X87: Fix memento initialization when constructing from new call

port 3285e3bf071a2575a827c5b29fe389a72dbf8966 (r29719).

original commit message:

  Additionally, push the allocation site or undefined independently of creatin

BUG=

Review URL: https://codereview.chromium.org/1229023003

Cr-Commit-Position: refs/heads/master@{#29723}

diff --git a/src/x87/builtins-x87.cc b/src/x87/builtins-x87.cc
index 1036eff..fcaf433 100644 (file)
--- a/src/x87/builtins-x87.cc
+++ b/src/x87/builtins-x87.cc
@@ -117,12 +117,9 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
   {
     FrameScope scope(masm, StackFrame::CONSTRUCT);
 
-    if (create_memento) {
-      __ AssertUndefinedOrAllocationSite(ebx);
-      __ push(ebx);
-    }
-
     // Preserve the incoming parameters on the stack.
+    __ AssertUndefinedOrAllocationSite(ebx);
+    __ push(ebx);
     __ SmiTag(eax);
     __ push(eax);
     __ push(edi);
@@ -254,7 +251,8 @@ static void Generate_JSConstructStubHelper(MacroAssembler* masm,
         __ mov(Operand(esi, AllocationMemento::kMapOffset),
                factory->allocation_memento_map());
         // Get the cell or undefined.
-        __ mov(edx, Operand(esp, kPointerSize*2));
+        __ mov(edx, Operand(esp, 3 * kPointerSize));
+        __ AssertUndefinedOrAllocationSite(edx);
         __ mov(Operand(esi, AllocationMemento::kAllocationSiteOffset),
                edx);
       } else {
@@ -422,12 +420,13 @@ void Builtins::Generate_JSConstructStubForDerived(MacroAssembler* masm) {
   //  -- edx: original constructor
   // -----------------------------------
 
-  // TODO(dslomov): support pretenuring
-  CHECK(!FLAG_pretenuring_call_new);
-
   {
     FrameScope frame_scope(masm, StackFrame::CONSTRUCT);
 
+    // Preserve allocation site.
+    __ AssertUndefinedOrAllocationSite(ebx);
+    __ push(ebx);
+
     // Preserve actual arguments count.
     __ SmiTag(eax);
     __ push(eax);