FutexEmulation::Wait can potentially block forever on a condition variable. We
want to allow this to be interrupted (for a debugger, or to terminate the
thread, for example).

The previous implementation would periodically wake up the waiter to check for
interrupts. This CL modifies the StackGuard so it wakes the blocked futex if
the thread should be interrupted.

BUG=chromium:497295
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1230303005

Cr-Commit-Position: refs/heads/master@{#30311}

BUG=

Review URL: https://codereview.chromium.org/1293283003

Cr-Commit-Position: refs/heads/master@{#30301}

Embedders would use these for features which must be able to be turned
off at runtime, despite being compiled into V8. They can be turned on
and off by the embedder using the --experimental_extras flag, e.g. via
v8::SetFlagsFromString.

R=yangguo@chromium.org, mlippautz@chromium.org, hpayer@chromium.org
BUG=chromium:507137
LOG=Y

Review URL: https://codereview.chromium.org/1284413002

Cr-Commit-Position: refs/heads/master@{#30260}

Revert of [runtime] Remove useless IN builtin. (patchset #2 id:20001 of https://codereview.chromium.org/1295433002/ )

Reason for revert:
Breaks win32 nosnap

Original issue's description:
> [runtime] Remove useless IN builtin.
>
> Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
> and %HasProperty anyway, and cannot be optimized, plus it had a weird
> special fast case (which also involved at least one LOAD_IC plus some
> intrinsic magic).
>
> R=yangguo@chromium.org,jarin@chromium.org
>
> Committed: https://crrev.com/72d60a1e80e81e2e68ca402665e2acbc46c5e471
> Cr-Commit-Position: refs/heads/master@{#30154}

TBR=yangguo@chromium.org,jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1288923002

Cr-Commit-Position: refs/heads/master@{#30155}

Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
and %HasProperty anyway, and cannot be optimized, plus it had a weird
special fast case (which also involved at least one LOAD_IC plus some
intrinsic magic).

R=yangguo@chromium.org,jarin@chromium.org

Review URL: https://codereview.chromium.org/1295433002

Cr-Commit-Position: refs/heads/master@{#30154}

The DELETE builtin calls through to %DeleteProperty anyway, so we
can as well skip the builtin completely and always call into the
runtime directly.  Also add different entries depending on whether
calling code is in sloppy or strict/strong mode.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1291973002

Cr-Commit-Position: refs/heads/master@{#30148}

TurboFan is now a requirement and supported by all backends, so we don't
need those macros (plus all the machinery on top) anymore.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1282763002

Cr-Commit-Position: refs/heads/master@{#30082}

R=yangguo@chromium.org, jochen@chromium.org
BUG=507133
LOG=Y

Review URL: https://codereview.chromium.org/1275683002

Cr-Commit-Position: refs/heads/master@{#30053}

We missed a check whether we can actually do incremental marking when starting
it on reaching the external allocation limit.

BUG=chromium:517195
LOG=N

Review URL: https://codereview.chromium.org/1274983002

Cr-Commit-Position: refs/heads/master@{#30043}

BUG=

Review URL: https://codereview.chromium.org/1269343002

Cr-Commit-Position: refs/heads/master@{#30031}

This is only an estimate since it counts objects that could be shared,
for example strings, cow arrays, heap numbers, etc.

It however ignores objects that could be shared, but may only be used
by the context to be measured, for example shared function infos,
script objects, scope infos, etc.

R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1268333004

Cr-Commit-Position: refs/heads/master@{#30029}

There is only one use case for it: String.prototype.search converts a
string argument into a RegExp. The cache is used to avoid repeating that
conversion. However, this does not make the added complexity worthwhile.

Review URL: https://codereview.chromium.org/1267493006

Cr-Commit-Position: refs/heads/master@{#29985}

R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1265923002

Cr-Commit-Position: refs/heads/master@{#29951}

The idle time handler should never return DONE or DO_SCAVENGE for
background tabs. Upon receiving DONE chrome will stop sending idle notifications.

BUG=chromium:515174
LOG=NO

Review URL: https://codereview.chromium.org/1269583002

Cr-Commit-Position: refs/heads/master@{#29926}

Original issue's description:
> Remove ExternalArray, derived types, and element kinds
>
> BUG=v8:3996
> R=jarin@chromium.org, mvstanton@chromium.org, bmeurer@chromium.org
> LOG=y
>
> Committed: https://crrev.com/607ef7c6009a24ebf195b4cab7b0b436c5afd21c
> Cr-Commit-Position: refs/heads/master@{#29872}

BUG=v8:3996
R=bmeurer@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1262583002

Cr-Commit-Position: refs/heads/master@{#29893}

Revert of Remove ExternalArray, derived types, and element kinds (patchset #5 id:80001 of https://codereview.chromium.org/1254623002/)

Reason for revert:
[Sheriff] Breaks several layout tests, e.g.:
http://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2032/builds/1067

Several output lines change from PASS to FAIL. If the changes are intended, please land a needsmanualrebaseline change in blink first.

Original issue's description:
> Remove ExternalArray, derived types, and element kinds
>
> BUG=v8:3996
> R=jarin@chromium.org, mvstanton@chromium.org, bmeurer@chromium.org
> LOG=y
>
> Committed: https://crrev.com/607ef7c6009a24ebf195b4cab7b0b436c5afd21c
> Cr-Commit-Position: refs/heads/master@{#29872}

TBR=bmeurer@chromium.org,hpayer@chromium.org,jarin@chromium.org,mvstanton@chromium.org,jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3996

Review URL: https://codereview.chromium.org/1257223002

Cr-Commit-Position: refs/heads/master@{#29883}

BUG=v8:3996
R=jarin@chromium.org, mvstanton@chromium.org, bmeurer@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1254623002

Cr-Commit-Position: refs/heads/master@{#29872}

BUG=

Review URL: https://codereview.chromium.org/1249703005

Cr-Commit-Position: refs/heads/master@{#29795}

The background parser checks for debugger state in its constructor. This
is not good enough, since the debugger state may change afterwards, but
before compiling takes place. As the background parser can only parse
lazily, this could mean that due to debugging, we try to eagerly compile
an inner function we have not eagerly parsed.

R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1247743002

Cr-Commit-Position: refs/heads/master@{#29784}

Revisit of https://codereview.chromium.org/910333004.

Use 4MB heap page size over the default of 1MB.

This change provides an improvement of 1.86% on the composite octane
benchmark score on PPC. This is 0.56% more than if --min_semi_space_size=4
was used to specify a 4MB heap page size.

Additionally, two more tests required modification to account for
configurable heap page size.

R=svenpanne@chromium.org, hpayer@chromium.org, danno@chromium.org, mbrandy@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1221433022

Cr-Commit-Position: refs/heads/master@{#29775}

BUG=chromium:497295
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1208933006

Cr-Commit-Position: refs/heads/master@{#29736}

BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1241953010

Cr-Commit-Position: refs/heads/master@{#29733}

BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1228113007

Cr-Commit-Position: refs/heads/master@{#29728}

BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1242123002

Cr-Commit-Position: refs/heads/master@{#29725}

BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1242093002

Cr-Commit-Position: refs/heads/master@{#29721}

These were added when I thought they would be useful in Blink, but as
it turned out they were not. They could likely be deleted immediately,
but to play it safe I'll go through the usual deprecation process.

Review URL: https://codereview.chromium.org/1236263004

Cr-Commit-Position: refs/heads/master@{#29690}

BUG=

Review URL: https://codereview.chromium.org/1241883002

Cr-Commit-Position: refs/heads/master@{#29686}

R=jochen@chromium.org
LOG=y
BUG=

Review URL: https://codereview.chromium.org/1209403005

Cr-Commit-Position: refs/heads/master@{#29680}

Bunch of cleanups to allow us to get rid of handles-inl.h at some
point (in the not so far future); but more importantly to sanitize uses
of handles and prepare for handle canonicalization support.

R=yangguo@chromium.org

Committed: https://crrev.com/3283195d0408333cce552cf4087577e6f41054e5
Cr-Commit-Position: refs/heads/master@{#28222}

Committed: https://crrev.com/d940c6d3bcc227b459cb4123d9a8332d9ed0d5f8
Cr-Commit-Position: refs/heads/master@{#29666}

Review URL: https://codereview.chromium.org/1128533002

Cr-Commit-Position: refs/heads/master@{#29675}

Review URL: https://codereview.chromium.org/1221433021

Cr-Commit-Position: refs/heads/master@{#29604}

Until now, TF-generated code stubs piggy-backed off of the builtin
context. Since generation of code stubs is lazy, stubs generated at
different times in different native contexts would contain embedded
pointers different builtin contexts, leading to cross-context references
and memory leaks.

After this CL, all TF-generated code stubs are generated inside a
internal thinned-out, native context that lives solely for the
purpose of hosting generated code stubs.

Review URL: https://codereview.chromium.org/1213203007

Cr-Commit-Position: refs/heads/master@{#29593}

This reverts commit 26991892.
This reverts commit 435b3c87.

The failing test is fixing in chromium.

BUG=chromium:490559
LOG=NO
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1208993009

Cr-Commit-Position: refs/heads/master@{#29512}

We also need to do the check before using an existing handler from the
cache

BUG=chromium:505374
R=verwaest@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1221433010

Cr-Commit-Position: refs/heads/master@{#29511}

`WriteUtf16Slow` should not assume that the output buffer has enough
bytes to hold both words of surrogate pair. It should pass the number of
remaining bytes to the `Utf8::ValueOf` instead, just as we already do in
`Utf8DecoderBase::Reset`. Otherwise it will attempt to write the trail
uint16_t past the buffer boundary, leading to memory corruption and
possible crash.

Originally reported by: Kris Reeves <kris.re@bbhmedia.com>

BUG=v8:4274
R=danno
R=svenpanne
LOG=y

Review URL: https://codereview.chromium.org/1226493003

Cr-Commit-Position: refs/heads/master@{#29485}

R=ishell@chromium.org
BUG=chromium:505539
LOG=N

Review URL: https://codereview.chromium.org/1214373005

Cr-Commit-Position: refs/heads/master@{#29481}

Revert of Replace reduce-memory mode in idle notification with delayed clean-up GC. (patchset #17 id:320001 of https://codereview.chromium.org/1218863002/)

Reason for revert:
[Sheriff] Looks like it blocks the roll (bisected). Speculative revert.
https://codereview.chromium.org/1210293003/

Original issue's description:
> Replace reduce-memory mode in idle notification with delayed clean-up GC.
>
> BUG=490559
> LOG=NO
>
> Committed: https://crrev.com/0ecd9e1bd2c6b519d4e7285f46cb7e844bc2235c
> Cr-Commit-Position: refs/heads/master@{#29451}

TBR=hpayer@chromium.org,ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=490559

Review URL: https://codereview.chromium.org/1226703002

Cr-Commit-Position: refs/heads/master@{#29470}

BUG=490559
LOG=NO

Review URL: https://codereview.chromium.org/1218863002

Cr-Commit-Position: refs/heads/master@{#29451}

BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1219663009

Cr-Commit-Position: refs/heads/master@{#29448}

The only right way to enable access checks is to install access check callbacks on an object template via v8::ObjectTemplate::SetAccessCheckCallbacks(). It does not make sense to enable access checks on an arbitrary object.

Review URL: https://codereview.chromium.org/1217893012

Cr-Commit-Position: refs/heads/master@{#29439}

This change changes bootstrapping semantics for intercepted global objects. Unlike before, we'll now also call into the interceptor during bootstrapping. This affects properties loaded from within the runtime, such as global.Array and global.Symbol. The embedder will need to make sure that those values are the expected values during bootstrapping.

BUG=chromium:505998
LOG=n

Review URL: https://codereview.chromium.org/1220813005

Cr-Commit-Position: refs/heads/master@{#29414}