Now that we generate the embedded blob and off-heap trampolines
directly after builtin generation, the heap should not contain any
remaining references to full on-heap builtin Code objects.

The one exception is the interpreter entry trampoline copy for
profiling. This mechanism was actually broken by canonicalization; we
intended to store a full copy of the IET on the root list, but
serialization replaced it with the canonicalized builtin. This CL
fixes that as a side-effect.

Bug: v8:8716
Change-Id: Ib37c4004560d67de46b1f8ebe75156361134f57d
Reviewed-on: https://chromium-review.googlesource.com/c/1421037
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59219}