eval() may introduce a scope which needs to be represented as a context at
runtime, e.g.,

  eval('var x; let y; ()=>y')

introduces a variable y which needs to have a context allocated for it. However,
when traversing upwards to find the declaration context for a variable which leaks,
as the declaration of x does above, this context has to be understood to not be
a declaration context in sloppy mode.

This patch makes that distinction by introducing a different map for eval-introduced
contexts. A dynamic search for the appropriate context will continue past an eval
context to find the appropriate context. Marking contexts as eval contexts rather
than function contexts required updates in each compiler backend.

BUG=v8:5295, chromium:648719

Review-Url: https://codereview.chromium.org/2435023002
Cr-Commit-Position: refs/heads/master@{#41869}

The patch was reverted due to a bug - we failed to evict OSR-optimized
code in the case where the SharedFunctionInfo OptimizedCodeMap was
empty/cleared.

Since we OSR code rarely, it makes sense to store it and look for it on the native context rather than the SharedFunctionInfo. This makes the OptimizedCodeMap data structure more space efficient, as it doesn't have to store an ast ID for the OSR entry point.

Review-Url: https://codereview.chromium.org/2561083002
Cr-Commit-Position: refs/heads/master@{#41584}

Revert of Store OSR'd optimized code on the native context. (patchset #8 id:140001 of https://codereview.chromium.org/2549753002/ )

Reason for revert:
Speculative revert WebGL breakage reported in https://bugs.chromium.org/p/chromium/issues/detail?id=672367

Original issue's description:
> Store OSR'd optimized code on the native context.
>
> Since we OSR code rarely, it makes sense to store it and look for it on the native context rather than the SharedFunctionInfo. This makes the OptimizedCodeMap data structure more space efficient, as it doesn't have to store an ast ID for the OSR entry point.
>
> BUG=
>
> Committed: https://crrev.com/378b6b22fb7925ac5b672335a54599f5739e7758
> Cr-Commit-Position: refs/heads/master@{#41554}

TBR=mstarzinger@chromium.org, mvstanton@chromium.org, ulan@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2562623003
Cr-Commit-Position: refs/heads/master@{#41571}

Since we OSR code rarely, it makes sense to store it and look for it on the native context rather than the SharedFunctionInfo. This makes the OptimizedCodeMap data structure more space efficient, as it doesn't have to store an ast ID for the OSR entry point.

BUG=

Review-Url: https://codereview.chromium.org/2549753002
Cr-Commit-Position: refs/heads/master@{#41554}

R=adamk@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2081733004
Cr-Commit-Position: refs/heads/master@{#37311}

Passing in the isolate and pointer compare the instnance against the
corresponding constant is always faster than decoding the instance types.

BUG=

Review-Url: https://codereview.chromium.org/2028983002
Cr-Commit-Position: refs/heads/master@{#36744}

Currently we do not check for @@isConcatSpreadable properly. If the Symbol is
set on the Array.prototype or Object.prototype the current fast paths fail.
This CL adds a fix to globally invalidate a isConcatSpreadable_protector.

Drive-by-fix: use named accessors for context variables

LOG=N
BUG=chromium:542504, v8:903

Review-Url: https://codereview.chromium.org/1409123003
Cr-Commit-Position: refs/heads/master@{#36201}

R=bmeurer@chromium.org, cbruni@chromium.org, ulan@chromium.org
BUG=chromium:124206,chromium:569811
LOG=N

Review URL: https://codereview.chromium.org/1834633003

Cr-Commit-Position: refs/heads/master@{#35145}

String wrappers (new String("foo")) are special objects: their string
characters are accessed like elements, and they also have an elements
backing store. This used to require a bunch of explicit checks like:

if (obj->IsJSValue() && JSValue::cast(obj)->value()->IsString()) {
  /* Handle string characters */
}
// Handle regular elements (for string wrappers and other objects)
obj->GetElementsAccessor()->Whatever(...);

This CL introduces new ElementsKinds for string wrapper objects (one for
fast elements, one for dictionary elements), which allow folding the
special-casing into new StringWrapperElementsAccessors.

No observable change in behavior is intended.

Review URL: https://codereview.chromium.org/1612323003

Cr-Commit-Position: refs/heads/master@{#33616}

This way we avoid the %_IsSmi magic that is required in TurboFan to
(efficiently) check abitrary context slots for smi 0. Checking against
"the hole" is common in the AstGraphBuilder and "the hole" is also used
to mark other context slots as not initialized.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1484723003

Cr-Commit-Position: refs/heads/master@{#32407}

Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.

This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.

Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
R=yangguo@chromium.org,mstarzinger@chromium.org

Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
Cr-Commit-Position: refs/heads/master@{#32375}

Review URL: https://codereview.chromium.org/1480003002

Cr-Commit-Position: refs/heads/master@{#32381}

Revert of [runtime] Replace global object link with native context link in all contexts. (patchset #3 id:40001 of https://codereview.chromium.org/1480003002/ )

Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/5472

Original issue's description:
> [runtime] Replace global object link with native context link in all contexts.
>
> Previously all contexts had a link to the global object, but what is
> required in most cases (except for the global load, store and delete
> case) is the native context.
>
> This also removes the second dummy global object that was still linked
> to every native context. We will add a different mechanism to ensure
> that builtins do not pollute the actual global object during
> bootstrapping.
>
> Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
> Cr-Commit-Position: refs/heads/master@{#32375}

TBR=yangguo@chromium.org,mstarzinger@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1478303002

Cr-Commit-Position: refs/heads/master@{#32377}

Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.

This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.

Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1480003002

Cr-Commit-Position: refs/heads/master@{#32375}

R=jkummerow@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1406113007

Cr-Commit-Position: refs/heads/master@{#31714}

This CL us a pure refactoring that makes an empty compilation unit
including just "isolate.h" or "contexts.h" but not "objects-inl.h"
compile without warnings or errors. This is needed to further reduce
the header dependency tangle.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1322883002

Cr-Commit-Position: refs/heads/master@{#30500}