This change mirrors the semantics for derived class constructors. This
change doesn't affect non class constructors.

This change could potentially break web compat. More details:
https://github.com/tc39/ecma262/pull/469

Bug=v8:5536

Change-Id: I519599949523733332d0b35e4f8d9ecb01cac495
Reviewed-on: https://chromium-review.googlesource.com/461225Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44594}

This reverts commit 9df5674b because it
is not compatible with the way that Array.prototype.reduceRight and
Array.prototype.reduce deal with optional parameters at this point (i.e.
parameters where the behavior is different depending on whether the
parameter was skipped or undefined was passed).

In general, it might be better to not adapt arguments for builtins with
optional paramters, that are likely skipped, for example as in
Object.create or Array.prototype.reduce. Since that will require
arguments adaptor frames for normal calls, especially from baseline
code. Instead it might make sense to use the variadic arguments support
in the CodeStubAssembler instead to avoid the arguments adaptor in all
cases (not only when called from TurboFan optimized code).

BUG=v8:5267,chromium:709782,chromium:707992,chromium:708282,chromium:708599,chromium:709173,chromium:709747,chromium:707065,chromium:710417
TBR=danno@chromium.org

Review-Url: https://codereview.chromium.org/2817653002
Cr-Commit-Position: refs/heads/master@{#44593}

Today, the semantics of:

WebAssembly.instantiate

and

WebAssembly.compile().then(new WebAssemblyInstance)

are subtly different, to the point where attempting the proposed
change uncovered bugs.

In the future, it's possible that .instantiate actually have different
semantics - if we pre-specialized to the provided ffi, for example.
Right now that's not the case.

This CL:
- gets our implementation closer to what developers may write using
the compile -> new Instance alternative, in particular wrt promise
creation. By reusing code paths, we uncover more bugs, and keep
maintenance cost lower.

- it gives us the response-based WebAssembly.instantiate implicitly.
Otherwise, we'd need that same implementation on the blink side. The
negative is maintenance: imagine if the bugs I mentioned could only be
found when running in Blink.

BUG=chromium:697028

Review-Url: https://codereview.chromium.org/2806073002
Cr-Commit-Position: refs/heads/master@{#44592}

BUG=

Review-Url: https://codereview.chromium.org/2809253002
Cr-Commit-Position: refs/heads/master@{#44591}

This also fixes an existing discrepancy.

BUG=v8:6017

Review-Url: https://codereview.chromium.org/2808403002
Cr-Commit-Position: refs/heads/master@{#44590}

Port 57afd0bb

Original Commit Message:

    Adds a collection of call bytecodes which have an implicit undefined
    receiver argument, for cases such as global calls where we know that the
    receiver has to be undefined. This way we can skip an LdaUndefined,
    decrease bytecode register pressure, and set a more accurate
    ConvertReceiverMode on the interpreter and TurboFan call.

    As a side effect, the "normal" Call bytecode now becomes a rare case
    (only with calls and super property calls), so we get rid of its 0-2
    argument special cases and modify CallProperty[N] to use the
    NotNullOrUndefined ConvertReceiverMode.

    Reland of https://chromium-review.googlesource.com/c/463287 after fixing
    tests in https://codereview.chromium.org/2813873002.

R=leszeks@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2813563006
Cr-Commit-Position: refs/heads/master@{#44589}

One of our internal Chromecast builds was failing due to undefined
va_list in wasm-result.h. I also searched for other files where va_list
was used without including stdarg.h and added it as necessary (since
include-what-you-use is a thing).

BUG=chromium:706443

Review-Url: https://codereview.chromium.org/2780913002
Cr-Commit-Position: refs/heads/master@{#44588}

After r299061, MSan started complaining about uninitialized data in
fwrite.

BUG=chromium:710152

Review-Url: https://codereview.chromium.org/2808253002
Cr-Commit-Position: refs/heads/master@{#44587}

R=clemensh@chromium.org
BUG=v8:6127

Change-Id: I7f418b4e1accc8d560886cd5c05bdc54d3088249
Reviewed-on: https://chromium-review.googlesource.com/474864
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44586}

Per https://github.com/tc39/test262/pull/956, André believes that ASI
should be permitted in these situations.

BUG=
R=marja@chromium.org, adamk@chromium.org, littledan@chromium.org

Change-Id: I5602d8a507576607750ffa9e873e1bfa53dd3523
Reviewed-on: https://chromium-review.googlesource.com/472568Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44585}

The test "assertThrows(builder.instantiate)" threw a TypeError before,
which made the test pass, but not because of the feature we wanted to
test.
This CL fixes the test to call builder.instantiate correctly, and also
tests for the correct error message.

Drive-by fix: Fix {expected} and {found} parameters in assertThrows.

R=ahaas@chromium.org

Change-Id: I11c0f63885cc14a36559e637aea60a9da6f1bb8f
Reviewed-on: https://chromium-review.googlesource.com/472886Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44584}

Since --trace-ignition now has to be enabled at snapshot-building time,
this patch adds it as a gn build option.

Change-Id: I5d55339a7be7eef4e1f9da46ec44fbfd431325b7
Reviewed-on: https://chromium-review.googlesource.com/474905Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44583}

Adds a collection of call bytecodes which have an implicit undefined
receiver argument, for cases such as global calls where we know that the
receiver has to be undefined. This way we can skip an LdaUndefined,
decrease bytecode register pressure, and set a more accurate
ConvertReceiverMode on the interpreter and TurboFan call.

As a side effect, the "normal" Call bytecode now becomes a rare case
(only with calls and super property calls), so we get rid of its 0-2
argument special cases and modify CallProperty[N] to use the
NotNullOrUndefined ConvertReceiverMode.

Reland of https://chromium-review.googlesource.com/c/463287 after fixing
tests in https://codereview.chromium.org/2813873002.

Change-Id: I314d69c7643ceec6a5750ffdab60dad38dad09e5
Reviewed-on: https://chromium-review.googlesource.com/474752Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44582}

After [1] we return JSArray with internal structs, we should return JSObjects instead.

[1] https://codereview.chromium.org/2789073002

BUG=v8:6189
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2806373005
Cr-Commit-Position: refs/heads/master@{#44581}

Resources reduced after:
https://chromium-review.googlesource.com/c/474753/

BUG: chromium:568949
NOTRY=true
TBR=tandrii@chromium.org

Change-Id: I3c88ebfe906857d664ea30e0247ed911c6819747
Reviewed-on: https://chromium-review.googlesource.com/474148
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44580}

- support new v8.log-based source
- fix function name resolution from v8.log
- simplify displaying and add direct links to source files

Change-Id: Ice1acdd9ebaefb27387fecc5446b973bf323dbcc
NOTRY=true

Change-Id: Ice1acdd9ebaefb27387fecc5446b973bf323dbcc
Reviewed-on: https://chromium-review.googlesource.com/474824
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44579}

Allowing a user handler for segv is default in GN, but not in GYP. We pass it now explicitly to make the last gyp bot temporarily happy.

TBR=vogelheim@chromium.org

Bug: chromium:710409
Change-Id: Ib997245f348481158bd8d64192ac653b60237452
Reviewed-on: https://chromium-review.googlesource.com/474147Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44578}

See https://tc39.github.io/proposal-regexp-unicode-property-escapes

R=jgruber@chromium.org
BUG=v8:4743

Review-Url: https://codereview.chromium.org/2807293003
Cr-Commit-Position: refs/heads/master@{#44577}

This constructs different typed arrays from different types of other
typed arrays, hopefully countering microbenchmarks which are able to
optimize for exactly one pair of types.

Bug: v8:5977
Change-Id: Ie3b07d6ecaaca6db0be410e902e437a2a643d71c
Reviewed-on: https://chromium-review.googlesource.com/474748Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44576}

Reland of [date] Add ICU backend for timezone info behind a flag (patchset #1 id:1 of https://codereview.chromium.org/2811103002/ )

Reason for revert:
Reland with tests marked as off in no-i18n mode

Original issue's description:
> Revert of [date] Add ICU backend for timezone info behind a flag (patchset #17 id:320001 of https://codereview.chromium.org/2724373002/ )
>
> Reason for revert:
> Breaks noi18n:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/13314
>
> Original issue's description:
> > [date] Add ICU backend for timezone info behind a flag
> >
> > This patch implements a timezone backend which is based on ICU, rather
> > than operating system calls. It can be turned on by passing the
> > --icu-timezone-data flag. The goal here is to take advantage of ICU's
> > data, which is more complete than the data that some system calls expose.
> > For example, without any special code, this patch fixes the time zone
> > of Lord Howe Island to have a correct 30 minute DST offset, rather than
> > 60 minutes as the OS backends assume it to have.
> >
> > Unfortunately, the parenthized timezone name in Date.prototype.toString()
> > differs across platforms. This patch chooses the long timezone name,
> > which matches Windows behavior and might be the most intelligible, but
> > the web compatibility impact is unclear.
> >
> > BUG=v8:6031,v8:2137,v8:6076
> >
> > Review-Url: https://codereview.chromium.org/2724373002
> > Cr-Commit-Position: refs/heads/master@{#44562}
> > Committed: https://chromium.googlesource.com/v8/v8/+/b213f2399038a615cdfbfa0201cddc113d304018
>
> TBR=ulan@chromium.org,jshin@chromium.org,jgruber@chromium.org,littledan@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:6031,v8:2137,v8:6076
>
> Review-Url: https://codereview.chromium.org/2811103002
> Cr-Commit-Position: refs/heads/master@{#44565}
> Committed: https://chromium.googlesource.com/v8/v8/+/13ad50811024ace5623d5d4d13cea4ef21f4affd

TBR=ulan@chromium.org,jshin@chromium.org,jgruber@chromium.org,machenbach@chromium.org
BUG=v8:6031,v8:2137,v8:6076

Review-Url: https://codereview.chromium.org/2813863002
Cr-Commit-Position: refs/heads/master@{#44575}

This is a noop right now as we run test262 without variants on asan.

We'll use the status file to whitelist the variants in a synchronous way in v8 after the infra change lands to activate them.

Bug: chromium:710428
NOTRY=true

Change-Id: I146bbc648775ef0e250c16695b956ecd1d6e105e
Reviewed-on: https://chromium-review.googlesource.com/474845
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44574}

This a step towards using CompilerDispatcher in parallel
parsing.

BUG=v8:6093

Change-Id: Idee84105e342950badb5694fa2a850e05430abaa
Reviewed-on: https://chromium-review.googlesource.com/473246
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44573}

A really slight change in behaviour introduced by
https://github.com/tc39/proposal-async-iteration/commit/395b2e3b2f5acb62f9fae11c5e189423d4af50e6

Just swaps the order that properties are loaded from an iterator result
object in the various Async-from-Sync Iterator methods.

Fixes for the test262 tests have been submitted already (https://github.com/tc39/test262/pull/961).

BUG=v8:5855, v8:6242
R=littledan@chromium.org, jwolfe@igalia.com,

Change-Id: I1ff0e1b7758c126d02aec27d67ceeb15b91c06cf
Reviewed-on: https://chromium-review.googlesource.com/474087Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44572}

The goal of this patch was to refactor NumberFormat parameter handling
to be usable by a PluralRules implementation. Along the way, I found
and fixed a couple minor issues where options handling differed from
the specification, and removed some dead code. Regression tests are
added as test262 tests. With this change, the overall flow more closely
resembles the specification plus this editorial change which is out
for review: https://github.com/tc39/ecma402/pull/130/files

BUG=v8:6015,v8:6016
R=yangguo,jungshik

Review-Url: https://codereview.chromium.org/2717613005
Cr-Commit-Position: refs/heads/master@{#44571}

This a step towards using CompilerDispatcher in parallel
parsing.

BUG=v8:6093

Change-Id: I7c0dc0a5f5b25652a8aa98c94b1e069c1f081a5b
Reviewed-on: https://chromium-review.googlesource.com/473106Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#44570}

The spec proposal has been updated to drop contributory binary
properties such as `Other_ID_Start` and `Other_ID_Continue`.

This patch reverts commit 26e5d012 and
adds tests to ensure these properties are not supported.

R=
BUG=v8:4743

Review-Url: https://codereview.chromium.org/2809143003
Cr-Commit-Position: refs/heads/master@{#44569}

Move dead bytecode elimination from a seperate bytecode pipeline optimizer
into the BytecodeArrayWriter. This removes the last bytecode pipeline
optimizer, which means we can remove the Bytecode pipeline which,
which should increase compile speed.

BUG=v8:6194

Change-Id: I47fb3c3463b2b8a92e02cf7a6b608683fcfa5261
Reviewed-on: https://chromium-review.googlesource.com/471407
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44568}

Bug: chromium:677032
NOTRY=true

Change-Id: I820e9c89677f4028107719547c372f91e5feb271
Reviewed-on: https://chromium-review.googlesource.com/474805
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44567}

Bug: chromium:705962
NOTRY=true

Change-Id: I734df88af104a9e9800600fee7f41cee5a128450
Reviewed-on: https://chromium-review.googlesource.com/474031Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44566}

Revert of [date] Add ICU backend for timezone info behind a flag (patchset #17 id:320001 of https://codereview.chromium.org/2724373002/ )

Reason for revert:
Breaks noi18n:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/13314

Original issue's description:
> [date] Add ICU backend for timezone info behind a flag
>
> This patch implements a timezone backend which is based on ICU, rather
> than operating system calls. It can be turned on by passing the
> --icu-timezone-data flag. The goal here is to take advantage of ICU's
> data, which is more complete than the data that some system calls expose.
> For example, without any special code, this patch fixes the time zone
> of Lord Howe Island to have a correct 30 minute DST offset, rather than
> 60 minutes as the OS backends assume it to have.
>
> Unfortunately, the parenthized timezone name in Date.prototype.toString()
> differs across platforms. This patch chooses the long timezone name,
> which matches Windows behavior and might be the most intelligible, but
> the web compatibility impact is unclear.
>
> BUG=v8:6031,v8:2137,v8:6076
>
> Review-Url: https://codereview.chromium.org/2724373002
> Cr-Commit-Position: refs/heads/master@{#44562}
> Committed: https://chromium.googlesource.com/v8/v8/+/b213f2399038a615cdfbfa0201cddc113d304018

TBR=ulan@chromium.org,jshin@chromium.org,jgruber@chromium.org,littledan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6031,v8:2137,v8:6076

Review-Url: https://codereview.chromium.org/2811103002
Cr-Commit-Position: refs/heads/master@{#44565}

All the optimizations have now been moved to either the BytecodeGenerator
or the BytecodeArrayWriter/Builder.

BUG=v8:6194

Change-Id: Ie5c5d55e824c94ffb503af376c72bc64ad1f6f81
Reviewed-on: https://chromium-review.googlesource.com/469349
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44564}

This fixes {JSCreateLowering} to traverse boilerplate objects in the
same order the runtime uses (i.e. properties first, elements second).
That order is hard-coded in the nesting of {AllocationSite} objects.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-709537
BUG=chromium:709537

Change-Id: I8f446a0880448ea88a3e242e92d11d611581a42b
Reviewed-on: https://chromium-review.googlesource.com/474028Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44563}

This patch implements a timezone backend which is based on ICU, rather
than operating system calls. It can be turned on by passing the
--icu-timezone-data flag. The goal here is to take advantage of ICU's
data, which is more complete than the data that some system calls expose.
For example, without any special code, this patch fixes the time zone
of Lord Howe Island to have a correct 30 minute DST offset, rather than
60 minutes as the OS backends assume it to have.

Unfortunately, the parenthized timezone name in Date.prototype.toString()
differs across platforms. This patch chooses the long timezone name,
which matches Windows behavior and might be the most intelligible, but
the web compatibility impact is unclear.

BUG=v8:6031,v8:2137,v8:6076

Review-Url: https://codereview.chromium.org/2724373002
Cr-Commit-Position: refs/heads/master@{#44562}

Review-Url: https://codereview.chromium.org/2811953003
Cr-Commit-Position: refs/heads/master@{#44561}

Moves the logic for eliding non-effectful accumulator load elision from the
peephole optimizer to the BytecodeArrayWriter.

BUG=v8:6194

Change-Id: I05fbe4ee8ac340e5c355285d0b47e4a9d52fd0a8
Reviewed-on: https://chromium-review.googlesource.com/469828
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44560}

Add support for I32x4Mul, I32x4MaxS, I32x4MinS, I32x4Eq,
I32x4Ne, I32x4Shl, I32x4ShrS, I32x4ShrU, I32x4MaxU,
I32x4MinU, S32x4Select operations for mips32 and mips64
architectures

BUG=

Review-Url: https://codereview.chromium.org/2780713003
Cr-Commit-Position: refs/heads/master@{#44559}

R=danno@chromium.org

Review-Url: https://codereview.chromium.org/2796343002
Cr-Commit-Position: refs/heads/master@{#44558}

Bug: v8:4742
Change-Id: I6f9583cd25c4a8b038e665ea18a20abf29d8b376
Reviewed-on: https://chromium-review.googlesource.com/471107Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Loo Rong Jie <loorongjie@gmail.com>
Cr-Commit-Position: refs/heads/master@{#44557}

IsNumber returns true for Smi/HeapNumber arguments.

IsNumberNormalized expects a number argument and returns true if
it is either a Smi, or a HeapNumber with a value outside the Smi
range.

BUG=

Review-Url: https://codereview.chromium.org/2813623003
Cr-Commit-Position: refs/heads/master@{#44556}

Enable separatio of ic, bytecode, builtin and stub entries through:
    --separate-ic=true
    --separate-bytecodes=true
    --separate-builtins=true
    --separate-stubs=true

Change-Id: I6da4be7add093bb54abe956c60cd186e735ed9b5
Reviewed-on: https://chromium-review.googlesource.com/473046
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44555}