The instruction selection for following sequences is
improved:

  113: Word64Sar(107, 91) : Internal/Any
  114: TruncateInt64ToInt32(113) : Signed32/UntaggedSigned32
  115: ChangeInt32ToFloat64(114) : Signed32/UntaggedFloat64

TEST=unittests/InstructionSelectorTest.ChangesFromToSmi
BUG=

Review URL: https://codereview.chromium.org/1318153006

Cr-Commit-Position: refs/heads/master@{#30645}

For simulator optimization we modified Instruction::InstructionType() function so a simpler but less complete InstructionType() function used by default. This fix enables the full InstructionType checking to properly decode a dd-constant label as unsupported opcode, rather than aborting.

BUG=chromium:528875
LOG=NO

Review URL: https://codereview.chromium.org/1314673010

Cr-Commit-Position: refs/heads/master@{#30644}

Porting mistake in ccbb4ff0 '[builtins] Unify the various versions of [[Call]]
with a Call builtin.', which only showed as debug assertion in later commit
db2ba190 '[runtime] Replace many buggy uses of %_CallFunction with %_Call.'

Use temporary register rather than push/pop of 'object' register.

BUG=
TEST=cctest/test-api/SetFunctionEntryHook, cctest/test-serialize/PerIsolateSnapshotBlobs, ...

Review URL: https://codereview.chromium.org/1309163006

Cr-Commit-Position: refs/heads/master@{#30643}

R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1314543014

Cr-Commit-Position: refs/heads/master@{#30642}

This moves incremental marking steps from gc-idle-time-handler and heap to the new incremental marking task.

BUG=chromium:490559
LOG=NO

Review URL: https://codereview.chromium.org/1265423002

Cr-Commit-Position: refs/heads/master@{#30641}

- Modify js2c to accept --js and --nojs,
- modify mksnapshot to accept --startup_src
  (instead of a positional parameter, so that it can be omitted),
- modify v8.gyp to use the above so that no target has multiple
  output dependencies, and
- update GN to use the switches above.

(I have not succeeded in fixing the GYP->make translator to properly map
 multi-output rules, so that they work as expected in all edge cases.
 This CL signals defeat on that front, and instead I rewrite the GYP
 file to avoid that situation in the first place.)

R=jochen@chromium.org
BUG=v8:4382
LOG=N

Review URL: https://codereview.chromium.org/1310273009

Cr-Commit-Position: refs/heads/master@{#30640}

When there is no explicit return we need to generate an implicit
return undefined.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1308693014

Cr-Commit-Position: refs/heads/master@{#30639}

BUG=

Review URL: https://codereview.chromium.org/1314253006

Cr-Commit-Position: refs/heads/master@{#30638}

This removes the DisallowAllocationFailure assertion scope which mostly
coincided with the AlwaysAllocateScope anyways. Access to the bitfield
in the Isolate was not synchronized and hence the AlwaysAllocateScope
was not thread-safe in debug mode, now it is.

R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1319153006

Cr-Commit-Position: refs/heads/master@{#30637}

By using an InternArray for the pivot calculation we can get rid of yet
another %_CallFunction.

Review URL: https://codereview.chromium.org/1316673008

Cr-Commit-Position: refs/heads/master@{#30636}

This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.

R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n

Review URL: https://codereview.chromium.org/1331603002

Cr-Commit-Position: refs/heads/master@{#30635}

The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.

If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).

BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1325573004

Cr-Commit-Position: refs/heads/master@{#30634}

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1329133002

Cr-Commit-Position: refs/heads/master@{#30633}

Before String.split only cached results if the seperator was found

BUG=v8:4191
LOG=N

Review URL: https://codereview.chromium.org/1308373005

Cr-Commit-Position: refs/heads/master@{#30632}

Replace Math{Min,Max}
Direct string comparison

Compared to https://codereview.chromium.org/1321853006/
single character
 found at true
77
P found at false
70
က found at false
70

BUG=v8:4384
LOG=N

Review URL: https://codereview.chromium.org/1324353002

Cr-Commit-Position: refs/heads/master@{#30631}

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1302423007

Cr-Commit-Position: refs/heads/master@{#30630}

The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.

This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.

This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.

MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
BUG=v8:4413
LOG=n

Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
Cr-Commit-Position: refs/heads/master@{#30627}

Review URL: https://codereview.chromium.org/1311013008

Cr-Commit-Position: refs/heads/master@{#30629}

Revert of [builtins] Unify the various versions of [[Call]] with a Call builtin. (patchset #10 id:260001 of https://codereview.chromium.org/1311013008/ )

Reason for revert:
Breaks nosnap, needs investigation

Original issue's description:
> [builtins] Unify the various versions of [[Call]] with a Call builtin.
>
> The new Call and CallFunction builtins supersede the current
> CallFunctionStub (and CallIC magic) and will be the single bottleneck
> for all calling, including the currently special Function.prototype.call
> and Function.prototype.apply builtins, which had handwritten (and
> not fully compliant) versions of CallFunctionStub, and also the
> CallIC(s), which where also slightly different.
>
> This also reduces the overhead for API function calls, which is still
> unnecessary high, but let's do that step-by-step.
>
> This also fixes a bunch of cases where the implicit ToObject for
> sloppy receivers was done in the wrong context (in the caller
> context instead of the callee context), which basically meant
> that we allowed cross context access to %ObjectPrototype%.
>
> MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
>
> R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
> BUG=v8:4413
> LOG=n
>
> Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
> Cr-Commit-Position: refs/heads/master@{#30627}

TBR=rmcilroy@chromium.org,jarin@chromium.org,mstarzinger@chromium.org,mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4413

Review URL: https://codereview.chromium.org/1328963004

Cr-Commit-Position: refs/heads/master@{#30628}

The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.

This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.

This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.

MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1311013008

Cr-Commit-Position: refs/heads/master@{#30627}

   This CL is a fix for c0c3d866 (r30606).
   In r30606, initialization of FPU implementation is not moved to prologue
   generation correctly.

BUG=

Review URL: https://codereview.chromium.org/1317643009

Cr-Commit-Position: refs/heads/master@{#30626}

Rolling v8/build/gyp to 5d01a8cda53bfa23f1dcbe0c31c33aa30f50cf4c

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1330793002

Cr-Commit-Position: refs/heads/master@{#30625}

Move various ArrayBuffer-related methods from Heap class to the newly
created ArrayBufferTracker. Consolidate and simplify things!

BUG=
R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1324023007

Cr-Commit-Position: refs/heads/master@{#30624}

The is_*san flags are moving from the master build config file into this
.gni file. This patch will allow V8 to continue compiling when that change
is landed.

Review URL: https://codereview.chromium.org/1330713003

Cr-Commit-Position: refs/heads/master@{#30623}

BUG=4134
R=vogelheim@chromium.org,rmcilroy@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1333463002

Cr-Commit-Position: refs/heads/master@{#30622}

This enables the general linter checking for "build/c++11" violations
during presubmit and instead marks the few known exceptions that we
allow explicitly.

R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1317463007

Cr-Commit-Position: refs/heads/master@{#30621}

BUG=

Review URL: https://codereview.chromium.org/1324103003

Cr-Commit-Position: refs/heads/master@{#30620}

- Moving parts of ArrayConcat from builtins.cc to the ElementsAccessor
- Removing ArrayConcat Runtime Function

BUG=v8:4317
LOG=N

Review URL: https://codereview.chromium.org/1330483003

Cr-Commit-Position: refs/heads/master@{#30619}

Review URL: https://codereview.chromium.org/1326263002

Cr-Commit-Position: refs/heads/master@{#30618}

This information can be used on the buildbot side to only
rebuild the failing target for bisection.

BUG=chromium:511215
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1313353006

Cr-Commit-Position: refs/heads/master@{#30617}

This clarifies a comments in the AstGraphBuilder that has led to
confusion about what "parameter index" refers to. The off-by-one is
confusing and a terribly phrased comment doesn't make it any better.

R=rmcilroy@chromium.org,oth@chromium.org

Review URL: https://codereview.chromium.org/1329043002

Cr-Commit-Position: refs/heads/master@{#30616}

Use AlignDown instead of IsAligned to avoid false negatives
on big endian platforms
Use byte with highest value to speedup search

BUG=

Review URL: https://codereview.chromium.org/1324803003

Cr-Commit-Position: refs/heads/master@{#30615}

BUG=

Review URL: https://codereview.chromium.org/1307743011

Cr-Commit-Position: refs/heads/master@{#30614}

port 3dc9b122 (r30582).

original commit message:

    Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
    and %HasProperty anyway, and cannot be optimized, plus it had a weird
    special fast case (which also involved at least one LOAD_IC plus some
    intrinsic magic).

BUG=

Review URL: https://codereview.chromium.org/1325183003

Cr-Commit-Position: refs/heads/master@{#30613}

port 40fbed06 (r30581)

original commit message:

    The last changes for vector store functionality, they are in 3 areas:

    1) The new vector [keyed] store code stubs - implementation.
    2) IC and handler compiler adjustments
    3) Odds and ends. A change in ast.cc, a test update, a small Oracle fix.

BUG=

Review URL: https://codereview.chromium.org/1311413007

Cr-Commit-Position: refs/heads/master@{#30612}

port 64e3bad3 (r30577)

original commit message:

    This is uncontroversial the dead code removal part of
    https://codereview.chromium.org/1307943013, which was
    previously landed, but got reverted because of DOM
    breakage that requires more investigation.

BUG=

Review URL: https://codereview.chromium.org/1321653004

Cr-Commit-Position: refs/heads/master@{#30611}

port 72bc4b5c (r30557)

original commit message:

    Use a single JSIteratorResult type for all implementation provided
    iterator results (i.e. the String, Array and collection iterators,
    and also for generators).  This removes one source of unnecessary
    polymorphism in for-of loops.  It is accomplished by a new intrinsic
    %_CreateIterResultObject() that should be used to create iterator
    result objects from JavaScript builtins (there's a matching factory
    method for C++ code).

    Also restructure the %StringIteratorPrototype%.next() and
    %ArrayIteratorPrototype%.next() functions to be a bit more friendly
    to optimizing compilers.

BUG=

Review URL: https://codereview.chromium.org/1331523002

Cr-Commit-Position: refs/heads/master@{#30610}

port 8a378f46 (r30552)

original commit message:

    This turns the has_instance_call_handler bit on Map into an is_callable
    bit, that matches the spec definition of IsCallable (i.e. instances have
    [[Call]] internal methods).

    Also fix the typeof operator to properly say "function" for everything
    that is callable.

    Also remove the (unused) premature %_GetPrototype optimization from
    Crankshaft, which just complicated the Map bit swap.

BUG=

Review URL: https://codereview.chromium.org/1310653004

Cr-Commit-Position: refs/heads/master@{#30609}

port 510baeac (r30550)

original commit message:

    Kills the kRestParameter bailout/disabled optimization, and fixes
    lazily parsed arrow functions with rest parameters.

    Supercedes https://crrev.com/1235153006/

BUG=

Review URL: https://codereview.chromium.org/1305943008

Cr-Commit-Position: refs/heads/master@{#30608}

Revert of Deactivate Parser Bookmarks (patchset #1 id:1 of https://codereview.chromium.org/1315173007/ )

Reason for revert:
Tanks performance (Mandreel latency). A simple deactivation will not work.

Original issue's description:
> Deactivate Parser Bookmarks.
>
> Bookmarks may create a race condition which
> results in syntax errors. The more files are parsed
> in parallel the higher the probability that the error
> occurs.
> Unfortunately it is not possible to simply revert the
> CLs related to Bookmarks.
>
> BUG=chromium:527930,chromium:510825
> LOG=Y
>
> Committed: https://crrev.com/129593b40eb69d93ba626601bfda046a95cda0e7
> Cr-Commit-Position: refs/heads/master@{#30594}

TBR=vogelheim@chromium.org,jkummerow@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:527930,chromium:510825

Review URL: https://codereview.chromium.org/1304413007

Cr-Commit-Position: refs/heads/master@{#30607}

port 29ebcc32 (r30496).

original commit message:

    This CL introduces HPrologue instruction which does the context allocation work and supports deoptimization.

BUG=

Review URL: https://codereview.chromium.org/1308743005

Cr-Commit-Position: refs/heads/master@{#30606}