This removes the DisallowAllocationFailure assertion scope which mostly
coincided with the AlwaysAllocateScope anyways. Access to the bitfield
in the Isolate was not synchronized and hence the AlwaysAllocateScope
was not thread-safe in debug mode, now it is.

R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1319153006

Cr-Commit-Position: refs/heads/master@{#30637}

By using an InternArray for the pivot calculation we can get rid of yet
another %_CallFunction.

Review URL: https://codereview.chromium.org/1316673008

Cr-Commit-Position: refs/heads/master@{#30636}

This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.

R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n

Review URL: https://codereview.chromium.org/1331603002

Cr-Commit-Position: refs/heads/master@{#30635}

The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.

If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).

BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1325573004

Cr-Commit-Position: refs/heads/master@{#30634}

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1329133002

Cr-Commit-Position: refs/heads/master@{#30633}

Before String.split only cached results if the seperator was found

BUG=v8:4191
LOG=N

Review URL: https://codereview.chromium.org/1308373005

Cr-Commit-Position: refs/heads/master@{#30632}

Replace Math{Min,Max}
Direct string comparison

Compared to https://codereview.chromium.org/1321853006/
single character
 found at true
77
P found at false
70
က found at false
70

BUG=v8:4384
LOG=N

Review URL: https://codereview.chromium.org/1324353002

Cr-Commit-Position: refs/heads/master@{#30631}

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1302423007

Cr-Commit-Position: refs/heads/master@{#30630}

The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.

This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.

This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.

MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
BUG=v8:4413
LOG=n

Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
Cr-Commit-Position: refs/heads/master@{#30627}

Review URL: https://codereview.chromium.org/1311013008

Cr-Commit-Position: refs/heads/master@{#30629}

Revert of [builtins] Unify the various versions of [[Call]] with a Call builtin. (patchset #10 id:260001 of https://codereview.chromium.org/1311013008/ )

Reason for revert:
Breaks nosnap, needs investigation

Original issue's description:
> [builtins] Unify the various versions of [[Call]] with a Call builtin.
>
> The new Call and CallFunction builtins supersede the current
> CallFunctionStub (and CallIC magic) and will be the single bottleneck
> for all calling, including the currently special Function.prototype.call
> and Function.prototype.apply builtins, which had handwritten (and
> not fully compliant) versions of CallFunctionStub, and also the
> CallIC(s), which where also slightly different.
>
> This also reduces the overhead for API function calls, which is still
> unnecessary high, but let's do that step-by-step.
>
> This also fixes a bunch of cases where the implicit ToObject for
> sloppy receivers was done in the wrong context (in the caller
> context instead of the callee context), which basically meant
> that we allowed cross context access to %ObjectPrototype%.
>
> MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
>
> R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
> BUG=v8:4413
> LOG=n
>
> Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
> Cr-Commit-Position: refs/heads/master@{#30627}

TBR=rmcilroy@chromium.org,jarin@chromium.org,mstarzinger@chromium.org,mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4413

Review URL: https://codereview.chromium.org/1328963004

Cr-Commit-Position: refs/heads/master@{#30628}

The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.

This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.

This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.

MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1311013008

Cr-Commit-Position: refs/heads/master@{#30627}

   This CL is a fix for c0c3d866 (r30606).
   In r30606, initialization of FPU implementation is not moved to prologue
   generation correctly.

BUG=

Review URL: https://codereview.chromium.org/1317643009

Cr-Commit-Position: refs/heads/master@{#30626}

Rolling v8/build/gyp to 5d01a8cda53bfa23f1dcbe0c31c33aa30f50cf4c

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1330793002

Cr-Commit-Position: refs/heads/master@{#30625}

Move various ArrayBuffer-related methods from Heap class to the newly
created ArrayBufferTracker. Consolidate and simplify things!

BUG=
R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1324023007

Cr-Commit-Position: refs/heads/master@{#30624}

The is_*san flags are moving from the master build config file into this
.gni file. This patch will allow V8 to continue compiling when that change
is landed.

Review URL: https://codereview.chromium.org/1330713003

Cr-Commit-Position: refs/heads/master@{#30623}

BUG=4134
R=vogelheim@chromium.org,rmcilroy@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1333463002

Cr-Commit-Position: refs/heads/master@{#30622}

This enables the general linter checking for "build/c++11" violations
during presubmit and instead marks the few known exceptions that we
allow explicitly.

R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1317463007

Cr-Commit-Position: refs/heads/master@{#30621}

BUG=

Review URL: https://codereview.chromium.org/1324103003

Cr-Commit-Position: refs/heads/master@{#30620}

- Moving parts of ArrayConcat from builtins.cc to the ElementsAccessor
- Removing ArrayConcat Runtime Function

BUG=v8:4317
LOG=N

Review URL: https://codereview.chromium.org/1330483003

Cr-Commit-Position: refs/heads/master@{#30619}

Review URL: https://codereview.chromium.org/1326263002

Cr-Commit-Position: refs/heads/master@{#30618}

This information can be used on the buildbot side to only
rebuild the failing target for bisection.

BUG=chromium:511215
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1313353006

Cr-Commit-Position: refs/heads/master@{#30617}

This clarifies a comments in the AstGraphBuilder that has led to
confusion about what "parameter index" refers to. The off-by-one is
confusing and a terribly phrased comment doesn't make it any better.

R=rmcilroy@chromium.org,oth@chromium.org

Review URL: https://codereview.chromium.org/1329043002

Cr-Commit-Position: refs/heads/master@{#30616}

Use AlignDown instead of IsAligned to avoid false negatives
on big endian platforms
Use byte with highest value to speedup search

BUG=

Review URL: https://codereview.chromium.org/1324803003

Cr-Commit-Position: refs/heads/master@{#30615}

BUG=

Review URL: https://codereview.chromium.org/1307743011

Cr-Commit-Position: refs/heads/master@{#30614}

port 3dc9b122 (r30582).

original commit message:

    Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
    and %HasProperty anyway, and cannot be optimized, plus it had a weird
    special fast case (which also involved at least one LOAD_IC plus some
    intrinsic magic).

BUG=

Review URL: https://codereview.chromium.org/1325183003

Cr-Commit-Position: refs/heads/master@{#30613}

port 40fbed06 (r30581)

original commit message:

    The last changes for vector store functionality, they are in 3 areas:

    1) The new vector [keyed] store code stubs - implementation.
    2) IC and handler compiler adjustments
    3) Odds and ends. A change in ast.cc, a test update, a small Oracle fix.

BUG=

Review URL: https://codereview.chromium.org/1311413007

Cr-Commit-Position: refs/heads/master@{#30612}

port 64e3bad3 (r30577)

original commit message:

    This is uncontroversial the dead code removal part of
    https://codereview.chromium.org/1307943013, which was
    previously landed, but got reverted because of DOM
    breakage that requires more investigation.

BUG=

Review URL: https://codereview.chromium.org/1321653004

Cr-Commit-Position: refs/heads/master@{#30611}

port 72bc4b5c (r30557)

original commit message:

    Use a single JSIteratorResult type for all implementation provided
    iterator results (i.e. the String, Array and collection iterators,
    and also for generators).  This removes one source of unnecessary
    polymorphism in for-of loops.  It is accomplished by a new intrinsic
    %_CreateIterResultObject() that should be used to create iterator
    result objects from JavaScript builtins (there's a matching factory
    method for C++ code).

    Also restructure the %StringIteratorPrototype%.next() and
    %ArrayIteratorPrototype%.next() functions to be a bit more friendly
    to optimizing compilers.

BUG=

Review URL: https://codereview.chromium.org/1331523002

Cr-Commit-Position: refs/heads/master@{#30610}

port 8a378f46 (r30552)

original commit message:

    This turns the has_instance_call_handler bit on Map into an is_callable
    bit, that matches the spec definition of IsCallable (i.e. instances have
    [[Call]] internal methods).

    Also fix the typeof operator to properly say "function" for everything
    that is callable.

    Also remove the (unused) premature %_GetPrototype optimization from
    Crankshaft, which just complicated the Map bit swap.

BUG=

Review URL: https://codereview.chromium.org/1310653004

Cr-Commit-Position: refs/heads/master@{#30609}

port 510baeac (r30550)

original commit message:

    Kills the kRestParameter bailout/disabled optimization, and fixes
    lazily parsed arrow functions with rest parameters.

    Supercedes https://crrev.com/1235153006/

BUG=

Review URL: https://codereview.chromium.org/1305943008

Cr-Commit-Position: refs/heads/master@{#30608}

Revert of Deactivate Parser Bookmarks (patchset #1 id:1 of https://codereview.chromium.org/1315173007/ )

Reason for revert:
Tanks performance (Mandreel latency). A simple deactivation will not work.

Original issue's description:
> Deactivate Parser Bookmarks.
>
> Bookmarks may create a race condition which
> results in syntax errors. The more files are parsed
> in parallel the higher the probability that the error
> occurs.
> Unfortunately it is not possible to simply revert the
> CLs related to Bookmarks.
>
> BUG=chromium:527930,chromium:510825
> LOG=Y
>
> Committed: https://crrev.com/129593b40eb69d93ba626601bfda046a95cda0e7
> Cr-Commit-Position: refs/heads/master@{#30594}

TBR=vogelheim@chromium.org,jkummerow@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:527930,chromium:510825

Review URL: https://codereview.chromium.org/1304413007

Cr-Commit-Position: refs/heads/master@{#30607}

port 29ebcc32 (r30496).

original commit message:

    This CL introduces HPrologue instruction which does the context allocation work and supports deoptimization.

BUG=

Review URL: https://codereview.chromium.org/1308743005

Cr-Commit-Position: refs/heads/master@{#30606}

port fbad6366 (r30467)

original commit message:

    The call protocol requires that the register dedicated to the number of
    actual arguments (i.e. rax on x64) always contains the actual arguments.
    That means after adapting arguments it should match the number of
    expected arguments.  But currently we pass some semi-random value
    (usually some stack address) after adapting arguments.

    It looks like this is currently not observable anywhere, because our
    builtins and functions either don't look at the number of arguments and
    just make hard coded (unchecked) assumptions, or are marked as "don't
    adapt arguments", which bypasses the broken code in the trampoline for
    arguments adaption.  Nevertheless this should be fixed.

BUG=

Review URL: https://codereview.chromium.org/1304893010

Cr-Commit-Position: refs/heads/master@{#30605}

Additionally, improve immediate operand matching for branches
to avoid duplicated constant loading.

Review URL: https://codereview.chromium.org/1326173002

Cr-Commit-Position: refs/heads/master@{#30604}

BUG=

Review URL: https://codereview.chromium.org/1322693004

Cr-Commit-Position: refs/heads/master@{#30603}

[arm] Decrease the size of the assembler class by allocating buffers of pending constants on the heap.

BUG=chromium:521828
LOG=N

Review URL: https://codereview.chromium.org/1310863005

Cr-Commit-Position: refs/heads/master@{#30602}

Rolling v8/build/gyp to 2b17e0b26a93e8c9758c23aec6c554da4ca8f0a9

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1324213006

Cr-Commit-Position: refs/heads/master@{#30601}

Wasm mjsunit tests aren't being detected when symlinked into
test/mjsunit/wasm. This causes symlinked directories in that
directory to be included.

BUG=None
TEST=local
R=dehrenberg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1332463002

Cr-Commit-Position: refs/heads/master@{#30600}

Much faster and constant than always searching the whole string

````
var allCodePoints = [];
for (var i = 0; i < 65536; i++) allCodePoints[i] = i;
var allCharsString = String.fromCharCode.apply(String, allCodePoints);

function bench(search) {
  var counter = 0;
  print(search + " found at " + allCharsString.startsWith(search));
  var start = Date.now();
  while (counter++ < 5000000) {
    allCharsString.startsWith(search);
  }
  var end = Date.now();
  print(end - start);
  return counter;
}

print("single character");
bench("\u0000");
bench("\u0050");
bench("\u1000");
````

OLD

single character
 found at true
374
P found at false
559
က found at false
13492

NEW

single character
 found at true
261
P found at false
146
က found at false
146

BUG=v8:4384
LOG=N

Review URL: https://codereview.chromium.org/1321853006

Cr-Commit-Position: refs/heads/master@{#30599}

BUG= https://github.com/WebAssembly/v8-native-prototype/issues/10
TEST=manual check of wasm=on
R=dehrenberg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1306753007

Cr-Commit-Position: refs/heads/master@{#30598}