[es6] Better support for built-ins subclassing.

src/x64/builtins-x64.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #if V8_TARGET_ARCH_X64
 
 #include "src/code-factory.h"
 #include "src/codegen.h"
 #include "src/deoptimizer.h"
 #include "src/full-codegen/full-codegen.h"
@@ skipping 259 matching lines @@
     }
 
     // Allocate the new receiver object using the runtime call.
     // rdx: original constructor
     __ bind(&rt_call);
     int offset = kPointerSize;
 
     // Must restore rsi (context) and rdi (constructor) before calling runtime.
     __ movp(rsi, Operand(rbp, StandardFrameConstants::kContextOffset));
     __ movp(rdi, Operand(rsp, offset));
-    __ Push(rdi);  // argument 2/1: constructor function
-    __ Push(rdx);  // argument 3/2: original constructor
+    __ Push(rdi);  // constructor function
+    __ Push(rdx);  // original constructor
     __ CallRuntime(Runtime::kNewObject, 2);
     __ movp(rbx, rax);  // store result in rbx
 
     // New object allocated.
     // rbx: newly allocated object
     __ bind(&allocated);
 
     // Restore the parameters.
     __ Pop(rdx);
     __ Pop(rdi);
@@ skipping 1122 matching lines @@
     __ TailCallRuntime(Runtime::kSymbolDescriptiveString, 1, 1);
   }
 }
 
 
 // static
 void Builtins::Generate_StringConstructor_ConstructStub(MacroAssembler* masm) {
   // ----------- S t a t e -------------
   //  -- rax                 : number of arguments
   //  -- rdi                 : constructor function
+  //  -- rdx                 : original constructor
   //  -- rsp[0]              : return address
   //  -- rsp[(argc - n) * 8] : arg[n] (zero-based)
   //  -- rsp[(argc + 1) * 8] : receiver
   // -----------------------------------
 
   // 1. Load the first argument into rbx and get rid of the rest (including the
   // receiver).
   {
     StackArgumentsAccessor args(rsp, rax);
     Label no_arguments, done;
     __ testp(rax, rax);
     __ j(zero, &no_arguments, Label::kNear);
     __ movp(rbx, args.GetArgumentOperand(1));
     __ jmp(&done, Label::kNear);
     __ bind(&no_arguments);
     __ LoadRoot(rbx, Heap::kempty_stringRootIndex);
     __ bind(&done);
     __ PopReturnAddressTo(rcx);
     __ leap(rsp, Operand(rsp, rax, times_pointer_size, kPointerSize));
     __ PushReturnAddressFrom(rcx);
   }
 
   // 2. Make sure rbx is a string.
   {
     Label convert, done_convert;
     __ JumpIfSmi(rbx, &convert, Label::kNear);
-    __ CmpObjectType(rbx, FIRST_NONSTRING_TYPE, rdx);
+    __ CmpObjectType(rbx, FIRST_NONSTRING_TYPE, rcx);
     __ j(below, &done_convert);
     __ bind(&convert);
     {
       FrameScope scope(masm, StackFrame::INTERNAL);
       ToStringStub stub(masm->isolate());
+      __ Push(rdx);
       __ Push(rdi);
       __ Move(rax, rbx);
       __ CallStub(&stub);
       __ Move(rbx, rax);
       __ Pop(rdi);
+      __ Pop(rdx);
     }
     __ bind(&done_convert);
   }
 
   // 3. Allocate a JSValue wrapper for the string.
   {
     // ----------- S t a t e -------------
     //  -- rbx : the first argument
     //  -- rdi : constructor function
+    //  -- rdx : original constructor
     // -----------------------------------
+    Label allocate, done_allocate, rt_call;
 
-    Label allocate, done_allocate;
+    // Fall back to runtime if the original constructor and constructor differ.
+    __ cmpp(rdx, rdi);
+    __ j(not_equal, &rt_call);
+
     __ Allocate(JSValue::kSize, rax, rcx, no_reg, &allocate, TAG_OBJECT);
     __ bind(&done_allocate);
 
     // Initialize the JSValue in rax.
     __ LoadGlobalFunctionInitialMap(rdi, rcx);
     __ movp(FieldOperand(rax, HeapObject::kMapOffset), rcx);
     __ LoadRoot(rcx, Heap::kEmptyFixedArrayRootIndex);
     __ movp(FieldOperand(rax, JSObject::kPropertiesOffset), rcx);
     __ movp(FieldOperand(rax, JSObject::kElementsOffset), rcx);
     __ movp(FieldOperand(rax, JSValue::kValueOffset), rbx);
     STATIC_ASSERT(JSValue::kSize == 4 * kPointerSize);
     __ Ret();
 
     // Fallback to the runtime to allocate in new space.
     __ bind(&allocate);
     {
       FrameScope scope(masm, StackFrame::INTERNAL);
       __ Push(rbx);
       __ Push(rdi);
       __ Push(Smi::FromInt(JSValue::kSize));
       __ CallRuntime(Runtime::kAllocateInNewSpace, 1);
       __ Pop(rdi);
       __ Pop(rbx);
     }
     __ jmp(&done_allocate);
+
+    // Fallback to the runtime to create new object.
+    __ bind(&rt_call);
+    {
+      FrameScope scope(masm, StackFrame::INTERNAL);
+      __ Push(rbx);
+      __ Push(rdi);
+      __ Push(rdi);  // constructor function
+      __ Push(rdx);  // original constructor
+      __ CallRuntime(Runtime::kNewObject, 2);
+      __ Pop(rdi);
+      __ Pop(rbx);
+    }
+    __ movp(FieldOperand(rax, JSValue::kValueOffset), rbx);
+    __ Ret();
   }
 }
 
 
 static void ArgumentsAdaptorStackCheck(MacroAssembler* masm,
                                        Label* stack_overflow) {
   // ----------- S t a t e -------------
   //  -- rax : actual number of arguments
   //  -- rbx : expected number of arguments
   //  -- rdi: function (passed through to callee)
@@ skipping 459 matching lines @@
   __ ret(0);
 }
 
 
 #undef __
 
 }  // namespace internal
 }  // namespace v8
 
 #endif  // V8_TARGET_ARCH_X64