[promises] Fix .arguments on builtin function.

[promises] Fix .arguments on builtin function.

Using .caller, one can get access to the internal function that invokes the
handler passed to Promise.prototype.then.  This internal function is a TF
builtin that was set up as non-native and without an argument adaptor.  As a
consequence of this, when accessing .arguments on it, the frame-walking logic in
the .arguments accessor thinks the number of arguments is -1 and we try to
allocate an array of size -1.

This CL marks the builtin function as native (making its .arguments be null),
along with a few others that may have been incorrect in the same way.

BUG=chromium:682349
Review-Url: https://codereview.chromium.org/2672453002
Cr-Commit-Position: refs/heads/master@{#42855}
Committed: https://chromium.googlesource.com/v8/v8/+/5020db7f9c83bfbc47d2e5563c2a8b9889cd1bf4

[neis, 2017-02-01 11:46:37]

The CQ bit was checked by neis@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-02-01 11:46:48]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-02-01 12:02:18]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-02-01 12:02:19]

Dry run: Try jobs failed on following builders:
  v8_win_nosnap_shared_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_win_nosnap_shared_rel_ng...)
  v8_win_nosnap_shared_rel_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_win_nosnap_shared_rel_ng...)

[neis, 2017-02-01 13:20:36]

The CQ bit was checked by neis@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-02-01 13:20:38]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-02-01 13:45:44]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-02-01 13:45:45]

Dry run: This issue passed the CQ dry run.

[neis, 2017-02-01 13:47:33]

neis@chromium.org changed reviewers:
+ bmeurer@chromium.org, gsathya@chromium.org

[neis, 2017-02-01 13:47:34]

ptal, depends on the previously sent CL

[neis, 2017-02-01 13:48:28]

Description was changed from

==========
[promises] Fix .arguments on builtin function.

Using .caller, one can get access to the internal function that invokes the
handler passed to Promise.prototype.then.  This internal function is a TF
builtin that was set up as non-native and without an argument adaptor.  As a
consequence of this, when accessing .arguments on it, the frame-walking logic in
the .arguments accessor thinks the number of arguments is -1 and we try to
allocate an array of size -1.

This CL marks the builtin function as native, along with a few others that may
have been incorrect in the same way.

BUG=chromium:682349
==========

to

==========
[promises] Fix .arguments on builtin function.

Using .caller, one can get access to the internal function that invokes the
handler passed to Promise.prototype.then.  This internal function is a TF
builtin that was set up as non-native and without an argument adaptor.  As a
consequence of this, when accessing .arguments on it, the frame-walking logic in
the .arguments accessor thinks the number of arguments is -1 and we try to
allocate an array of size -1.

This CL marks the builtin function as native (making its .arguments be null),
along with a few others that may have been incorrect in the same way.

BUG=chromium:682349
==========

[Benedikt Meurer, 2017-02-01 13:55:04]

lgtm

[neis, 2017-02-01 14:04:15]

The CQ bit was checked by neis@chromium.org

[commit-bot: I haz the power, 2017-02-01 14:04:23]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-02-01 14:06:39]

CQ is committing da patch.

Bot data: {"patchset_id": 1, "attempt_start_ts": 1485957855564790, "parent_rev":
"f555b07354fd163988c73153d63b054441a0856c", "commit_rev":
"5020db7f9c83bfbc47d2e5563c2a8b9889cd1bf4"}

[commit-bot: I haz the power, 2017-02-01 14:06:43]

Description was changed from

==========
[promises] Fix .arguments on builtin function.

Using .caller, one can get access to the internal function that invokes the
handler passed to Promise.prototype.then.  This internal function is a TF
builtin that was set up as non-native and without an argument adaptor.  As a
consequence of this, when accessing .arguments on it, the frame-walking logic in
the .arguments accessor thinks the number of arguments is -1 and we try to
allocate an array of size -1.

This CL marks the builtin function as native (making its .arguments be null),
along with a few others that may have been incorrect in the same way.

BUG=chromium:682349
==========

to

==========
[promises] Fix .arguments on builtin function.

Using .caller, one can get access to the internal function that invokes the
handler passed to Promise.prototype.then.  This internal function is a TF
builtin that was set up as non-native and without an argument adaptor.  As a
consequence of this, when accessing .arguments on it, the frame-walking logic in
the .arguments accessor thinks the number of arguments is -1 and we try to
allocate an array of size -1.

This CL marks the builtin function as native (making its .arguments be null),
along with a few others that may have been incorrect in the same way.

BUG=chromium:682349

Review-Url: https://codereview.chromium.org/2672453002
Cr-Commit-Position: refs/heads/master@{#42855}
Committed:
https://chromium.googlesource.com/v8/v8/+/5020db7f9c83bfbc47d2e5563c2a8b9889c...
==========

[commit-bot: I haz the power, 2017-02-01 14:06:44]

Committed patchset #1 (id:1) as
https://chromium.googlesource.com/v8/v8/+/5020db7f9c83bfbc47d2e5563c2a8b9889c...