88c0f72927
Calling class constructors without new is a spec violation and should raise an exception. In [1] calling class constructors with spread (without new) was handled by reducing the node to a call to runtime to raise the exception. However, arguments of the call have to be evaluated first ([2]). This CL changes the reduction of JSCallWithSpread/JSCallWithArrayLike to a no-op in JSCallReducer if the target is a class constructor, delaying raising of the exception to the call builtin. [1] https://crrev.com/c/3229369 [2] https://tc39.es/ecma262/#sec-evaluatecall Bug: chromium:1262007 Change-Id: I2ef504d4ce6e51d582b5951beb6debb983cefba6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236348 Commit-Queue: Patrick Thier <pthier@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#77492}
17 lines
649 B
JavaScript
17 lines
649 B
JavaScript
// Copyright 2021 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
// Flags: --allow-natives-syntax --opt
|
|
|
|
function foo(...args) {
|
|
class C {}
|
|
C(...args);
|
|
}
|
|
Object.getPrototypeOf([])[Symbol.iterator] = () => {};
|
|
%PrepareFunctionForOptimization(foo);
|
|
assertThrows(foo, TypeError, 'Result of the Symbol.iterator method is not an object');
|
|
assertThrows(foo, TypeError, 'Result of the Symbol.iterator method is not an object');
|
|
%OptimizeFunctionOnNextCall(foo);
|
|
assertThrows(foo, TypeError, 'Result of the Symbol.iterator method is not an object');
|