Patch forthcoming.
Created attachment 148724 [details] work in progress Putting up for EWS. I haven't really tested this beyond tiny programs, but it's probably good to go. Will mark r? once I know that it actually works for real.
Created attachment 148900 [details] the patch
Comment on attachment 148900 [details] the patch View in context: https://bugs.webkit.org/attachment.cgi?id=148900&action=review r=me > Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:1618 > + if (kind != CodeForConstruct) > + return false; Actually, 'new Array()' and 'Array()' are equivalent. So, you should remove this check for great good.
(In reply to comment #3) > (From update of attachment 148900 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=148900&action=review > > r=me > > > Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:1618 > > + if (kind != CodeForConstruct) > > + return false; > > Actually, 'new Array()' and 'Array()' are equivalent. So, you should remove this check for great good. Egads! You're right! Will do.
Landed in http://trac.webkit.org/changeset/120974