Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/arm64/macro-assembler-arm64.cc

Issue 1499953002: Fix uninitialized new.target register in InvokeBuiltin. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Rebased. Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/arm/macro-assembler-arm.cc ('k') | src/mips/macro-assembler-mips.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/arm64/macro-assembler-arm64.cc
diff --git a/src/arm64/macro-assembler-arm64.cc b/src/arm64/macro-assembler-arm64.cc
index d1e4106dabe8d720c51ea6770bf489c40e65c4ea..c561e26feec4d3bf5d5672d526b21da32ab312f3 100644
--- a/src/arm64/macro-assembler-arm64.cc
+++ b/src/arm64/macro-assembler-arm64.cc
@@ -1707,6 +1707,9 @@ void MacroAssembler::InvokeBuiltin(int native_context_index, InvokeFlag flag,
// You can't call a builtin without a valid frame.
DCHECK(flag == JUMP_FUNCTION || has_frame());
+ // Always initialize new target.
+ LoadRoot(x3, Heap::kUndefinedValueRootIndex);
+
// Get the builtin entry in x2 and setup the function object in x1.
LoadNativeContextSlot(native_context_index, x1);
Ldr(x2, FieldMemOperand(x1, JSFunction::kCodeEntryOffset));
« no previous file with comments | « src/arm/macro-assembler-arm.cc ('k') | src/mips/macro-assembler-mips.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698