Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(803)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/runtime/runtime-object.cc

Issue 1481773003: [Proxies] Support constructable proxy as new.target (reland) (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Diff with previous version Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/objects.cc ('k') | src/x64/builtins-x64.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/runtime/runtime-object.cc
diff --git a/src/runtime/runtime-object.cc b/src/runtime/runtime-object.cc
index 3be9c0edc001fc41a32f538c8e3f87463289819c..5ebdd5e0a819917c04ffc88be3bc3611e5d65abe 100644
--- a/src/runtime/runtime-object.cc
+++ b/src/runtime/runtime-object.cc
@@ -1007,25 +1007,55 @@ RUNTIME_FUNCTION(Runtime_AllocateHeapNumber) {
}
+static MaybeHandle<Map> GetDerivedMap(Isolate* isolate,
+ Handle<JSFunction> constructor,
+ Handle<JSReceiver> new_target) {
+ JSFunction::EnsureHasInitialMap(constructor);
+ DCHECK_NE(JS_FUNCTION_TYPE, constructor->initial_map()->instance_type());
+
+ if (new_target->IsJSProxy()) {
+ Handle<JSProxy> new_target_proxy = Handle<JSProxy>::cast(new_target);
+ Handle<Object> prototype;
+ Handle<String> prototype_string = isolate->factory()->prototype_string();
+ ASSIGN_RETURN_ON_EXCEPTION(
+ isolate, prototype,
+ JSReceiver::GetProperty(new_target_proxy, prototype_string), Map);
+ Handle<Map> constructor_initial_map(constructor->initial_map());
+ Handle<Map> map = Map::CopyInitialMap(constructor_initial_map);
+
+ if (!prototype->IsJSReceiver()) {
+ Handle<Context> context;
+ ASSIGN_RETURN_ON_EXCEPTION(
+ isolate, context, JSProxy::GetFunctionRealm(new_target_proxy), Map);
+ DCHECK(context->IsNativeContext());
+ // TODO(verwaest): Use the intrinsicDefaultProto instead.
+ prototype = handle(context->initial_object_prototype(), isolate);
+ }
+
+ if (map->prototype() != *prototype) {
+ Map::SetPrototype(map, prototype, FAST_PROTOTYPE);
+ }
+
+ map->SetConstructor(*constructor);
+ return map;
+ }
+
+ return JSFunction::EnsureDerivedHasInitialMap(
+ Handle<JSFunction>::cast(new_target), constructor);
+}
+
+
static Object* Runtime_NewObjectHelper(Isolate* isolate,
Handle<JSFunction> constructor,
Handle<JSReceiver> new_target,
Handle<AllocationSite> site) {
- // TODO(verwaest): new_target could be a proxy. Read new.target.prototype in
- // that case.
- Handle<JSFunction> original_function = Handle<JSFunction>::cast(new_target);
-
- // The function should be compiled for the optimization hints to be
+ // The constructor should be compiled for the optimization hints to be
// available.
Compiler::Compile(constructor, CLEAR_EXCEPTION);
- JSFunction::EnsureHasInitialMap(constructor);
- DCHECK_NE(JS_FUNCTION_TYPE, constructor->initial_map()->instance_type());
-
- // TODO(verwaest): original_function could have non-instance-prototype
- // (non-JSReceiver), requiring fallback to the intrinsicDefaultProto.
- Handle<Map> initial_map =
- JSFunction::EnsureDerivedHasInitialMap(original_function, constructor);
+ Handle<Map> initial_map;
+ ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
+ isolate, initial_map, GetDerivedMap(isolate, constructor, new_target));
Benedikt Meurer 2015/11/27 12:25:06 Need to do the same for %NewArray in runtime-array
Handle<JSObject> result =
isolate->factory()->NewJSObjectFromMap(initial_map, NOT_TENURED, site);
« no previous file with comments | « src/objects.cc ('k') | src/x64/builtins-x64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698