This will be used for generating the Atomics builtins.

BUG=v8:4614
R=jarin@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1705073005

Cr-Commit-Position: refs/heads/master@{#34413}

The LazyBailout operator (modelled as a nop-call) was introduced for
placing a deoptimization point into exception handlers. Now that we are
no longer re-entering lazy deoptimized code, the support can be removed.

R=jarin@chromium.org
BUG=v8:4195
LOG=n

Review URL: https://codereview.chromium.org/1697503002

Cr-Commit-Position: refs/heads/master@{#34020}

Initially we were unable to address certain stack slots in the callee
part of the frame, including the function marker, therefore we had to
hack a reload of the function register into the OSR prologue. Now that
we are able to address all stack slots, we no longer need this hack.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1666073002

Cr-Commit-Position: refs/heads/master@{#33974}

Moves InterpreterAssembler out of the compiler directory and into the
interpreter directory. Makes InterpreterAssembler as subclass of
CodeStubAssembler.

As part of this change, the special bytecode dispatch linkage type
is removed and instead we use a InterfaceDispatchDescriptor and
a normal CodeStub linkage type.

Removes a bunch of duplicated logic in InterpreterAssembler and
instead uses the CodeStubAssembler logic. Refactors Interpreter
with these changes.

Modifies CodeStubAssembler to add the extra operations required
by the Interpreter (extra call types, raw memory access and some extra
binary ops). Also adds the ability for subclasses to add extra
prologue and epilogue operations around calls, which is required
for the Interpreter.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1673333004

Cr-Commit-Position: refs/heads/master@{#33873}

The root register is needed (at least on x64) to access
ExternalReferences.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1641153003

Cr-Commit-Position: refs/heads/master@{#33631}

R=ahaas@chromium.org,bradnelson@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1603533002

Cr-Commit-Position: refs/heads/master@{#33362}

Adds support for calling runtime functions which return a pair of
values. Adds the bytecode CallRuntimePair. Also adds support to TurboFan
for calling stubs which return multiple values.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1568493002

Cr-Commit-Position: refs/heads/master@{#33181}

MachineType is now a class with two enum fields:
- MachineRepresentation
- MachineSemantic

Both enums are usable on their own, and this change switches some places from using MachineType to use just MachineRepresentation. Most notably:
- register allocator now uses just the representation.
- Phi and Select nodes only refer to representations.

Review URL: https://codereview.chromium.org/1513543003

Cr-Commit-Position: refs/heads/master@{#32738}

I added a flag to the CallDescriptor which indicates that the native
stack should be used for a CallObject instead of the js stack on arm64.

Additionally I removed the use of EmitPrepareArguments because the
current implementation does not work when float and int parameters are
mixed. I plan to fix it in a future CL, because currently I have a
problem figuring out the type of a parameter.

R=titzer@chromium.org, v8-arm-ports@googlegroups.com

Review URL: https://codereview.chromium.org/1494123002

Cr-Commit-Position: refs/heads/master@{#32577}

R=bmeurer@chromium.org,jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1498833002

Cr-Commit-Position: refs/heads/master@{#32564}

* Add a sibling interface to InterpreterAssembler called
  CodeStubAssembler which provides a wrapper around the
  RawMachineAssembler and is intented to make it easy to build
  efficient cross-platform code stubs. Much of the implementation
  of CodeStubAssembler is shamelessly stolen from the
  InterpreterAssembler, and the idea is to eventually merge the
  two interfaces somehow, probably moving the
  InterpreterAssembler interface over to use the
  CodeStubAssembler. Short-term, however, the two interfaces
  shall remain decoupled to increase our velocity developing the
  two systems in parallel.
* Implement the StringLength stub in TurboFan with the new
  CodeStubAssembler. Replace and remove the old Hydrogen-stub
  version.
* Remove a whole slew of machinery to support JavaScript-style
  code stub generation, since it ultimately proved unwieldy,
  brittle and baroque. This cleanup includes removing the shared
  code stub context, several example stubs and a tangle of build
  file changes.

BUG=v8:4587
LOG=n

Review URL: https://codereview.chromium.org/1475953002

Cr-Commit-Position: refs/heads/master@{#32508}

Some highlights of this CL:
* Refactor the mutable state out of Frame into FrameAccessState,
  which is maintained and updated during code generation to
  record whether sp- or fp-based frame access is currently active
  and how deep the stack on top of the frame is.
* The operand resultion in linkage.cc now uses FrameAccessState
  to determine how to generate frame-accessing operands.
* Update all platforms to accurately track additionally pushed
  stack slots (e.g. arguments for calls) in the FrameAccessState.
* Add a flag, --turbo_sp_frame_access, which forces all frame
  access to be sp-based whenever possible. This will likely never
  be used in production, but for testing it's useful in verifying
  that the stack-tracking of each platform maintained in the
  FrameAccessState is correct.
* Use sp-based frame access for gap resolving before tail
  calls. This will allow for slightly more efficient restoration
  of the frame pointer in the tail call in a later CL.
* Remove most ad hoc groping into CallDescriptors to
  determine if a frame is needed, instead consistently use
  predicates like needs_frame(), IsCFunctionCall() and
  IsJSFunctionCall().

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1460183002

Cr-Commit-Position: refs/heads/master@{#32234}

* Adds a PrepareForTailCall instruction that bumps the stack in the case that
  the number of parameters passed to the callee causes the stack to exceed the
  calleer's frame size.
* Uses the gap resolver to move the saved caller return address and frame
  pointer to the approprate location in the tail-called frame.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1455833004

Cr-Commit-Position: refs/heads/master@{#32151}

This adds an explicit parameter to the call descriptor having kind
kJSCallFunction representing the new.target value. Note that for now
this parameter is not yet passed in and hence cannot be used yet. Also
contains some refactoring of how parameter index value are calculated,
establishing Linkage as the central point for such index computations.

This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1461973002

Cr-Commit-Position: refs/heads/master@{#32112}

We push the context and the js function onto the stack as part of the
frame construction. The register allocator is presented with virtual
registers for the above as defined from their corresponding registers. It
then goes on to spilling them somewhere else on the stack.

This means each function spends two redundant spills and two
unnecessary stack slots.

This change addresses this issue.

We present these parameters (context and function) to the register
allocator as an UnallocatedOperand having a "secondary storage". The
secondary storage is then associated to the live range as its
spill operand. We capture the definition of the live range so that we can
then commit the spill (in this case, eliminate) through a variation of the
mechanics of the CommitAssignment phase.

The register allocator validator also needed update to understand
UnallocatedOperands with a secondary storage.

The change renames the SpillAtDefinitionList and related APIs to better
capture their intent - the old names suggested spills happened upon
calling. In reality, potential spill locations were thus recorded, and later
committed (or not, in certain cases) after register allocation.

BUG= v8:4548
LOG=n

Review URL: https://codereview.chromium.org/1426943010

Cr-Commit-Position: refs/heads/master@{#31988}

* Limit triggering of tail calls to explicit use of a new inline runtime
  function %_TailCall. %_TailCall works just like %_Call except for using
  tail-calling mechanics (currently only in TF).
* Remove hack that recognized some specific usages of %_Call and converted them
  into tail calls.
* Support tail calls for all calls where the number of callee stack parameters
  is less than or equal to the number of caller stack parameters.
* Use the gap resolver to swizzle parameters and registers to tail calls.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1439613003

Cr-Commit-Position: refs/heads/master@{#31987}

The callees are expected to properly set the number of actual
arguments passed to the callee, which is now represented correctly
in the TurboFan graphs by a new Parameter right before the context
Parameter.  Currently this is only being used for outgoing calls.

Note that this requires disabling two of the TF code stub tests,
because of the JavaScript graphs are not automagically compatible
with abitrary (incoming) code stub interface descriptors.  If we
want to support JS code stubs at all, then we need to find a sane
way to feed in this information.

Drive-by-fix: Don't insert a direct call to a classConstructor.

R=mstarzinger@chromium.org
BUG=v8:4413, v8:4428
LOG=n

Review URL: https://codereview.chromium.org/1410633006

Cr-Commit-Position: refs/heads/master@{#31789}

This introduces an explicit lazy bailout. It is wrapped in the call
node, mostly because the lazy deoptimization processing is married
to the call processing in the instruction selector and the code generator.

It is still a terrible hack.

R=bmeurer@chromium.org,mstarzinger@chromium.org
BUG=chromium:543994,v8:4195
LOG=n

Review URL: https://codereview.chromium.org/1412443003

Cr-Commit-Position: refs/heads/master@{#31353}

This will allow exploration of possibilities like passing around buffer base and length.

BUG=None
TEST=test-multiple-return
LOG=N
R=mtrofin@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/1391333003

Cr-Commit-Position: refs/heads/master@{#31184}

Replace the ADD, SUB, etc. builtins with proper runtime implementations,
and expose them as runtime calls that can be used by the code stubs and
the interpreter (for now).

Also remove all the support runtime functions for ADD, SUB and friends,
namely %NumberAdd, %NumberSub, and so on.

R=mstarzinger@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg

Review URL: https://codereview.chromium.org/1333843002

Cr-Commit-Position: refs/heads/master@{#30680}

Passes the current context to bytecode interpreter handlers. This is held in the
context register on all architectures except for ia32 where there are too few
registers and it is instead spilled to the stack.

Also changes Load/StoreRegister to use kMachAnyTagged representation since they
should only ever hold tagged values.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1294133004

Cr-Commit-Position: refs/heads/master@{#30325}

Makes the following modifications to the interpreter builtins and
InterpreterAssembler:
 - Adds an accumulator register and initializes it to undefined()
 - Adds a register file pointer register and use it instead of FramePointer to
   access registers
 - Modifies builtin to support functions with 0 regiters in the register file
 - Modifies builtin to Call rather than TailCall to first bytecode handler.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1289863003

Cr-Commit-Position: refs/heads/master@{#30219}

This tries to remove includes of "-inl.h" headers from normal ".h"
headers, thereby reducing the chance of any cyclic dependencies and
decreasing the average size of our compilation units.

Note that this change still leaves 5 violations of that rule in the
code. It only tackles "node.h" including "types-inl.h".

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1288053004

Cr-Commit-Position: refs/heads/master@{#30161}

Reland: [turbofan] Various fixes to allow unboxed doubles as arguments in registers and on the stack.

OCL: https://codereview.chromium.org/1263033004/

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1284893002

Cr-Commit-Position: refs/heads/master@{#30115}

Revert of [turbofan] Various fixes to allow unboxed doubles as arguments in registers and on the stack. (patchset #7 id:120001 of https://codereview.chromium.org/1263033004/ )

Reason for revert:
This CL breaks MIPS (roll blocker).

https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20mipsel%20-%20sim/builds/2061/steps/Check/logs/Run_Int32_Select_1

Original issue's description:
> [turbofan] Various fixes to allow unboxed doubles as arguments in registers and on the stack.
>
> R=jarin@chromium.org
> BUG=
>
> Committed: https://crrev.com/71409be5395f867bbca0f6998bf6caa175cd8192
> Cr-Commit-Position: refs/heads/master@{#30091}

TBR=jarin@chromium.org,titzer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1284853002

Cr-Commit-Position: refs/heads/master@{#30101}

R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1263033004

Cr-Commit-Position: refs/heads/master@{#30091}

Rationale: The {kind} of a call descriptor describes what the {target} being
called is--i.e. a JSFunction, code object, or address. That kind materially
dictates the instruction(s) generated for an outgoing call.

The other flags on a call descriptor should describe specific properties
(like whether a roots register is valid or not) so that backend logic doesn't
have to switch over the kind, but is informed directly of what it wants to
know.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1268273003

Cr-Commit-Position: refs/heads/master@{#30065}

[turbofan] Remove architecture-specific linkage files and LinkageTraits. Use macro-assembler-defined constants.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1272883003

Cr-Commit-Position: refs/heads/master@{#30063}

R=danno@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1269913002

Cr-Commit-Position: refs/heads/master@{#29957}

Add factory methods for different types of LinkageLocations, and ensure that
accesses to the underlying data in the location are classified by type and
funneled through explicit accessors.

Also change the representation of LinkageLocation to use a BitField rather
than using a reserved section of the integer range.

Review URL: https://codereview.chromium.org/1262343002

Cr-Commit-Position: refs/heads/master@{#29938}

Changes the interpreter to use a BytecodeArray pointer and an offset to avoid
having an inner pointer to a BytecodeArray object in registers during dispatch.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1254293006

Cr-Commit-Position: refs/heads/master@{#29910}

Adds basic support for generation of interpreter bytecode handler code
snippets. The InterpreterAssembler class exposes a set of low level,
interpreter specific operations which can be used to build a Turbofan
graph. The Interpreter class generates a bytecode handler snippet for
each bytecode by assembling operations using an InterpreterAssembler.

Currently only two simple bytecodes are supported: LoadLiteral0 and Return.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1239793002

Cr-Commit-Position: refs/heads/master@{#29814}

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1234443004

Cr-Commit-Position: refs/heads/master@{#29591}

This changes the OsrValue insertion in the AstGraphBuilder to emit a
proper OsrValue instead of a special Parameter for the inner context
value at the OSR entry point.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1213043005

Cr-Commit-Position: refs/heads/master@{#29471}

This involves:
- Enabling the tail call optimization reducer in all cases.
- Adding an addition flag to CallFunctionParameters to mark call sites
  that can be tail-called enabled.
- Only set the tail-call flag for %_CallFunction.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1216933011

Cr-Commit-Position: refs/heads/master@{#29436}

This change makes possible to save and restore the FP registers
in the Prologue and Return parts for the CallAddress kind functions.

TEST=test-simplified-lowering/RunNumberDivide_2_TruncatingToUint32,
     test-simplified-lowering/RunNumberMultiply_TruncatingToUint32

Review URL: https://codereview.chromium.org/1191513003

Cr-Commit-Position: refs/heads/master@{#29378}

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1210863002

Cr-Commit-Position: refs/heads/master@{#29309}

This introduces some initial building blocks for calling out to
C/C++ functions directly from TurboFan generated code objects.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1205023002.

Cr-Commit-Position: refs/heads/master@{#29279}

This introduces a conservative prediction for each exception handler
whether it will locally catch an exception or re-throw it to outside
the code bondaries. It will allow for a more intuitive prediction of
whether an exception is considered "caught" or "uncaught".

R=bmeurer@chromium.org,yangguo@chromium.org
BUG=chromium:492522
LOG=N

Review URL: https://codereview.chromium.org/1158563008

Cr-Commit-Position: refs/heads/master@{#28681}

This CL contains the first steps towards tail call optimization:

  * Structurally detect tail calls during instruction selection,
    looking for special return/call combinations.

  * Added new architecture-specific instructions for tail calls which
    jump instead of call and take care of frame adjustment.

  * Moved some code around.

Currently we restrict tail calls to callees which only use registers
for arguments/return value and to call sites which are explicitly
marked as being OK for tail calls. This excludes, among other things,
call sites in sloppy JS functions and our IC machinery (both need in
general to be able to access the caller's frame).

All this is behind a flag --turbo-tail-calls, which is currently off
by default, so it can easily be toggled.

Review URL: https://codereview.chromium.org/1108563002

Cr-Commit-Position: refs/heads/master@{#28150}