[runtime] Fix ES6 9.2.1 [[Call]] when encountering a classConstructor.

src/arm64/code-stubs-arm64.cc

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #if V8_TARGET_ARCH_ARM64
 
 #include "src/bootstrapper.h"
 #include "src/code-stubs.h"
 #include "src/codegen.h"
 #include "src/ic/handler-compiler.h"
@@ skipping 2729 matching lines @@
   __ B(&done);
 
   __ Bind(&not_array_function);
   CreateWeakCellStub weak_cell_stub(masm->isolate());
   CallStubInRecordCallTarget(masm, &weak_cell_stub, argc, function,
                              feedback_vector, index, orig_construct, is_super);
   __ Bind(&done);
 }
 
 
+static void LoadCompilerHints(MacroAssembler* masm) {
+  // ----------- S t a t e -------------
+  // -- x1 : the function to call
+  // -----------------------------------
+  // Do not transform the receiver for strict mode functions.
+  __ Ldr(x3, FieldMemOperand(x1, JSFunction::kSharedFunctionInfoOffset));
+  __ Ldr(w4, FieldMemOperand(x3, SharedFunctionInfo::kCompilerHintsOffset));
+}
+
+
 static void EmitContinueIfStrictOrNative(MacroAssembler* masm, Label* cont) {
-  // Do not transform the receiver for strict mode functions.
-  __ Ldr(x3, FieldMemOperand(x1, JSFunction::kSharedFunctionInfoOffset));
-  __ Ldr(w4, FieldMemOperand(x3, SharedFunctionInfo::kCompilerHintsOffset));
+  // ----------- S t a t e -------------
+  // -- a1 : the function to call
+  // -- x3 : the shared function info
+  // -- w4 : the compiler info hints from the shared function info
+  // -----------------------------------
   __ Tbnz(w4, SharedFunctionInfo::kStrictModeFunction, cont);
 
   // Do not transform the receiver for native (Compilerhints already in x3).
   __ Tbnz(w4, SharedFunctionInfo::kNative, cont);
 }
 
 
 static void EmitSlowCase(MacroAssembler* masm, int argc) {
   __ Mov(x0, argc);
   __ Jump(masm->isolate()->builtins()->Call(), RelocInfo::CODE_TARGET);
 }
 
 
 static void EmitWrapCase(MacroAssembler* masm, int argc, Label* cont) {
   // Wrap the receiver and patch it back onto the stack.
   { FrameScope frame_scope(masm, StackFrame::INTERNAL);
     __ Push(x1);
     __ Mov(x0, x3);
     ToObjectStub stub(masm->isolate());
     __ CallStub(&stub);
     __ Pop(x1);
   }
   __ Poke(x0, argc * kPointerSize);
   __ B(cont);
 }
 
 
+static void EmitClassConstructorCallCheck(MacroAssembler* masm) {
+  //   ----------- S t a t e -------------
+  //   -- x1 : the function to call
+  //   -- x3 : the shared function info
+  //   -- w4 : the shared function's compiler hints
+  //   -----------------------------------
+  //   ClassConstructor Check: ES6 section 9.2.1 [[Call]]
+  Label non_class_constructor;
+  __ TestAndBranchIfAllClear(
+      w4, (1 << SharedFunctionInfo::kIsDefaultConstructor) |
+              (1 << SharedFunctionInfo::kIsSubclassConstructor) |
+              (1 << SharedFunctionInfo::kIsBaseConstructor),
+      &non_class_constructor);
+  // If we call a classConstructor Function throw a TypeError
+  // indirectly via the CallFunction builtin.
+  __ Jump(masm->isolate()->builtins()->CallFunction(), RelocInfo::CODE_TARGET);
+  __ bind(&non_class_constructor);
+}
+
+
 static void CallFunctionNoFeedback(MacroAssembler* masm,
                                    int argc, bool needs_checks,
                                    bool call_as_method) {
   // x1  function    the function to call
   Register function = x1;
   Register type = x4;
   Label slow, wrap, cont;
 
   // TODO(jbramley): This function has a lot of unnamed registers. Name them,
   // and tidy things up a bit.
 
   if (needs_checks) {
     // Check that the function is really a JavaScript function.
     __ JumpIfSmi(function, &slow);
 
     // Goto slow case if we do not have a function.
     __ JumpIfNotObjectType(function, x10, type, JS_FUNCTION_TYPE, &slow);
   }
 
+  LoadCompilerHints(masm);
+  EmitClassConstructorCallCheck(masm);
+
   // Fast-case: Invoke the function now.
   // x1  function  pushed function
   ParameterCount actual(argc);
 
   if (call_as_method) {
     if (needs_checks) {
       EmitContinueIfStrictOrNative(masm, &cont);
     }
 
     // Compute the receiver in sloppy mode.
@@ skipping 172 matching lines @@
   // Increment the call count for monomorphic function calls.
   __ Add(feedback_vector, feedback_vector,
          Operand::UntagSmiAndScale(index, kPointerSizeLog2));
   __ Add(feedback_vector, feedback_vector,
          Operand(FixedArray::kHeaderSize + kPointerSize));
   __ Ldr(index, FieldMemOperand(feedback_vector, 0));
   __ Add(index, index, Operand(Smi::FromInt(CallICNexus::kCallCountIncrement)));
   __ Str(index, FieldMemOperand(feedback_vector, 0));
 
   __ bind(&have_js_function);
+
+  LoadCompilerHints(masm);
+  EmitClassConstructorCallCheck(masm);
+
   if (CallAsMethod()) {
     EmitContinueIfStrictOrNative(masm, &cont);
 
     // Compute the receiver in sloppy mode.
     __ Peek(x3, argc * kPointerSize);
 
     __ JumpIfSmi(x3, &wrap);
     __ JumpIfObjectType(x3, x10, type, FIRST_SPEC_OBJECT_TYPE, &wrap, lt);
 
     __ Bind(&cont);
@@ skipping 3002 matching lines @@
                            MemOperand(fp, 6 * kPointerSize), NULL);
 }
 
 
 #undef __
 
 }  // namespace internal
 }  // namespace v8
 
 #endif  // V8_TARGET_ARCH_ARM64