These operations don't need the context, so no need to pass the context
to them. Also avoids the loading of context in the interpreter bytecode
handlers for StrictEqual and Typeof.

BUG=v8:5268,v8:5269
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2744173002
Cr-Commit-Position: refs/heads/master@{#43733}

BUG=v8:5495

Change-Id: I731ddaa34169f6f57d3719e6170bfe00e6d66241
Reviewed-on: https://chromium-review.googlesource.com/451638
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43693}

Polymorphic IC feedback can contain up to four (map, handler) pairs.

HandlePolymorphicCase already unrolled checks for the first two pairs; these
are guaranteed to exist and can omit bound checks.

This CL unrolls checks against the final two pairs as well.

BUG=v8:5917

Review-Url: https://codereview.chromium.org/2728293005
Cr-Commit-Position: refs/heads/master@{#43650}

This inlines common LoadIC cases into the LdaNamedProperty bytecode
handler. Smi handlers resulting in constant/field loads for
monomorphic ICs omit frame construction. The same counts for the
polymorphic case as long as the target handler is in the first two
vector slots.

Other cases (megamorphic, uninitialized) call the new
LoadIC_Noninlined stub.

Local benchmarks show up to 6% improvement on Sunspider with --future.

BUG=v8:5917

Review-Url: https://codereview.chromium.org/2733563002
Cr-Commit-Position: refs/heads/master@{#43630}

BUG=v8:6039

Change-Id: I69bae9ed49d91b0bc67a8e66e469d57ea7799cca
Reviewed-on: https://chromium-review.googlesource.com/449793Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43584}

This should improve generated code. It is also one step in preparation
for LoadIC inlining - explicitly deferred blocks are currently necessary
to help the scheduler omit frame construction.

BUG=v8:5917

Review-Url: https://codereview.chromium.org/2732613002
Cr-Commit-Position: refs/heads/master@{#43577}

BUG=

Change-Id: I3d85ad84f5069f7fe349dcd82092696d0360cc94
Reviewed-on: https://chromium-review.googlesource.com/448225Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43559}

... instead of inlining the dispatchers' code. This should reduce the size of the generated
builtins code.

BUG=

Change-Id: Ia3f68ea8b398f049bad87f6ce93c818f0af4674f
Reviewed-on: https://chromium-review.googlesource.com/447938Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43542}

BUG=

Change-Id: I56b865a5ae4283876058e2c2edf73a296608fc97
Reviewed-on: https://chromium-review.googlesource.com/448219Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43517}

This generally shouldn't hit since prototypes are supposed to be fast; but it makes it more uniform anyway.
This CL also drops the limitation not supporting keyed loads with normal access. There's no point in returning the slow stub there.

BUG=

Change-Id: I5578269f6c64762610e885740a692d1e91aa6aa2
Reviewed-on: https://chromium-review.googlesource.com/447698
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43508}

This is mostly prework to also support prototype chain checks using data handlers

BUG=

Change-Id: I70aac1e86e45c78dfdc9f02d06b7e821494a4c9c
Reviewed-on: https://chromium-review.googlesource.com/447679
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43495}

The x64 side is included in https://chromium-review.googlesource.com/c/444226/

BUG=v8:5294

Change-Id: Ie255604c5e38c72e3c2b76e1ca3557a5fde108ee
Reviewed-on: https://chromium-review.googlesource.com/446394Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43481}

Avoiding runtime call overhead.
There's a fast path for Function.prototype loads, which are very common.

BUG=v8:5269

Review-Url: https://codereview.chromium.org/2711353002
Cr-Commit-Position: refs/heads/master@{#43474}

BUG=chromium:688734

Change-Id: If5dd370971cb02c4463fa20a489d0fa60b0423c4
Reviewed-on: https://chromium-review.googlesource.com/446845Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43451}

This is a preliminary cleanup necessary for the actual fix of the associated issue.

BUG=chromium:688734

Change-Id: Iecd39ed4cef34c6cc5d9652c5569e048f0db46af
Reviewed-on: https://chromium-review.googlesource.com/446341
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43410}

BUG=v8:5294

Change-Id: If45f25aae8de526027b7851cb4efe0ccf4a7c4b1
Reviewed-on: https://chromium-review.googlesource.com/444226
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43388}

Use an opaque format for the frame type marker on the stack, where the
marker is simply shifted left by 1 instead of being a Smi. This allows
us to generate simpler code for frame initialisation, as we can push a
smaller value, decreasing the prologue by 4 bytes and one instruction.

Drive-by: Use the same format for JsFrameMarker.

Change-Id: I812dde9b37869fe20de4148a665d06cf23ce7372
Reviewed-on: https://chromium-review.googlesource.com/443426Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43347}

BUG=

Review-Url: https://codereview.chromium.org/2710513003
Cr-Commit-Position: refs/heads/master@{#43329}

BUG=

Change-Id: Ib7cc2a04a7c8e314e1f4a8720eef569a6a4a3b18
Reviewed-on: https://chromium-review.googlesource.com/444406Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43307}

BUG=

Change-Id: Ifc441739ef730a0b2278be0b662413c223631a72
Reviewed-on: https://chromium-review.googlesource.com/444190Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43288}

... which is used for initializing properties with non compile time values.

Currently we use StoreOwnIC only for storing properties that already exist
in the boilerplate therefore we can reuse StoreIC dispatcher.
The proper StoreOwnIC dispatcher will be implemented in a separate CL.

BUG=v8:5495, v8:4414

Change-Id: I9c33fdb8499ec5be2c7fce1ecb6ce7aa285e5844
Reviewed-on: https://chromium-review.googlesource.com/443588Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43285}

Without relying on the stub cache.

Review-Url: https://codereview.chromium.org/2696993002
Cr-Commit-Position: refs/heads/master@{#43261}

... and don't clear ICs during GC. The IC clearing used to prevent memory
leaks but it's not necessary anymore because all the handlers that need
to embed objects already use weak cells.

This CL unblocks inlining of IC dispatchers into bytecode handlers.

BUG=v8:5917

Change-Id: I229b9ba8dba44f431dfbe8ac5370d855e3e84dd6
Reviewed-on: https://chromium-review.googlesource.com/442127
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43209}

... and revert "[runtime] Mark maps created as a result of field type or
representation generalization as migration targets." because it regresses
performance of too many map checks in optimized code.

BUG=v8:5444, chromium:680995

Change-Id: I84038d75425df3709a81e5fdcc6c0db32939060d
Reviewed-on: https://chromium-review.googlesource.com/442125Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43188}

Unlike the old manually written LoadNonexistent stub, the data handler properly supports keyed loads out of the box. Simply remove the condition that disables it.

BUG=

Review-Url: https://codereview.chromium.org/2693913002
Cr-Commit-Position: refs/heads/master@{#43165}

This CL includes runtime and IC parts of the tracking. It is controlled by
compile-time flag FLAG_constant_field_tracking and currently disabled.

Transition from kConst to kMutable still involves map deprecation.

BUG=v8:5495

Review-Url: https://codereview.chromium.org/2598543003
Cr-Commit-Position: refs/heads/master@{#43081}

And use it to avoid runtime calls when there are too many properties
for linear searching.
The threshold of 32 was chosen by experimentation.

Review-Url: https://codereview.chromium.org/2680973002
Cr-Commit-Position: refs/heads/master@{#43078}

TBR=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2688573003
Cr-Commit-Position: refs/heads/master@{#43075}

BUG=v8:5269

Review-Url: https://codereview.chromium.org/2686723004
Cr-Commit-Position: refs/heads/master@{#43074}

BUG=v8:5269

Review-Url: https://codereview.chromium.org/2682153003
Cr-Commit-Position: refs/heads/master@{#43071}

LoadGlobalIC will be inlined into ignition's LdaGlobal family of bytecode
handlers.  This CL splits up LoadGlobalIC into three distinct cases (property
cell, handler, and miss) and introduces the ExitPoint abstraction in order
to make inlining easier.

BUG=v8:5917

Review-Url: https://codereview.chromium.org/2688503002
Cr-Commit-Position: refs/heads/master@{#43055}

arguments.h is one of the headers including objects-inl.h. Files needing
objects-inl.h used to innocently pull in debug.h, so that needs to be fixed now
too.

BUG=v8:5294
R=mstarzinger@chromium.org

Change-Id: I8ce671c533ed757103ef9a3b0bf0a0509230fdd8
Reviewed-on: https://chromium-review.googlesource.com/439287Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43054}

BUG=v8:5917

Change-Id: I9611ace4ba73f18cb90f95f9c81eeb19c74e06f4
Reviewed-on: https://chromium-review.googlesource.com/439327Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43032}

BUG=v8:5917

Change-Id: I2f78355ae344624906e40504fba168b3189a18bb
Reviewed-on: https://chromium-review.googlesource.com/439447
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43029}

Now we can inline vector-based IC dispatchers to bytecode handlers.

BUG=v8:5917

Change-Id: Ie81750f252a730240097e514e69b348f410a48b7
Reviewed-on: https://chromium-review.googlesource.com/439265Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43028}

BUG=

Change-Id: I31b8da09f4728d55c2da91966edcad49528b554b
Reviewed-on: https://chromium-review.googlesource.com/439146Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43003}

... and TypeFeedbackMetadata to FeedbackMetadata.

BUG=

Change-Id: I2556d1c2a8f37b8cf3d532cc98d973b6dc7e9e6c
Reviewed-on: https://chromium-review.googlesource.com/439244
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#42999}

BUG=v8:5917

Review-Url: https://codereview.chromium.org/2673383002
Cr-Commit-Position: refs/heads/master@{#42982}

Adding a code path for strings introduces Phi nodes on the fast
(i.e. non-string) path, causing a performance regression.

BUG=chromium:687075

Review-Url: https://codereview.chromium.org/2670353004
Cr-Commit-Position: refs/heads/master@{#42977}

... by using KeyedStoreIC_Slow builtin instead. The issue with hard-coded
language mode is that the stub can be re-used through megamorphic stub cache for
an IC with incompatible language mode. KeyedStoreIC_Slow already does the
right thing - it decodes the language mode from the IC slot kind.

This CL also fixes the code kinds of the slow IC handlers. The code kind of
IC handlers is used only for checking that the handler was added to the right
megamorphic stub cache, which expect the handlers' code kinds to be either
Code::LOAD_IC or Code::STORE_IC.

And the megamorphic builtins are just helper code stubs that are called from
IC dispatchers, therefore they should have BUILTIN code kind. Same applies to
the other stubs which are neither IC dispatchers nor handlers.

BUG=v8:5917

Review-Url: https://codereview.chromium.org/2677603004
Cr-Commit-Position: refs/heads/master@{#42958}