From e517cb505a1b026fdca02167baaffee257ec6c91 Mon Sep 17 00:00:00 2001
From: Luke Wilde <lukew@serenityos.org>
Date: Mon, 14 Mar 2022 12:44:01 +0000
Subject: [PATCH] LibJS/Bytecode: Make NewArray write directly to indexed
 properties

This follows how the regular AST interpreter creates arrays, as using
Array::create_from uses create_data_property_or_throw, which will crash
when it encounters an empty value. We require empty values to represent
array holes.
---
 Userland/Libraries/LibJS/Bytecode/Op.cpp | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/Userland/Libraries/LibJS/Bytecode/Op.cpp b/Userland/Libraries/LibJS/Bytecode/Op.cpp
index 8202bc1f8f..795ae98e0e 100644
--- a/Userland/Libraries/LibJS/Bytecode/Op.cpp
+++ b/Userland/Libraries/LibJS/Bytecode/Op.cpp
@@ -127,11 +127,12 @@ ThrowCompletionOr<void> NewBigInt::execute_impl(Bytecode::Interpreter& interpret
 
 ThrowCompletionOr<void> NewArray::execute_impl(Bytecode::Interpreter& interpreter) const
 {
-    Vector<Value> elements;
-    elements.ensure_capacity(m_element_count);
-    for (size_t i = 0; i < m_element_count; i++)
-        elements.append(interpreter.reg(m_elements[i]));
-    interpreter.accumulator() = Array::create_from(interpreter.global_object(), elements);
+    auto* array = MUST(Array::create(interpreter.global_object(), 0));
+    for (size_t i = 0; i < m_element_count; i++) {
+        auto& value = interpreter.reg(m_elements[i]);
+        array->indexed_properties().put(i, value, default_attributes);
+    }
+    interpreter.accumulator() = array;
     return {};
 }