Commit Graph

976 Commits

Author SHA1 Message Date
yangguo
831b7ee3aa [debugger] step on every assignment in a destructuring assignment.
R=caitpotter88@gmail.com, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1533313002

Cr-Commit-Position: refs/heads/master@{#33000}
2015-12-22 08:21:33 +00:00
caitpotter88
76f6d2a3c8 [es6] use correct --harmony-destructuring-assignment flag when preparsing
BUG=v8:811, v8:4636
LOG=N
R=adamk@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/1544483002

Cr-Commit-Position: refs/heads/master@{#32991}
2015-12-21 20:13:46 +00:00
verwaest
01b8e7c7f6 Throw TypeError when reading global references through a JSProxy
Allowing global references to be read through a proxy results in cross-origin information leaks. The ES6 spec currently does not mitigate this in any way. This CL adds a workaround that's easy for V8: throw whenever an unresolved reference would result in a proxy trap to be fired. I'm landing this so we can move forwards with staging proxies without putting users of --harmony at risk.

BUG=chromium:399951
LOG=n

Review URL: https://codereview.chromium.org/1529303003

Cr-Commit-Position: refs/heads/master@{#32949}
2015-12-17 14:37:41 +00:00
neis
641cdd3067 [proxies] Fix Object.prototype.hasOwnProperty
It must call the 'getOwnPropertyDescriptor' trap, not the 'has' trap.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1532723005

Cr-Commit-Position: refs/heads/master@{#32944}
2015-12-17 12:12:10 +00:00
neis
0d83aad557 [proxies] Correctly handle proxies in Function.prototype.bind
- Before getting the length property, we must check for it
  using [[GetOwnProperty]].  Also, if the obtained length
  is a number, we must properly convert it to an integer.

- In order to get the prototype we must use [[GetPrototypeOf]],
  and do so before checking the length.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1530893002

Cr-Commit-Position: refs/heads/master@{#32934}
2015-12-17 09:07:57 +00:00
cbruni
2c75e3d2ab [proxies] fix access issue when having proxies on the prototype-chain of global objects.
We can no longer just walk the prototype chain without doing proper access-checks. When installing a proxy as the __proto__ of the global object we might accidentally end up invoking cross-realm code without access-checks (see proxies-cross-realm-ecxeption.js).

Review URL: https://codereview.chromium.org/1521953002

Cr-Commit-Position: refs/heads/master@{#32903}
2015-12-16 14:31:39 +00:00
neis
d0ef84b340 [proxies] Make Array.prototype.concat work correctly with proxies.
R=rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1525983002

Cr-Commit-Position: refs/heads/master@{#32900}
2015-12-16 14:17:25 +00:00
jkummerow
35e5b6824e [proxies] Fix bogus cast in HasOwnPropertyImplementation
BUG=v8:1543,chromium:570120
LOG=n

Review URL: https://codereview.chromium.org/1530873002

Cr-Commit-Position: refs/heads/master@{#32892}
2015-12-16 11:42:47 +00:00
yangguo
8bee91a58b [debugger] remove step count parameter from prepare step.
And tons of changes to debugger tests.

R=bmeurer@chromium.org
BUG=chromium:569835
LOG=N

Review URL: https://codereview.chromium.org/1525173003

Cr-Commit-Position: refs/heads/master@{#32885}
2015-12-16 08:39:54 +00:00
yangguo
44a8fec8a1 [regexp] break recursion in mutually recursive capture/back references.
TBR=adamk@chromium.org
R=erik.corry@gmail.com
BUG=v8:4616
LOG=N

Review URL: https://codereview.chromium.org/1522353002

Cr-Commit-Position: refs/heads/master@{#32879}
2015-12-16 06:58:58 +00:00
jkummerow
3d8b51e248 [proxies] Check for stack overflow in Proxy internal methods
The proxy may be on its own target's or handler's prototype chain, leading
to infinite recursion either when looking up the trap, or when calling
through to the target.
We can't eagerly prevent this from happening (e.g. at "foo.__proto__ = bar"
calling time) because the presence of traps can change at any time.

BUG=v8:1543,chromium:569882
LOG=n

Review URL: https://codereview.chromium.org/1526953002

Cr-Commit-Position: refs/heads/master@{#32872}
2015-12-15 17:23:44 +00:00
jkummerow
0e2ea6a508 [proxies] [tests] Un-skip proxies-with-unscopables, delete proxies-symbols
- proxies-with-unscopables needed updating of trap names
- proxies-symbols doesn't make sense any more: it tested symbol fitering/
  blacklisting, but Proxies interact with Symbols just fine according to
  the current spec.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1529473002

Cr-Commit-Position: refs/heads/master@{#32844}
2015-12-14 16:37:53 +00:00
neis
1596b015ff [proxies] Support proxies in JSON.parse and JSON.stringify.
This CL tries to correctly support the following:
- stringifying a proxy,
- stringifying with a proxy as replacer (callable or arraylike),
- stringifying with a replacer that returns a proxy,
- parsing with a callable proxy as reviver,
- parsing with a reviver that inserts proxies into the object,
- and whatever else you can imagine.

This also fixes some bugs observable without proxies.

BUG=v8:3139,v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1515133002

Cr-Commit-Position: refs/heads/master@{#32843}
2015-12-14 15:12:12 +00:00
neis
4460b85a3e [proxies] Add missing condition to GetProperty consistency check.
BUG=v8:1543
LOG=N
R=cbruni@chromium.org,jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1519073002

Cr-Commit-Position: refs/heads/master@{#32832}
2015-12-14 12:49:59 +00:00
adamk
a229c9b94f Remove --harmony-array-includes flag
Array.prototype.includes shipped in Chrome 47.

Review URL: https://codereview.chromium.org/1513843006

Cr-Commit-Position: refs/heads/master@{#32818}
2015-12-12 01:04:10 +00:00
adamk
819c429ca2 [es6] Support Function name inference in variable declarations
This is behind the --harmony-function-name flag, currently disabled.

With the flag enabled, we now pass the relevant tests in
language/statements/*/fn-name-*.

BUG=v8:3699
LOG=y

Review URL: https://codereview.chromium.org/1518873004

Cr-Commit-Position: refs/heads/master@{#32817}
2015-12-12 00:20:37 +00:00
adamk
5ceb4feca3 Remove always-on --harmony-rest-parameters flag
It shipped in Chrome 47.

Review URL: https://codereview.chromium.org/1519073004

Cr-Commit-Position: refs/heads/master@{#32816}
2015-12-12 00:00:38 +00:00
caitpotter88
18f41e4653 [es6] support AssignmentPattern as LHS in for-in/of loops
BUG=v8:811, v8:4599
LOG=N
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1517973002

Cr-Commit-Position: refs/heads/master@{#32814}
2015-12-11 19:39:40 +00:00
jkummerow
cf46317483 [proxies] Fix JSObject::AllCanRead for Proxies on the prototype chain
Review URL: https://codereview.chromium.org/1517753003

Cr-Commit-Position: refs/heads/master@{#32805}
2015-12-11 15:51:46 +00:00
cbruni
df2a92972b [proxy] fixing for-in for proxies, fixing harmony/proxy.js tests, improving error messages and some drive-by fixes
BUG=v8:1543
LOG=n

patch from issue 1519473002 at patchset 1 (http://crrev.com/1519473002#ps1)

Review URL: https://codereview.chromium.org/1516843002

Cr-Commit-Position: refs/heads/master@{#32801}
2015-12-11 14:56:00 +00:00
jkummerow
a83546932b Move Object.assign implementation to C++
This avoids a pair of super-high-degree polymorphic load/store ICs, and
creates the opportunity to add more fast paths if needed.

Review URL: https://codereview.chromium.org/1517963002

Cr-Commit-Position: refs/heads/master@{#32799}
2015-12-11 14:10:55 +00:00
adamk
8b968b70e9 Revert of [es6] support AssignmentPattern as LHS in for-in/of loops (patchset #9 id:280001 of https://codereview.chromium.org/1508933004/ )
Reason for revert:
Hits unreachable code (found by fuzzer). Example crasher:

"for(();;);"

Original issue's description:
> [es6] support AssignmentPattern as LHS in for-in/of loops
>
> BUG=v8:811, v8:4599
> LOG=N
> R=adamk@chromium.org, rossberg@chromium.org
>
> Committed: https://crrev.com/e47bdb775564b2cd8365047425898ab4274190a6
> Cr-Commit-Position: refs/heads/master@{#32773}

TBR=rossberg@chromium.org,caitpotter88@gmail.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811, v8:4599

Review URL: https://codereview.chromium.org/1511773009

Cr-Commit-Position: refs/heads/master@{#32774}
2015-12-11 02:00:01 +00:00
caitpotter88
e47bdb7755 [es6] support AssignmentPattern as LHS in for-in/of loops
BUG=v8:811, v8:4599
LOG=N
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1508933004

Cr-Commit-Position: refs/heads/master@{#32773}
2015-12-11 01:06:48 +00:00
ishell
dddcd0ac17 Fix Function subclassing.
Function subclasses did not have function properties installed (name, prototype, etc.).
Now when an instance of a Function subclass is created it gets initial map that corresponds
to the language mode of the function body. The language mode dependent maps are cached as
special transitions on initial map of the subclass constructor.

BUG=v8:4597, v8:3101, v8:3330
LOG=Y

Review URL: https://codereview.chromium.org/1510753005

Cr-Commit-Position: refs/heads/master@{#32764}
2015-12-10 17:28:08 +00:00
cbruni
c20156c550 [runtime] [proxies] adding tests for uncovered branches
fly-by fix of Proxy [[Construct]] on mips.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1517463002

Cr-Commit-Position: refs/heads/master@{#32758}
2015-12-10 15:35:15 +00:00
verwaest
2d13f6ec43 Fix Promise intrinsicDefaultProto
BUG=v8:3900, v8:3931, v8:1543, v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1511893002

Cr-Commit-Position: refs/heads/master@{#32731}
2015-12-10 00:33:51 +00:00
cbruni
a2d5641bc4 [runtime] [proxy] implement [[Construct]]
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1509603005

Cr-Commit-Position: refs/heads/master@{#32718}
2015-12-09 14:55:33 +00:00
jkummerow
453e1dfa7a [proxies] Fix HasProperty and getOwnPropertySymbols
JSProxy::HasProperty was missing an early "return Nothing<bool>".
KeyAccumulator's FilterProxyKeys() didn't handle SKIP_STRINGS correctly.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1505253002

Cr-Commit-Position: refs/heads/master@{#32699}
2015-12-09 09:41:12 +00:00
verwaest
175c90f8f2 Support intriscDefaultProto for Error functions
BUG=v8:3900, v8:3931, v8:1543, v8:3330, v8:4002
LOG=n

Review URL: https://codereview.chromium.org/1496333002

Cr-Commit-Position: refs/heads/master@{#32692}
2015-12-09 07:53:34 +00:00
cbruni
7299412473 [runtime] [proxy] Implementing [[Call]]
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1499593003

Cr-Commit-Position: refs/heads/master@{#32675}
2015-12-08 16:05:09 +00:00
yangguo
a607ec84d5 [debugger] add test case for stepping into proxy traps.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1508653002

Cr-Commit-Position: refs/heads/master@{#32671}
2015-12-08 07:10:49 +00:00
verwaest
e8adbe7821 Reflect.construct / Proxies: Fall back to intrinsicDefaultProto for non-instance prototypes
Error still to be done, since that's not yet available in the bootstrapper.

BUG=v8:3900, v8:3931, v8:1543, v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1499923002

Cr-Commit-Position: refs/heads/master@{#32662}
2015-12-07 16:35:17 +00:00
neis
ef1ac72901 [proxies] Make Object.{isFrozen,isSealed} behave correctly for proxies.
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1502983002

Cr-Commit-Position: refs/heads/master@{#32660}
2015-12-07 15:36:14 +00:00
neis
4e2c0dd7a9 [proxies] Make Object.{freeze,seal} behave correctly for proxies.
- Add JSReceiver::SetIntegrityLevel, with a fast path for regular objects.
- Make Object.{freeze,seal} call this via %Object{Freeze,Seal}, thus no longer
  using broken or deprecated functions from v8natives.js.
- Add JSReceiver::OwnPropertyKeys convenience function.
- Reenable harmony/proxies-hash.js test.

R=rossberg
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1489423002

Cr-Commit-Position: refs/heads/master@{#32651}
2015-12-07 11:01:35 +00:00
yangguo
18a3ddcfb9 [debugger] add test case for stepping into default parameter.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1500413002

Cr-Commit-Position: refs/heads/master@{#32649}
2015-12-07 10:08:29 +00:00
caitpotter88
b634a61d84 [es6] implement destructuring assignment
Attempt #<really big number>

Parses, and lazily rewrites Destructuring Assignment expressions. The rewriting strategy involves inserting a placeholder RewritableAssignmentExpression into the AST, whose content expression can be completely rewritten at a later time.

Lazy rewriting ensures that errors do not occur due to eagerly rewriting nodes which form part of a binding pattern, thus breaking the meaning of the pattern --- or by eagerly rewriting ambiguous constructs that are not immediately known

BUG=v8:811
LOG=Y
R=adamk@chromium.org, bmeurer@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1309813007

Cr-Commit-Position: refs/heads/master@{#32623}
2015-12-04 17:20:24 +00:00
jkummerow
7d1263db47 [proxies] Use JSReceiver::GetKeys() for more purposes
Having beefed up GetKeys() to support everything, use it for everything now.

This fixes Object.getOwnPropertyNames and Object.getOwnPropertySymbols for
Proxies, and gets rid of a bunch of code duplication.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1498593006

Cr-Commit-Position: refs/heads/master@{#32620}
2015-12-04 15:20:57 +00:00
cbruni
747f455b07 [runtime] [proxy] removing JSFunctionProxy and related code.
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1496503002

Cr-Commit-Position: refs/heads/master@{#32616}
2015-12-04 13:49:24 +00:00
neis
eb9407c6f5 [es6] Set correct length for Reflect.get (should be 2, not 3).
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1498983003

Cr-Commit-Position: refs/heads/master@{#32615}
2015-12-04 13:40:43 +00:00
neis
62127d00ae [proxies] Implement Proxy.revocable.
For now, we revoke a proxy by setting its handler to null (as in the spec).

Change the "target" field from Object to JSReceiver as there's no point in
allowing more.

R=jkummerow@chromium.org, rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1496243003

Cr-Commit-Position: refs/heads/master@{#32608}
2015-12-04 10:56:01 +00:00
machenbach
154a493cb7 Revert of [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors. (patchset #2 id:20001 of https://codereview.chromium.org/1500543002/ )
Reason for revert:
Blocks the roll:
https://codereview.chromium.org/1497763004/

Original issue's description:
> [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors.
>
> The ArrayBuffer and SharedArrayBuffer constructors should raise an
> exception when called with no arguments or undefined length.  Also
> unified the ArrayBuffer and SharedArrayBuffer implementations as C++
> builtins, and removed some (now) obsolete runtime entries.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/3235ccbb7826ceec2188f6ebab98fc851b54f60e
> Cr-Commit-Position: refs/heads/master@{#32590}

TBR=yangguo@chromium.org,cbruni@chromium.org,adamk@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1501673002

Cr-Commit-Position: refs/heads/master@{#32606}
2015-12-04 10:38:48 +00:00
machenbach
2cb40dc722 Reland of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #1 id:1 of https://codereview.chromium.org/1494283002/ )
Reason for revert:
Did not help...

Original issue's description:
> Revert of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #2 id:20001 of https://codereview.chromium.org/1492863002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert for:
> https://uberchromegw.corp.google.com/i/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225
>
> Can just be relanded if it doesn't get green.
>
> Original issue's description:
> > [proxies] Make Object.prototype.isPrototypeOf step into proxies.
> >
> > R=rossberg, verwaest@chromium.org
> > BUG=v8:1543
> > LOG=n
> >
> > Committed: https://crrev.com/4ca1180d2e7c409312ae0761cb12843989466573
> > Cr-Commit-Position: refs/heads/master@{#32569}
>
> TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:1543
>
> Committed: https://crrev.com/48fba9439f291edd5929e19951262dc7e8a09609
> Cr-Commit-Position: refs/heads/master@{#32588}

TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1491743010

Cr-Commit-Position: refs/heads/master@{#32598}
2015-12-04 06:39:16 +00:00
bmeurer
3235ccbb78 [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors.
The ArrayBuffer and SharedArrayBuffer constructors should raise an
exception when called with no arguments or undefined length.  Also
unified the ArrayBuffer and SharedArrayBuffer implementations as C++
builtins, and removed some (now) obsolete runtime entries.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1500543002

Cr-Commit-Position: refs/heads/master@{#32590}
2015-12-03 21:16:31 +00:00
machenbach
48fba9439f Revert of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #2 id:20001 of https://codereview.chromium.org/1492863002/ )
Reason for revert:
[Sheriff] Speculative revert for:
https://uberchromegw.corp.google.com/i/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225

Can just be relanded if it doesn't get green.

Original issue's description:
> [proxies] Make Object.prototype.isPrototypeOf step into proxies.
>
> R=rossberg, verwaest@chromium.org
> BUG=v8:1543
> LOG=n
>
> Committed: https://crrev.com/4ca1180d2e7c409312ae0761cb12843989466573
> Cr-Commit-Position: refs/heads/master@{#32569}

TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1494283002

Cr-Commit-Position: refs/heads/master@{#32588}
2015-12-03 20:24:46 +00:00
neis
384ec6dc92 [proxies] Adapt and reenable harmony/proxies-for.js test.
R=rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1491863002

Cr-Commit-Position: refs/heads/master@{#32579}
2015-12-03 17:41:40 +00:00
caitpotter88
3ed71daff4 [proxies] do not leak private symbols to proxy traps
BUG=v8:4537
LOG=N
R=neis@chromium.org, rossberg@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1492923002

Cr-Commit-Position: refs/heads/master@{#32570}
2015-12-03 15:05:00 +00:00
neis
4ca1180d2e [proxies] Make Object.prototype.isPrototypeOf step into proxies.
R=rossberg, verwaest@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1492863002

Cr-Commit-Position: refs/heads/master@{#32569}
2015-12-03 15:03:24 +00:00
jkummerow
e478a8ac39 [proxies] Implement Symbol/DONT_ENUM filtering for GetKeys()
And use it to fix Object.keys() for proxies.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1488873003

Cr-Commit-Position: refs/heads/master@{#32496}
2015-12-02 10:19:59 +00:00
yangguo
62dcf2fab6 [es6] correctly handle object wrappers in JSON.stringify.
R=bmeurer@chromium.org
BUG=v8:4581
LOG=N

Review URL: https://codereview.chromium.org/1495473002

Cr-Commit-Position: refs/heads/master@{#32494}
2015-12-02 08:44:03 +00:00
caitpotter88
5058f68596 [parser] treat MethodDefinitions in ObjectPatterns as SyntaxErrors
BUG=v8:4585
LOG=N
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1488043002

Cr-Commit-Position: refs/heads/master@{#32477}
2015-12-01 20:33:11 +00:00
cbruni
f4d4051521 [runtime] [proxy] Runtime_HasOwnProperty and thus
Object.prototype.hasOwnProperty should use JSReceiver::HasOwnProperty for
proxies.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1480213004

Cr-Commit-Position: refs/heads/master@{#32475}
2015-12-01 17:33:04 +00:00
cbruni
df36d046a4 [runtime] [proxy] Fix Object.prototype.PropertyIsEnumerable to support
proxies.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1484313003

Cr-Commit-Position: refs/heads/master@{#32473}
2015-12-01 17:12:08 +00:00
cbruni
d9e0a5a9ad [runtime] [proxy] Adding [[SetPrototypeOf]] trap.
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1481383003

Cr-Commit-Position: refs/heads/master@{#32471}
2015-12-01 15:59:44 +00:00
cbruni
7e8fa4b96a [runtime] [proxy] implementing [[Get]] trap.
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1482283002

Cr-Commit-Position: refs/heads/master@{#32466}
2015-12-01 14:04:43 +00:00
neis
031751d5c4 [proxies] Implement [[Set]].
R=rossberg
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1481103002

Cr-Commit-Position: refs/heads/master@{#32457}
2015-12-01 12:27:09 +00:00
jkummerow
2ba464e11c [proxies] [[HasProperty]]: fix trap call.
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1479143002

Cr-Commit-Position: refs/heads/master@{#32391}
2015-11-30 09:21:10 +00:00
jkummerow
2fee8a0f1d [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
Both are integrated into JSReceiver::GetKeys().

For now, the implementation ignores Symbol/DONT_ENUM filtering.

BUG=v8:1543
LOG=n

Committed: https://crrev.com/42c6056e6f247724d14dc887f6619a6bf5867a97
Cr-Commit-Position: refs/heads/master@{#32384}

Review URL: https://codereview.chromium.org/1474083003

Cr-Commit-Position: refs/heads/master@{#32386}
2015-11-28 15:03:13 +00:00
machenbach
97def40dc0 Revert of [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]] (patchset #3 id:40001 of https://codereview.chromium.org/1474083003/ )
Reason for revert:
[Sheriff] Speculative revert for gc mole:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gcmole/builds/5164

Original issue's description:
> [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
>
> Both are integrated into JSReceiver::GetKeys().
>
> For now, the implementation ignores Symbol/DONT_ENUM filtering.
>
> BUG=v8:1543
> LOG=n
>
> Committed: https://crrev.com/42c6056e6f247724d14dc887f6619a6bf5867a97
> Cr-Commit-Position: refs/heads/master@{#32384}

TBR=verwaest@chromium.org,bmeurer@chromium.org,jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1482113002

Cr-Commit-Position: refs/heads/master@{#32385}
2015-11-28 14:16:29 +00:00
jkummerow
42c6056e6f [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
Both are integrated into JSReceiver::GetKeys().

For now, the implementation ignores Symbol/DONT_ENUM filtering.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1474083003

Cr-Commit-Position: refs/heads/master@{#32384}
2015-11-28 10:48:43 +00:00
verwaest
970a7ad758 Fix Reflect.construct wrt proxy, generator, and non-subclass new.target
This makes sure that proxy + Function/Array works
Makes sure that new.target can be a generator
Makes sure that if new.target is not a subclass, but does not have a prototype, that we'll get that same prototype back the next time we look at new.target.prototype.

BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1484473002

Cr-Commit-Position: refs/heads/master@{#32382}
2015-11-27 21:44:48 +00:00
neis
39efa4348a [proxies] Implement [[Delete]].
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1479543002

Cr-Commit-Position: refs/heads/master@{#32320}
2015-11-26 09:34:28 +00:00
neis
a25018905d [proxies] Implement [[PreventExtensions]] and [[IsExtensible]].
BUG=

Review URL: https://codereview.chromium.org/1441043002

Cr-Commit-Position: refs/heads/master@{#32212}
2015-11-24 14:16:24 +00:00
yangguo
eeb7c05558 [es6] Implement @@match subclassing.
BUG=v8:4305
LOG=N

Review URL: https://codereview.chromium.org/1434523002

Cr-Commit-Position: refs/heads/master@{#32210}
2015-11-24 13:57:31 +00:00
pan.deng
154ddde42b Support offset-TypedArray in futex API
BUG=v8:4555
LOG=N

Review URL: https://codereview.chromium.org/1462833002

Cr-Commit-Position: refs/heads/master@{#32142}
2015-11-20 11:40:00 +00:00
jkummerow
6f0850c63d [proxies] Update Object.defineProperty/ies for JSProxies
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1456613002

Cr-Commit-Position: refs/heads/master@{#32103}
2015-11-19 09:21:46 +00:00
adamk
7d1d978654 Rename destructuring flag to "--harmony-destructuring-bind"
This is in preparation for the addition of --harmony-destructuring-assignment.

BUG=v8:811
LOG=n

Review URL: https://codereview.chromium.org/1450193002

Cr-Commit-Position: refs/heads/master@{#32098}
2015-11-18 23:30:09 +00:00
neis
b270813388 [es6] Partially implement Reflect.ownKeys.
Proxies are not properly supported yet.

This is a reland of 1405243006.

TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1460563002

Cr-Commit-Position: refs/heads/master@{#32065}
2015-11-18 00:52:50 +00:00
pan.deng
81fe5b3c45 Support SAB atomics for offset-TypedArray
BUG=497295
LOG=n

Review URL: https://codereview.chromium.org/1422533009

Cr-Commit-Position: refs/heads/master@{#32064}
2015-11-18 00:19:54 +00:00
yangguo
906903acb5 Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
Cr-Commit-Position: refs/heads/master@{#32029}

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32043}
2015-11-17 13:33:34 +00:00
jkummerow
9c35e4b23c [proxies] Wire up Object.getOwnPropertyDescriptor
using the new JSReceiver::GetOwnPropertyDescriptor implementation.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1451703003

Cr-Commit-Position: refs/heads/master@{#32037}
2015-11-17 13:08:51 +00:00
yangguo
5b2ae9d908 Revert of Experimental support for RegExp lookbehind. (patchset #18 id:340001 of https://codereview.chromium.org/1418963009/ )
Reason for revert:
gc stress breaks due to string_start_minus_one not being set correctly.

Original issue's description:
> Experimental support for RegExp lookbehind.
>
> R=erikcorry@chromium.org, littledan@chromium.org
> BUG=v8:4545
> LOG=N
>
> Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
> Cr-Commit-Position: refs/heads/master@{#32029}

TBR=littledan@chromium.org,erikcorry@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4545

Review URL: https://codereview.chromium.org/1451373003

Cr-Commit-Position: refs/heads/master@{#32032}
2015-11-17 11:55:21 +00:00
yangguo
37632606bb Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32029}
2015-11-17 11:15:06 +00:00
adamk
fd3ff03da2 Fix harmony sloppy block scoping dynamic redeclaration check
The previous code did not properly check for harmony const when
doing the dynamic redeclaration check. This was masked in the
test because each eval had an initializer, and the initializer was what
triggered the exception.

This patch tightens the test by removing initializers and fixes the bug in
DeclareLookupSlot.

Also change the test to use assertThrows where possible.

BUG=v8:4550
LOG=n

Review URL: https://codereview.chromium.org/1437003006

Cr-Commit-Position: refs/heads/master@{#31995}
2015-11-13 21:04:15 +00:00
cbruni
24e058d0ed [runtime] support new Proxy() instead of Proxy.create and install getPrototypeOf trap
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1417063011

Cr-Commit-Position: refs/heads/master@{#31983}
2015-11-13 14:14:07 +00:00
neis
69d218c03f [proxies] Remove "fix" functionality, add (still unused) target property.
BUG=

Review URL: https://codereview.chromium.org/1427743011

Cr-Commit-Position: refs/heads/master@{#31972}
2015-11-12 22:12:06 +00:00
yangguo
9a569ec2c8 [es6] Implement @@split subclassing.
RegExp.prototye[@@split] is not yet implement to spec regarding creating
new RegExp object with the SpeciesConstructor.

R=littledan@chromium.org
BUG=v8:4345
LOG=N

Review URL: https://codereview.chromium.org/1427573005

Cr-Commit-Position: refs/heads/master@{#31911}
2015-11-10 07:00:44 +00:00
neis
ec0f891d1e Revert of "[es6] Partially implement Reflect.ownKeys."
Reason for revert: failed tests on a Windows build.

TBR=rossberg,cbruni,neis
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1426943007

Cr-Commit-Position: refs/heads/master@{#31907}
2015-11-10 00:05:21 +00:00
neis
4194d0ebad [es6] Partially implement Reflect.ownKeys.
Proxies are not properly supported yet.

R=cbruni, rossberg
BUG=

Review URL: https://codereview.chromium.org/1405243006

Cr-Commit-Position: refs/heads/master@{#31906}
2015-11-09 23:30:53 +00:00
adamk
7b556cd24f Split default parameters that require destructuring into their own file
This allows testing the configuration where --harmony-default-parameters
is passed without --harmony-destructuring.

R=rossberg@chromium.org
BUG=v8:2160
LOG=n

Review URL: https://codereview.chromium.org/1410023015

Cr-Commit-Position: refs/heads/master@{#31863}
2015-11-06 15:49:01 +00:00
adamk
e33c4b450f Re-re-land "[es6] Implement destructuring binding in try/catch"
http://crrev.com/80a1e004f4ef619b54a2d87bf2108719a8411860 was reverted
due to a Blink test failure. That test has been marked as failing on
the Blink side in https://chromium.googlesource.com/chromium/src/+/ac11c6df133.

BUG=v8:811
LOG=y
TBR=rossberg@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1409093005

Cr-Commit-Position: refs/heads/master@{#31842}
2015-11-05 20:21:50 +00:00
machenbach
35a60c211e Revert of Revert "Revert of [es6] Implement destructuring binding in try/catch" (patchset #2 id:20001 of https://codereview.chromium.org/1411323008/ )
Reason for revert:
[Sheriff] Breaks a layout test:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/2750

Please request rebase upstream first if intended.

Original issue's description:
> Revert "Revert of [es6] Implement destructuring binding in try/catch"
>
> Reland try/catch destructuring with a fix for the MemorySanitizer failure:
> initialization_pos needs to be initialized in the DeclarationDescriptor.
>
> This is a one line fix to http://crrev.com/a316db995e6e4253664920652ed4e5a38b2caeba
>
> BUG=v8:811
> LOG=y
>
> Committed: https://crrev.com/80a1e004f4ef619b54a2d87bf2108719a8411860
> Cr-Commit-Position: refs/heads/master@{#31834}

TBR=littledan@chromium.org,rossberg@chromium.org,adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811

Review URL: https://codereview.chromium.org/1421193006

Cr-Commit-Position: refs/heads/master@{#31840}
2015-11-05 19:29:08 +00:00
adamk
80a1e004f4 Revert "Revert of [es6] Implement destructuring binding in try/catch"
Reland try/catch destructuring with a fix for the MemorySanitizer failure:
initialization_pos needs to be initialized in the DeclarationDescriptor.

This is a one line fix to http://crrev.com/a316db995e6e4253664920652ed4e5a38b2caeba

BUG=v8:811
LOG=y

Review URL: https://codereview.chromium.org/1411323008

Cr-Commit-Position: refs/heads/master@{#31834}
2015-11-05 17:27:57 +00:00
bmeurer
a210c3757e [runtime] Remove the very dangerous %_CallFunction intrinsic.
The %_CallFunction doesn't implement the call sequence properly, it
doesn't do the receiver wrapping, nor does it check for
classConstructor. Also the eager deoptimization for %_CallFunction was
seriously b0rked (we must have been lucky with TurboFan so far).

R=yangguo@chromium.org
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1419813010

Cr-Commit-Position: refs/heads/master@{#31821}
2015-11-05 11:48:21 +00:00
littledan
5d44bf0263 Ship Harmony ToLength
This patch moves ES2015 ToLength semantics on array operations, etc
to from staging to shipping.

R=adamk
BUG=v8:3087
LOG=Y

Review URL: https://codereview.chromium.org/1433473003

Cr-Commit-Position: refs/heads/master@{#31810}
2015-11-05 00:45:05 +00:00
caitpotter88
55e1cfebfd [parser] early error when declaration Pattern missing Initializer
Emit an early error when BindingPatterns are used in a VariableDeclaration
or LexicalBinding without an Initializer.

BUG=v8:4532
LOG=N
R=adamk@chromium.org, rossberg@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/1416753009

Cr-Commit-Position: refs/heads/master@{#31802}
2015-11-04 19:26:40 +00:00
adamk
f687c4f4e6 Revert of [es6] Implement destructuring binding in try/catch (patchset #3 id:40001 of https://codereview.chromium.org/1417483014/ )
Reason for revert:
MSAN errors on arm64: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/5123/

Original issue's description:
> [es6] Implement destructuring binding in try/catch
>
> The approach is to desugar
>
>   try { ... }
>   catch ({x, y}) { ... }
>
> into
>
>   try { ... }
>   catch (.catch) {
>     let x = .catch.x;
>     let y = .catch.y;
>     ...
>   }
>
> using the PatternRewriter's normal facilities. This has the side benefit
> of throwing the appropriate variable conflict errors for declarations
> made inside the catch block.
>
> No change is made to non-destructured cases, which will hopefully save
> us some work if https://github.com/tc39/ecma262/issues/150 is adopted
> in the spec.
>
> There's one big problem with this patch, which is a lack of PreParser
> support for the redeclaration errors. But it seems we're already lacking
> good PreParser support for such errors, so I'm not sure that should
> block this moving forward.
>
> BUG=v8:811
> LOG=y
>
> Committed: https://crrev.com/a316db995e6e4253664920652ed4e5a38b2caeba
> Cr-Commit-Position: refs/heads/master@{#31797}

TBR=rossberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811

Review URL: https://codereview.chromium.org/1408063013

Cr-Commit-Position: refs/heads/master@{#31798}
2015-11-04 16:39:59 +00:00
adamk
a316db995e [es6] Implement destructuring binding in try/catch
The approach is to desugar

  try { ... }
  catch ({x, y}) { ... }

into

  try { ... }
  catch (.catch) {
    let x = .catch.x;
    let y = .catch.y;
    ...
  }

using the PatternRewriter's normal facilities. This has the side benefit
of throwing the appropriate variable conflict errors for declarations
made inside the catch block.

No change is made to non-destructured cases, which will hopefully save
us some work if https://github.com/tc39/ecma262/issues/150 is adopted
in the spec.

There's one big problem with this patch, which is a lack of PreParser
support for the redeclaration errors. But it seems we're already lacking
good PreParser support for such errors, so I'm not sure that should
block this moving forward.

BUG=v8:811
LOG=y

Review URL: https://codereview.chromium.org/1417483014

Cr-Commit-Position: refs/heads/master@{#31797}
2015-11-04 16:06:38 +00:00
jkummerow
41775a3e73 Fix HasProperty/HasElement for Proxies on the prototype chain
Review URL: https://codereview.chromium.org/1414403003

Cr-Commit-Position: refs/heads/master@{#31775}
2015-11-04 10:17:43 +00:00
neis
b5d0e31582 Fix another corner-case behavior of Object::SetSuperProperty.
If the property is a data property on the holder (or does not exist) and is a readonly data property in the receiver, then we must fail.

R=rossberg, verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1424233005

Cr-Commit-Position: refs/heads/master@{#31751}
2015-11-03 14:53:09 +00:00
neis
8c1377a5b4 Fix corner-case behavior of Object::SetSuperProperty.
When the property is an accessor property in the receiver but not on the
holder (ES6 "target"), we must fail.

R=rossberg, verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1427113002

Cr-Commit-Position: refs/heads/master@{#31733}
2015-11-03 08:04:32 +00:00
neis
5820adf276 [es6] Partially implement Reflect.set.
Proxies are not properly supported yet.

R=rossberg
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1415883007

Cr-Commit-Position: refs/heads/master@{#31685}
2015-10-30 11:48:43 +00:00
neis
98dfe024ca [es6] Partially implement Reflect.getOwnPropertyDescriptor.
Proxies are not properly supported yet.

R=rossberg, jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1408163005

Cr-Commit-Position: refs/heads/master@{#31674}
2015-10-30 10:05:03 +00:00
neis
8e35d8ebec [es6] Partially implement Reflect.defineProperty.
Proxies are not properly supported yet.

R=rossberg,jkummerow@chromium.org
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1421033002

Cr-Commit-Position: refs/heads/master@{#31661}
2015-10-29 15:39:49 +00:00
adamk
0bdaa4d877 Fix eval calls in initializers of arrow function parameters
This requires copying usage flags from the outer scope to the
arrow scope upon encountering the arrow token.

In order to properly pass-on the calls_eval bit, now record
that bit on script scopes just like everywhere else, and add
necessary code to scopes.cc to handle that change in behavior.

Also factored out scope flag propagation to its own method to
make the call site simple (though note that only the eval
bit makes any difference for arrows).

BUG=v8:4395
LOG=n

Review URL: https://codereview.chromium.org/1423613002

Cr-Commit-Position: refs/heads/master@{#31660}
2015-10-29 15:16:40 +00:00
adamk
720c531a70 Remove --harmony-new-target flag
It was shipped in M46 without incident.

Review URL: https://codereview.chromium.org/1411723007

Cr-Commit-Position: refs/heads/master@{#31636}
2015-10-28 16:47:08 +00:00
adamk
a4689fc21f Remove flags for spread calls and arrays
These features shipped in M46 without issue.

Review URL: https://codereview.chromium.org/1429653006

Cr-Commit-Position: refs/heads/master@{#31635}
2015-10-28 15:57:27 +00:00
littledan
b436635ac4 Update to ES2015 == semantics for Symbol/SIMD wrappers
When == is invoked on a Symbol or SIMD vector and an object, the object should
be converted to a primitive with ToPrimitive and then compared again. This means,
for example, that for a Symbol or SIMD vector s, s == Object(s). This patch makes
that change in the implementation of ==. Only the runtime function needed to be
changed, as the code stubs and compiler specializations don't operate on Symbols
or SIMD vectors, and on these types, a fallback to the runtime function is always
used.

BUG=v8:3593
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1421413002

Cr-Commit-Position: refs/heads/master@{#31614}
2015-10-27 20:20:24 +00:00
littledan
8adb1c4705 Reland of Check that array length stays a safe integer in Array.prototype.push (patchset #1 id:1 of https://codereview.chromium.org/1418093007/ )
Reason for revert:
The test failure was unrelated; relanding.

Original issue's description:
> Revert of Check that array length stays a safe integer in Array.prototype.push (patchset #7 id:120001 of https://codereview.chromium.org/1428483002/ )
>
> Reason for revert:
> Caused for-in-opt test to fail
>
> Original issue's description:
> > Check that array length stays a safe integer in Array.prototype.push
> >
> > This patch adds a check in Array.prototype.push to assert that the new
> > length does not become greater than 2**53-1. Such a length would be
> > dangerous because integer arithmetic becomes imprecise after the
> > boundary. The check is also required by a test262 test.
> >
> > R=adamk
> > LOG=Y
> > BUG=v8:3087
> >
> > Committed: https://crrev.com/e68adf4548dd101dc08fcbff14444152fb1b7fe7
> > Cr-Commit-Position: refs/heads/master@{#31588}
>
> TBR=adamk@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3087
>
> Committed: https://crrev.com/78abedb94431a233842fcb2f7a910805a05bed09
> Cr-Commit-Position: refs/heads/master@{#31590}

TBR=adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3087

Review URL: https://codereview.chromium.org/1424823005

Cr-Commit-Position: refs/heads/master@{#31610}
2015-10-27 16:30:45 +00:00
littledan
78abedb944 Revert of Check that array length stays a safe integer in Array.prototype.push (patchset #7 id:120001 of https://codereview.chromium.org/1428483002/ )
Reason for revert:
Caused for-in-opt test to fail

Original issue's description:
> Check that array length stays a safe integer in Array.prototype.push
>
> This patch adds a check in Array.prototype.push to assert that the new
> length does not become greater than 2**53-1. Such a length would be
> dangerous because integer arithmetic becomes imprecise after the
> boundary. The check is also required by a test262 test.
>
> R=adamk
> LOG=Y
> BUG=v8:3087
>
> Committed: https://crrev.com/e68adf4548dd101dc08fcbff14444152fb1b7fe7
> Cr-Commit-Position: refs/heads/master@{#31588}

TBR=adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3087

Review URL: https://codereview.chromium.org/1418093007

Cr-Commit-Position: refs/heads/master@{#31590}
2015-10-27 05:46:23 +00:00
littledan
e68adf4548 Check that array length stays a safe integer in Array.prototype.push
This patch adds a check in Array.prototype.push to assert that the new
length does not become greater than 2**53-1. Such a length would be
dangerous because integer arithmetic becomes imprecise after the
boundary. The check is also required by a test262 test.

R=adamk
LOG=Y
BUG=v8:3087

Review URL: https://codereview.chromium.org/1428483002

Cr-Commit-Position: refs/heads/master@{#31588}
2015-10-27 04:39:25 +00:00
caitpotter88
b078960e70 [es7] bailout Crankshaft in VisitDoExpression
For some reason, the DisableCrankshaft() in ast-numbering.cc does not always
prevent crankshaft from happening. Bailout here rather than asserting an
unreachable condition.

BUG=546967, v8:4488
LOG=N
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1414713004

Cr-Commit-Position: refs/heads/master@{#31537}
2015-10-24 07:06:59 +00:00
neis
193410062e Fix corner-case behavior of JSObject::SetPrototype.
Setting the prototype to whatever it currently is must succeed even if
the object is not extensible.

R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1423603002

Cr-Commit-Position: refs/heads/master@{#31527}
2015-10-23 14:52:26 +00:00
neis
8e89e8203b Adapt tests in preparation of shipping --harmony-completion.
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1415283003

Cr-Commit-Position: refs/heads/master@{#31507}
2015-10-23 10:26:01 +00:00
neis
2c7787ad84 [es6] Partially implement Reflect.setPrototypeOf.
Proxies are not properly supported yet.

R=rossberg
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1417243002

Cr-Commit-Position: refs/heads/master@{#31465}
2015-10-22 11:21:43 +00:00
neis
2803a3d302 [es6] Partially implement Reflect.getPrototypeOf.
Proxies are not properly supported yet.

R=rossberg
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1416433003

Cr-Commit-Position: refs/heads/master@{#31447}
2015-10-21 15:45:24 +00:00
adamk
7f1504f51e [es6] Handle super properly when rewriting arrow parameter initializers
R=rossberg@chromium.org
BUG=v8:4395
LOG=y

Review URL: https://codereview.chromium.org/1414733005

Cr-Commit-Position: refs/heads/master@{#31440}
2015-10-21 13:16:07 +00:00
adamk
02e4d21f4c [es6] Fix scoping for default parameters in arrow functions
When eagerly parsing arrow functions, expressions in default
parameter initializers are parsed in the enclosing scope,
rather than in the function's scope (since that scope does not
yet exist). This leads to VariableProxies being added to the
wrong scope, and scope chains for FunctionLiterals being incorrect.

This patch addresses these problems by adding a subclass of
AstExpressionVisitor that moves VariableProxies to the proper
scope and fixes up scope chains of FunctionLiterals.

This is a revert of the revert https://crrev.com/e41614a058426fb6102e4ab2dd4f98997f00c0fc
with a much-improved (though not yet perfect) Scope::ResetOuterScope
method which properly fixes not only the outer_scope_ pointer but also
fixes the inner_scope_ list in the relevant outer_scopes.

More work likely still needs to be done to make this work completely,
but it's very close to correct.

BUG=v8:4395
LOG=y

Review URL: https://codereview.chromium.org/1414283002

Cr-Commit-Position: refs/heads/master@{#31435}
2015-10-21 12:04:20 +00:00
neis
79634a3ffe [es6] Partially implement Reflect.preventExtensions.
Ignore proxies for now.

R=rossberg
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1397853005

Cr-Commit-Position: refs/heads/master@{#31431}
2015-10-21 09:23:47 +00:00
caitpotter88
b6596aa73b [es7] implement |do| expressions proposal
Adds an implementation of "do expression" parsing (https://webcache.googleusercontent.com/search?q=cache:MIGALjqPDNgJ:wiki.ecmascript.org/doku.php%3Fid%3Dstrawman:do_expressions+&cd=1&hl=en&ct=clnk&gl=us).

This feature provides a way to evaluate a block of statements within an expression context, producing the resulting completion value. This is very helpful for implementing certain language features via desugaring.

BUG=v8:4488
LOG=N
R=adamk@chromium.org, bmeurer@chromium.org, rossberg@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/1399893002

Cr-Commit-Position: refs/heads/master@{#31428}
2015-10-21 02:58:32 +00:00
bmeurer
e41614a058 Revert of [es6] Fix scoping for default parameters in arrow functions (patchset #5 id:80001 of https://codereview.chromium.org/1405313002/ )
Reason for revert:
Breaks nosnap: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug%20-%202/builds/2407/steps/Check/logs/regress-4395

Original issue's description:
> [es6] Fix scoping for default parameters in arrow functions
>
> When eagerly parsing arrow functions, expressions in default
> parameter initializers are parsed in the enclosing scope,
> rather than in the function's scope (since that scope does not
> yet exist). This leads to VariableProxies being added to the
> wrong scope, and scope chains for FunctionLiterals being incorrect.
>
> This patch addresses these problems by adding a subclass of
> AstExpressionVisitor that moves VariableProxies to the proper
> scope and fixes up scope chains of FunctionLiterals.
>
> More work likely still needs to be done to make this work completely,
> but it's very close to correct.
>
> BUG=v8:4395
> LOG=y
>
> Committed: https://crrev.com/cf72aad39e51de9b7074ea039377c1812f4a2c6b
> Cr-Commit-Position: refs/heads/master@{#31402}

TBR=rossberg@chromium.org,caitpotter88@gmail.com,adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4395

Review URL: https://codereview.chromium.org/1417463004

Cr-Commit-Position: refs/heads/master@{#31404}
2015-10-20 10:36:38 +00:00
adamk
cf72aad39e [es6] Fix scoping for default parameters in arrow functions
When eagerly parsing arrow functions, expressions in default
parameter initializers are parsed in the enclosing scope,
rather than in the function's scope (since that scope does not
yet exist). This leads to VariableProxies being added to the
wrong scope, and scope chains for FunctionLiterals being incorrect.

This patch addresses these problems by adding a subclass of
AstExpressionVisitor that moves VariableProxies to the proper
scope and fixes up scope chains of FunctionLiterals.

More work likely still needs to be done to make this work completely,
but it's very close to correct.

BUG=v8:4395
LOG=y

Review URL: https://codereview.chromium.org/1405313002

Cr-Commit-Position: refs/heads/master@{#31402}
2015-10-20 09:15:38 +00:00
bmeurer
e678a0f9a9 [runtime] Implement %_ToLength via ToLengthStub.
Use %_ToLength for TO_LENGTH, implemented via a ToLengthStub
that supports a fast path for small integers. Everything else is still
handled in the runtime.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
BUG=v8:4494
LOG=n

Review URL: https://codereview.chromium.org/1412963002

Cr-Commit-Position: refs/heads/master@{#31358}
2015-10-19 08:35:18 +00:00
bmeurer
e1088b27b5 [turbofan] Initial support for monomorphic/polymorphic property loads.
Native context specialization now lowers monomorphic and
polymorphic accesses to data and constant data properties on
object and/or prototype chain. We don't deal with accessors
yet, and we also completely ignore proxies (which is compatible
with what Crankshaft does).

The code is more or less the straightforward implementation. We
will need to refactor that and extract common patterns once the
remaining bits for full load/store support is in.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
R=jarin@chromium.org
BUG=v8:4470
LOG=n

Committed: https://crrev.com/3a0bf860b7177f7abef01ff308a53603389d958e
Cr-Commit-Position: refs/heads/master@{#31340}

Review URL: https://codereview.chromium.org/1396333010

Cr-Commit-Position: refs/heads/master@{#31352}
2015-10-19 05:24:51 +00:00
jarin
5c53481233 Revert of [turbofan] Initial support for monomorphic/polymorphic property loads. (patchset #3 id:100001 of https://codereview.chromium.org/1396333010/ )
Reason for revert:
Waterfall redness.

Original issue's description:
> [turbofan] Initial support for monomorphic/polymorphic property loads.
>
> Native context specialization now lowers monomorphic and
> polymorphic accesses to data and constant data properties on
> object and/or prototype chain. We don't deal with accessors
> yet, and we also completely ignore proxies (which is compatible
> with what Crankshaft does).
>
> The code is more or less the straightforward implementation. We
> will need to refactor that and extract common patterns once the
> remaining bits for full load/store support is in.
>
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
> R=jarin@chromium.org
> BUG=v8:4470
> LOG=n
>
> Committed: https://crrev.com/3a0bf860b7177f7abef01ff308a53603389d958e
> Cr-Commit-Position: refs/heads/master@{#31340}

TBR=bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4470

Review URL: https://codereview.chromium.org/1408123002

Cr-Commit-Position: refs/heads/master@{#31341}
2015-10-16 14:56:25 +00:00
bmeurer
3a0bf860b7 [turbofan] Initial support for monomorphic/polymorphic property loads.
Native context specialization now lowers monomorphic and
polymorphic accesses to data and constant data properties on
object and/or prototype chain. We don't deal with accessors
yet, and we also completely ignore proxies (which is compatible
with what Crankshaft does).

The code is more or less the straightforward implementation. We
will need to refactor that and extract common patterns once the
remaining bits for full load/store support is in.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
R=jarin@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1396333010

Cr-Commit-Position: refs/heads/master@{#31340}
2015-10-16 14:09:17 +00:00
yangguo
30715157fa Install iterator meta objects via utils object.
R=cbruni@chromium.org, hpayer@chromium.org

Review URL: https://codereview.chromium.org/1411653002

Cr-Commit-Position: refs/heads/master@{#31331}
2015-10-16 11:27:33 +00:00
adamk
e5db1d58e5 Remove stale references to --harmony-arrays flag in mjsunit tests
Also move those tests from mjsunit/harmony to mjsunit/es6.

R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1403633007

Cr-Commit-Position: refs/heads/master@{#31314}
2015-10-15 17:39:42 +00:00
littledan
5c1ef6ac82 Make RegExp use ToLength on lastIndex when flag is turned on
In the ES2015 spec, RegExp uses ToLength, not ToInteger, on lastIndex
to coerce it to an integer. This patch switches to ToLength when
the --harmony-tolength flag is on, and adds some tests to verify the
new behavior.

BUG=v8:4244
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1394023005

Cr-Commit-Position: refs/heads/master@{#31306}
2015-10-15 14:10:48 +00:00
neis
2ed1eebe9f [es6] Implement Reflect.enumerate.
R=rossberg
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1397443013

Cr-Commit-Position: refs/heads/master@{#31299}
2015-10-15 12:59:37 +00:00
adamk
18534dffc9 Don't throw on assignment to function name binding in harmony sloppy mode
BUG=v8:4482
LOG=n

Review URL: https://codereview.chromium.org/1397513004

Cr-Commit-Position: refs/heads/master@{#31218}
2015-10-12 16:55:35 +00:00
littledan
d515e5138d Test for var declarations in eval which conflict with let
Previously, name conflicts between var and let declarations were only
made into exceptions if they were visible at parse-time. This patch adds
runtime checks so that sloppy-mode direct eval can't introduce conflicting
var declarations. The change is implemented by traversing the scope chain
when a direct eval introduces a var declaration to look for conflicting
let declarations, up to the function boundary.

BUG=v8:4454
R=adamk
LOG=Y

Review URL: https://codereview.chromium.org/1382513003

Cr-Commit-Position: refs/heads/master@{#31211}
2015-10-12 14:31:01 +00:00
cbruni
3ac2973b29 Improving error messages when adding properties to non JSObject receiver in
strict mode.

LOG=N
BUG=chromium:423739

Review URL: https://codereview.chromium.org/1381083004

Cr-Commit-Position: refs/heads/master@{#31192}
2015-10-09 09:12:47 +00:00
neis
cfe7c9c5ce [es6] Support optional "receiver" argument in Reflect.get.
Also add some more tests.

R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1392203002

Cr-Commit-Position: refs/heads/master@{#31181}
2015-10-08 14:23:12 +00:00
neis
7a0a682083 [es6] Implement completion value reform (--harmony-completion).
This CL depends on #1362363002.

R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1361403003

Cr-Commit-Position: refs/heads/master@{#31180}
2015-10-08 13:57:04 +00:00
neis
09184acad2 [es6] Implement parts of the Reflect object.
- Reflect.deleteProperty
- Reflect.get
- Reflect.has
- Reflect.isExtensible

Reflect.get doesn't support the receiver argument yet, and
some of the others don't support proxies yet.

R=rossberg
BUG=v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1379313002

Cr-Commit-Position: refs/heads/master@{#31146}
2015-10-07 11:45:25 +00:00
erikcorry
9081ee11af RegExp: Fix update of lastIndex on non-global sticky
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1378693004

Cr-Commit-Position: refs/heads/master@{#31133}
2015-10-06 21:24:12 +00:00
littledan
2e7077e02c Destructuring array without initializer throws an exception
Previously, cases like
  var [foo]
led to a parser crash because the parser tried to do something with
the initializer, which was not syntactically present.

This patch fixes the parser issue (implicitly creating an undefined
initializer) and inserts a check for array destructuring that the
right-hand side is coercible to an object, so it can have iterator
methods called on it safely.

BUG=v8:4462
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1384413002

Cr-Commit-Position: refs/heads/master@{#31128}
2015-10-06 17:01:28 +00:00
littledan
38465598c8 Fix legacy const for-of/in destructuring
Previously, using legacy const in for-of/in loops led to a check-fail
in the parser. This was due to the fact that the destructuring bind
led to an undefined initialization to undefined in the parser, which
caused the for loop code to go down a strange path. This patch
eliminates the undefined initialization in variables declared in
for-in/of loops, so that that path is not used and the error is
fixed.

BUG=v8:4461
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1385913003

Cr-Commit-Position: refs/heads/master@{#31117}
2015-10-05 22:36:33 +00:00
littledan
7e113c47b7 Prohibit let in lexical bindings
This patch prohibits lexical bindings from being called 'let', even in
sloppy mode, following the ES2015 specification. The change affects
multiple cases of lexical bindings, including simple let/const declarations
and both kinds of for loops. var and legacy const bindings still permit
the name to be let, including in destructuring cases. Tests are added to
verify, though some cases are commented out since they led to (pre-existing)
crashes.

BUG=v8:4403
R=adamk
LOG=Y

Review URL: https://codereview.chromium.org/1371263003

Cr-Commit-Position: refs/heads/master@{#31115}
2015-10-05 20:29:22 +00:00
rossberg
2c2848dccf [es6] Scoping & initialization for var shadowing non-simple parameters
Var-bindings may shadow parameters from a non-simple parameter list. When that happens: they create separate bindings, but are initialised with the respective parameter value. Thus:

(function(x, f = () => x) { var x; var y = x; x = 2; return [x, y, f()] })(1) -->  [2, 1, 1]

This CL implements that by inserting a suitable assignment for every shadwowing var-variable (e.g., x = outer_x above) at the beginning of the function's body block.

R=adamk@chromium.org
BUG=v8:4440,v8:811
LOG=N

Review URL: https://codereview.chromium.org/1371333004

Cr-Commit-Position: refs/heads/master@{#31042}
2015-10-01 10:42:33 +00:00
littledan
76da493315 Extend Annex B 3.3 sloppy-mode block-scoped hoisting to scripts, eval
The ES2015 spec is missing an extension of sloppy-mode block-scoped function
behavior to the global scope in scripts, as well as to eval. This patch
brings that hoisting to those two areas. The behavior is not perfectly
spec-compliant since properties created on the global scope should be
set as enumerable even if they are non-enumerable previously, but the
attributes will not be modified if the property already exists under
this patch.

BUG=v8:4441
LOG=Y
R=adamk
TEST=reddit comment functionality seems to be fixed

Review URL: https://codereview.chromium.org/1376623002

Cr-Commit-Position: refs/heads/master@{#31037}
2015-09-30 23:48:34 +00:00
adamk
163419e8fa Remove --harmony-arrow-functions flag
Arrow functions have been enabled by default since the 4.5 branch.

Review URL: https://codereview.chromium.org/1373633002

Cr-Commit-Position: refs/heads/master@{#31031}
2015-09-30 19:50:40 +00:00
neis
d3ef8f4b95 [es6] Ship rest parameters.
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1371963002

Cr-Commit-Position: refs/heads/master@{#30970}
2015-09-28 11:19:35 +00:00
bmeurer
ff2c9eace4 [es6] Remove left-overs from Function.prototype.toMethod.
The actual Function.prototype.toMethod was removed some time already,
but there were some stuff (esp. %ToMethod) left in the tree, including
tests for %ToMethod.  This code (and esp. the tests) cause trouble in
the process of moving bound functions away from JSFunction; so since
the code is unused anyway, we can as well remove it.

The original removal of Function.prototype.toMethod was in February
2015 in 68e4897586.

R=jarin@chromium.org
BUG=v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1366063002

Cr-Commit-Position: refs/heads/master@{#30925}
2015-09-25 04:04:36 +00:00
adamk
7485da7ace Don't crash when preparsing destructured arguments
This adds the materialized literal count accumulated while parsing the
parameters (in the parser proper) to that accumulated by the preparser.

This should have been caught in cctest/test-parsing, but it's not covered
because the parsing tests call directly into the preparser rather than
using Parser::ParseFunctionLiteral (which fully-parses the parameters
and then calls into the preparser to skip over the function body).

Note that this further-inflates the materialized literal count for
functions with destructured arguments, since some of the counted
literals are actually binding patterns. But that's not specific to
binding patterns in formal parameters: it happens in function bodies, too.

BUG=v8:4400,v8:4407
LOG=n

Review URL: https://codereview.chromium.org/1350913005

Cr-Commit-Position: refs/heads/master@{#30868}
2015-09-22 17:43:43 +00:00
littledan
e5ff10d767 Implement sloppy-mode block-defined functions (Annex B 3.3)
ES2015 specifies very particular semantics for functions defined in blocks.
In strict mode, it is simply a lexical binding scoped to that block. In sloppy
mode, in addition to that lexical binding, there is a var-style binding in
the outer scope, which is overwritten with the local binding when the function
declaration is evaluated, *as long as* introducing ths var binding would not
create a var/let conflict in the outer scope.

This patch implements the semantics by introducing a DelegateStatement, which
is initially filled in with the EmptyStatement and overwritten with the
assignment when the scope is closed out and it can be checked that there is
no conflict.

This patch is tested with a new mjsunit test, and I tried staging it and running
test262, finding that the tests that we have disabled due to lack of Annex B
support now pass.

R=adamk,rossberg
LOG=Y
BUG=v8:4285

Review URL: https://codereview.chromium.org/1332873003

Cr-Commit-Position: refs/heads/master@{#30842}
2015-09-21 04:31:09 +00:00
adamk
7462e99667 Remove on-by-default flag --harmony-object
It's been enabled since M45, which is now well into its stable period,
with no problems reported.

Review URL: https://codereview.chromium.org/1356793002

Cr-Commit-Position: refs/heads/master@{#30835}
2015-09-18 18:37:57 +00:00
aperez
d4e1299f16 ES6: Array.prototype.slice and friends should use ToLength instead of ToUint32
Defines a new --harmony-tolength flag, and a ToLengthFlagged() runtime function,
that is used where ES6 requires ToLength(), but a pre-ES6 conversion existed
before. When the flag is disabled, the function uses TO_UINT32(), which is
the pre-ES6 behaviour. When the flag enabled, the ES6-compliant ToLength()
conversion is used.

Based on a patch initially from Diego Pino <dpino@igalia.com>

BUG=v8:3087
LOG=Y

Review URL: https://codereview.chromium.org/1309243003

Cr-Commit-Position: refs/heads/master@{#30772}
2015-09-16 18:01:52 +00:00
caitpotter88
b444da41ad [es6] support get and set in shorthand properties
Add support for `get` and `set` as shorthand properties. Also
supports them for CoverInitializedName in BindingPatterns and (once implemented)
AssignmentPatterns.

BUG=v8:4412, v8:3584
LOG=N
R=adamk, aperez, wingo, rossberg

Review URL: https://codereview.chromium.org/1328083002

Cr-Commit-Position: refs/heads/master@{#30769}
2015-09-16 16:02:05 +00:00
binji
f5bec4bcd4 [Atomics] Remove support for atomic accesses on floating-point values.
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1318713007

Cr-Commit-Position: refs/heads/master@{#30755}
2015-09-15 21:25:14 +00:00
adamk
f44efd6b31 Fix spread operator in ArrayLiterals when nested in other literals
Mark ArrayLiterals utilizing the spread operator as non-simple.
This causes them to return false for IsCompileTimeValue, and thus
causes spread to work as expected in nested literals.

BUG=v8:4417
LOG=y

Review URL: https://codereview.chromium.org/1336123002

Cr-Commit-Position: refs/heads/master@{#30754}
2015-09-15 16:43:39 +00:00
bmeurer
db2ba190db [runtime] Replace many buggy uses of %_CallFunction with %_Call.
The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.

If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).

BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1325573004

Cr-Commit-Position: refs/heads/master@{#30634}
2015-09-08 13:35:32 +00:00
caitpotter88
510baeacba [es6] Re-implement rest parameters via desugaring.
Kills the kRestParameter bailout/disabled optimization, and fixes
lazily parsed arrow functions with rest parameters.

Supercedes https://crrev.com/1235153006/

BUG=chromium:508074, v8:2160, v8:2700
LOG=N
R=rossberg@chromium.org, adamk@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/1272673003

Cr-Commit-Position: refs/heads/master@{#30550}
2015-09-02 21:11:05 +00:00
binji
196d6aeec1 Remove harmony-atomics flag and collapse it into sharedarraybuffer flag
Having both flags is tedious, and it is unlikely you'd ever want them
separately.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1304163010

Cr-Commit-Position: refs/heads/master@{#30523}
2015-09-01 18:34:00 +00:00
bmeurer
3c164506f5 [es6] Implement Date.prototype[@@toPrimitive] as C++ builtin.
This way we don't need to expose JSReceiver::OrdinaryToPrimitive
as runtime function, and we don't need the separate JS trampoline.

This also adds tests for ToPrimitive on date objects, which are
special.

R=mstarzinger@chromium.org
BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1324713002

Cr-Commit-Position: refs/heads/master@{#30473}
2015-08-31 12:53:10 +00:00
littledan
decc7b092a Sloppy-mode let parsing
This patch makes 'let' a contextual keyword in both strict and sloppy mode.
It behaves as a keyword when used at the beginning of a StatementListItem
or lexical declaration at the beginning of a for statement, if it is followed
by an identifier, [ or {. Implementing this change requires an extra token
look-ahead by the parser which is only invoked in certain cases (so as to
avoid parsing RegExps as ECMAScript tokens). This might result in a slowdown
of the scanner, but performance testing of this patch hasn't yet found much
of a regression.

BUG=v8:3305
LOG=Y
R=adamk,vogelheim

Review URL: https://codereview.chromium.org/1315673009

Cr-Commit-Position: refs/heads/master@{#30451}
2015-08-28 18:47:40 +00:00
bmeurer
09de997b35 [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
This adds a new ToString runtime function and a fast-path ToStringStub
(which is just a simple dispatcher for existing functionality), and also
implements %_ToName using the ToStringStub.

R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1319973007

Cr-Commit-Position: refs/heads/master@{#30442}
2015-08-28 13:00:11 +00:00
bmeurer
c403ede42a [es6] Implement spec compliant ToName (actually ToPropertyKey).
This adds a %ToName runtime entry that uses the previously introduced
Object::ToName, which is based on the new Object::ToPrimitive method.
Also removes the need to expose ToName in various way via the builtins
and/or context.

Drive-by-fix: Let %HasProperty do the ToName conversion implicitly as
required.

BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1319133002

Cr-Commit-Position: refs/heads/master@{#30435}
2015-08-28 09:46:51 +00:00
bmeurer
f6c6d713b4 [es6] Implement spec compliant ToPrimitive in the runtime.
This is the first step towards a spec compliant ToPrimitive
implementation (and therefore spec compliant ToNumber, ToString,
ToName, and friends).  It adds support for the @@toPrimitive
symbol that was introduced with ES2015, and also adds the new
Symbol.prototype[@@toPrimitive] and Date.prototype[@@toPrimitive]
initial properties.

There are now runtime functions for %ToPrimitive, %ToNumber and
%ToString, which do the right thing and should be used as fallbacks
instead of the hairy runtime.js implementations.  I will do the
same for the other conversion operations mentioned by the spec in
follow up CLs.  Once everything is in place we can look into
optimizing things further, so that we don't always call into the
runtime.

Also fixed Date.prototype.toJSON to be spec compliant.

R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4307
LOG=y

Review URL: https://codereview.chromium.org/1306303003

Cr-Commit-Position: refs/heads/master@{#30434}
2015-08-28 09:21:43 +00:00
conradw
77394fa05a [parser] disallow language mode directive in body of function with non-simple parameters
TC39 agreed to disallow "use strict" directives in function body when
non-simple parameter lists are used.

This is a continuation of caitp's CL https://codereview.chromium.org/1281163002/
with some refactorings removed for now.

Still TODO: there is a lot of duplication between the is_simple field of
FormalParametersBase and the NonSimpleParameter property ExpressionClassifier
keeps track of. It should be possible to remove the former with a minor
refactoring of arrow function parsing. This will be attempted in a follow-up CL.

BUG=
LOG=N

Review URL: https://codereview.chromium.org/1300103005

Cr-Commit-Position: refs/heads/master@{#30388}
2015-08-26 14:59:19 +00:00
wingo
79e74db3e0 Parse arrow functions at proper precedence level
BUG=v8:4211
LOG=Y
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1315823002

Cr-Commit-Position: refs/heads/master@{#30373}
2015-08-26 09:36:45 +00:00
rossberg
089592ad33 [es6] Remaining cases of parameter scopes for sloppy eval
R=littledan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1303013007

Cr-Commit-Position: refs/heads/master@{#30363}
2015-08-25 22:24:29 +00:00
rossberg
0b3b72671e [es6] Correct length for functions with default parameters
R=adamk@chromium.org
BUG=v8:2160
LOG=N

Review URL: https://codereview.chromium.org/1311163002

Cr-Commit-Position: refs/heads/master@{#30361}
2015-08-25 18:52:13 +00:00
bbudge
8a278a4cc4 [simd.js] Update to spec version 0.8.2.
Adds Uint32x4, Uint16x8, and Uint8x16 types.
Adds all functions in the current spec, except for loads and stores.

LOG=Y
BUG=v8:4124

Committed: https://crrev.com/4be6d37fd1ad0a6e0ea37da8863ae5169c2b89ba
Cr-Commit-Position: refs/heads/master@{#30322}

Review URL: https://codereview.chromium.org/1294513004

Cr-Commit-Position: refs/heads/master@{#30353}
2015-08-25 12:35:19 +00:00
hablich
86016622b4 Revert of [simd.js] Update to spec version 0.8.2. (patchset #11 id:200001 of https://codereview.chromium.org/1294513004/ )
Reason for revert:
Fails tests:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20deadcode/builds/5073/steps/steps/logs/stdio

Original issue's description:
> [simd.js] Update to spec version 0.8.2.
>
> Adds Uint32x4, Uint16x8, and Uint8x16 types.
> Adds all functions in the current spec, except for loads and stores.
>
> LOG=Y
> BUG=v8:4124
>
> Committed: https://crrev.com/4be6d37fd1ad0a6e0ea37da8863ae5169c2b89ba
> Cr-Commit-Position: refs/heads/master@{#30322}

TBR=littledan@chromium.org,bbudge@google.com,bmeurer@chromium.org,hpayer@chromium.org,bbudge@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124

Review URL: https://codereview.chromium.org/1309513005

Cr-Commit-Position: refs/heads/master@{#30323}
2015-08-24 10:06:43 +00:00
bbudge
4be6d37fd1 [simd.js] Update to spec version 0.8.2.
Adds Uint32x4, Uint16x8, and Uint8x16 types.
Adds all functions in the current spec, except for loads and stores.

LOG=Y
BUG=v8:4124

Review URL: https://codereview.chromium.org/1294513004

Cr-Commit-Position: refs/heads/master@{#30322}
2015-08-24 09:13:08 +00:00
yangguo
cc97e524a1 Revert of Parse arrow functions at proper precedence level (patchset #2 id:60001 of https://codereview.chromium.org/1286383005/ )
Reason for revert:
Breaks layout test. Please change test expectation on blink first.

--- /mnt/data/b/build/slave/V8-Blink_Linux_64/build/layout-test-results/inspector/sources/debugger-pause/debugger-pause-in-internal-expected.txt
+++ /mnt/data/b/build/slave/V8-Blink_Linux_64/build/layout-test-results/inspector/sources/debugger-pause/debugger-pause-in-internal-actual.txt
@@ -1,4 +1,4 @@
-CONSOLE ERROR: line 9: Uncaught SyntaxError: Expected () to start arrow function, but got '}' instead of '=>'
+CONSOLE ERROR: line 9: Uncaught SyntaxError: Unexpected token )
 Tests that pause on exception in internal script does not crash.

 Script source was shown.

Original issue's description:
> Parse arrow functions at proper precedence level
>
> BUG=v8:4211
> LOG=Y
> R=rossberg@chromium.org
>
> Committed: https://crrev.com/9271b0ccf9ddb217deb1f0b9ef9b59b64dc40214
> Cr-Commit-Position: refs/heads/master@{#30298}

TBR=rossberg@chromium.org,mstarzinger@chromium.org,fennyfanny655@gmail.com,machenbach@chromium.org,wingo@igalia.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4211

Review URL: https://codereview.chromium.org/1315503002

Cr-Commit-Position: refs/heads/master@{#30318}
2015-08-24 06:57:12 +00:00
wingo
9271b0ccf9 Parse arrow functions at proper precedence level
BUG=v8:4211
LOG=Y
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1286383005

Cr-Commit-Position: refs/heads/master@{#30298}
2015-08-21 11:33:42 +00:00
rossberg
365fd7bc35 [es6] Parameter scopes for sloppy eval
This CL is a nightmare! For the utterly irrelevant edge case of a sloppy function with non-simple parameters and a call to direct eval, like here,

  let x = 1;
  function f(g = () => x) {
    var y
    eval("var x = 2")
    return g() + x  // f() = 3
  }

we have to do all of the following, on top of the declaration block ("varblock") contexts we already introduce around the body:

- Introduce the ability for varblock contexts to have both a ScopeInfo and an extension object (e.g., the body varblock in the example will contain both a static var y and a dynamic var x). No other scope needs that. Since there are no context slots left, a special new struct is introduced that pairs up scope info and extension object.

- When declaring lookup slots in the runtime, this new struct is allocated in the case where an extension object has to be added to a block scope (at which point the block's extension slot still contains a plain ScopeInfo).

- While at it, introduce some abstraction to access context extension slots in a more controlled manner, in order to keep special-casing to a minimum.

- Make sure that even empty varblock contexts do not get optimised away when they contain a sloppy eval, so that they can host the potential extension object.

- Extend dynamic search for declaration contexts (used by sloppy direct eval) to recognize varblock contexts.

- In the parser, if a function has a sloppy direct eval, introduce an additional varblock scope around each non-simple (desugared) parameter, as required by the spec to contain possible dynamic var bindings.

- In the pattern rewriter, add the ability to hoist the named variables the pattern declares to an outer scope. That is required because the actual destructuring has to be evaluated inside the protecting varblock scope, but the bindings that the desugaring introduces are in the outer scope.

- ScopeInfos need to save the information whether a block is a varblock, to make sloppy eval calls work correctly that deserialise them as part of the scope chain.

- Add the ability to materialize block scopes with extension objects in the debugger. Likewise, enable setting extension variables in block scopes via the debugger interface.

- While at it, refactor and unify some respective code in the debugger.

Sorry, this CL is large. I could try to split it up, but everything is rather entangled.

@mstarzinger: Please review the changes to contexts.
@yangguo: Please have a look at the debugger stuff.

R=littledan@chromium.org, mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:811,v8:2160
LOG=N

Review URL: https://codereview.chromium.org/1292753007

Cr-Commit-Position: refs/heads/master@{#30295}
2015-08-21 10:58:47 +00:00
rossberg
6dda11ff81 [es6] Implement default parameters
Based on caitp's https://codereview.chromium.org/1127063003/

R=adamk@chromium.org, littledan@chromium.org
BUG=v8:2160
LOG=N

Review URL: https://codereview.chromium.org/1287063004

Cr-Commit-Position: refs/heads/master@{#30192}
2015-08-17 12:02:08 +00:00
caitpotter88
9b15445e6d [parser] make kInvalidLhsInFor a SyntaxError
Second item in section 13.7.5.1 states that the error should be a
SyntaxError, when previously CheckAndRewriteReferenceExpression
would always emit a ReferenceError.

BUG=v8:4373
R=adamk, rossberg
LOG=N
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1292393002

Cr-Commit-Position: refs/heads/master@{#30184}
2015-08-15 17:57:16 +00:00
adamk
ef52836cd8 [es6] Make assignment to new.target an early ReferenceError
In doing so, fix calls CheckAndRewriteReferenceExpression to take proper
start and end positions (instead of just pointing at the first token in
the LHS expression).

BUG=v8:4370
LOG=n

Review URL: https://codereview.chromium.org/1290013002

Cr-Commit-Position: refs/heads/master@{#30166}
2015-08-13 18:06:13 +00:00
littledan
e261540b9e Add class to existing lexical scoping tests
This patch strengthens testing of classes by verifying that the binding
that they export externally follows block scoping, as opposed to var-style
scoping. The tests are based on existing tests for let and const.

R=adamk
LOG=N
BUG=v8:3305

Review URL: https://codereview.chromium.org/1286923002

Cr-Commit-Position: refs/heads/master@{#30140}
2015-08-12 18:43:06 +00:00
littledan
1ebf0d7c5d Split function block scoping into a separate flag
In an initial attempt to implement sloppy mode lexical bindings,
functions were made lexically scoped in sloppy mode. However, the
ES2015 spec says that they need an additional hoisted var binding,
and further, it's not clear when we'll implement that behavior
or whether it's web-compatible.

This patch splits off function block scoping into a new, separate
flag called --harmony_sloppy_function. This change will enable the
possibility of testing and shipping this feature separately from
other block scoping-related features which don't have the same risks.

BUG=v8:4285
R=adamk
LOG=N

Review URL: https://codereview.chromium.org/1282093002

Cr-Commit-Position: refs/heads/master@{#30122}
2015-08-12 00:00:01 +00:00
littledan
d03191beb1 Use a new lexical context for sloppy-mode eval
In ES6, direct eval() in sloppy mode uses the enclosing function-level
("var") scope for var-style bindings and a new lexical scope for lexical
bindings like let and class. This patch implements that feature by making
lexical bindings that are directly within an EVAL_SCOPE be on the local
scope rather than the enclosing one.

BUG=v8:4288
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1274193004

Cr-Commit-Position: refs/heads/master@{#30120}
2015-08-11 21:30:40 +00:00
domenic
8934b9eae7 Add includes method to typed arrays
R=littledan@chromium.org, adamk@chromium.org
BUG=v8:3575
LOG=Y

Review URL: https://codereview.chromium.org/1283703004

Cr-Commit-Position: refs/heads/master@{#30117}
2015-08-11 17:55:24 +00:00
rossberg
73ae23b5dc [es6] Fix parsing of expressions in patterns
Fixes the use of eval calls in strict parameter lists in particular.

R=adamk@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1276273002

Cr-Commit-Position: refs/heads/master@{#30074}
2015-08-07 21:56:00 +00:00
rossberg
651f55c573 Regression test for crbug 517455
Was fixed by 826f8da55f

R=mstarzinger@chromium.org
BUG=517455
LOG=N

Review URL: https://codereview.chromium.org/1280953002

Cr-Commit-Position: refs/heads/master@{#30069}
2015-08-07 13:32:46 +00:00
rossberg
826f8da55f [es6] Use strict arguments objects for destructured parameters
Plus some renaming for consistency.

R=adamk@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1278783002

Cr-Commit-Position: refs/heads/master@{#30064}
2015-08-07 11:38:39 +00:00
adamk
b7726c447a Delete --harmony-computed-property-names flag
It was shipped in V8 4.4.

Review URL: https://codereview.chromium.org/1273543002

Cr-Commit-Position: refs/heads/master@{#30038}
2015-08-05 21:32:38 +00:00
adamk
cd455055a0 Delete --harmony-unicode flag
It was shipped in V8 4.4.

Review URL: https://codereview.chromium.org/1271073002

Cr-Commit-Position: refs/heads/master@{#30035}
2015-08-05 19:08:42 +00:00
rossberg
4273f66e98 [es6] Implement proper TDZ for parameters
Previously, examples like (({a = x}, x) => {})({}, 0) did not throw a ReferenceError like they should. This CL

- Splits up DeclareFormalParameters such that the formals can be recorded first and declared later.

- Declaration then takes the complete parameter list into account. If it is not simple, temporaries are introduced for all parameters.

- BuildParameterInitializationBlock desugars all parameters from non-simple lists into let-bindings.

- Refactored Pre/ParserFormalParameters, so that the arity information is no longer duplicated in Parser.

- Rest is currently handled specially, until rest-via-destructuring has landed.

R=adamk@chromium.org, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1259283002

Cr-Commit-Position: refs/heads/master@{#30025}
2015-08-05 12:02:23 +00:00
adamk
2e4efcfac2 Add a --harmony-object-observe runtime flag (on by default)
To avoid tanking context startup performance, only the actual installation of the
JS-exposed API is flag-guarded. The remainder of the implementation still
resides in the snapshot.

Review URL: https://codereview.chromium.org/1257063003

Cr-Commit-Position: refs/heads/master@{#30017}
2015-08-04 20:53:32 +00:00
adamk
c4247c1bc2 [es6] new.target should not be shadowable in a with scope
BUG=v8:3887
LOG=n

Review URL: https://codereview.chromium.org/1259183005

Cr-Commit-Position: refs/heads/master@{#30010}
2015-08-04 17:15:40 +00:00
bbudge
7b9670b63b SIMD.js Add the other SIMD Phase 1 types.
Adds Int32x4, Bool32x4, Int16x8, Bool16x8, Int8x16, Bool8x16.
Adds Simd128Value base heap object class.
Changes heap/factory construction pattern to use arrays.
Adds replaceLane functions to facilitate testing.

NOPRESUBMIT=true
(presubmit checks erroneously interpret array declaration in macro definition as variable size array.)

LOG=Y
BUG=v8:4124

Review URL: https://codereview.chromium.org/1250733005

Cr-Commit-Position: refs/heads/master@{#29974}
2015-08-03 13:02:56 +00:00
littledan
024e39613a Class block scoping tests
Class bindings are mutable and lexically scoped, with TDZ semantics.
They may not overlap with var bindings in the same scope. This patch
adds tests for those properties.

R=adamk
BUG=v8:3305
LOG=N

Review URL: https://codereview.chromium.org/1254003004

Cr-Commit-Position: refs/heads/master@{#29856}
2015-07-25 01:59:24 +00:00
littledan
2d2b72f638 Split off a separate --harmony_sloppy_let flag
--harmony_sloppy includes behavior to turn on sloppy mode lexical
bindings. Before this patch, it also included a way to parse let
which is likely web-incompatible (let is disallowed as an
identifier). This patch splits off the let parsing from the more
general block scoping code, so that block scoping can be developed
independently.

R=adamk
LOG=N
BUG=v8:3305

Review URL: https://codereview.chromium.org/1255013002

Cr-Commit-Position: refs/heads/master@{#29855}
2015-07-25 00:05:18 +00:00
rossberg
3e40b64ade Find right scope associated with prologue
R=mstarzinger@chromium.org
BUG=513474,513475,513611,513612
LOG=N

Review URL: https://codereview.chromium.org/1250423002

Cr-Commit-Position: refs/heads/master@{#29845}
2015-07-24 13:08:32 +00:00
rossberg
47d3bb1c0b [es6] Fix function context check for super and new.target
R=adamk@chromium.org
BUG=v8:3330
LOG=N

Review URL: https://codereview.chromium.org/1244423003

Cr-Commit-Position: refs/heads/master@{#29803}
2015-07-23 09:58:59 +00:00
bbudge
5d8c105428 SIMD.js: Update Float32x4 and tests to current spec.
LOG=N
BUG=v8:4124

Review URL: https://codereview.chromium.org/1239423004

Cr-Commit-Position: refs/heads/master@{#29781}
2015-07-22 03:14:06 +00:00
rossberg
fa94ca3ea4 [es6] Check declaration conflicts between non-simple parameters and the function body
Also, more tests for parameters containing functions or eval or both.

R=adamk@chromium.org, caitpotter88@gmail.com, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1225413005

Cr-Commit-Position: refs/heads/master@{#29752}
2015-07-20 13:49:13 +00:00
binji
35b2114874 Atomics Futex API
BUG=chromium:497295
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1208933006

Cr-Commit-Position: refs/heads/master@{#29736}
2015-07-17 17:11:47 +00:00
bbudge
6113058427 Expose SIMD.Float32x4 type to Javascript.
This CL exposes the constructor function, defines type related
information, and implements value type semantics.
It also refactors test/mjsunit/samevalue.js to test SameValue and SameValueZero.

TEST=test/mjsunit/harmony/simd.js, test/cctest/test-simd.cc

LOG=Y
BUG=v8:4124

Committed: https://crrev.com/e5ed3bee99807c502fa7d7a367ec401e16d3f773
Cr-Commit-Position: refs/heads/master@{#29689}

Review URL: https://codereview.chromium.org/1219943002

Cr-Commit-Position: refs/heads/master@{#29712}
2015-07-16 19:43:32 +00:00
mstarzinger
07dc66dcd5 Represent implicit 'this' binding by 'super' in AST.
This makes the implicit initializing assignment to 'this' performed
after a super constructor call explicit in the AST. It removes the
need to handle the special case where a CallExpression behaves like a
AssignmentExpression from various AstVisitor implementations.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1226123010

Cr-Commit-Position: refs/heads/master@{#29705}
2015-07-16 14:26:31 +00:00
hablich
40c38c5a5a Revert of Expose SIMD.Float32x4 type to Javascript. (patchset #14 id:450001 of https://codereview.chromium.org/1219943002/)
Reason for revert:
Seems to brake the latest roll into Chromium: http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_compile_dbg_ng/builds/59796/steps/compile%20%28with%20patch%29/logs/stdio

Original issue's description:
> Expose SIMD.Float32x4 type to Javascript.
> This CL exposes the constructor function, defines type related
> information, and implements value type semantics.
> It also refactors test/mjsunit/samevalue.js to test SameValue and SameValueZero.
>
> TEST=test/mjsunit/harmony/simd.js, test/cctest/test-simd.cc
>
> LOG=Y
> BUG=v8:4124
>
> Committed: https://crrev.com/e5ed3bee99807c502fa7d7a367ec401e16d3f773
> Cr-Commit-Position: refs/heads/master@{#29689}

TBR=rossberg@chromium.org,littledan@chromium.org,martyn.capewell@arm.com,bbudge@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124

Review URL: https://codereview.chromium.org/1241533004

Cr-Commit-Position: refs/heads/master@{#29701}
2015-07-16 12:36:11 +00:00
mstarzinger
b76acef799 [turbofan] Implement super call support in TurboFan.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1238743002

Cr-Commit-Position: refs/heads/master@{#29696}
2015-07-16 08:54:05 +00:00
caitpotter88
124d2011ea [cleanup] remove --harmony-classes flag from mjsunit/harmony/new-target
Unknown flag warning is adding unnecessary noise to terminal during
test runs

BUG=
LOG=N
R=adamk@chromium.org

Review URL: https://codereview.chromium.org/1236993003

Cr-Commit-Position: refs/heads/master@{#29691}
2015-07-15 22:16:38 +00:00
bbudge
e5ed3bee99 Expose SIMD.Float32x4 type to Javascript.
This CL exposes the constructor function, defines type related
information, and implements value type semantics.
It also refactors test/mjsunit/samevalue.js to test SameValue and SameValueZero.

TEST=test/mjsunit/harmony/simd.js, test/cctest/test-simd.cc

LOG=Y
BUG=v8:4124

Review URL: https://codereview.chromium.org/1219943002

Cr-Commit-Position: refs/heads/master@{#29689}
2015-07-15 19:17:06 +00:00
adamk
24e982816f Fix spread array inside array literal
During parsing, we now keep track of the first spread seen in an array
literal (if any), and make use of that information when creating the
FixedArray backing store representing the constant elements for array
literal materialization.

The old code tried to do this by setting the generated JSArray's length
in ArrayLiteral::BuildConstantElements(), but that Array length is never
read by the rest of the literal materialization code (it always uses
the length of the FixedArray backing store).

BUG=v8:4298
LOG=n

Review URL: https://codereview.chromium.org/1225223004

Cr-Commit-Position: refs/heads/master@{#29684}
2015-07-15 15:16:13 +00:00
rossberg
207fbbbe32 [es6] Implement inner scope for functions with destructuring
R=adamk@chromium.org, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1240463002

Cr-Commit-Position: refs/heads/master@{#29674}
2015-07-15 10:59:58 +00:00
binji
a55fcc93ae Don't use length property when bounds checking atomics functions
The length property can be monkey-patched, so use the native function instead.

R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1227913006

Cr-Commit-Position: refs/heads/master@{#29653}
2015-07-14 16:17:21 +00:00
binji
7f34af65aa In Atomics API, convert operands to numbers before calling runtime.
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1232243002

Cr-Commit-Position: refs/heads/master@{#29625}
2015-07-13 20:36:37 +00:00
verwaest
bb964f63d1 Fix keyed stores to strings convertible to indices
BUG=chromium:509545
LOG=n

Review URL: https://codereview.chromium.org/1232823002

Cr-Commit-Position: refs/heads/master@{#29596}
2015-07-13 10:46:35 +00:00
arv
d90013d1d1 [es6] Handle conflicts for sloppy let
We have to call CheckConflictingVarDeclarations in case we have enabled
--harmony-sloppy

BUG=v8:4287
LOG=N
R=littledan@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1226103002

Cr-Commit-Position: refs/heads/master@{#29578}
2015-07-10 16:39:53 +00:00
arv
a73338ba9e [es6] Enforce TDZ checks for let/const in StoreLookupSlot
With --harmony-sloppy we can get to a runtime store in the presence of
an eval. We therefor need to check that the value is not the hole which
is used to enforce TDZ.

BUG=v8:4284
LOG=N
R=rossberg@chromium.org, littledan@chromium.org

Review URL: https://codereview.chromium.org/1214733013

Cr-Commit-Position: refs/heads/master@{#29577}
2015-07-10 16:20:52 +00:00
littledan
a415f59458 Guard @@isConcatSpreadable behind a flag
The breakage to Chrome seems to be based on @@isConcatSpreadable
and turning that part off with this patch fixes the Maps Tips & Tricks
test case.

BUG=chromium:507553
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1226063002

Cr-Commit-Position: refs/heads/master@{#29545}
2015-07-08 21:49:58 +00:00
arv
3b1aabc960 [es6] Initial support for let/const bindings in sloppy mode
Allow let in sloppy mode with --harmony-sloppy

Allow ES'15 const in sloppy mode with --harmony-sloppy --no-legacy-const

Functions in block are not done yet. They are only let bound in the block
at this point.

BUG=v8:3305, v8:2198
LOG=N
R=littledan@chromium.org, rossberg@chromium.org, adamk@chromium.org

Review URL: https://codereview.chromium.org/1219853004

Cr-Commit-Position: refs/heads/master@{#29536}
2015-07-08 15:04:13 +00:00
littledan
a1dcac3df7 Include Harmony Array/TypedArray methods unconditionally
Conditionally including Array and TypedArray methods seems to cause
a slowdown in V8 context creation, possibly due to the new code added.

BUG=chromium:504629
R=adamk@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1215863003

Cr-Commit-Position: refs/heads/master@{#29430}
2015-07-01 23:10:21 +00:00
adamk
62572e011e [es6] Ensure that for-in/of loops have a proper TDZ for their lexically-bound variables
The enumerable expression in a for-in/of loop is supposed to have a TDZ for any
lexically bound names in that loop (there can be more than one with destructuring).

This patch accomplishes this with an almost-correct desugaring. The only thing missing
is proper debugger support (the let declarations added by the desugaring, while invisible
to code due to shadowing, are visible to the debugger).

BUG=v8:4210
LOG=n

Review URL: https://codereview.chromium.org/1218543003

Cr-Commit-Position: refs/heads/master@{#29396}
2015-07-01 00:27:30 +00:00
arv
b87cef133f [es6] Reenable new.target + Reflect.construct tests
BUG=v8:3887
LOG=N
R=caitpotter88@gmail.com, adamk@chromium.org

Review URL: https://codereview.chromium.org/1215973005

Cr-Commit-Position: refs/heads/master@{#29359}
2015-06-29 19:12:15 +00:00
arv
7a63bf77eb [es6] Make new.target work in functions
This makes new.target work in [[Call]] and [[Construct]] of ordinary
functions.

We achieve this by introducing a new construct stub for functions that
uses the new.target variable. The construct stub pushes the original
constructor just above the receiver in the construct frame.

BUG=v8:3887
LOG=N
R=adamk@chromium.org, dslomov@chromium.org

Review URL: https://codereview.chromium.org/1203813002

Cr-Commit-Position: refs/heads/master@{#29358}
2015-06-29 18:29:34 +00:00
dslomov
b4f49586ab [destructuring] Re-index materialized literals in arrow function parameters.
R=wingo@igalia.com
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1212473002

Cr-Commit-Position: refs/heads/master@{#29337}
2015-06-26 21:39:53 +00:00
arv
353b40e980 [es6] Remove harmony-classes flag
Move class tests to es6 directory

BUG=v8:3330
LOG=N
R=adamk

Review URL: https://codereview.chromium.org/1213813003

Cr-Commit-Position: refs/heads/master@{#29336}
2015-06-26 21:16:58 +00:00
arv
47dd45c0ab [es6] Remove harmony-object-literal flag
And move tests to es6 directory

BUG=v8:3516
LOG=N
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1218473003

Cr-Commit-Position: refs/heads/master@{#29334}
2015-06-26 19:49:53 +00:00
binji
5b3700a49a Atomic operations on Uint8ClampedArray
BUG=chromium:497295
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1201543002

Cr-Commit-Position: refs/heads/master@{#29199}
2015-06-22 18:51:25 +00:00
dslomov
e7cdb615ae [destructuring] Implement parameter pattern matching.
Scoping for initializers is yet incorrect. Defaults are not supported.

R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N

Committed: https://crrev.com/42f30f4ded2b1ca0c4caa7639e6206e93c78ee70
Cr-Commit-Position: refs/heads/master@{#29184}

Review URL: https://codereview.chromium.org/1189743003

Cr-Commit-Position: refs/heads/master@{#29192}
2015-06-22 14:16:02 +00:00
machenbach
82e8060515 Revert of [destructuring] Implement parameter pattern matching. (patchset #7 id:120001 of https://codereview.chromium.org/1189743003/)
Reason for revert:
[Sheriff] Breaks tsan:
http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/4392

Original issue's description:
> [destructuring] Implement parameter pattern matching.
>
> Scoping for initializers is yet incorrect. Defaults are not supported.
>
> R=arv@chromium.org,rossberg@chromium.org
> BUG=v8:811
> LOG=N
>
> Committed: https://crrev.com/42f30f4ded2b1ca0c4caa7639e6206e93c78ee70
> Cr-Commit-Position: refs/heads/master@{#29184}

TBR=arv@chromium.org,rossberg@chromium.org,caitpotter88@gmail.com,wingo@igalia.com,dslomov@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811

Review URL: https://codereview.chromium.org/1195163007

Cr-Commit-Position: refs/heads/master@{#29188}
2015-06-22 13:14:24 +00:00
dslomov
42f30f4ded [destructuring] Implement parameter pattern matching.
Scoping for initializers is yet incorrect. Defaults are not supported.

R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1189743003

Cr-Commit-Position: refs/heads/master@{#29184}
2015-06-22 12:07:13 +00:00
caitpotter88
1765866b0b [es6] throw TypeError when setting cyclic prototype value
Object.setPrototypeOf() throws a TypeError if value would create a
cycle. Previously a plain Error was thrown rather than a TypeError.

BUG=v8:4197
R=mike@bocoup.com
LOG=N

Review URL: https://codereview.chromium.org/1198523002

Cr-Commit-Position: refs/heads/master@{#29169}
2015-06-19 22:18:36 +00:00
caitpotter88
e7d4bf87ad [es6] fix IsConcatSpreadable() algorithm in runtime-array.cc
The ordering of the "IsArray()" check for IsConcatSpreadable() was incorrect previously --- IsArray() is only used if Get(O, @@isConcatSpreadable) is undefined. Without this fix, it's not possible for Array subclasses to opt out of spreading

22.1.3.1.1 http://www.ecma-international.org/ecma-262/6.0/#sec-isconcatspreadable

BUG=v8:3764
LOG=N
R=arv@chromium.org, dslomov@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1192153002

Cr-Commit-Position: refs/heads/master@{#29127}
2015-06-18 19:47:29 +00:00
machenbach
b4d3e1ceba Revert of Add %TypedArray% to proto chain (patchset #6 id:100001 of https://codereview.chromium.org/1186733002/)
Reason for revert:
[Sheriff] Changes layout tests:
http://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2032/builds/429

See e.g.:
https://storage.googleapis.com/chromium-layout-test-archives/V8-Blink_Linux_32/429/layout-test-results/inspector/console/console-big-array-pretty-diff.html

Please upload a blink side needsmanualrebaseline change first for these tests if the change is intended. Please also add a blink trybot on a reland of this CL.

Original issue's description:
> Add %TypedArray% to proto chain
>
> According to the ES6 spec, the main methods and getters shouldn't
> be properties of the individual TypedArray objects and prototypes
> but instead on %TypedArray% and %TypedArray%.prototype. This
> difference is observable through introspection. This patch moves
> some methods and getters to the proper place, with the exception
> of %TypedArray%.prototype.subarray and harmony methods. These will
> be moved in follow-on patches.
>
> BUG=v8:4085
> LOG=Y
> R=adamk
>
> Committed: https://crrev.com/a10590158260737b256fac3254b4939f48f90095
> Cr-Commit-Position: refs/heads/master@{#29057}

TBR=adamk@chromium.org,arv@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4085

Review URL: https://codereview.chromium.org/1192433003

Cr-Commit-Position: refs/heads/master@{#29070}
2015-06-17 09:05:51 +00:00
littledan
a105901582 Add %TypedArray% to proto chain
According to the ES6 spec, the main methods and getters shouldn't
be properties of the individual TypedArray objects and prototypes
but instead on %TypedArray% and %TypedArray%.prototype. This
difference is observable through introspection. This patch moves
some methods and getters to the proper place, with the exception
of %TypedArray%.prototype.subarray and harmony methods. These will
be moved in follow-on patches.

BUG=v8:4085
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1186733002

Cr-Commit-Position: refs/heads/master@{#29057}
2015-06-16 23:39:10 +00:00
wingo
a1a7cfd6ba All private symbols are own symbols
R=rossberg@chromium.org
LOG=N
BUG=

Review URL: https://codereview.chromium.org/1182303004

Cr-Commit-Position: refs/heads/master@{#29041}
2015-06-16 08:13:42 +00:00
littledan
40420f67e7 Allow TypedArrays to be initialized with iterables
In ES6, the TypedArray constructor can be called either with an
array-like object or an iterable. The code previously handled
only array-like objects. This patch switches to supporting
iterables while throwing in an optimization to make Arrays
get allocated the old way, without an extra copy.

BUG=v8:4090
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1181903003

Cr-Commit-Position: refs/heads/master@{#29031}
2015-06-15 18:54:42 +00:00
bmeurer
d19410f8e7 [mjsunit] Remove unsupported flag --turbo-deoptimization from tests.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1183123002

Cr-Commit-Position: refs/heads/master@{#29018}
2015-06-15 09:43:11 +00:00
dehrenberg
b23c328f53 In Array.of and Array.from, fall back to DefineOwnProperty
%AddElement is not intended for objects which are not arrays, and
its behavior may go away with future refactorings. This patch gets
rid of it if the receiver of from or of is not the intrinsic Array
object.

Array.of and Array.from previously papered over failures in calling
[[DefineOwnProperty]] when setting array elements. This patch
makes them lead to exceptions, and adds tests to assert that
the appropriate exceptions are thrown.

BUG=v8:4168
R=adamk
CC=rossberg,verwaest
LOG=Y

Review URL: https://codereview.chromium.org/1181623003

Cr-Commit-Position: refs/heads/master@{#28969}
2015-06-11 20:41:04 +00:00
wingo
e7a62c2485 Support rest parameters in arrow functions
R=dslomov@chromium.org, rossberg@chromium.org
LOG=Y
BUG=v8:2700

Review URL: https://codereview.chromium.org/1178523002

Cr-Commit-Position: refs/heads/master@{#28908}
2015-06-10 16:11:31 +00:00
dehrenberg
51df8df9be Implement %TypedArray%.prototype.slice
The initial implementation of this method takes a couple shortcuts:
- At some points in the spec, we should be making a reference to
  "Table 49" and instead do property lookup on the constructor.
  This is an issue with some other TypedArray methods too.
- The spec indicates that, if constructor and @@species haven't been
  messed with in particular ways, then there should be a memcpy
  from the old to the new. That fast path is not implemented here
  in this patch, but because V8 doesn't canonicalize NaN, the result
  isn't observably different.

BUG=v8:3578
LOG=Y
R=arv

Review URL: https://codereview.chromium.org/1170023002

Cr-Commit-Position: refs/heads/master@{#28882}
2015-06-09 19:40:56 +00:00
arv
d269e22de9 [es6] Array.prototype.find and findIndex should include holes
We should not skip holes for these 2 functions.

BUG=v8:3895
LOG=N
R=adamk

Review URL: https://codereview.chromium.org/1165003005

Cr-Commit-Position: refs/heads/master@{#28814}
2015-06-05 14:18:20 +00:00
arv
8c06568186 [es6] super.prop, eval and lazy functions
We used to only store the uses_super_property in the preparse data
logger. Let the logger use NeedsHomeObject instead.

BUG=v8:3768
LOG=N
R=wingo, adamk

Review URL: https://codereview.chromium.org/1164073003

Cr-Commit-Position: refs/heads/master@{#28806}
2015-06-04 21:16:32 +00:00
arv
07c1f277bd Unship harmony tostring
Blink's DOM bindings are not yet ready.

BUG=493137, 239915
LOG=N
R=rossberg, adamk
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1153263004

Cr-Commit-Position: refs/heads/master@{#28804}
2015-06-04 17:33:33 +00:00
dehrenberg
c1e3e3018e Implement %TypedArray%.prototype.{reduce,reduceRight}
This patch re-commits a previous commit after fixing a test to not
run into another known bug.
This reverts commit b104a67ef0.

This patch implements the last two methods on TypedArrays. These
were previously committed and led to a test failure.

BUG=v8:3578
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1159663004

Cr-Commit-Position: refs/heads/master@{#28803}
2015-06-04 16:36:49 +00:00
binji
e59e40a354 Implement Atomics API
This is behind the flag "--harmony-atomics", and it only works on
SharedArrayBuffers. This implementation only includes the runtime functions.
The TurboFan implementation will be next.

The draft spec for Atomics can be found here:
https://docs.google.com/document/d/1NDGA_gZJ7M7w1Bh8S0AoDyEqwDdRh4uSoTPSNn77PFk

BUG=
LOG=n

Review URL: https://codereview.chromium.org/1162503002

Cr-Commit-Position: refs/heads/master@{#28796}
2015-06-03 17:58:42 +00:00
mstarzinger
68beef53c3 Fix arrow functions requiring context without slots.
This fixes a corner-case where arrow functions that require a context
allocate none, because there are no additional slots allocated. Note
that this didn't happen with true function scopes because they always
had at least the receiver slot.

The outcome was a context chain that no longer was in sync with the
scope chain, hence context slot loads were bogus. This is observable
using the DYNAMIC_LOCAL optimization in all compilers.

R=rossberg@chromium.org,wingo@igalia.com
TEST=mjsunit/harmony/regress/regress-4160
BUG=v8:4160
LOG=N

Review URL: https://codereview.chromium.org/1146063006

Cr-Commit-Position: refs/heads/master@{#28788}
2015-06-03 11:32:31 +00:00
bmeurer
b104a67ef0 Revert of Implement %TypedArray%.prototype.{reduce,reduceRight} (patchset #3 id:40001 of https://codereview.chromium.org/1154423014/)
Reason for revert:
Breaks Win32 mjsunit/harmony/typedarray-reduce, see http://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20nosnap%20-%20shared/builds/7121/steps/Check/logs/typedarray-reduce for details.

Original issue's description:
> Implement %TypedArray%.prototype.{reduce,reduceRight}
>
> This patch implements the last two methods on TypedArrays. These
> were previously committed and led to a test failure.
>
> BUG=v8:3578
> LOG=Y
> R=adamk
>
> Committed: https://crrev.com/95d779ecc9816ac20c1565bebeeac6a1ef29f1c7
> Cr-Commit-Position: refs/heads/master@{#28773}

TBR=adamk@chromium.org,dehrenberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3578

Review URL: https://codereview.chromium.org/1162043008

Cr-Commit-Position: refs/heads/master@{#28777}
2015-06-03 05:29:42 +00:00
dehrenberg
95d779ecc9 Implement %TypedArray%.prototype.{reduce,reduceRight}
This patch implements the last two methods on TypedArrays. These
were previously committed and led to a test failure.

BUG=v8:3578
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1154423014

Cr-Commit-Position: refs/heads/master@{#28773}
2015-06-03 05:01:41 +00:00
arv
4b8051a02a [es6] Super call in arrows and eval
This splits the SuperReference AST node into SuperPropertyReference and
SuperCallReference. The super call reference node consists of three
unresolved vars to this, new.target and this_function. These gets
declared when the right function is entered and if it is in use. The
variables gets assigned in FullCodeGenerator::Generate.

This is a revert of the revert 88b1c9170a

BUG=v8:3768
LOG=N
R=wingo@igalia.com, adamk@chromium.org

Review URL: https://codereview.chromium.org/1168513004

Cr-Commit-Position: refs/heads/master@{#28769}
2015-06-02 22:04:33 +00:00
dehrenberg
4f9df26b09 Implement %TypedArray%.prototype.{toString,toLocaleString,join}
Implementations factored out from Array. Tests are derived from
normal array toString tests.

BUG=v8:3578
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1166623004

Cr-Commit-Position: refs/heads/master@{#28766}
2015-06-02 18:58:24 +00:00
caitpotter88
904fbc303a Revert of [es6] implement default parameters via desugaring (patchset #19 id:380001 of https://codereview.chromium.org/1127063003/)
Reason for revert:
Broken on arm64

Original issue's description:
> [es6] implement default parameters via desugaring
>
> Stage 1 implementation:
>
> - Parameters can't be referenced before initialized (from left-to-right)
> - SingleNameBindings only, no support for BindingPatterns
>
> Known issues:
>
> - Incorrect scoping (parameter expressions may reference variables declared in function body)
> - Function arity is untouched
> - Hole-checking needs work
> - Rest parameters are broken when mixed with optional arguments
>
> BUG=v8:2160
> LOG=N
> R=arv@chromium.org, rossberg@chromium.org
>
> Committed: https://crrev.com/892c85485881f8be2f17bd83238980f858126576
> Cr-Commit-Position: refs/heads/master@{#28739}

TBR=rossberg@chromium.org,wingo@igalia.com,arv@chromium.org,dslomov@chromium.org,adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:2160

Review URL: https://codereview.chromium.org/1163853002

Cr-Commit-Position: refs/heads/master@{#28740}
2015-06-01 18:35:03 +00:00
caitpotter88
892c854858 [es6] implement default parameters via desugaring
Stage 1 implementation:

- Parameters can't be referenced before initialized (from left-to-right)
- SingleNameBindings only, no support for BindingPatterns

Known issues:

- Incorrect scoping (parameter expressions may reference variables declared in function body)
- Function arity is untouched
- Hole-checking needs work
- Rest parameters are broken when mixed with optional arguments

BUG=v8:2160
LOG=N
R=arv@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1127063003

Cr-Commit-Position: refs/heads/master@{#28739}
2015-06-01 17:10:50 +00:00
arv
88b1c9170a Revert of [es6] Super call in arrows and eval (patchset #5 id:100001 of https://codereview.chromium.org/1146863007/)
Reason for revert:
Fails

http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug%20-%201/builds/579/steps/Check/logs/super

Original issue's description:
> [es6] Super call in arrows and eval
>
> This splits the SuperReference AST node into SuperPropertyReference and
> SuperCallReference. The super call reference node consists of three
> unresolved vars to this, new.target and this_function. These gets
> declared when the right function is entered and if it is in use. The
> variables gets assigned in FullCodeGenerator::Generate.
>
> BUG=v8:3768
> LOG=N
> R=wingo@igalia.com, adamk@chromium.org
>
> Committed: https://crrev.com/673c0516ab96f24343bbb26e0afc2846b5a679df
> Cr-Commit-Position: refs/heads/master@{#28731}

TBR=wingo@igalia.com,adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3768

Review URL: https://codereview.chromium.org/1161243005

Cr-Commit-Position: refs/heads/master@{#28735}
2015-06-01 16:10:17 +00:00
arv
673c0516ab [es6] Super call in arrows and eval
This splits the SuperReference AST node into SuperPropertyReference and
SuperCallReference. The super call reference node consists of three
unresolved vars to this, new.target and this_function. These gets
declared when the right function is entered and if it is in use. The
variables gets assigned in FullCodeGenerator::Generate.

BUG=v8:3768
LOG=N
R=wingo@igalia.com, adamk@chromium.org

Review URL: https://codereview.chromium.org/1146863007

Cr-Commit-Position: refs/heads/master@{#28731}
2015-06-01 15:02:38 +00:00
arv
44e9810345 [es6] Support super.property in eval and arrow functions
When we enter a method that needs access to the [[HomeObject]]
we allocate a local variable `.home_object` and assign it the
value from the [[HomeObject]] private symbol. Something along
the lines of:

  method() {
    var .home_object = %ThisFunction()[home_object_symbol];
    ...
  }

BUG=v8:3867, v8:4031
LOG=N

Review URL: https://codereview.chromium.org/1135243004

Cr-Commit-Position: refs/heads/master@{#28644}
2015-05-26 20:29:54 +00:00
mike
f7b5912276 [es6] Define generator prototype as writable prop
The April 14 2015 final draft of the ES6 specification states that the
`prototype` property of generator function instances should be writable.

BUG=v8:4140, v8:4140
LOG=N
R=arv@chromium.org

Review URL: https://codereview.chromium.org/1153633003

Cr-Commit-Position: refs/heads/master@{#28641}
2015-05-26 18:31:49 +00:00
mstarzinger
ce551f91fd [turbofan] Fix known issue about computed property names.
This fixes a corner-case where deoptimization while evaluating the
value to a __proto__ property after computed property names appeared
in an object literal, lead to environments not being in sync with
unoptimized code.

R=arv@chromium.org
TEST=mjsunit/harmony/computed-property-names-deopt

Review URL: https://codereview.chromium.org/1158443004

Cr-Commit-Position: refs/heads/master@{#28613}
2015-05-26 08:45:16 +00:00
binji
aff8ebb0eb Implement SharedArrayBuffer.
This adds a new external type (v8::SharedArrayBuffer) that uses a JSArrayBuffer
under the hood. It can be distinguished from an ArrayBuffer by the newly-added
is_shared() bit.

Currently there is no difference in functionality between a SharedArrayBuffer
and an ArrayBuffer. However, a future CL will add the Atomics API, which is
only available on an SharedArrayBuffer. All non-atomic accesses are identical
to ArrayBuffer accesses.

LOG=N
BUG=

Review URL: https://codereview.chromium.org/1136553006

Cr-Commit-Position: refs/heads/master@{#28594}
2015-05-22 13:43:17 +00:00
yangguo
57ee3c0f6e Revert of Implement SharedArrayBuffer (patchset #7 id:120001 of https://codereview.chromium.org/1136553006/)
Reason for revert:
breaks build

Original issue's description:
> Implement SharedArrayBuffer.
>
> This adds a new external type (v8::SharedArrayBuffer) that uses a JSArrayBuffer under the hood. It can be distinguished from an ArrayBuffer by the newly-added is_shared() bit.
>
> Currently there is no difference in functionality between a SharedArrayBuffer and an ArrayBuffer. However, a future CL will add the Atomics API, which is only available on an SharedArrayBuffer. All non-atomic accesses are identical to ArrayBuffer accesses.
>
> BUG=
>
> Committed: https://crrev.com/57170bff7baf341c666252a7f6a49e9c08d51263
> Cr-Commit-Position: refs/heads/master@{#28588}

TBR=jarin@chromium.org,jochen@chromium.org,binji@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1149203003

Cr-Commit-Position: refs/heads/master@{#28589}
2015-05-22 12:17:49 +00:00
binji
57170bff7b Implement SharedArrayBuffer.
This adds a new external type (v8::SharedArrayBuffer) that uses a JSArrayBuffer under the hood. It can be distinguished from an ArrayBuffer by the newly-added is_shared() bit.

Currently there is no difference in functionality between a SharedArrayBuffer and an ArrayBuffer. However, a future CL will add the Atomics API, which is only available on an SharedArrayBuffer. All non-atomic accesses are identical to ArrayBuffer accesses.

BUG=

Review URL: https://codereview.chromium.org/1136553006

Cr-Commit-Position: refs/heads/master@{#28588}
2015-05-22 12:06:44 +00:00
verwaest
eeb2d17b7a Fix ToNameArray
BUG=

Review URL: https://codereview.chromium.org/1146113004

Cr-Commit-Position: refs/heads/master@{#28580}
2015-05-22 10:57:20 +00:00
dslomov
7ffdb5194d [destructuring] Grand for statement parsing unification.
Also support patterns in ``for (var p in/of ...)``

This CL extends the rewriting we used to do for ``for (let p in/of...)`` to
``for (var p in/of ...)``. For all for..in/of loop declaring variable,
we rewrite
   for (var/let/const pattern in/of e) b
into
   for (x' in/of e) { var/let/const pattern = e; b }

This adds a small complication for debugger: for a statement
   for (var v in/of e) ...
we used to have
   var v;
   for (v in/of e) ...
and there was a separate breakpoint on ``var v`` line.
This breakpoint is actually useless since it is immediately followed by
a breakpoint on evaluation of ``e``, so this CL removes that breakpoint
location.

Similiraly, for let, it used to be that
  for (let v in/of e) ...
became
  for (x' in/of e) { let v; v  = x'; ... }
``let v``generetaed a useless breakpoint (with the location at the
loop's head. This CL removes that breakpoint as well.

R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1149043005

Cr-Commit-Position: refs/heads/master@{#28565}
2015-05-21 17:46:45 +00:00
dslomov
8925b848ee [destructuring] Implement pattern matching in lexcal for-of/for-in.
R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1152503002

Cr-Commit-Position: refs/heads/master@{#28547}
2015-05-21 12:35:54 +00:00
arv
9502e91adb [es6] Spread in array literals
This allows you to put iterables into your array literals
and the will get spread into the array.

  let x = [0, ...range(1, 3)];  // [0, 1, 2]

This is done by treating the array literal up to the first
spread element as usual, including using a boiler plate
array, and then appending the remaining expressions and rest
expressions.

BUG=v8:3018
LOG=N

Review URL: https://codereview.chromium.org/1125183008

Cr-Commit-Position: refs/heads/master@{#28534}
2015-05-21 08:08:55 +00:00
dehrenberg
f6af3a492d Re-land %TypedArray%.prototype.{map,filter,some}
Previously this patch was attempted with reduce and reduceRight included;
however, some of those tests crashed in the trybots. This version has
just map, fiter and some, together with their tests.

R=arv@chromium.org
BUG=v8:3578
LOG=Y

Review URL: https://codereview.chromium.org/1145013002

Cr-Commit-Position: refs/heads/master@{#28529}
2015-05-21 01:38:04 +00:00
verwaest
de23dd2809 Fix for-in for large indexes and indexes on proxies
BUG=v8:4130
LOG=n

Review URL: https://codereview.chromium.org/1148863002

Cr-Commit-Position: refs/heads/master@{#28526}
2015-05-20 17:03:03 +00:00
dslomov
aca4735bec [destructuring] Implement spread binding patterns.
R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1151503002

Cr-Commit-Position: refs/heads/master@{#28522}
2015-05-20 15:05:43 +00:00
dslomov
a38e3a4518 [destructuring] Implement BindingArrayPattern
(everything except Spread is implemeneted)

R=arv@chromium.org,rossberg@chromium.org,wingo@igalia.com
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1139603005

Cr-Commit-Position: refs/heads/master@{#28500}
2015-05-20 08:08:14 +00:00
Daniel Ehrenberg
31fb502474 Implement %TypedArray%.{lastI,i}ndexOf
This patch adds the two TypedArray methods indexOf and lastIndexOf,
which are similar to the methods on Arrays. Tests are ported from
arrays as well.

BUG=v8:3578
LOG=Y
R=arv@chromium.org

Review URL: https://codereview.chromium.org/1141763004

Patch from Daniel Ehrenberg <dehrenberg@chromium.org>.

Cr-Commit-Position: refs/heads/master@{#28495}
2015-05-20 01:09:05 +00:00
Daniel Ehrenberg
540bb0c80b Implement %TypedArray%.prototype.sort
The sort method of TypedArrays sorts in numerical order by default.
This patch implements sorting based on Arrays and adds a test.
The length of %TypedArray%.prototype.sort, like Array.prototype.sort,
seems to be unspecified in ES6, so this patch lets it have the value
1, to match our interpretation for Array.prototype.sort (though 0
would also be a sensible length).

R=arv@chromium.org
BUG=v8:3578
LOG=Y

Review URL: https://codereview.chromium.org/1148513002

Patch from Daniel Ehrenberg <dehrenberg@chromium.org>.

Cr-Commit-Position: refs/heads/master@{#28494}
2015-05-20 00:56:06 +00:00
Daniel Ehrenberg
cc74268d30 Implement %TypedArray%.reverse
This patch adds the reverse method to TypedArrays, together with a
test. The test also runs for normal Arrays, since I didn't see a
test for reversing dense arrays.

BUG=v8:3578
LOG=Y
R=arv@chromium.org

Review URL: https://codereview.chromium.org/1132723008

Patch from Daniel Ehrenberg <dehrenberg@chromium.org>.

Cr-Commit-Position: refs/heads/master@{#28493}
2015-05-20 00:38:49 +00:00
machenbach
6f58ffa140 Revert of Implement %TypedArray%.prototype.{map,filter,some,reduce,reduceRight} (patchset #2 id:20001 of https://codereview.chromium.org/1139663005/)
Reason for revert:
[Sheriff] Breaks win nosnap:
http://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20nosnap%20-%20shared/builds/6872

Original issue's description:
> Implement %TypedArray%.prototype.{map,filter,some,reduce,reduceRight}
>
> This patch adds implementations for additional TypedArray methods
> from the ES6 spec, together with tests adapted from array code.
>
> R=arv@chromium.org
> BUG=v8:3578
> LOG=Y
>
> Committed: https://crrev.com/59ef8c5f3282f01b5990b3a46a2a3a829b699a13
> Cr-Commit-Position: refs/heads/master@{#28488}

TBR=arv@chromium.org,dehrenberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3578

Review URL: https://codereview.chromium.org/1143833002

Cr-Commit-Position: refs/heads/master@{#28489}
2015-05-19 16:55:45 +00:00