| OLD | NEW |
|---|
| 1 // Copyright 2014 the V8 project authors. All rights reserved. | 1 // Copyright 2014 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/runtime/runtime-utils.h" | 5 #include "src/runtime/runtime-utils.h" |
| 6 | 6 |
| 7 #include "src/arguments.h" | 7 #include "src/arguments.h" |
| 8 #include "src/conversions-inl.h" | 8 #include "src/conversions-inl.h" |
| 9 #include "src/elements.h" | 9 #include "src/elements.h" |
| 10 #include "src/factory.h" | 10 #include "src/factory.h" |
| (...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 265 if (value >= JSArray::kInitialMaxFastElementArray) { | 265 if (value >= JSArray::kInitialMaxFastElementArray) { |
| 266 can_inline_array_constructor = false; | 266 can_inline_array_constructor = false; |
| 267 } | 267 } |
| 268 } | 268 } |
| 269 } else { | 269 } else { |
| 270 // Non-smi length argument produces a dictionary | 270 // Non-smi length argument produces a dictionary |
| 271 can_use_type_feedback = false; | 271 can_use_type_feedback = false; |
| 272 } | 272 } |
| 273 } | 273 } |
| 274 | 274 |
| 275 // TODO(verwaest): new_target could be a proxy. Read new.target.prototype in | 275 Handle<Map> initial_map; |
| 276 // that case. | 276 ASSIGN_RETURN_FAILURE_ON_EXCEPTION( |
| 277 Handle<JSFunction> original_function = Handle<JSFunction>::cast(new_target); | 277 isolate, initial_map, |
| 278 | 278 JSFunction::GetDerivedMap(isolate, constructor, new_target)); |
| 279 JSFunction::EnsureHasInitialMap(constructor); | |
| 280 | |
| 281 // TODO(verwaest): original_function could have non-instance-prototype | |
| 282 // (non-JSReceiver), requiring fallback to the intrinsicDefaultProto. | |
| 283 Handle<Map> initial_map = | |
| 284 JSFunction::EnsureDerivedHasInitialMap(original_function, constructor); | |
| 285 | 279 |
| 286 ElementsKind to_kind = can_use_type_feedback ? site->GetElementsKind() | 280 ElementsKind to_kind = can_use_type_feedback ? site->GetElementsKind() |
| 287 : initial_map->elements_kind(); | 281 : initial_map->elements_kind(); |
| 288 if (holey && !IsFastHoleyElementsKind(to_kind)) { | 282 if (holey && !IsFastHoleyElementsKind(to_kind)) { |
| 289 to_kind = GetHoleyElementsKind(to_kind); | 283 to_kind = GetHoleyElementsKind(to_kind); |
| 290 // Update the allocation site info to reflect the advice alteration. | 284 // Update the allocation site info to reflect the advice alteration. |
| 291 if (!site.is_null()) site->SetElementsKind(to_kind); | 285 if (!site.is_null()) site->SetElementsKind(to_kind); |
| 292 } | 286 } |
| 293 | 287 |
| 294 // We should allocate with an initial map that reflects the allocation site | 288 // We should allocate with an initial map that reflects the allocation site |
| (...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 488 | 482 |
| 489 RUNTIME_FUNCTION(Runtime_FastOneByteArrayJoin) { | 483 RUNTIME_FUNCTION(Runtime_FastOneByteArrayJoin) { |
| 490 SealHandleScope shs(isolate); | 484 SealHandleScope shs(isolate); |
| 491 DCHECK(args.length() == 2); | 485 DCHECK(args.length() == 2); |
| 492 // Returning undefined means that this fast path fails and one has to resort | 486 // Returning undefined means that this fast path fails and one has to resort |
| 493 // to a slow path. | 487 // to a slow path. |
| 494 return isolate->heap()->undefined_value(); | 488 return isolate->heap()->undefined_value(); |
| 495 } | 489 } |
| 496 } // namespace internal | 490 } // namespace internal |
| 497 } // namespace v8 | 491 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1484473002:
Fix Reflect.construct wrt proxy, generator, and non-subclass new.target (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master