Commit Graph

4863 Commits

Author SHA1 Message Date
verwaest
e8adbe7821 Reflect.construct / Proxies: Fall back to intrinsicDefaultProto for non-instance prototypes
Error still to be done, since that's not yet available in the bootstrapper.

BUG=v8:3900, v8:3931, v8:1543, v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1499923002

Cr-Commit-Position: refs/heads/master@{#32662}
2015-12-07 16:35:17 +00:00
neis
ef1ac72901 [proxies] Make Object.{isFrozen,isSealed} behave correctly for proxies.
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1502983002

Cr-Commit-Position: refs/heads/master@{#32660}
2015-12-07 15:36:14 +00:00
sigurds
5b5821142b [turbofan] Improve escape analysis
This patch improves escape analysis and fixes bugs
triggered by clusterfuzz. Impovements include:
* Handling of LoadElement/StoreElement if index is a
  constant
* Handling of JSStoreProperty: invalidate all information,
  as the store could have altered any field.
* Treat phis that use an allocation as escaping
* Improve resolution of replacements

R=mstarzinger@chromium.org
BUG=v8:4586
LOG=n

Review URL: https://codereview.chromium.org/1499143002

Cr-Commit-Position: refs/heads/master@{#32656}
2015-12-07 13:29:06 +00:00
neis
4e2c0dd7a9 [proxies] Make Object.{freeze,seal} behave correctly for proxies.
- Add JSReceiver::SetIntegrityLevel, with a fast path for regular objects.
- Make Object.{freeze,seal} call this via %Object{Freeze,Seal}, thus no longer
  using broken or deprecated functions from v8natives.js.
- Add JSReceiver::OwnPropertyKeys convenience function.
- Reenable harmony/proxies-hash.js test.

R=rossberg
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1489423002

Cr-Commit-Position: refs/heads/master@{#32651}
2015-12-07 11:01:35 +00:00
yangguo
18a3ddcfb9 [debugger] add test case for stepping into default parameter.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1500413002

Cr-Commit-Position: refs/heads/master@{#32649}
2015-12-07 10:08:29 +00:00
yangguo
4ff9bb070b [debugger] add test case for stepping into string template.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1502163002

Cr-Commit-Position: refs/heads/master@{#32647}
2015-12-07 09:41:01 +00:00
jochen
086d459847 [crankshaft] Loads and stores to typed arrays have to reference the backing store holder
The backing store is only held alive indirectly via the array buffer
referenced by the holder (typed array), so it's not enough to keep the
elements alive (or even just the external pointer loaded from the
elements).

R=mstarzinger@chromium.org,bmeurer@chromium.org
LOG=n
BUG=v8:1827

Review URL: https://codereview.chromium.org/1493983004

Cr-Commit-Position: refs/heads/master@{#32644}
2015-12-07 08:37:42 +00:00
machenbach
0f2ed07f45 Revert of Clean up promises and fix an edge case bug (patchset #4 id:60001 of https://codereview.chromium.org/1488783002/ )
Reason for revert:
[Sheriff] Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3266

Please request rebase upstream first.

Original issue's description:
> Clean up promises and fix an edge case bug
>
> This patch builds on previous Promise spec compliance work by
> cleaning out some old code which existed to support
> Promise.prototype.chain, rephrasing some code to correspond more
> closely to the specification, and removing some incorrect brand
> checking. A test is added for a bug in an edge case which was fixed.
>
> R=rossberg
> BUG=v8:3641
> LOG=Y
>
> Committed: https://crrev.com/1deb89c8fd3cb69714ae0a24e3b5a4e78f6b73b4
> Cr-Commit-Position: refs/heads/master@{#32627}

TBR=rossberg@chromium.org,caitpotter88@gmail.com,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3641

Review URL: https://codereview.chromium.org/1501763004

Cr-Commit-Position: refs/heads/master@{#32629}
2015-12-05 08:51:20 +00:00
littledan
1deb89c8fd Clean up promises and fix an edge case bug
This patch builds on previous Promise spec compliance work by
cleaning out some old code which existed to support
Promise.prototype.chain, rephrasing some code to correspond more
closely to the specification, and removing some incorrect brand
checking. A test is added for a bug in an edge case which was fixed.

R=rossberg
BUG=v8:3641
LOG=Y

Review URL: https://codereview.chromium.org/1488783002

Cr-Commit-Position: refs/heads/master@{#32627}
2015-12-04 18:56:17 +00:00
caitpotter88
b634a61d84 [es6] implement destructuring assignment
Attempt #<really big number>

Parses, and lazily rewrites Destructuring Assignment expressions. The rewriting strategy involves inserting a placeholder RewritableAssignmentExpression into the AST, whose content expression can be completely rewritten at a later time.

Lazy rewriting ensures that errors do not occur due to eagerly rewriting nodes which form part of a binding pattern, thus breaking the meaning of the pattern --- or by eagerly rewriting ambiguous constructs that are not immediately known

BUG=v8:811
LOG=Y
R=adamk@chromium.org, bmeurer@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1309813007

Cr-Commit-Position: refs/heads/master@{#32623}
2015-12-04 17:20:24 +00:00
jkummerow
7d1263db47 [proxies] Use JSReceiver::GetKeys() for more purposes
Having beefed up GetKeys() to support everything, use it for everything now.

This fixes Object.getOwnPropertyNames and Object.getOwnPropertySymbols for
Proxies, and gets rid of a bunch of code duplication.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1498593006

Cr-Commit-Position: refs/heads/master@{#32620}
2015-12-04 15:20:57 +00:00
cbruni
747f455b07 [runtime] [proxy] removing JSFunctionProxy and related code.
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1496503002

Cr-Commit-Position: refs/heads/master@{#32616}
2015-12-04 13:49:24 +00:00
neis
eb9407c6f5 [es6] Set correct length for Reflect.get (should be 2, not 3).
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1498983003

Cr-Commit-Position: refs/heads/master@{#32615}
2015-12-04 13:40:43 +00:00
neis
62127d00ae [proxies] Implement Proxy.revocable.
For now, we revoke a proxy by setting its handler to null (as in the spec).

Change the "target" field from Object to JSReceiver as there's no point in
allowing more.

R=jkummerow@chromium.org, rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1496243003

Cr-Commit-Position: refs/heads/master@{#32608}
2015-12-04 10:56:01 +00:00
machenbach
154a493cb7 Revert of [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors. (patchset #2 id:20001 of https://codereview.chromium.org/1500543002/ )
Reason for revert:
Blocks the roll:
https://codereview.chromium.org/1497763004/

Original issue's description:
> [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors.
>
> The ArrayBuffer and SharedArrayBuffer constructors should raise an
> exception when called with no arguments or undefined length.  Also
> unified the ArrayBuffer and SharedArrayBuffer implementations as C++
> builtins, and removed some (now) obsolete runtime entries.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/3235ccbb7826ceec2188f6ebab98fc851b54f60e
> Cr-Commit-Position: refs/heads/master@{#32590}

TBR=yangguo@chromium.org,cbruni@chromium.org,adamk@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1501673002

Cr-Commit-Position: refs/heads/master@{#32606}
2015-12-04 10:38:48 +00:00
machenbach
2cb40dc722 Reland of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #1 id:1 of https://codereview.chromium.org/1494283002/ )
Reason for revert:
Did not help...

Original issue's description:
> Revert of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #2 id:20001 of https://codereview.chromium.org/1492863002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert for:
> https://uberchromegw.corp.google.com/i/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225
>
> Can just be relanded if it doesn't get green.
>
> Original issue's description:
> > [proxies] Make Object.prototype.isPrototypeOf step into proxies.
> >
> > R=rossberg, verwaest@chromium.org
> > BUG=v8:1543
> > LOG=n
> >
> > Committed: https://crrev.com/4ca1180d2e7c409312ae0761cb12843989466573
> > Cr-Commit-Position: refs/heads/master@{#32569}
>
> TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:1543
>
> Committed: https://crrev.com/48fba9439f291edd5929e19951262dc7e8a09609
> Cr-Commit-Position: refs/heads/master@{#32588}

TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1491743010

Cr-Commit-Position: refs/heads/master@{#32598}
2015-12-04 06:39:16 +00:00
bmeurer
3235ccbb78 [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors.
The ArrayBuffer and SharedArrayBuffer constructors should raise an
exception when called with no arguments or undefined length.  Also
unified the ArrayBuffer and SharedArrayBuffer implementations as C++
builtins, and removed some (now) obsolete runtime entries.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1500543002

Cr-Commit-Position: refs/heads/master@{#32590}
2015-12-03 21:16:31 +00:00
machenbach
48fba9439f Revert of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #2 id:20001 of https://codereview.chromium.org/1492863002/ )
Reason for revert:
[Sheriff] Speculative revert for:
https://uberchromegw.corp.google.com/i/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225

Can just be relanded if it doesn't get green.

Original issue's description:
> [proxies] Make Object.prototype.isPrototypeOf step into proxies.
>
> R=rossberg, verwaest@chromium.org
> BUG=v8:1543
> LOG=n
>
> Committed: https://crrev.com/4ca1180d2e7c409312ae0761cb12843989466573
> Cr-Commit-Position: refs/heads/master@{#32569}

TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1494283002

Cr-Commit-Position: refs/heads/master@{#32588}
2015-12-03 20:24:46 +00:00
machenbach
15cb3fde7d Reland of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493863004/ )
Reason for revert:
Didn't help...

Original issue's description:
> Revert of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493363002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert for https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225
>
> Original issue's description:
> > [debugger] do not restart frames that reference new.target for liveedit.
> >
> > R=mstarzinger@chromium.org
> >
> > Committed: https://crrev.com/6fca870240bdbb07a365189b5eb0c98fa65b3682
> > Cr-Commit-Position: refs/heads/master@{#32572}
>
> TBR=mstarzinger@chromium.org,yangguo@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
>
> Committed: https://crrev.com/1a61dab34b9849f3f70a42ce69317e22758c53a1
> Cr-Commit-Position: refs/heads/master@{#32582}

TBR=mstarzinger@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1492393003

Cr-Commit-Position: refs/heads/master@{#32587}
2015-12-03 20:21:36 +00:00
machenbach
1a61dab34b Revert of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493363002/ )
Reason for revert:
[Sheriff] Speculative revert for https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225

Original issue's description:
> [debugger] do not restart frames that reference new.target for liveedit.
>
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/6fca870240bdbb07a365189b5eb0c98fa65b3682
> Cr-Commit-Position: refs/heads/master@{#32572}

TBR=mstarzinger@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1493863004

Cr-Commit-Position: refs/heads/master@{#32582}
2015-12-03 18:39:16 +00:00
neis
384ec6dc92 [proxies] Adapt and reenable harmony/proxies-for.js test.
R=rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1491863002

Cr-Commit-Position: refs/heads/master@{#32579}
2015-12-03 17:41:40 +00:00
yangguo
6fca870240 [debugger] do not restart frames that reference new.target for liveedit.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1493363002

Cr-Commit-Position: refs/heads/master@{#32572}
2015-12-03 15:19:17 +00:00
caitpotter88
3ed71daff4 [proxies] do not leak private symbols to proxy traps
BUG=v8:4537
LOG=N
R=neis@chromium.org, rossberg@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1492923002

Cr-Commit-Position: refs/heads/master@{#32570}
2015-12-03 15:05:00 +00:00
neis
4ca1180d2e [proxies] Make Object.prototype.isPrototypeOf step into proxies.
R=rossberg, verwaest@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1492863002

Cr-Commit-Position: refs/heads/master@{#32569}
2015-12-03 15:03:24 +00:00
neis
82d974799b [proxies] Make Array.isArray respect proxies.
An array is either a JSArray or a proxy whose target is an array.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1497483004

Cr-Commit-Position: refs/heads/master@{#32558}
2015-12-03 12:51:43 +00:00
verwaest
324ab7076c For non-prototype objects constructed using base==new.target, use the cached constructor to render the name.
BUG=chromium:563791
LOG=y

Review URL: https://codereview.chromium.org/1494673004

Cr-Commit-Position: refs/heads/master@{#32556}
2015-12-03 12:41:27 +00:00
mstarzinger
440a42b741 [fullcode] Switch passing of new.target to register.
This passes the new.target value in a register instead of through a
side-channel via the construct stub. Note that this marks the last
consumer of said side-channel and the special slot in the construct
stub frame can be removed as a follow-up.

R=bmeurer@chromium.org,yangguo@chromium.org
TEST=mjsunit/es6/regress/regress-new-target-context

Review URL: https://codereview.chromium.org/1492793002

Cr-Commit-Position: refs/heads/master@{#32548}
2015-12-03 10:04:35 +00:00
machenbach
3e021da8f8 [test] Disable flaky test.
BUG=v8:4588
LOG=n
TBR=yangguo@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1496863002

Cr-Commit-Position: refs/heads/master@{#32541}
2015-12-03 08:24:41 +00:00
littledan
c63236328e Revert of Disable non-standard Promise functions in staging (patchset #1 id:1 of https://codereview.chromium.org/1478533002/ )
Reason for revert:
Will test better; there seems to be a bug related to this.

Original issue's description:
> Reland of Disable non-standard Promise functions in staging (patchset #1 id:1 of https://codereview.chromium.org/1473603002/ )
>
> Reason for revert:
> Breakage in Ignition seems unrelated; relanding.
>
> Original issue's description:
> > Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
> >
> > Reason for revert:
> > [Sheriff] This breaks ignition on arm sim debug:
> > https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317
> >
> > Seems to not be caught by the cq bot that builds release with dchecks.
> >
> > Original issue's description:
> > > Disable non-standard Promise functions in staging
> > >
> > > This patch removes Promise functions and methods which are absent
> > > from the ES2015 specification when the --es-staging flag is on.
> > >
> > > BUG=v8:3237
> > > R=rossberg
> > > LOG=Y
> > >
> > > Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> > > Cr-Commit-Position: refs/heads/master@{#32194}
> >
> > TBR=rossberg@chromium.org,littledan@chromium.org
> > NOPRESUBMIT=true
> > NOTREECHECKS=true
> > NOTRY=true
> > BUG=v8:3237
> >
> > Committed: https://crrev.com/86bd2b3c23b562213d5af158849dcd65f347a827
> > Cr-Commit-Position: refs/heads/master@{#32199}
>
> TBR=rossberg@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3237
>
> Committed: https://crrev.com/9278b7b05a45c2089007e8b61822af96b5d0c8df
> Cr-Commit-Position: refs/heads/master@{#32235}

TBR=rossberg@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1493713004

Cr-Commit-Position: refs/heads/master@{#32530}
2015-12-02 20:35:40 +00:00
kozyatinskiy
cab2512a5e Removed support deprecated (//@|/*@) source(URL|MappingURL)=
LOG=Y
BUG=chromium:558998
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1495633002

Cr-Commit-Position: refs/heads/master@{#32528}
2015-12-02 19:53:47 +00:00
verwaest
a6ed24d61c Improve rendering of callsite with non-function target.
This hackily disambiguates multiple calls for the iterator protocols in ForOf / Yield* by adding -2 / -1 to the pos.

BUG=v8:3953
LOG=y

Review URL: https://codereview.chromium.org/1491923003

Cr-Commit-Position: refs/heads/master@{#32527}
2015-12-02 18:37:29 +00:00
yangguo
e1866c8f6f [debugger] fix liveedit in combination with step in.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1493733002

Cr-Commit-Position: refs/heads/master@{#32517}
2015-12-02 14:27:09 +00:00
danno
3e7e3ed726 [stubs] A new approach to TF stubs
* Add a sibling interface to InterpreterAssembler called
  CodeStubAssembler which provides a wrapper around the
  RawMachineAssembler and is intented to make it easy to build
  efficient cross-platform code stubs. Much of the implementation
  of CodeStubAssembler is shamelessly stolen from the
  InterpreterAssembler, and the idea is to eventually merge the
  two interfaces somehow, probably moving the
  InterpreterAssembler interface over to use the
  CodeStubAssembler. Short-term, however, the two interfaces
  shall remain decoupled to increase our velocity developing the
  two systems in parallel.
* Implement the StringLength stub in TurboFan with the new
  CodeStubAssembler. Replace and remove the old Hydrogen-stub
  version.
* Remove a whole slew of machinery to support JavaScript-style
  code stub generation, since it ultimately proved unwieldy,
  brittle and baroque. This cleanup includes removing the shared
  code stub context, several example stubs and a tangle of build
  file changes.

BUG=v8:4587
LOG=n

Review URL: https://codereview.chromium.org/1475953002

Cr-Commit-Position: refs/heads/master@{#32508}
2015-12-02 12:35:20 +00:00
cbruni
9cffd0d2ce [runtime] Adding more detailed error message for Object::GetMethod.
BUG=

Review URL: https://codereview.chromium.org/1484393002

Cr-Commit-Position: refs/heads/master@{#32506}
2015-12-02 12:25:51 +00:00
sigurds
aa0ddf7db4 [turbofan] Initial support for escape analysis.
This is the first part of escape analysis for turbofan.
At the moment, there is no deopt support, and support
for loops is partial (only binary Phis are handled).

The CL includes 4 unittests.

There are also 8 new mjsunit tests, some of which are
skiped as they require features not yet implemented.

BUG=v8:4586
LOG=n

Review URL: https://codereview.chromium.org/1457683003

Cr-Commit-Position: refs/heads/master@{#32498}
2015-12-02 10:53:50 +00:00
verwaest
9bee67509c Don't EnsureHasInitialMap on non-constructors.
non-constructors are not allowed to have initial maps. The optimizing compilers used to add initial maps unconditionally to functions used as right-hand-side in instanceof.

BUG=

Review URL: https://codereview.chromium.org/1490003003

Cr-Commit-Position: refs/heads/master@{#32497}
2015-12-02 10:39:46 +00:00
jkummerow
e478a8ac39 [proxies] Implement Symbol/DONT_ENUM filtering for GetKeys()
And use it to fix Object.keys() for proxies.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1488873003

Cr-Commit-Position: refs/heads/master@{#32496}
2015-12-02 10:19:59 +00:00
yangguo
62dcf2fab6 [es6] correctly handle object wrappers in JSON.stringify.
R=bmeurer@chromium.org
BUG=v8:4581
LOG=N

Review URL: https://codereview.chromium.org/1495473002

Cr-Commit-Position: refs/heads/master@{#32494}
2015-12-02 08:44:03 +00:00
bmeurer
f618401a8e [builtins] Remove some (now) unused code from C++ builtin adaptor.
Sanitize ConstructStub handling and add a test case to ensure that the
Symbol constructor is using the correct context.

R=jarin@chromium.org
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1489323002

Cr-Commit-Position: refs/heads/master@{#32491}
2015-12-02 07:32:10 +00:00
caitpotter88
5058f68596 [parser] treat MethodDefinitions in ObjectPatterns as SyntaxErrors
BUG=v8:4585
LOG=N
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1488043002

Cr-Commit-Position: refs/heads/master@{#32477}
2015-12-01 20:33:11 +00:00
mvstanton
d2f78c6b79 Array constructor failed to enter it's function execution context.
This becomes visible if an exception is thrown by the constructor.
We do this on "new Array(3.5)", throwing a RangeError.

BUG=

Review URL: https://codereview.chromium.org/1483053004

Cr-Commit-Position: refs/heads/master@{#32476}
2015-12-01 18:43:03 +00:00
cbruni
f4d4051521 [runtime] [proxy] Runtime_HasOwnProperty and thus
Object.prototype.hasOwnProperty should use JSReceiver::HasOwnProperty for
proxies.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1480213004

Cr-Commit-Position: refs/heads/master@{#32475}
2015-12-01 17:33:04 +00:00
cbruni
df36d046a4 [runtime] [proxy] Fix Object.prototype.PropertyIsEnumerable to support
proxies.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1484313003

Cr-Commit-Position: refs/heads/master@{#32473}
2015-12-01 17:12:08 +00:00
cbruni
d9e0a5a9ad [runtime] [proxy] Adding [[SetPrototypeOf]] trap.
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1481383003

Cr-Commit-Position: refs/heads/master@{#32471}
2015-12-01 15:59:44 +00:00
mstarzinger
82e6bed4db Deprecate the %IsConstructCall intrinsic completely.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1479233002

Cr-Commit-Position: refs/heads/master@{#32470}
2015-12-01 15:58:55 +00:00
mstarzinger
8c793fed78 [crankshaft] Prevent inlining of new.target functions.
This moves the bailout for functions containing new.target variable to
the correct place so that Crankshaft doesn't accidentally inline such
functions, yielding an "undefined" new.target value all the time.

R=bmeurer@chromium.org
TEST=mjsunit/es6/regress/regress-inlined-new-target

Review URL: https://codereview.chromium.org/1484163003

Cr-Commit-Position: refs/heads/master@{#32468}
2015-12-01 14:19:43 +00:00
cbruni
7e8fa4b96a [runtime] [proxy] implementing [[Get]] trap.
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1482283002

Cr-Commit-Position: refs/heads/master@{#32466}
2015-12-01 14:04:43 +00:00
neis
031751d5c4 [proxies] Implement [[Set]].
R=rossberg
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1481103002

Cr-Commit-Position: refs/heads/master@{#32457}
2015-12-01 12:27:09 +00:00
bmeurer
c83db2d071 [x86] Sane default for Label::Distance on JumpIfRoot/JumpIfNotRoot.
R=jarin@chromium.org
BUG=chromium:563929
LOG=n

Review URL: https://codereview.chromium.org/1483343002

Cr-Commit-Position: refs/heads/master@{#32456}
2015-12-01 12:23:25 +00:00
jkummerow
3cb3a6fe4a [crankshaft] Fix crash when case labels inline endless loops
The fix is to bail out of compilation in that case.

BUG=chromium:551287
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1483373002

Cr-Commit-Position: refs/heads/master@{#32454}
2015-12-01 12:17:31 +00:00
mstarzinger
9090c6b012 Use new.target in favor of %_IsConstructCall intrinsic (2).
This switches all remaining builtin methods to use the ES6 new.target
value when determined whether being called as a constructor or not. This
is prepatory work for fully deprecating the aforementioned intrinsic.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1474343002

Cr-Commit-Position: refs/heads/master@{#32447}
2015-12-01 10:50:30 +00:00
adamk
6c6dd449c3 Defer CONST_LEGACY redeclaration errors until runtime in harmony mode
This fixes a corner-case in redeclaration handling, where the ES2015
early error case got mixed up with legacy const handling in the parser.

Redeclaration using ES2015 'let' and 'const' should be early errors,
but legacy 'const' redeclaration has historically been a runtime error,
and should stay that way until legacy 'const' is gone.

The fix here is uglier than it might be due to
https://code.google.com/p/v8/issues/detail?id=4577, which keeps us
from simplifying the mess of if/else-if in the current code.

BUG=v8:4576
LOG=n

Review URL: https://codereview.chromium.org/1485943002

Cr-Commit-Position: refs/heads/master@{#32429}
2015-12-01 01:19:59 +00:00
neis
9334308a12 Rename %_IsSpecObject to %_IsJSReceiver.
This depends on issue 1476403004.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1479293002

Cr-Commit-Position: refs/heads/master@{#32401}
2015-11-30 11:56:45 +00:00
jkummerow
2ba464e11c [proxies] [[HasProperty]]: fix trap call.
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1479143002

Cr-Commit-Position: refs/heads/master@{#32391}
2015-11-30 09:21:10 +00:00
jkummerow
2fee8a0f1d [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
Both are integrated into JSReceiver::GetKeys().

For now, the implementation ignores Symbol/DONT_ENUM filtering.

BUG=v8:1543
LOG=n

Committed: https://crrev.com/42c6056e6f247724d14dc887f6619a6bf5867a97
Cr-Commit-Position: refs/heads/master@{#32384}

Review URL: https://codereview.chromium.org/1474083003

Cr-Commit-Position: refs/heads/master@{#32386}
2015-11-28 15:03:13 +00:00
machenbach
97def40dc0 Revert of [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]] (patchset #3 id:40001 of https://codereview.chromium.org/1474083003/ )
Reason for revert:
[Sheriff] Speculative revert for gc mole:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gcmole/builds/5164

Original issue's description:
> [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
>
> Both are integrated into JSReceiver::GetKeys().
>
> For now, the implementation ignores Symbol/DONT_ENUM filtering.
>
> BUG=v8:1543
> LOG=n
>
> Committed: https://crrev.com/42c6056e6f247724d14dc887f6619a6bf5867a97
> Cr-Commit-Position: refs/heads/master@{#32384}

TBR=verwaest@chromium.org,bmeurer@chromium.org,jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1482113002

Cr-Commit-Position: refs/heads/master@{#32385}
2015-11-28 14:16:29 +00:00
jkummerow
42c6056e6f [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
Both are integrated into JSReceiver::GetKeys().

For now, the implementation ignores Symbol/DONT_ENUM filtering.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1474083003

Cr-Commit-Position: refs/heads/master@{#32384}
2015-11-28 10:48:43 +00:00
verwaest
970a7ad758 Fix Reflect.construct wrt proxy, generator, and non-subclass new.target
This makes sure that proxy + Function/Array works
Makes sure that new.target can be a generator
Makes sure that if new.target is not a subclass, but does not have a prototype, that we'll get that same prototype back the next time we look at new.target.prototype.

BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1484473002

Cr-Commit-Position: refs/heads/master@{#32382}
2015-11-27 21:44:48 +00:00
jkummerow
f7a0ecb0ca [test+presubmit] Remove duplicate test status file entries
And add a presubmit check to guard against future duplicates.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1477403002

Cr-Commit-Position: refs/heads/master@{#32380}
2015-11-27 15:04:49 +00:00
verwaest
469675ee3f Fix name shown by devtools for subclasses.
This replaces internal GetConstructorName with toStringTag, .constructor's name
and class_name. This entirely changes how the name is computed for use in
devtools.

BUG=chromium:529177
LOG=n

Review URL: https://codereview.chromium.org/1435273002

Cr-Commit-Position: refs/heads/master@{#32374}
2015-11-27 13:10:25 +00:00
verwaest
7ceaf72708 [Proxies] Support constructable proxy as new.target (reland)
BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1481773003

Cr-Commit-Position: refs/heads/master@{#32370}
2015-11-27 12:17:16 +00:00
machenbach
87f7dc61fa Revert of [Proxies] Support constructable proxy as new.target (patchset #3 id:40001 of https://codereview.chromium.org/1481613003/ )
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/3977

Original issue's description:
> [Proxies] Support constructable proxy as new.target
>
> BUG=v8:1543, v8:3330, v8:3931
> LOG=n
>
> Committed: https://crrev.com/88ac8aa5236195137d4a7aa18bcc5650a3bdca5a
> Cr-Commit-Position: refs/heads/master@{#32346}

TBR=ishell@chromium.org,verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543, v8:3330, v8:3931

Review URL: https://codereview.chromium.org/1480673004

Cr-Commit-Position: refs/heads/master@{#32350}
2015-11-26 16:21:00 +00:00
verwaest
88ac8aa523 [Proxies] Support constructable proxy as new.target
BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1481613003

Cr-Commit-Position: refs/heads/master@{#32346}
2015-11-26 15:23:19 +00:00
yangguo
a9bdee1f90 [debugger] Remove obsolete stepping modes.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1479843002

Cr-Commit-Position: refs/heads/master@{#32343}
2015-11-26 14:34:42 +00:00
yangguo
81e131ce48 [debugger] flood function for stepping before calling it.
R=verwaest@chromium.org

Committed: https://crrev.com/93eb633214e0f97bf70ae30d2a07b7fbbaa78266
Cr-Commit-Position: refs/heads/master@{#32285}

Review URL: https://codereview.chromium.org/1463803002

Cr-Commit-Position: refs/heads/master@{#32339}
2015-11-26 14:12:18 +00:00
mstarzinger
69227cc192 [turbofan] Test has been outsmarted by optimization.
The fast-prototype test has been outsmarted by constructor inlining
because the instantiation is been correctly optimized away. Internal
state introspection about prototype turning fast was upset by that.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1474763007

Cr-Commit-Position: refs/heads/master@{#32338}
2015-11-26 14:04:09 +00:00
bmeurer
d3e5db0428 [compiler] Always pass closure argument to with, catch and block context creation.
Up until now we sometimes pass Smi 0 around as closure and expect the
runtime to translate that appropriately. But we need to be careful in
some places to not confuse the Smi 0 with a real closure. However, we
could instead just pass the correct closure extracted from the native
context.

This addresses three long-standing TODOs in the JSTypedLowering pass.

Drive-by-fix: Further unify error message reporting for ToObject (we had
a special message in case of ToObject error in with context creation).

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1475383002

Cr-Commit-Position: refs/heads/master@{#32336}
2015-11-26 13:35:26 +00:00
ishell
5a3b4366cd Add test for Promises subclassing.
BUG=v8:3101, v8:3330
LOG=N

Review URL: https://codereview.chromium.org/1473323003

Cr-Commit-Position: refs/heads/master@{#32324}
2015-11-26 10:27:52 +00:00
ishell
05449f741b Allow in-object properties in JSArrayBuffer.
BUG=v8:4531
LOG=Y

Review URL: https://codereview.chromium.org/1479483004

Cr-Commit-Position: refs/heads/master@{#32321}
2015-11-26 09:46:01 +00:00
neis
39efa4348a [proxies] Implement [[Delete]].
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1479543002

Cr-Commit-Position: refs/heads/master@{#32320}
2015-11-26 09:34:28 +00:00
mstarzinger
45c52ddfdd [turbofan] Enable debugger tests that no longer fail.
R=yangguo@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1478683003

Cr-Commit-Position: refs/heads/master@{#32318}
2015-11-26 09:24:44 +00:00
bmeurer
8003db95cc [test] Reland test for 52bit multiplication and division.
Contributed by Fedor Indutny <fedor@indutny.com>.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1478933002

Cr-Commit-Position: refs/heads/master@{#32314}
2015-11-26 06:46:59 +00:00
bmeurer
dc55405992 Revert of [machine-operator-reducer] fix float truncation (patchset #8 id:140001 of https://codereview.chromium.org/1433353006/ )
Reason for revert:
This is also unsound for the reasons outlined in
https://codereview.chromium.org/1473073004/
Will reland the mjsunit test separately and help Fedor to implement a solution based on simplified operators.

Original issue's description:
> [machine-operator-reducer] fix float truncation
>
> Don't replace `TruncateFloat64ToInt32(RoundInt64ToFloat64(value))` with
> `value`. Generally, `value` may have a range bigger than the one that
> could fit into Int32. Replace it with `TruncateInt64ToInt32(value)`
> instead, and only if the `value` fits into Float64 without precision
> loss.
>
> Add missing mjsunit test for 52bit multiplication/division optimization
> that has landed in refs/heads/master@{#31899}.
>
> BUG=
> R=titzer@google.com
>
> Committed: https://crrev.com/64efa2a904773816968992628f0bf0f1b7ae82be
> Cr-Commit-Position: refs/heads/master@{#32227}

TBR=titzer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1468313009

Cr-Commit-Position: refs/heads/master@{#32312}
2015-11-26 06:12:22 +00:00
machenbach
df3dee87a7 Revert of [debugger] flood function for stepping before calling it. (patchset #7 id:120001 of https://codereview.chromium.org/1463803002/ )
Reason for revert:
[Sheriff] Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3074

Original issue's description:
> [debugger] flood function for stepping before calling it.
>
> R=verwaest@chromium.org
>
> Committed: https://crrev.com/93eb633214e0f97bf70ae30d2a07b7fbbaa78266
> Cr-Commit-Position: refs/heads/master@{#32285}

TBR=verwaest@chromium.org,mstarzinger@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1474943005

Cr-Commit-Position: refs/heads/master@{#32299}
2015-11-25 19:26:46 +00:00
yangguo
93eb633214 [debugger] flood function for stepping before calling it.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1463803002

Cr-Commit-Position: refs/heads/master@{#32285}
2015-11-25 15:45:47 +00:00
bmeurer
2732a6ad44 [es6] Correct parsing of regular expression literal flags.
ES6 section 12.2.8.1 states that flags for regular expression literals
must be checked during parsing and invalid flags are early errors. This
change adapts the Scanner and (Pre)Parser to act according to the spec.

This is also a prerequisite to unify the handling of literal creation
(for Objects, Arrays, Regexps, and at some point Classes).

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1472323002

Cr-Commit-Position: refs/heads/master@{#32273}
2015-11-25 13:46:43 +00:00
machenbach
95f9f7732f [Ignition] Skip another test.
Started failing after https://codereview.chromium.org/1469313002

NOTRY=true
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1476603003

Cr-Commit-Position: refs/heads/master@{#32270}
2015-11-25 13:18:03 +00:00
ishell
ebf8ec5c51 Fix JSFunction's in-object properties initialization.
BUG=v8:4572
LOG=Y

Review URL: https://codereview.chromium.org/1481493003

Cr-Commit-Position: refs/heads/master@{#32268}
2015-11-25 12:42:14 +00:00
yangguo
1db01d6d5d Revert of Removed support deprecated (//@|/*@) source(URL|MappingURL)= (patchset #1 id:1 of https://codereview.chromium.org/1474543005/ )
Reason for revert:
Failing layout tests:

inspector/tracing/timeline-event-causes.html
virtual/syncpaint/inspector/tracing/timeline-event-causes.html
inspector/animation/animation-timeline-fill.html
virtual/threaded/inspector/tracing/timeline-event-causes.html
inspector/tracing/timeline-script-id.html
inspector/sources/debugger-ui/source-url-comment.html
inspector/console/console-log-linkify-stack-in-errors.html
virtual/syncpaint/inspector/tracing/timeline-script-id.html
virtual/threaded/inspector/tracing/timeline-script-id.html

Original issue's description:
> Removed support deprecated (//@|/*@) source(URL|MappingURL)=
>
> LOG=Y
> BUG=chromium:558998
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/c1e5f005d79c436d90f474f8bc6448c4555a619f
> Cr-Commit-Position: refs/heads/master@{#32249}

TBR=machenbach@chromium.org,kozyatinskiy@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:558998

Review URL: https://codereview.chromium.org/1481513002

Cr-Commit-Position: refs/heads/master@{#32259}
2015-11-25 10:28:02 +00:00
yangguo
713c3df41c Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
Cr-Commit-Position: refs/heads/master@{#32238}

Committed: https://crrev.com/eeee7ab050013782704b5f89e49d06a30b3455c4
Cr-Commit-Position: refs/heads/master@{#32246}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32254}
2015-11-25 08:56:19 +00:00
machenbach
ec3548aea7 [test] Skip flaky test.
BUG=v8:4572
LOG=n
NOTRY=true
TBR=rossberg@chromium.org, adamk@chromium.org

Review URL: https://codereview.chromium.org/1475943002

Cr-Commit-Position: refs/heads/master@{#32251}
2015-11-25 08:18:10 +00:00
machenbach
5686e48b96 [Ignition] Skip more tests.
Test failures after https://codereview.chromium.org/1478533002

TBR=rossberg@chromium.org, littledan@chromium.org, rmcilroy@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1470173004

Cr-Commit-Position: refs/heads/master@{#32250}
2015-11-25 08:06:37 +00:00
kozyatinskiy
c1e5f005d7 Removed support deprecated (//@|/*@) source(URL|MappingURL)=
LOG=Y
BUG=chromium:558998
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1474543005

Cr-Commit-Position: refs/heads/master@{#32249}
2015-11-25 08:02:27 +00:00
yangguo
47e1ab78d7 Revert of Add test to check PRNG quality. (patchset #5 id:80001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
failure here https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosse4/builds/6842/steps/Check/logs/RandomBitCorrelations12

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}
>
> Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
> Cr-Commit-Position: refs/heads/master@{#32238}
>
> Committed: https://crrev.com/eeee7ab050013782704b5f89e49d06a30b3455c4
> Cr-Commit-Position: refs/heads/master@{#32246}

TBR=jkummerow@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1472833004

Cr-Commit-Position: refs/heads/master@{#32247}
2015-11-25 07:44:29 +00:00
yangguo
eeee7ab050 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
Cr-Commit-Position: refs/heads/master@{#32238}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32246}
2015-11-25 07:36:15 +00:00
littledan
9278b7b05a Reland of Disable non-standard Promise functions in staging (patchset #1 id:1 of https://codereview.chromium.org/1473603002/ )
Reason for revert:
Breakage in Ignition seems unrelated; relanding.

Original issue's description:
> Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
>
> Reason for revert:
> [Sheriff] This breaks ignition on arm sim debug:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317
>
> Seems to not be caught by the cq bot that builds release with dchecks.
>
> Original issue's description:
> > Disable non-standard Promise functions in staging
> >
> > This patch removes Promise functions and methods which are absent
> > from the ES2015 specification when the --es-staging flag is on.
> >
> > BUG=v8:3237
> > R=rossberg
> > LOG=Y
> >
> > Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> > Cr-Commit-Position: refs/heads/master@{#32194}
>
> TBR=rossberg@chromium.org,littledan@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3237
>
> Committed: https://crrev.com/86bd2b3c23b562213d5af158849dcd65f347a827
> Cr-Commit-Position: refs/heads/master@{#32199}

TBR=rossberg@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1478533002

Cr-Commit-Position: refs/heads/master@{#32235}
2015-11-24 23:18:30 +00:00
fedor
64efa2a904 [machine-operator-reducer] fix float truncation
Don't replace `TruncateFloat64ToInt32(RoundInt64ToFloat64(value))` with
`value`. Generally, `value` may have a range bigger than the one that
could fit into Int32. Replace it with `TruncateInt64ToInt32(value)`
instead, and only if the `value` fits into Float64 without precision
loss.

Add missing mjsunit test for 52bit multiplication/division optimization
that has landed in refs/heads/master@{#31899}.

BUG=
R=titzer@google.com

Review URL: https://codereview.chromium.org/1433353006

Cr-Commit-Position: refs/heads/master@{#32227}
2015-11-24 20:25:40 +00:00
verwaest
8e28e851ee Install ConstructNonConstructable as construct stub for non-constructables.
BUG=

Review URL: https://codereview.chromium.org/1467473002

Cr-Commit-Position: refs/heads/master@{#32223}
2015-11-24 17:17:00 +00:00
neis
a25018905d [proxies] Implement [[PreventExtensions]] and [[IsExtensible]].
BUG=

Review URL: https://codereview.chromium.org/1441043002

Cr-Commit-Position: refs/heads/master@{#32212}
2015-11-24 14:16:24 +00:00
yangguo
eeb7c05558 [es6] Implement @@match subclassing.
BUG=v8:4305
LOG=N

Review URL: https://codereview.chromium.org/1434523002

Cr-Commit-Position: refs/heads/master@{#32210}
2015-11-24 13:57:31 +00:00
yangguo
912314be27 Correctly handlify Dictionary::CollectKeysTo.
'this' is a raw pointer and can be invalidated through GC, even
though the rest of the code is correctly handlified.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:4570
LOG=N

Review URL: https://codereview.chromium.org/1475633002

Cr-Commit-Position: refs/heads/master@{#32208}
2015-11-24 13:43:59 +00:00
yangguo
a19f2d7eca Blacklist mjsunit/harmony/reflect-own-keys for gc-stress.
TBR=ulan@chromium.org
BUG=v8:4570
LOG=N
NOTRY=true

Review URL: https://codereview.chromium.org/1466373003

Cr-Commit-Position: refs/heads/master@{#32204}
2015-11-24 12:21:22 +00:00
machenbach
86bd2b3c23 Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
Reason for revert:
[Sheriff] This breaks ignition on arm sim debug:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317

Seems to not be caught by the cq bot that builds release with dchecks.

Original issue's description:
> Disable non-standard Promise functions in staging
>
> This patch removes Promise functions and methods which are absent
> from the ES2015 specification when the --es-staging flag is on.
>
> BUG=v8:3237
> R=rossberg
> LOG=Y
>
> Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> Cr-Commit-Position: refs/heads/master@{#32194}

TBR=rossberg@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1473603002

Cr-Commit-Position: refs/heads/master@{#32199}
2015-11-24 10:58:03 +00:00
littledan
941251af7e Disable non-standard Promise functions in staging
This patch removes Promise functions and methods which are absent
from the ES2015 specification when the --es-staging flag is on.

BUG=v8:3237
R=rossberg
LOG=Y

Review URL: https://codereview.chromium.org/1469543003

Cr-Commit-Position: refs/heads/master@{#32194}
2015-11-24 08:51:54 +00:00
adamk
2ea7f3c869 [es6] Fix parsing of 'yield' in function and generator expressions
In a function expression, 'yield' is allowed, even if the expression
occurs inside a generator. Similarly, even in a non-generator,
a generator expression's name must not be 'yield'.

BUG=v8:3983
LOG=n

Review URL: https://codereview.chromium.org/1460393003

Cr-Commit-Position: refs/heads/master@{#32188}
2015-11-23 21:34:30 +00:00
adamk
8e2e69a4b5 [es6] Allow any valid repeat of empty string in String.prototype.repeat
This lets us pass one test262 test (and seems to match what other
implementations do to handle this case).

R=littledan@chromium.org
BUG=v8:4362
LOG=n

Review URL: https://codereview.chromium.org/1454543003

Cr-Commit-Position: refs/heads/master@{#32155}
2015-11-20 23:57:39 +00:00
pan.deng
154ddde42b Support offset-TypedArray in futex API
BUG=v8:4555
LOG=N

Review URL: https://codereview.chromium.org/1462833002

Cr-Commit-Position: refs/heads/master@{#32142}
2015-11-20 11:40:00 +00:00
verwaest
469d9bfa8d Introduce a BuiltinsConstructStub that sets up new.target and does a [[call]] per ES6 9.3.2
BUG=

Review URL: https://codereview.chromium.org/1448933002

Cr-Commit-Position: refs/heads/master@{#32120}
2015-11-19 16:11:09 +00:00
jkummerow
6f0850c63d [proxies] Update Object.defineProperty/ies for JSProxies
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1456613002

Cr-Commit-Position: refs/heads/master@{#32103}
2015-11-19 09:21:46 +00:00
bmeurer
3c9ac974f2 [turbofan] Unstable prototype maps are not supported currently.
We currently assume that all prototype maps are stable, which is
not guaranteed for certain keyed access patterns. So we explicitly
disallow optimizing the element access there for now.

BUG=chromium:557807, v8:4470
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1456973004

Cr-Commit-Position: refs/heads/master@{#32101}
2015-11-19 06:21:06 +00:00