rdi);
ArrayConstructorStub stub(masm->isolate(), arg_count());
__ TailCallStub(&stub);
@@ -4573,6 +4574,7 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
// -- rax : argc
// -- rbx : AllocationSite or undefined
// -- rdi : constructor
+ // -- rdx : original constructor
// -- rsp[0] : return address
// -- rsp[8] : last argument
// -----------------------------------
@@ -4593,6 +4595,10 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ AssertUndefinedOrAllocationSite(rbx);
}
+ Label subclassing;
+ __ cmpp(rdi, rdx);
+ __ j(not_equal, &subclassing);
+
Label no_info;
// If the feedback vector is the undefined value call an array
constructor
// that doesn't use AllocationSites.
@@ -4608,6 +4614,9 @@ void ArrayConstructorStub::Generate(MacroAssembler*
masm) {
__ bind(&no_info);
GenerateDispatchToArrayStub(masm, DISABLE_ALLOCATION_SITES);
+
+ __ bind(&subclassing);
+ __ TailCallRuntime(Runtime::kThrowArrayNotSubclassableError, 0, 1);
}
Index: src/x64/full-codegen-x64.cc
diff --git a/src/x64/full-codegen-x64.cc b/src/x64/full-codegen-x64.cc
index
faf9e74dcf3a66e4be499e655ef6915ab816ff91..a64f504282b217aa56b3e645c7928ae0f8abd926
100644
--- a/src/x64/full-codegen-x64.cc
+++ b/src/x64/full-codegen-x64.cc
@@ -4119,6 +4119,7 @@ void
FullCodeGenerator::EmitDefaultConstructorCallSuper(CallRuntime* expr) {
__ bind(&args_set_up);
__ movp(rdi, Operand(rsp, rax, times_pointer_size, 0));
+ __ LoadRoot(rbx, Heap::kUndefinedValueRootIndex);
CallConstructStub stub(isolate(), SUPER_CONSTRUCTOR_CALL);
__ call(stub.GetCode(), RelocInfo::CONSTRUCT_CALL);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
