• dslomov's avatar
    Handle the case when derived constructor is [[Call]]ed with 0 args. · cf53fed9
    dslomov authored
    ArgumentsAdaptorStub for derived constructor (the one that needs
    new.target) works in this way:
     - If the constructor is invoked via the Construct stub, we know that
       actual arguments always include new.target. ``arguments`` object
       however should not include a new.target, therefore we remove it.
       We achieve this by decrementing the argument count.
     - If the constructor is invoked as a call, we do not care for a correct
       ``arguments`` array since the constructor will immediately throw on
       entrance.
    The bug is that the call could actually pass 0 actual arguments, but I
    decrement unconditionally :(. The fix is to detect this case and avoid
    decrementing. ``arguments`` is bogus, but it is ok as constructor
    throws.
    
    Long-term we should just remove mucking about with arguments for
    new.target and just get it from the stack.
    
    R=arv@chromium.org,rossberg@chromium.org
    BUG=chromium:474783
    LOG=Y
    
    Review URL: https://codereview.chromium.org/1126783003
    
    Cr-Commit-Position: refs/heads/master@{#28242}
    cf53fed9
code-stubs-arm64.cc 206 KB