Per suggestion, we put this behind runtime flag in the mean time.
Refactor some codes.

Bug: v8:6831
Change-Id: Ibeb2a62b2a132971f8bc51c045bf0d2594eec198
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566238
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60927}

Bug: v8:8702
Change-Id: I0d483be11fbb19b6555900f3f953eae531d3e8cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574618Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60926}

We had one use of OS_CHROMEOS in mksnapshot. OS_CHROMEOS is defined if
gn's `is_chromeos` is true, which checks `current_os`. `current_os !=
target_os` can happen if we're building with a non-default toolchain,
which happens often on CrOS, since `mksnapshot` is a host binary.

Tested by manually verifying that .text.hot.embedded now shows up on
arm32/aarch64 builds of embedded.S.

Bug: v8:9103
Change-Id: I038b56f4c18c7dd9a651ce676a977697dad14ae6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1573041
Commit-Queue: George Burgess <gbiv@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60925}

This CL adds the representation changes from/to CompressedPointer to the other
data types (excluding Tagged, which was done in a previous CL).

Also adding missing write barriers for compressed values (WriteBarrierKindFor).

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Ieb4e6dd72371e858ba1da551f765e42581a51f90
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571616Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60924}

Bug: chromium:951400
Change-Id: Ib5454541e7c661649ccdb9771298ff90b3e9db5d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571614
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60923}

There seems to be an issue where LTO inlines the icache flushing method
but removes the save and restore of the r7 register which is clobbered
for the icache flush syscall.
This CL tries to avoid the bug. It's purely speculative, as we cannot
reproduce the exact bug locally.

R=jkummerow@chromium.org

Bug: chromium:952759
Change-Id: I634fc4de3e8c4d1cb649384542c381d925b07a42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571619Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60922}

Add lazy validation for lazily compiled functions. The code is validated
only on first use. This applies to functions that are lazily compiled by
compilation hint as well as to entirely lazy modules.

Bug: v8:9003
Change-Id: If6a640db4bf4b846ac5e3805c138b8ac0a493cf9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569427
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60921}

Block binary coverage currently also relies on invocation counts on
the feedback vector, which are not maintained in optimized code. This
fixes the SFI::IsInlineable predicate to also prevent inlining
functions when 1. binary coverage is enabled and 2. the function has
no reported binary coverage.

Drive-by: Add new predicates for binary/count modes.

Bug: v8:6000
Change-Id: I0039e43ebae880e3552e8349d20a144fe941ef3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571615
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60920}

We see crashes in the wild that we suspect are caused by these changes.
This is a manual revert because of conflicts.

Revert "[turbofan] Fix incorrect CheckNonEmptyString lowering."
This reverts commit b3b70118.

Revert "[turbofan] Fix incorrect lowering of CheckNonEmptyString."
This reverts commit 57582090.

Revert "[turbofan] Significantly improve ConsString creation performance."
This reverts commit d6a60a0e.

Bug: v8:9147
Change-Id: I262c21e5406a9c4c8ad0e0f995582c5802f0fa1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571613Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60919}

R=jgruber@chromium.org
BUG=v8:8758

Change-Id: Iba62ca0f9010cd68b47966ad8d04c1a4149efe70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571415Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60918}

This uses the same comparison as the ICs to make sure that ICs learn
after deoptimization (see
https://chromium-review.googlesource.com/c/v8/v8/+/1561319 for the IC
fix).

Bug: v8:9139
Change-Id: I67a361d85ee0c8a4ad4a6abc2d33ac4ca5fa22bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569438
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60917}

Add tests for tiering and lazy compilation with compilation hints. The
tests build modules and verify the {WasmCode}'s tier internally. The
module builder now supports compilation hints in CCTests.

Bug: v8:9003
Change-Id: I18d926c3b1ef3508835a51a9d1d86bfadcb5216e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566522Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#60916}

We translate stores with TaggedXXX (XXX in {"", "Signed", "Pointer"})
representation in CSA into stores of CompressedXXX with a
ChangeTaggedXXXToCompressedXXX in the raw-machine-assembler.

This way, CSA doesn't need to know about Compressed values since we
are introducing an explicit "compress" node.

Also, on ARM64, removed CheckPageFlagSet and CheckPageFlagClear since
CheckPageFlag can be used for both cases.

Moved CheckPageFlag to the TurboAssembler (from MacroAssembler) since it
was needed on code-generator-arm64.cc.

Bug: v8:8977, v8:7703
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Change-Id: Ia3a41b09a4d715588a36461620be0432ed064d13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566517Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60915}

TBR=machenbach@chromium.org
NOTRY=true

Change-Id: Iecc4c113a175a6acacc8d90b30c341762f9c7cb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571612Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60914}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a0b2e3b..cc63a88

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/acbf095..4e967e7

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/7e7523b..1e2cb15

Rolling v8/third_party/fuchsia-sdk: https://chromium.googlesource.com/chromium/src/third_party/fuchsia-sdk/+log/a42c2f6..ae68779

Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/b617b27..9f893b9

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/edee5c0..396602c

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I2964b7bb215b5981338eef6f46076e05d79a86e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1572680Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60913}

port https://crrev.com/c/1541476

Original Commit Message:

     This CL adds handling for cleaning up weakmap (EphemeronHashTable)
     keys during scavenge, even if the weakmap resides in oldspace.

Change-Id: If6e06ea8621fd6aff374c04247c3168b2cbb361a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568712Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#60912}

Plus a script to compile/link/run them.

Change-Id: Iac8ffcda3a73902261c07a7b4e5d967a19414c75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564058
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60911}

Imported from https://github.com/WebAssembly/wasm-c-api/ and
updated to work inside V8.
Tests will be added in an upcoming CL.

This is experimental; it is not yet recommended to rely on it.

Change-Id: I05914f4b63298bf7c848c4d4c8811f0f6eb882e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1516478
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60910}

A testing method was missing a code ref scope, making fuzzers fail.

R=mstarzinger@chromium.org

Bug: chromium:952759
Change-Id: Ib9d485fad85f66ca358a769a4e52777f68367991
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571605Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60909}

Bug: v8:9136
Change-Id: I9c0b4b662c2d061a13ee22df728fbee5df01b89e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1568106Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#60908}

This reverts commit d6121fd1.

Reason for revert: Fails cctest/test-cpu-profiler/Inlining2 on arm64-sim: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim/17702

Original change's description:
> [Interpreter] Ensure Test*Handler don't allocate a frame for fast-path.
> 
> Avoids allocating a frame for the fast-path in TestEqual, TestEqualStrict and
> TestLess/GreaterThan bytecode handlers. Also changes how feedback is tracked
> to try and avoid needing to keep feedback to "combine" with if it's unecessary
> which reduces the liveranges of the registers holding this data.
> 
> This reduces the time needed for a tight loop in Ignition (e.g.,
> while (i < 1000000000) ++i;) from 12.8s to 10.8s.
> 
> BUG=v8:9133
> 
> Change-Id: I686b9da89541d15d233635db3276de3dad2fa282
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570020
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60906}

TBR=rmcilroy@chromium.org,jgruber@chromium.org

Change-Id: I5e53138929bf1fae9f57f9dd023d258bb7d557ac
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9133
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571418Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60907}

Avoids allocating a frame for the fast-path in TestEqual, TestEqualStrict and
TestLess/GreaterThan bytecode handlers. Also changes how feedback is tracked
to try and avoid needing to keep feedback to "combine" with if it's unecessary
which reduces the liveranges of the registers holding this data.

This reduces the time needed for a tight loop in Ignition (e.g.,
while (i < 1000000000) ++i;) from 12.8s to 10.8s.

BUG=v8:9133

Change-Id: I686b9da89541d15d233635db3276de3dad2fa282
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570020Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60906}

Change-Id: Id34b9dbe07871fc8e25bcb73d908b5b155a9f4e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571407
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60905}

The trap handler fallback is flaky, and was never enabled since it
never worked reliably. This CL removes
a) the --wasm-trap-handler-fallback flag,
b) the distinction between soft and hard address space limit,
c) methods to check whether memory has guard regions (it will always
  have them on 64 bit architectures),
d) associated runtime functions,
e) the trap handler fallback tests,
f) recompilation logic for the fallback.

R=titzer@chromium.org

Bug: v8:8746
Change-Id: I7f4682b8cd5470906dd8579ff1fdc9b1a3c0f0e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570023Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60904}

This CL adds the representation changes from/to CompressedSigned to the other
data types (excluding Tagged, which was done in a previous CL).

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: If967a1a0fc669c45a2764cf950cf02d8c06b08b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1547859
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60903}

We have very few tests for this currently, and it's hard to test
this, since code logging happens soon after scheduling the task and
stack guard. If the timing is just right, it can happen though that a
{NativeModule} dies while {WasmCode} objects of that {NativeModule} are
still part of the {code_to_log} vector. In that case, we need to remove
those code objects from the vector to avoid use after free.

R=mstarzinger@chromium.org

Change-Id: I16c7098bf11c54700cc650dad965106af2e39157
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1566519Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60902}

iOS simulator builds have x64 as the target architecture. This extends
BUILD.gn to properly include trap handler files in this case.

Bug: v8:9140
Change-Id: If6e90a720effdebe8b1f4e4e37eb8b3a3dbae20e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570022
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60901}

R=clemensh@chromium.org

Change-Id: I367bb962d422e570b51c82bc7b3ebbd3fbedfd2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570018Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60900}

This is a reland of 067ba2a0.
Unchanged reland, hence TBR.

Original change's description:
> [wasm] Add stack guard for logging code
>
> Benchmarks or worker threads might never return to the event queue,
> hence they will never execute the scheduled foreground task to log
> compiled and published wasm code.
> This CL adds a stack guard to log the code, to ensure that we also log
> it for wasm code that never returns to the event queue.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:9104
> Change-Id: I176959cadb4ab3a60153d0717530c032272ad3e8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1561073
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60879}

TBR=mstarzinger@chromium.org

Bug: v8:9104
Change-Id: I105b37ef8429d16ef5b983919ba8bca615e347c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570017Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60899}

This adds support for iOS builds in libsampler. Both iOS simulator
builds (target architecture x64) and iOS device builds (arm64) are
supported.

Note that this is mostly untested since we neither have iOS bots nor
an iOS test runner. This CL was thus only tested by compiling V8 for
both iOS simulator & device targets.

Bug: v8:9140
Change-Id: Ib618bf793771f4be84d1979a968d2b3ef9f6ff86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569436Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60898}

Add OS detection for iOS builds. If we are building for an iOS target,
the following V8 OS defines will be set:

V8_OS_BSD
V8_OS_MACOSX
V8_OS_POSIX
V8_OS_IOS  // This one is new.

The detection code is taken from Chromium's build_config.h file.

Bug: v8:9140
Change-Id: I435a8931dc0ae0eefdb893bc838a04470bcc57db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569435Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60897}

Realm.navigate hits a UAF when it's called after Realm.detachGlobal, and
that's hit a clusterfuzz test.

Bug: chromium:952749
Change-Id: Icf0f0d0b845bc5a2d1ddd80ab52756dae97b982f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1567583Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60896}

For some unknown reasons, the profiler starts seeing illegal source
positions (see referenced bug).

This CL quick-fixes that by just ignoring them for now. This might
regress profiling, and should be fixed mid-term.

R=mstarzinger@chromium.org

Bug: chromium:953309
Change-Id: I10db7e5ad24e8470e319fc9418cd3a684f614c26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569845
Auto-Submit: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60895}

Add no_chromium_code config - this is required when removing the
chromium_code config.

Fix a warning that occurs when compiling protobuf_full by suppressing
warnings for not marking overriding functions with override.

Change-Id: I7f71a24b95dc3ef7d327481581aaa217407ee2cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569441Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60894}

Avoids allocating a frame for the fast-path in IncHandler by marking some calling
branches as Deferred. Also avoid loading feedback slot and vector until it's needed
to reduce live range.

This reduces the time needed for a tight loop in Ignition (e.g.,
while (i < 1000000000) ++i;) from 15.5s to 12.8s.

BUG=v8:9133

Change-Id: I0a62efdaefca7f3024b3ae05c61631a63cb01390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570005
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60893}

Spec: https://tc39.github.io/ecma262/#sec-proxy-constructor
Bug: v8:6664
Change-Id: Ia8b5ed75841d813babd1db4743c3bb9d25658b51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1553007Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#60892}

OS X has been a UNIX 03 registered product since version 10.5,
released in October 2007.

Bug: v8:8834
Change-Id: I64ca5512a9999b6eb7b4003a6758081a06eb6529
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1569437
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60891}

This reverts commit 067ba2a0.

Reason for revert: blocks roll: https://chromium-review.googlesource.com/c/chromium/src/+/1570208

21:26:22.251 27507   # Fatal error in ../../v8/src/profiler/profile-generator.cc, line 19
21:26:22.251 27507   # Debug check failed: line > 0 (0 vs. 0).
21:26:22.251 27507   #
21:26:22.251 27507   #
21:26:22.251 27507   #
21:26:22.252 27507   #FailureMessage Object: 0x7ffe851046a0#0 0x56532cb371f9 base::debug::CollectStackTrace()
21:26:22.252 27507   #1 0x56532ca70863 base::debug::StackTrace::StackTrace()
21:26:22.252 27507   #2 0x56532e99610b gin::(anonymous namespace)::PrintStackTrace()
21:26:22.252 27507   #3 0x56532e989468 V8_Fatal()
21:26:22.252 27507   #4 0x56532e9891c5 v8::base::(anonymous namespace)::DefaultDcheckHandler()
21:26:22.252 27507   #5 0x56532b2bb876 v8::internal::SourcePositionTable::SetPosition()
21:26:22.252 27507   #6 0x56532b2c2268 v8::internal::ProfilerListener::CodeCreateEvent()
21:26:22.252 27507   #7 0x56532ae25275 v8::internal::(anonymous namespace)::LogFunctionCompilation()
21:26:22.252 27507   #8 0x56532ae26008 v8::internal::OptimizedCompilationJob::RecordFunctionCompilation()
21:26:22.252 27507   #9 0x56532ae32a08 v8::internal::Compiler::FinalizeOptimizedCompilationJob()
21:26:22.252 27507   #10 0x56532ae228eb v8::internal::OptimizingCompileDispatcher::InstallOptimizedFunctions()
21:26:22.252 27507   #11 0x56532af14e4a v8::internal::StackGuard::HandleInterrupts()
21:26:22.252 27507   #12 0x56532b35f2ec v8::internal::__RT_impl_Runtime_StackGuard()
21:26:22.252 27507   #13 0x56532bba6720 <unknown>

Original change's description:
> [wasm] Add stack guard for logging code
> 
> Benchmarks or worker threads might never return to the event queue,
> hence they will never execute the scheduled foreground task to log
> compiled and published wasm code.
> This CL adds a stack guard to log the code, to ensure that we also log
> it for wasm code that never returns to the event queue.
> 
> R=​mstarzinger@chromium.org
> 
> Bug: v8:9104
> Change-Id: I176959cadb4ab3a60153d0717530c032272ad3e8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1561073
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60879}

TBR=mstarzinger@chromium.org,clemensh@chromium.org

Change-Id: I63dc56a41747caf683b14869a2d62017fd0301c1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9104
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570012Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60890}

Rolling v8/test/wasm-js/data: https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+log/2a28a92..d14d538

[spec] More precise Unicode terminology (#1002) (Andreas Rossberg)
https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+/d14d538

[test] Alignment and offset with overlong leb128 (#998) (Wanming Lin)
https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+/4dce956

[spec] Add paragraph break for more emphasis (#1001) (Andreas Rossberg)
https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+/3099a7b

TBR=ahaas@chromium.org,clemensh@chromium.org

Change-Id: Ifc803d75840ee8389f5634ed090992f4d6934837
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1571126Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60889}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/f202325..a0b2e3b

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2f423f7..acbf095

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/4b79c38..7e7523b

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Iee7a9a297113146826638a1674a9c29e8e06c176
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570584Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60888}