Implementations and tests for typeof, void, and logical not.

Add missing string type to Object::TypeOf.

BUG=v8:4280
LOG=NO

Review URL: https://codereview.chromium.org/1390483002

Cr-Commit-Position: refs/heads/master@{#31124}

Adds an ignition variant to the test runner and adds support to test262 for
filtering such that only test scripts (not the test harness) get run by
the interpreter.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1379093002

Cr-Commit-Position: refs/heads/master@{#31123}

This adds the unittests to the "default" test set. Now that
the "default" and the DEFAULT_TESTS (i.e. runner with
no arguments) are the same, removed DEFAULT_TESTS and use
TEST_MAP["default"] instead.

On the bots, where unittests and default were run in
separation before, the explicit unittests step should now
be skipped.

This is necessary for swarming, as the unittests step is
too small to justify its own swarming job.

BUG=chromium:535160
LOG=n

Review URL: https://codereview.chromium.org/1374733006

Cr-Commit-Position: refs/heads/master@{#31122}

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1377643003 .

Cr-Commit-Position: refs/heads/master@{#31121}

When calling into C++ builtins, we need to make sure that the argument
count register contains the correct number of arguments, otherwise the
CEntryStub will not be able to leave the stack in the correct state.

R=ishell@chromium.org
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1391543002

Cr-Commit-Position: refs/heads/master@{#31120}

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1388813002

Cr-Commit-Position: refs/heads/master@{#31119}

Rolling v8/buildtools to 5fc8d3943e163ee627c8af50366c700c0325bba2

Rolling v8/tools/clang to 6ab82bf7484ae7c06316c095e93b8b0dc6ea806a

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1388043002

Cr-Commit-Position: refs/heads/master@{#31118}

Previously, using legacy const in for-of/in loops led to a check-fail
in the parser. This was due to the fact that the destructuring bind
led to an undefined initialization to undefined in the parser, which
caused the for loop code to go down a strange path. This patch
eliminates the undefined initialization in variables declared in
for-in/of loops, so that that path is not used and the error is
fixed.

BUG=v8:4461
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1385913003

Cr-Commit-Position: refs/heads/master@{#31117}

* Promise.resolve is now works with subclasses
* Spec removed [[PromiseConstructor]] now can simply use constructor
* Promise.resolve ignores species

R=littledan@chromium.org,domenic@chromium.org
BUG=v8:4161,v8:4341
LOG=Y

Review URL: https://codereview.chromium.org/1362773002

Cr-Commit-Position: refs/heads/master@{#31116}

This patch prohibits lexical bindings from being called 'let', even in
sloppy mode, following the ES2015 specification. The change affects
multiple cases of lexical bindings, including simple let/const declarations
and both kinds of for loops. var and legacy const bindings still permit
the name to be let, including in destructuring cases. Tests are added to
verify, though some cases are commented out since they led to (pre-existing)
crashes.

BUG=v8:4403
R=adamk
LOG=Y

Review URL: https://codereview.chromium.org/1371263003

Cr-Commit-Position: refs/heads/master@{#31115}

Port 5cf1c0bc

Original commit message:
    Previous to this patch, both the lithium and TurboFan register
    allocators tracked allocated registers by "indices", rather than
    the register codes used elsewhere in the runtime. This patch
    ensures that codes are used everywhere, and in the process cleans
    up a bunch of redundant code and adds more structure to how the
    set of allocatable registers is defined.

    Some highlights of changes:

    * TurboFan's RegisterConfiguration class moved to V8's top level
      so that it can be shared with Crankshaft.
    * Various "ToAllocationIndex" and related methods removed.
    * Code that can be easily shared between Register classes on
      different platforms is now shared.
    * The list of allocatable registers on each platform is declared
      as a list rather than implicitly via the register index <->
      code mapping.

R=danno@chromium.org, bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1381383002

Cr-Commit-Position: refs/heads/master@{#31114}

Clang builds on Windows were failing with:

..\..\v8\src\register-configuration.cc(85,17) :  error: unqualified friend
declaration referring to type outside of the nearest enclosing namespace is
a Microsoft extension; add a nested name specifier
[-Werror,-Wmicrosoft-unqualified-friend]

  friend struct Register;
                ^
                ::v8::internal::

How did it work on non-Windows? The friend declarations were declaring
new Register and DoubleRegister structs in the current namespace, instead
of refering the existing classes in the outer namespce.

The code isn't referencing any private members of these classes anyway,
so let's drop the friend declarations.

BUG=82385
LOG=n

Review URL: https://codereview.chromium.org/1389723002

Cr-Commit-Position: refs/heads/master@{#31113}

Revert of Reland: Introduce a V8_NORETURN macro and use it to make GCC 4.9.2 happy again. (patchset #3 id:40001 of https://codereview.chromium.org/1384873002/ )

Reason for revert:
[Sheriff] Breaks the gcc 4.8 bot:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20gcc%204.8/builds/3274

Original issue's description:
> Reland: Introduce a V8_NORETURN macro and use it to make GCC 4.9.2 happy again.
>
> Without that, it has a few false positives about out-of-bounds array accesses.
> Also makes the clang static-analyzer happy.
>
> Original code review from Sven Panne:
> https://codereview.chromium.org/790723002/
>
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_arm_dbg,v8_linux_arm64_dbg,v8_mac64_dbg,v8_win_compile_dbg
>
> Committed: https://crrev.com/d068574e641e28f05dcde89ddc9a1d0ec6f6f308
> Cr-Commit-Position: refs/heads/master@{#31105}

TBR=jochen@chromium.org,bmeurer@chromium.org,karl@skomski.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1376113005

Cr-Commit-Position: refs/heads/master@{#31112}

The --abort-on-uncaught-exception command line switch makes
Isolate::Throw abort if the error being thrown cannot be caught by a
try/catch block.

Embedders may want to use other mechanisms than try/catch blocks to
handle uncaught exceptions. For instance, Node.js has "domain" objects
that have error handlers that can handle uncaught exception like
following:

var d = domain.create();

d.on('error', function onError(err) {
  console.log('Handling error');
});

d.run(function() {
  throw new Error("boom");
});

These error handlers are called by isolates' message listeners.

If --abort-on-uncaught-exception is *not* used, the isolate's
message listener will be called, which will in turn call the domain's
error handler. The process will output 'Handling error' and will exit
successfully (not due to an uncaught exception). This is the behavior
that Node.js users expect.

However, if --abort-on-uncaught-exception is used and when throwing an
error within a domain that has an error handler, the process will abort
and the domain's error handler will not be called. This is not the
behavior that Node.js users expect.

Having a SetAbortOnUncaughtExceptionCallback API allows embedders to
determine when it's not appropriate to abort and instead handle the
exception via the isolate's message listener.

In the example above, Node.js would set a custom callback with
SetAbortOnUncaughtExceptionCallback that would be implemented as
following (the sample code has been simplified to remove what's not
relevant to this change):

bool ShouldAbortOnUncaughtException(Isolate* isolate) {
  return !IsDomainActive();
}

Now when --abort-on-uncaught-exception is used, Isolate::Throw would
call that callback and determine that it should not abort if a domain
with an error handler is active. Instead, the isolate's message listener
would be called and the error would be handled by the domain's error
handler.

I believe this can also be useful for other embedders.

BUG=

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1375933003

Cr-Commit-Position: refs/heads/master@{#31111}

The log-utils.h file uses va_list but doesn't require the header. This CL
adds the needed header to remove a compiler error we've seen when doing some
bisecting.

Review URL: https://codereview.chromium.org/1383483004

Cr-Commit-Position: refs/heads/master@{#31110}

Clusterfuzz testing discovered that sloppy-mode block-scoped function
declarations introduce lexically-scoped variables in scopes that were
thrown away under the expectation that no lexically-scoped variables
were introduced. These cases are:

  for (;;) function foo() {}
  for (x in y) function foo() {}

This patch ensures that a block is created in those cases to hold the
lexically scoped variable. Usually, scope analysis should discover that
that block is not important, and it should not have a runtime
representation.

BUG=chromium:536750,chromium:536751
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1382123002

Cr-Commit-Position: refs/heads/master@{#31109}

TEST=
BUG=

Review URL: https://codereview.chromium.org/1389653002

Cr-Commit-Position: refs/heads/master@{#31108}

BUG=chromium:524425
LOG=n

Review URL: https://codereview.chromium.org/1361853005

Cr-Commit-Position: refs/heads/master@{#31107}

TEST=cctest/test-interpreter/InterpreterCall,
     cctest/test-bytecode-generator/CallRuntime
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1390533002

Cr-Commit-Position: refs/heads/master@{#31106}

Without that, it has a few false positives about out-of-bounds array accesses.
Also makes the clang static-analyzer happy.

Original code review from Sven Panne:
https://codereview.chromium.org/790723002/

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_arm_dbg,v8_linux_arm64_dbg,v8_mac64_dbg,v8_win_compile_dbg

Review URL: https://codereview.chromium.org/1384873002

Cr-Commit-Position: refs/heads/master@{#31105}

This removes the lookup-inl.h header file, which actually would break
compilation if included more than once in the codebase. It only holds
methods used solely in the lookup.cc compilation unit.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1375843004

Cr-Commit-Position: refs/heads/master@{#31104}

BUG=

Review URL: https://codereview.chromium.org/1375963003

Cr-Commit-Position: refs/heads/master@{#31103}

Added a scavenge GC pass that collects unmodified references instead of
processing object groups.  This mode can be controlled by setting
FLAG_scavenge_remove_unmodified_objects. By default this is turned off.
Also, modified a test case to suit the handle the new GC pass.

BUG=v8:4421
LOG=N

Review URL: https://codereview.chromium.org/1358703003

Cr-Commit-Position: refs/heads/master@{#31102}

LOG=N
R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1385873002

Cr-Commit-Position: refs/heads/master@{#31101}

when the application is not idle.

BUG=

Review URL: https://codereview.chromium.org/1369333005

Cr-Commit-Position: refs/heads/master@{#31100}

BUG=v8:2764
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1378323003

Cr-Commit-Position: refs/heads/master@{#31099}

Port 75f6ad74

Original commit message:
    Adds support for calling runtime functions from the interpreter. Adds the
    CallRuntime bytecode which takes a Runtime::FunctionId of the function to call
    and the arguments in sequential registers. Adds a InterpreterCEntry builtin
    to enable the interpreter to enter C++ code based on the functionId.

    Also renames Builtin::PushArgsAndCall to Builtin::InterpreterPushArgsAndCall
    and groups all the interpreter builtins together.

R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1384483004

Cr-Commit-Position: refs/heads/master@{#31098}

The change in question caused regressions on GC-heavy benchmarks,
presumably due to the added indirection that is taken within hot code
like the marking visitor.

This is a manual revert due to conflicts.

This reverts commit 4f55b830.

R=hpayer@chromium.org
BUG=chromium:539273
LOG=n

Review URL: https://codereview.chromium.org/1386863002

Cr-Commit-Position: refs/heads/master@{#31097}

Now there are two functions, one corresponding to the spec's
[[PreventExtensions]] and one corresponding to Object.preventExtensions.
They differ in what they return.

This CL is in preparation of implementing Reflect.preventExtensions.

R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1377103005

Cr-Commit-Position: refs/heads/master@{#31096}

Fixes:

../../test/cctest/compiler/test-js-typed-lowering.cc:224:14:
 error: ‘kJSTypes’ defined but not used [-Werror=unused-variable]
  static Type* kJSTypes[] = {Type::Undefined(), Type::Null(),   Type::Boolean(),

../../src/bignum.cc: In member function
 ‘void v8::internal::Bignum::AssignDecimalString(Vector<const char>)’:
  ../../src/bignum.cc:80:6: error: assuming signed overflow does not occur when
  assuming that (X + c) < X is always false [-Werror=strict-overflow]

../../src/compiler/ia32/code-generator-ia32.cc:1366:3:
  required from here ../../src/base/logging.h:123:26:
   error: comparison between signed and unsigned integer expressions
   [-Werror=sign-compare] DEFINE_CHECK_OP_IMPL(EQ, ==)

BUG=

Review URL: https://codereview.chromium.org/1371823002

Cr-Commit-Position: refs/heads/master@{#31095}

This reverts commit 280a6f8e.

Reland of https://codereview.chromium.org/1380593002/

BUG=chromium:535160
LOG=n
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel;

Review URL: https://codereview.chromium.org/1390473003

Cr-Commit-Position: refs/heads/master@{#31094}

TBR=machenbach@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1387763002 .

Cr-Commit-Position: refs/heads/master@{#31093}

The buffer used for appending filenames to the string printed to the
perf_basic_prof log was unnecessarily too small. Bump it up to be at least
kUtf8BufferSize.

Truncation of filenames makes it really hard to work with profiles gathered on
Node.js. Because of the way Node.js works, you can have node module dependencies
in deeply nested directories. The last thing you want when investigating a
performance problem is to have script names be truncated.

This patch is a stop-gap. Ideally, I want no truncation of the filename at all
and use a dynamically growing buffer. That would be a larger change, and I
wanted to have a quick fix available that can be back-ported to Node.js LTS
release.

R=yangguo@chromium.org,yurys@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1388543002

Cr-Commit-Position: refs/heads/master@{#31092}

Rolling v8/tools/clang to 071be3c47dbf2dfb347629bbfb0afe462cbc571b

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1379053003

Cr-Commit-Position: refs/heads/master@{#31091}

A subset of the LiveRangeUnitTests (SplitInvalidPreStart,
InvalidSplitEnd, SplitInvalidPostEnd) fail or hang on AIX in release
mode.

These tests fork a child which is expected to crash in
register-allocator code after feeding in bad inputs.

In debug mode, they behave as expected due to hitting a debug assert.

In release mode, however, the tests rely only on the fact that
dereferencing a null pointer will cause a SEGFAULT.  This is true on
most platforms, but not AIX.  An AIX process has valid low memory
pages mapped for reading and will not fault.  Thus, these tests fail
or hang because the child process survives the load from address zero
and either completes (with undefined results) or goes into an infinite
loop.

R=bmeurer@chromium.org, danno@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1384733002

Cr-Commit-Position: refs/heads/master@{#31090}

Adds support for calling runtime functions from the interpreter. Adds the
CallRuntime bytecode which takes a Runtime::FunctionId of the function to call
and the arguments in sequential registers. Adds a InterpreterCEntry builtin
to enable the interpreter to enter C++ code based on the functionId.

Also renames Builtin::PushArgsAndCall to Builtin::InterpreterPushArgsAndCall
and groups all the interpreter builtins together.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1362383002

Cr-Commit-Position: refs/heads/master@{#31089}

Adds the following owners to interpreter/ directory:
 - oth@chromium.org
 - mstarzinger@chromium.org
 - bmeurer@chromium.org

Also sets noparent on the directory.

Review URL: https://codereview.chromium.org/1374533005

Cr-Commit-Position: refs/heads/master@{#31088}

Previous to this patch, both the lithium and TurboFan register
allocators tracked allocated registers by "indices", rather than
the register codes used elsewhere in the runtime. This patch
ensures that codes are used everywhere, and in the process cleans
up a bunch of redundant code and adds more structure to how the
set of allocatable registers is defined.

Some highlights of changes:

* TurboFan's RegisterConfiguration class moved to V8's top level
  so that it can be shared with Crankshaft.
* Various "ToAllocationIndex" and related methods removed.
* Code that can be easily shared between Register classes on
  different platforms is now shared.
* The list of allocatable registers on each platform is declared
  as a list rather than implicitly via the register index <->
  code mapping.

Committed: https://crrev.com/80bc6f6e11f79524e3f1ad05579583adfd5f18b2
Cr-Commit-Position: refs/heads/master@{#30913}

Committed: https://crrev.com/7b7a8205d9a00c678fb7a6e032a55fecbc1509cf
Cr-Commit-Position: refs/heads/master@{#31075}

Review URL: https://codereview.chromium.org/1287383003

Cr-Commit-Position: refs/heads/master@{#31087}

Properly share both the constructor and the non-constructor maps
for bound functions. Previously we had only the non-constructor
map shared on the native context, and we had to create a new map
for every bound function whose [[BoundTargetFunction]] is a
constructor (in the ES6 sense).

This should repair the most recent regression on Speedometer.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_dbg
R=jarin@chromium.org
BUG=chromium:536114,chromium:535408,v8:4430
LOG=n

Review URL: https://codereview.chromium.org/1379323002

Cr-Commit-Position: refs/heads/master@{#31086}

BUG=

Review URL: https://codereview.chromium.org/1376143006

Cr-Commit-Position: refs/heads/master@{#31085}