Fix --experimental_flush_embedded_blob_icache

Flushing of the builtins code needs to happen while the code pages
are writeable.

Bug: 889460, v8:11619

Change-Id: Iaff40d66f3f1bd36ec0f3017684e236f9e4b773e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2810786
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73861}

src/execution/isolate.cc

@@ -318,10 +318,6 @@ void Isolate::SetEmbeddedBlob(const uint8_t* code, uint32_t code_size,
     }
   }
 #endif  // DEBUG
-
-  if (FLAG_experimental_flush_embedded_blob_icache) {
-    FlushInstructionCache(const_cast<uint8_t*>(code), code_size);
-  }
 }
 
 void Isolate::ClearEmbeddedBlob() {

src/snapshot/embedded/embedded-data.cc

@@ -137,6 +137,9 @@ void InstructionStream::CreateOffHeapInstructionStream(Isolate* isolate,
   // in the binary) and what we are currently setting up here (where the blob is
   // on the native heap).
   std::memcpy(allocated_code_bytes, d.code(), d.code_size());
+  if (FLAG_experimental_flush_embedded_blob_icache) {
+    FlushInstructionCache(allocated_code_bytes, d.code_size());
+  }
   CHECK(SetPermissions(page_allocator, allocated_code_bytes,
                        allocation_code_size, PageAllocator::kReadExecute));