Revert of [crankshaft] Inline hasOwnProperty when used in fast-case for-in (patchset #1 id:40001 of https://codereview.chromium.org/1742253002/ )

Reason for revert:
ARM64 GCStress failure

Original issue's description:
> [crankshaft] Inline hasOwnProperty when used in fast-case for-in
>
> e.g.,
>
> for (var k in o) {
>   if (!o.hasOwnProperty(k)) continue;
>   ...
> }
>
> without enumerable properties on the prototype chain of o.
>
> BUG=
>
> Committed: https://crrev.com/dec80752eb344dfeb85588e61ac0afd22b11aadb
> Cr-Commit-Position: refs/heads/master@{#34379}

TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1748143004

Cr-Commit-Position: refs/heads/master@{#34380}

e.g.,

for (var k in o) {
  if (!o.hasOwnProperty(k)) continue;
  ...
}

without enumerable properties on the prototype chain of o.

BUG=

Review URL: https://codereview.chromium.org/1742253002

Cr-Commit-Position: refs/heads/master@{#34379}

Operations on word size data must be word sized, and not word32.
Currently this only generates worse code, but in the future, it
might even generate wrong code, so we should better get this right
from the beginning.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1748953004

Cr-Commit-Position: refs/heads/master@{#34378}

The only place in fullcodegen, where we know for sure that a for-in loop
entered the slow-path is right before the potential call to %ForInFilter.
So there's no point in also updating the mode eagerly during ForInPrepare.

R=yangguo@chromium.org
BUG=v8:3650
LOG=n

Review URL: https://codereview.chromium.org/1749033002

Cr-Commit-Position: refs/heads/master@{#34377}

BUG=575466
LOG=N

Review URL: https://codereview.chromium.org/1740073002

Cr-Commit-Position: refs/heads/master@{#34376}

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/asm-wasm
R=titzer@chromium.org,bradnelson@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1750153002

Cr-Commit-Position: refs/heads/master@{#34375}

Rolling v8/base/trace_event/common to e40c41030f44cbd5b6f54081436620f43c3bb08a

Rolling v8/tools/clang to d53e60b4f31f03a6f719b13ed2de7389a4d89be4

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1748313002

Cr-Commit-Position: refs/heads/master@{#34374}

This patch fixes %TypedArray%.from to follow the ES2016 draft spec
more precisely. Specifically, the input is first converted to an
ArrayLike, and then afterwards, the mapping function is run and the
results written into the TypedArray. This fixes a test262 test.

R=adamk
LOG=Y
BUG=v8:4782

Review URL: https://codereview.chromium.org/1743463004

Cr-Commit-Position: refs/heads/master@{#34373}

  port d00da47b(r34335)

  original commit message:
  The CompareICStub produces an untagged raw word value, which has to be
  translated to true or false manually in the TurboFan code. But for lazy
  bailout after the CompareIC, we immediately go back to fullcodegen or
  Ignition with the raw value, to a location where both fullcodegen and
  Ignition expect a boolean value, which might crash or in the worst case
  (depending on the exact computation inside the CompareIC) could lead to
  arbitrary memory access.

  Short-term fix is to use the proper runtime functions (unified with the
  interpreter now) for comparisons. Next task is to provide optimized
  versions of these based on the CodeStubAssembler, which can then be used
  via code stubs in TurboFan or directly in handlers in the interpreter.

BUG=

Review URL: https://codereview.chromium.org/1744923002

Cr-Commit-Position: refs/heads/master@{#34372}

Port fb59ea33

Original commit message:
    Since both null and undefined are also marked as undetectable now, we
    can just test that bit instead of having the CompareNilIC try to collect
    feedback to speed up the general case (without the undetectable bit
    being used).

    Drive-by-fix: Update the type system to match the new handling of
    undetectable in the runtime.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1742333002

Cr-Commit-Position: refs/heads/master@{#34371}

specified.

BUG=chromium:590668
LOG=N

Review URL: https://codereview.chromium.org/1746833002

Cr-Commit-Position: refs/heads/master@{#34370}

The "each" slot is only actually used by ForIn, so this simply cleans
up a TODO of mine and removes an IsForOfStatement() call.

Review URL: https://codereview.chromium.org/1742013002

Cr-Commit-Position: refs/heads/master@{#34369}

R=bradnelson@chromium.org,ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1746653002

Cr-Commit-Position: refs/heads/master@{#34368}

This caused a runtime crash for Chrome built with clang on all
ChromeOs
arm32 platforms - ChromeOs chrome is using hardfp while this routine
returns false.

The fix is straightforward.

BUG=chromium:586219
TEST=built arm32 hardfp using clang and passed all tests.
LOG=N

Review URL: https://codereview.chromium.org/1733863002

Cr-Commit-Position: refs/heads/master@{#34367}

R=littledan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1746713002

Cr-Commit-Position: refs/heads/master@{#34366}

This is done by ensuring that the Arm64ClaimCSP instruction calls
AlignAndSetCSPForFrame when it's generated when the StackPointer() is set to
jssp.

LOG=N

Review URL: https://codereview.chromium.org/1746053002

Cr-Commit-Position: refs/heads/master@{#34365}

In order to track certain critical code-patters we will start adding
micro-benchmarks that reflect common requests on http://jsperf.com.
In this first CL a number of property enumeration methods are added,
in the hope to get a clearer picture on future regressions.

BUG=

Review URL: https://codereview.chromium.org/1702613002

Cr-Commit-Position: refs/heads/master@{#34364}

BUG=

Review URL: https://codereview.chromium.org/1738973002

Cr-Commit-Position: refs/heads/master@{#34363}

This speeds up hasOwnProperty 5-10%

BUG=

Review URL: https://codereview.chromium.org/1745013002

Cr-Commit-Position: refs/heads/master@{#34362}

Rename the existing (patching) ToBooleanStub to ToBooleanICStub to match
our naming convention, and add a new TurboFan-powered ToBooleanStub,
which just does the ToBoolean conversion without any runtime call or
code patching, so we can use it for Ignition (and TurboFan).

Drive-by-fix: Add an Oddball::to_boolean field similar to the ones we
already have for to_string and to_number, so we don't need to actually
dispatch on the concrete Oddball at all.

R=epertoso@chromium.org, rmcilroy@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/1744163002

Cr-Commit-Position: refs/heads/master@{#34361}

BUG=v8:2999, v8:4751
LOG=n

Review URL: https://codereview.chromium.org/1745023002

Cr-Commit-Position: refs/heads/master@{#34360}

Given that an additional map-check is inserted for function, we need to
check the underlying value.

BUG=

Review URL: https://codereview.chromium.org/1747753003

Cr-Commit-Position: refs/heads/master@{#34359}

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1748613002

Cr-Commit-Position: refs/heads/master@{#34358}

Probably easier to use for embedders.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/1749663002

Cr-Commit-Position: refs/heads/master@{#34357}

This gets rid of the JavaScript wrapper. That way we can more quickly handle non-JSReceivers and indexed properties; and don't need to optimize the JavaScript wrapper either.

BUG=

Review URL: https://codereview.chromium.org/1742283002

Cr-Commit-Position: refs/heads/master@{#34356}

Fix some crashes when tests are run on real hardware.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1748603002

Cr-Commit-Position: refs/heads/master@{#34355}

This ensures that the generated code output will match the reference code output
and fixes some failures when running tests natively.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1744493003

Cr-Commit-Position: refs/heads/master@{#34354}

  port fcb83f20(r34273)

  original commit message:
  This optimization does not give us much (see perf try bot results associated with this CL) but complicates things a lot. The main motivation is to avoid additional complexity in tail call optim

  There are some pieces left in the deoptimizer, but I'll address this in a separate CL.

BUG=

Review URL: https://codereview.chromium.org/1750433002

Cr-Commit-Position: refs/heads/master@{#34353}

  port 55b4df73(r34303)

  original commit message:
  Only use one set of %StrictEquals/%StrictNotEquals and
  %Equals/%NotEquals runtime entries for both the interpreter
  and the old-style CompareICStub. The long-term plan is to
  update the CompareICStub to also return boolean values, and
  even allow some more code sharing with the interpreter there.

BUG=

Review URL: https://codereview.chromium.org/1743123002

Cr-Commit-Position: refs/heads/master@{#34352}

R=bradnelson@chromium.org,ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1745863002

Cr-Commit-Position: refs/heads/master@{#34351}

R=bradnelson@chromium.org, binji@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1741393002

Cr-Commit-Position: refs/heads/master@{#34350}

This is just a band-aid workaround.

TBR=hablich@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1747723002

Cr-Commit-Position: refs/heads/master@{#34349}

BUG=chromium:535160,v8:4792
LOG=n
TBR=tandrii@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1741383002

Cr-Commit-Position: refs/heads/master@{#34348}

TBR=machenbach@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1744823002

Cr-Commit-Position: refs/heads/master@{#34347}

R=binji@chromium.org,jfb@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1740373002

Cr-Commit-Position: refs/heads/master@{#34346}

R=bradnelson@chromium.org,aseemgarg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1742073002

Cr-Commit-Position: refs/heads/master@{#34345}

Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).

Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.

R=danno@chromium.org

Committed: https://crrev.com/666aec0348c8793e61c8633dee7ad29a514239ba
Cr-Commit-Position: refs/heads/master@{#34237}

Review URL: https://codereview.chromium.org/1722193002

Cr-Commit-Position: refs/heads/master@{#34344}

Rolling v8/tools/clang to e67c4fe288f02e1d208961b757ff78d5b3e51782

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1744783002

Cr-Commit-Position: refs/heads/master@{#34343}

R=binji@chromium.org,jfb@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1744713003

Cr-Commit-Position: refs/heads/master@{#34342}

Port d00da47b

Original commit message:
    The CompareICStub produces an untagged raw word value, which has to be
    translated to true or false manually in the TurboFan code. But for lazy
    bailout after the CompareIC, we immediately go back to fullcodegen or
    Ignition with the raw value, to a location where both fullcodegen and
    Ignition expect a boolean value, which might crash or in the worst case
    (depending on the exact computation inside the CompareIC) could lead to
    arbitrary memory access.

    Short-term fix is to use the proper runtime functions (unified with the
    interpreter now) for comparisons. Next task is to provide optimized
    versions of these based on the CodeStubAssembler, which can then be used
    via code stubs in TurboFan or directly in handlers in the interpreter.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4788
LOG=n

Review URL: https://codereview.chromium.org/1745643002

Cr-Commit-Position: refs/heads/master@{#34341}