Revert of [wasm] Initial signal handler (patchset #56 id:1090001 of https://codereview.chromium.org/2371833007/ )

Reason for revert:
Breaks tree, i.e. https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/18928/steps/Check/logs/grow-memory

Original issue's description:
> [wasm] Initial signal handler
>
> This is basically the minimum viable signal handler for Wasm bounds checks.
> It includes the TLS check and the fine grained instructions checks. These
> two checks provide most of the safety for the signal handler. Future CLs will
> add code range and data range checks for more robustness.
>
> The trap handling code and data structures are all in src/trap-handler, with
> the code that actually runs in the signal handler confined to
> src/trap-handler/signal-handler.cc.
>
> This changes adds a new V8 API that the embedder should call from a signal
> handler that will give V8 the chance to handle the fault first. For hosts that
> do not want to implement their own signal handler, we include the option to
> install a simple one. This simple handler is also used for the tests.
>
> When a Wasm module is instantiated, information about each function is passed
> to the trap handler, which is used to classify faults. These are removed during
> the instance finalizer.
>
> Several future enhancements are planned before turning this on by default.
> Obviously, the additional checks will be added to MaybeHandleFault. We are
> also planning to add a two-level CodeObjectData table that is grouped by
> isolates to make cleanup easier and also reduce potential for contending on
> a single data structure.
>
> BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
>
> Review-Url: https://codereview.chromium.org/2371833007
> Cr-Commit-Position: refs/heads/master@{#43523}
> Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a

TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org,eholk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2723133003
Cr-Commit-Position: refs/heads/master@{#43525}

R=mtrofin@chromium.org
BUG=chromium:695388

Review-Url: https://codereview.chromium.org/2724053002
Cr-Commit-Position: refs/heads/master@{#43524}

This is basically the minimum viable signal handler for Wasm bounds checks.
It includes the TLS check and the fine grained instructions checks. These
two checks provide most of the safety for the signal handler. Future CLs will
add code range and data range checks for more robustness.

The trap handling code and data structures are all in src/trap-handler, with
the code that actually runs in the signal handler confined to
src/trap-handler/signal-handler.cc.

This changes adds a new V8 API that the embedder should call from a signal
handler that will give V8 the chance to handle the fault first. For hosts that
do not want to implement their own signal handler, we include the option to
install a simple one. This simple handler is also used for the tests.

When a Wasm module is instantiated, information about each function is passed
to the trap handler, which is used to classify faults. These are removed during
the instance finalizer.

Several future enhancements are planned before turning this on by default.
Obviously, the additional checks will be added to MaybeHandleFault. We are
also planning to add a two-level CodeObjectData table that is grouped by
isolates to make cleanup easier and also reduce potential for contending on
a single data structure.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2371833007
Cr-Commit-Position: refs/heads/master@{#43523}

BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=697191

Change-Id: I01ddd6824b1a79d86944ac766f5c2070e9b0c244
Reviewed-on: https://chromium-review.googlesource.com/448317Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43522}

[ValueSerializer] Allow wire format versions beginning with 13 to be deserialized in non-legacy mode.

As of version 13, delegates do not need to worry about colliding tags with the
tags reserved by v8, since v8 inserts a "host object" prefix beforehand. Thus
the format is now suitable for more general use, without opting into the "legacy"
mode that had this caveat.

Review-Url: https://codereview.chromium.org/2722213002
Cr-Commit-Position: refs/heads/master@{#43521}

This reverts commit b23b2c10.

Reason for revert: Makes Linux debug bot sad

Original change's description:
> [builtins] Port TypedArrayInitialize to CodeStubAssembler.
> 
> Turbofan is a lot slower than Crankshaft at constructing TypedArrays,
> because we always go to the C++ builtin. Port the builtin to CSA
> to improve performance, and to clean up the implementation, which is
> split across multiple files and pieces at the moment.
> 
> This CL increases the performance with --future to roughly the same
> as with crankshaft.
> 
> BUG=v8:5977
> 
> Change-Id: I5a4c4b544a735a56290b85bf33c2f3718df7e2b8
> Reviewed-on: https://chromium-review.googlesource.com/445717
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43518}

TBR=cbruni@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5977

Change-Id: I5d5bc8b4677a405c716d78e688af80ae9c737b4a
Reviewed-on: https://chromium-review.googlesource.com/448558Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43520}

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2720133005
Cr-Commit-Position: refs/heads/master@{#43519}

Turbofan is a lot slower than Crankshaft at constructing TypedArrays,
because we always go to the C++ builtin. Port the builtin to CSA
to improve performance, and to clean up the implementation, which is
split across multiple files and pieces at the moment.

This CL increases the performance with --future to roughly the same
as with crankshaft.

BUG=v8:5977

Change-Id: I5a4c4b544a735a56290b85bf33c2f3718df7e2b8
Reviewed-on: https://chromium-review.googlesource.com/445717
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43518}

BUG=

Change-Id: I56b865a5ae4283876058e2c2edf73a296608fc97
Reviewed-on: https://chromium-review.googlesource.com/448219Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43517}

  port 69747e26(r42680)

  original commit message:
  We turn a JSCallFunction node for

    f.apply(receiver, arguments)

  into a JSCallForwardVarargs node, when the arguments refers to the
  arguments of the outermost optimized code object, i.e. not an inlined
  arguments, and the apply method refers to Function.prototype.apply,
  and there's no other user of arguments except in frame states.

  We also replace the arguments node in the graph with a marker for
  the Deoptimizer similar to Crankshaft to make sure we don't materialize
  unused arguments just for the sake of deoptimization. We plan to replace
  this with a saner EscapeAnalysis based solution soon.

BUG=

Review-Url: https://codereview.chromium.org/2681783002
Cr-Commit-Position: refs/heads/master@{#43516}

BUG=chromium:682617

Change-Id: I96eb6bc982eca2d5f97585f3475583cac3fb338d
Reviewed-on: https://chromium-review.googlesource.com/448556Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43515}

This fixes a corner-case in the above predicate that was introduced to
allow fully disabling optimization using %NeverOptimizeFunction. This
property of a function is a transient property (i.e. changes over time),
whereas {UseTurboFan} is designed to be a static property (i.e. gives
same answer over time). Violating this led to cases where functions got
optimization disabled for other reasons would suddenly be baselined.
The correct place to check transient properties is when optimization is
requested.

R=jarin@chromium.org
TEST=mjsunit/never-baseline

Change-Id: I37eb0c70d2b39704be29fd4bda76975bfbede66b
Reviewed-on: https://chromium-review.googlesource.com/447937Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43514}

String::SlowFlatten assumed that ConsStrings with empty first parts have
flattened strings as their second part. TurboFan, however, can create
ConsStrings with empty first parts and arbitrary second parts. With
this CL we call String::Flatten on the second part of a ConsString if
the first part is empty, but only when String::Flatten would not call
String::SlowFlatten.

R=jkummerow@chromium.org

BUG=chromium:696651

Change-Id: I9acb681de1be695e1ec2f6f6d28b9e4dc4344e98
Reviewed-on: https://chromium-review.googlesource.com/448457
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43513}

Revert of [wasm]implement simd lowering for f32x4->i32x4, i32x4 min/max and shift instructions (patchset #2 id:20001 of https://codereview.chromium.org/2718323003/ )

Reason for revert:
breaks nosse4:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/13871

Original issue's description:
> [wasm]implement simd lowering for f32x4->i32x4, i32x4 min/max and shift instructions
>
> BUG=v8:4124
> R=bradnelson@chromium.org,bbudge@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,titzer@chromium.org
>
> Review-Url: https://codereview.chromium.org/2718323003
> Cr-Commit-Position: refs/heads/master@{#43510}
> Committed: https://chromium.googlesource.com/v8/v8/+/f75748cf4ca696fff268787068419604815f8090

TBR=bbudge@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,titzer@chromium.org,aseemgarg@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124

Review-Url: https://codereview.chromium.org/2723943003
Cr-Commit-Position: refs/heads/master@{#43512}

This CL fixes unused lambda captures for big endian targets when Clang
is used for build V8.

TEST=
BUG=

Review-Url: https://codereview.chromium.org/2725613002
Cr-Commit-Position: refs/heads/master@{#43511}

BUG=v8:4124
R=bradnelson@chromium.org,bbudge@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,titzer@chromium.org

Review-Url: https://codereview.chromium.org/2718323003
Cr-Commit-Position: refs/heads/master@{#43510}

BUG=v8:4124
R=bradnelson@chromium.org,bbudge@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,titzer@chromium.org

Review-Url: https://codereview.chromium.org/2726453003
Cr-Commit-Position: refs/heads/master@{#43509}

This generally shouldn't hit since prototypes are supposed to be fast; but it makes it more uniform anyway.
This CL also drops the limitation not supporting keyed loads with normal access. There's no point in returning the slow stub there.

BUG=

Change-Id: I5578269f6c64762610e885740a692d1e91aa6aa2
Reviewed-on: https://chromium-review.googlesource.com/447698
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43508}

BUG=chromium:697017

Change-Id: Ibb7165387a983987dcd04be330591b6bb70ff991
Reviewed-on: https://chromium-review.googlesource.com/448217
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43507}

The maybe-assigned flag of the catch variable was not preserved.

BUG=v8:5636,chromium:696332

Change-Id: I9c55e1b1312bdebc53bc45bc3ca1c982bdbe9846
Reviewed-on: https://chromium-review.googlesource.com/447680Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43506}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/d25400d..2d722d1

Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/4f3d6da..4a91697

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I22dfab2efc5c445165a6b12b605bd8e4d43bb1dd
Reviewed-on: https://chromium-review.googlesource.com/448200Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43505}

BUG=v8:4124
R=bradnelson@chromium.org,bbudge@chromium.org,gdeepti@chromium.org

Review-Url: https://codereview.chromium.org/2723823002
Cr-Commit-Position: refs/heads/master@{#43504}

This will be useful for sharing the implementation with
SharedArrayBuffer.prototype.slice.

BUG=v8:5897

Review-Url: https://codereview.chromium.org/2697013009
Cr-Commit-Position: refs/heads/master@{#43503}

This method enables test of agent::restore methods.
Bonus: forbid setCustomObjectFormatterEnabled on disabled agent.

BUG=none
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2713023004
Cr-Commit-Position: refs/heads/master@{#43502}

BUG=

Change-Id: Id77205450d286be228b493deb69e1489a1e12895
Reviewed-on: https://chromium-review.googlesource.com/445906
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43501}

BUG=v8:6022

Change-Id: I54205cb3ecc2dd31ed62e55726f0ec5fcd202c30
Reviewed-on: https://chromium-review.googlesource.com/446349
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43500}

Previously, we over-approximated Scope::scope_calls_eval_ in
arrow functions: if either the outer scope or the arrow function
parameters had a direct eval call, we marked both scopes as calling
eval. This over-approximation kept getting us into trouble, though,
especially when eager or lazy parsing would disagree about the
"calls eval" bit.

This patch instead tracks eval calls accurately, using a boolean on
Scope::Snapshot that is reset as appropriately depending on whether
a particular AssignmentExpression turned out to be an arrow parameter
list or not.

BUG=chromium:691687

Change-Id: I527dc59b4d32a2797805ff26dc9f70b1311377b2
Reviewed-on: https://chromium-review.googlesource.com/446094
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43499}

This is more useful than always returning undefined.

BUG=v8:1569,v8:5978

Change-Id: Id10cf87f7865db1a85de412460eaead4e4bf3b62
Reviewed-on: https://chromium-review.googlesource.com/446846Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43498}

The order in which things were done wasn't quite correct and lead
to wrong behaviour for certain circular module graphs.

BUG=v8:1569,chromium:694566

Change-Id: I291186e261268c853a30ad891ff362904e0b28ef
Reviewed-on: https://chromium-review.googlesource.com/447399Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43497}

R=jgruber@chromium.org
BUG=v8:5080

Review-Url: https://codereview.chromium.org/2725583002
Cr-Commit-Position: refs/heads/master@{#43496}

This is mostly prework to also support prototype chain checks using data handlers

BUG=

Change-Id: I70aac1e86e45c78dfdc9f02d06b7e821494a4c9c
Reviewed-on: https://chromium-review.googlesource.com/447679
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43495}

This CL also introduces Realm.navigate(i).

BUG=chromium:683667

Change-Id: I9227292ea3a575f34367e82fc6297d234d3eecae
Reviewed-on: https://chromium-review.googlesource.com/447638
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43494}

For breakpoints which are set by setBreakpointByUrl(url:..) backend calculates source hint on first related breakpoints resolved event and then uses this hint to adjust breakpoint position in later arrived scripts with the same url or on page reload.

Doc: https://docs.google.com/a/google.com/document/d/1VtWo_-jelzEXSNbjESGTtruZngzXgbHLexfTzxNlnjE/edit?usp=sharing

BUG=chromium:688776
R=pfeldman@chromium.org, alph@chromium.org

Review-Url: https://codereview.chromium.org/2671193002
Cr-Commit-Position: refs/heads/master@{#43493}

BUG=chromium:697049

Review-Url: https://codereview.chromium.org/2723473002
Cr-Commit-Position: refs/heads/master@{#43492}

It tests a pipeline configuration we are removing.

BUG=v8:5778

Review-Url: https://codereview.chromium.org/2715153005
Cr-Commit-Position: refs/heads/master@{#43491}

With the params (a, b, ...c) the param / variable declaration order used to be
"temp, temp, c, a, b". Now it is "temp, temp, a, b, c" as you'd expect. This
makes it easier for PreParser to match the parameter order of Parser.

R=verwaest@chromium.org
BUG=v8:5516

Change-Id: I79da04ef3f812bf52c032bed6263c009fecb7988
Reviewed-on: https://chromium-review.googlesource.com/447677Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43490}

Revert of Add several SIMD opcodes to IA32 (patchset #9 id:160001 of https://codereview.chromium.org/2695613004/ )

Reason for revert:
Fails with nosse4:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/13853

Original issue's description:
> Add several SIMD opcodes to IA32
>
> CreateInt32x4, Int32x4ExtractLane, Int32x4ReplaceLane
> Int32x4Add, Int32x4Sub
>
> Also add paddd and psubd to ia32-assembler
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2695613004
> Cr-Commit-Position: refs/heads/master@{#43483}
> Committed: https://chromium.googlesource.com/v8/v8/+/4deb9ffdecf121c69a3db7eae6698eae23a80a15

TBR=bbudge@chromium.org,gdeepti@chromium.org,bmeurer@chromium.org,jing.bao@intel.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2717423003
Cr-Commit-Position: refs/heads/master@{#43489}

Reland of [test] Speculatively remove local-tests from archive (patchset #1 id:1 of https://codereview.chromium.org/2640223003/ )

Reason for revert:
With the Windows bots fixed in https://chromium-review.googlesource.com/445786 , this should be good to reland. Thanks, Michael!

Original issue's description:
> Revert of [test] Speculatively remove local-tests from archive (patchset #2 id:20001 of https://codereview.chromium.org/2643983002/ )
>
> Reason for revert:
> Breaks all windows bots:
> https://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20debug/builds/6811
>
> Original issue's description:
> > [test] Remove local-tests from test262 archive and add to .isolate
> >
> > This might help fix the bots, which are broken in e.g.,
> > https://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel_ng_triggered/builds/14011
> >
> > The archive was added in order to transmit test262 tests more rapidly.
> > It doesn't serve much of a purpose for local-tests. I naively added
> > local-tests there out of symmetry. However, the BUILD.gn file does not
> > regenerate an archive when files are only deleted and not added or
> > changed. Since the performance concern is not present for the small
> > volume of local-tests, this patch reverts to the more normal mechanism
> > for sending over dependencies, with test262.isolate.
> >
> > R=adamk
> >
> > Review-Url: https://codereview.chromium.org/2643983002
> > Cr-Commit-Position: refs/heads/master@{#42485}
> > Committed: https://chromium.googlesource.com/v8/v8/+/9f545ea96f18b7036ac6ec43e359d63f41c3686a
>
> TBR=adamk@chromium.org,littledan@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
>
> Review-Url: https://codereview.chromium.org/2640223003
> Cr-Commit-Position: refs/heads/master@{#42491}
> Committed: https://chromium.googlesource.com/v8/v8/+/4ffe0850dbb238dca4c1e2d14fb2984442a1fa24

TBR=adamk@chromium.org,machenbach@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2725643002
Cr-Commit-Position: refs/heads/master@{#43488}

R=jgruber@chromium.org
BUG=v8:5821

Review-Url: https://codereview.chromium.org/2720013003
Cr-Commit-Position: refs/heads/master@{#43487}

This avoids creating unnecessary intermediate maps.

BUG=chromium:588893

Change-Id: Ibc20908270a6fab58fc391f4b7e7941d9c043e9b
Reviewed-on: https://chromium-review.googlesource.com/445785Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43486}