A WasmModuleObject represents an instance of WebAssembly.Module. It is
called WasmModuleObject internally, so also use that name externally.

We still have a typedef for WasmCompiledModule which will be deprecated
once chromium has been updated to use WasmModuleObject.

R=titzer@chromium.org, adamk@chromium.org

Bug: v8:8238, chromium:912031
Change-Id: I2d7708d4dc183cb4f4714f741b1ea0c153014430
Reviewed-on: https://chromium-review.googlesource.com/c/1362048Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58055}

Port cfdf6ff8

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I8821b82f181a44b70272d770703136983d821d1c
Reviewed-on: https://chromium-review.googlesource.com/c/1363449Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58054}

Make sure WebAssembly's js-api exposes the correct attributes: writable,
enumerable and configurable.

Bug: v8:8319
Change-Id: I427533159d7975a42c0c5cb1babdc8a61f8198b5
Reviewed-on: https://chromium-review.googlesource.com/c/1351002
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58053}

Bug: v8:7793
Change-Id: I12aae5d61a21f3e6e010e07622fe0d01a5ba03eb
Reviewed-on: https://chromium-review.googlesource.com/c/1344118
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58052}

A fancy new stdlib addition for creating JSObjects from a collection of
key/value pairs, coming soon to a javascript runtime near you.

BUG=v8:8021
R=gsathya@chromium.org, adamk@chromium.org

Change-Id: I5eb1dea75bfef009281eef9864c8c0226af4f1fc
Reviewed-on: https://chromium-review.googlesource.com/c/1363293Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#58051}

Even though descriptor arrays are references by maps in the old
generation, they seems to be short living in benchmarks.

This fixes perf regressions introduced in 1ad0cd56.

Bug:chromium:911073,chromium:910567,chromium:910443,

Change-Id: Iaf933d409e72c6c26df48f6435f9543224ea7d67
Reviewed-on: https://chromium-review.googlesource.com/c/1363146Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58050}

Intrinsic changes:

- Rename %RawCast to %RawObjectCast and add error checking so that it
  only applies to subtypes of Objects.

- Add %RawPointerCast, which is similar to %RawObjectCast but must be
  used for all subtypes of RawPtr.

- Add %RawConstexprCast, which allows one constexpr to be be cast to
  another at compile time. It translate to an appropriate static_cast
  in the generated code

- Add %FromConstexpr, which handles most of the standard cases of
  generating XXXConstant CSA nodes from constexpr constants. It uses
  either SmiConstant, NumberConstant, StringConstant, IntPtrConstant
  or Int32Constant, depending on the cast-to type generic <To> type.

- Add support for intrinsics that return constexpr results.

Cleanup:

- Turn FromConstexpr into a generic with two generic types, a <To> and
  a <From> type. Most FromConstexpr can use the new %FromConstexpr
  intrinsic rather than provide an explicit implementation.

Bug: v8:7793
Change-Id: Icab5db16d203034ec157fa3ad5157d10c7dc8464
Reviewed-on: https://chromium-review.googlesource.com/c/1357049
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58049}

This implementation uses mutex to implement those instructions.
I will add 32-bit version LL/SC after review.

Change-Id: I7b0e2b42527bc21060a84eb5e27099e129f2858f
Reviewed-on: https://chromium-review.googlesource.com/c/1354462Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#58048}

Large code objects are allocated in CODE_LO_SPACE on the heap instead of
CODE_SPACE. Add a test that checks that these objects are still
considered 'InV8' according to the unwinder API.

Bug: v8:8116
Change-Id: I65968913cd92858fac2b1a689df2904d0574641f
Reviewed-on: https://chromium-review.googlesource.com/c/1363134Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58047}

If the size of a large code object is larger than
kMaxRegularHeapObjectSize, then it should be allocated in the large code
space. Currently if the size is > kMaxRegularHeapObjectSize but <
512000, then it can still be allocated in the normal code space.

Change-Id: I72dbd38803c3d5d414bae85e9e0b15482e50e1c2
Reviewed-on: https://chromium-review.googlesource.com/c/1363137Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58046}

We currently compute this value from the size of the external table,
which we get from the Isolate. This size is isolate-independent though,
so it can just be a constant.

R=mstarzinger@chromium.org

Bug: chromium:912043
Change-Id: If1c09a56b1a985b855f5b65818322979c194d772
Reviewed-on: https://chromium-review.googlesource.com/c/1362954Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58045}

The existing implementation embedded an isolate-specific pointer to the
thread-in-wasm flag in the wrapper code. However, when the module code
is shared among multiple workers, this can mean that the workers
share the same thread-in-wasm flag.

With this change we load the pointer to the flag at runtime from the
current isolate. Thereby the correct flag is used even when the same
code is executed on different workers.

Note that we could access the right flag address by going through the
root register. However, changing the code generation to use the root
register requires some inconvenient steps:
* Pass the isolate to the pipeline again, which we don't want.
* Change the WasmCallDescriptor to allow the use of the root register
  for wrappers but not for other code.
To avoid these issues, and allow the CL to be easy to merge back, we
got for the changes proposed here.

R=mstarzinger@chromium.org, ishell@chromium.org

Bug: v8:8533
Change-Id: If15565a7ad7cba835cfc1628e7a4d3fdef90a5c0
Reviewed-on: https://chromium-review.googlesource.com/c/1358518
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58044}

If the input memory index into an atomic operation is a constant, we can
statically check if the {index+offset} is aligned.

R=herhut@chromium.org

Change-Id: Ia830d7c7df10d50ed4ee3382acfef776306f249c
Reviewed-on: https://chromium-review.googlesource.com/c/1362872
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58043}

NOTRY=true
TBR=sergiyb@chromium.org

Bug: v8:8552
Change-Id: I096146072915f2d5baf5d4469421696cf31d72c2
Reviewed-on: https://chromium-review.googlesource.com/c/1363136Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58042}

TBR=sergiyb@chromium.org

Bug: chromium:907752
Change-Id: I06ef5a7e2cb96ebd0912c535e0ad7d8360831bbb
Reviewed-on: https://chromium-review.googlesource.com/c/1362040Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58041}

Bug: chromium:905940, chromium:907343

R=verwaest@chromium.org

Change-Id: Ibe8f06782f8a0bf9a09832d443e1c66c3bda8399
Reviewed-on: https://chromium-review.googlesource.com/c/1362046Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58040}

R=machenbach@chromium.org

No-Try: true
No-Tree-Checks: true
Bug: v8:8532
Change-Id: I2149c795a2d50ed794c0925d632e946b22c3e5d5
Reviewed-on: https://chromium-review.googlesource.com/c/1362042Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58039}

We checked against kNotFound twice; once in
TransitionsAccessor::SearchTransitions and once in TransitionArray::Search. It's
unnecessary to check twice.

In local tests, this speeds up searching for a non-existent transition in a
2-element TransitionArray by ~20%.

BUG=v8:8547

Change-Id: Ic220c4c0bfeeacd9b81953efad212ed15168437e
Reviewed-on: https://chromium-review.googlesource.com/c/1361167Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58038}

Drive-by: Replace uses in CallApi* with a direct call now that they've
been converted to builtins themselves and are thus immovable.

Bug: v8:7777
Change-Id: I660b5788bdac4f5e45cc5c5677b86be17474cd83
Reviewed-on: https://chromium-review.googlesource.com/c/1361161
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58037}

Bug: v8:7777
Change-Id: Iee3e03b0a3fea245408de4d675caa634a74aa188
Reviewed-on: https://chromium-review.googlesource.com/c/1357053Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58036}

This reverts commit a6669bdc.

Reason for revert: Regresses Speedometer 2 (EmberJS-Debug-TodoMVC)

Original change's description:
> [constant-tracking] Track constants by default.
> 
> It is possible this CL results in various regressions, the idea
> is to get some data on where constant tracking helps and where
> it regresses.
> 
> Bug: v8:8361
> Change-Id: I2f291788a8bea03e6eaac9f51564c1da02734d1a
> Reviewed-on: https://chromium-review.googlesource.com/c/1347474
> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58008}

TBR=jarin@chromium.org,ishell@chromium.org

Change-Id: I1e2b18c34829e1f53ea287aae0ef7fcf88980341
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8361
Reviewed-on: https://chromium-review.googlesource.com/c/1362047Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58035}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/f686dfc..9c85c83

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4feee58..58f2981

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/d87b096..f28ef98

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/558f684..0dea619

Rolling v8/tools/luci-go:infra/tools/luci/isolate/${platform}: https://chrome-infra-packages.appspot.com/infra/tools/luci/isolate/${platform}/+log/git_rev..git_rev

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I7dc2bba96c14a275fd728e0567890eb0b21ea795
Reviewed-on: https://chromium-review.googlesource.com/c/1362171
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#58034}

R=joransiu@ca.ibm.com

Change-Id: Ia8cb93f4d01e252ec6b3b538f795550768db5726
Reviewed-on: https://chromium-review.googlesource.com/c/1362083Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58033}

The fix need to be cherrypick from ICU.
Fix in https://github.com/unicode-org/icu/pull/286
Adds regression test for 8469.

Bug: v8:8469
Change-Id: If173058dd1113782fcf2ff5a55f962721f46aba5
Reviewed-on: https://chromium-review.googlesource.com/c/1340733Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58032}

The memory.init and memory.drop instructions have a data segment index
that can only be validated by knowing the number of data segments. This
information is provided by the new DataCount section.

Bug: v8:7747
Change-Id: Ie04d57584fe028637f6e931ab53d00abc5b998a4
Reviewed-on: https://chromium-review.googlesource.com/c/1355624Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58031}

Port c6b0e12e

Original Commit Message:

    This is the first (and major) step towards converting CallApiCallback
    and CallApiGetter stubs into builtins.

    The CallApiCallbackStub was parameterized with the number of arguments
    passed on the stack. This CL converts the compile-time parameter into
    an explicit runtime parameter, and removes all uses of the stub
    parameter.

    (kCallData and kHolder are now passed on the stack).

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I171fbb7d37525c2087e5dd9d7ff8fb5f959f2a7a
Reviewed-on: https://chromium-review.googlesource.com/c/1362163Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58030}

This reverts commit ed3d6472.

Reason for revert: 
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20noi18n%20-%20debug/24178

Original change's description:
> Reland "[code-comments] Put code comments into the code object"
> 
> This is a reland of e774cffe
> 
> This reland disables a test as v8:8548 is blocking it, which was
> broken by a recent CL. CQ did not catch this because the merge-base
> CQ used did not yet contain the CL that caused v8:8548.
> 
> Original change's description:
> > [code-comments] Put code comments into the code object
> >
> > Code comments in the snapshot can now be enabled with gn
> > arg 'v8_enable_snapshot_code_comments'
> >
> > Bug: v8:7989
> > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#58020}
> 
> TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
> 
> Bug: v8:7989, v8:8548
> Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
> Reviewed-on: https://chromium-review.googlesource.com/c/1361166
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58028}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org

Change-Id: I1075bb09de7cb8dad71e31ff51a4e7bb6a200a8b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7989, v8:8548
Reviewed-on: https://chromium-review.googlesource.com/c/1362043Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58029}

This is a reland of e774cffe

This reland disables a test as v8:8548 is blocking it, which was
broken by a recent CL. CQ did not catch this because the merge-base
CQ used did not yet contain the CL that caused v8:8548.

Original change's description:
> [code-comments] Put code comments into the code object
>
> Code comments in the snapshot can now be enabled with gn
> arg 'v8_enable_snapshot_code_comments'
>
> Bug: v8:7989
> Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58020}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org

Bug: v8:7989, v8:8548
Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
Reviewed-on: https://chromium-review.googlesource.com/c/1361166Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58028}

R=machenbach@chromium.org

No-Try: true
No-Tree-Checks: true
Bug: v8:8532
Change-Id: I42ec138c542f6fd48e52422a7064073d71d65216
Reviewed-on: https://chromium-review.googlesource.com/c/1361062
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58027}

%RunMicrotasks() call used to cause a nested RunMicrotasks if it's
called from a microtask, and that breaks its invariants.
This CL fixes it by disabling the nested loop.

Change-Id: I2f4a81be0dbf0554abf6eb41b62c25465338f29a
Reviewed-on: https://chromium-review.googlesource.com/c/1358036Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58026}

Port 6c8b4102

Original Commit Message:

    This is a reland of d5f4a33e
    Landing with test disabled for now.

    Original change's description:
    > [cpu-profiler] Fix stack iterability for fast C calls with no exit frame
    >
    > Before fast C calls, store the current FP and PC on the isolate. When
    > iterating frames in SafeStackFrameIterator, check if these fields are
    > set and start iterating at the calling frame's FP instead of the current
    > FP, which will be in C++ code. We need to do this because c_entry_fp is
    > not set on the Isolate for Fast-C-Calls because we don't build an exit
    > frame.
    >
    > This change makes stack samples that occur within 'Fast-C-Calls'
    > iterable, meaning we can properly attribute ticks within the JS caller.
    >
    > Fast-C-Calls can't call back into JS code, so we can only ever have one
    > such call on the stack at a time, allowing us to store the FP on the
    > isolate rather than the stack.
    >
    > TBR=v8-mips-ports@googlegroups.com
    >
    > Bug: v8:8464, v8:7202
    > Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
    > Reviewed-on: https://chromium-review.googlesource.com/c/1340241
    > Commit-Queue: Peter Marshall <petermarshall@chromium.org>
    > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
    > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
    > Reviewed-by: Alexei Filippov <alph@chromium.org>
    > Cr-Commit-Position: refs/heads/master@{#57896}

R=petermarshall@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ie82eaa08ba6ceeb0c0a5bb4de251540becf1f05e
Reviewed-on: https://chromium-review.googlesource.com/c/1361422Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58025}

This is a reland of c2aaf0a6

Original change's description:
> [wasm][liftoff] Optimize one-armed ifs
> 
> Do not implement one-armed ifs by emulating an empty else branch. In
> Liftoff, we can generate better code and save compile time by handling
> this specially. If the merge point at the end of the if is not reached
> by the if-branch, we do not need to generate any merge code.
> 
> R=titzer@chromium.org
> 
> Bug: v8:6600, v8:8423
> Change-Id: Ie8ea69dd7491f225605a8e1b986d275d869aa90b
> Reviewed-on: https://chromium-review.googlesource.com/c/1356508
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57968}

Bug: v8:6600, v8:8423
Change-Id: I6d5eea9f860486768779a33bf6bd7b87cbfc2af0
Reviewed-on: https://chromium-review.googlesource.com/c/1361040Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58024}

Improve readability by avoiding a helper method. Just read from the
stack directly.

R=titzer@chromium.org

Change-Id: I38c944fac45c721f328a2b7bec3a3f4602f05c05
Reviewed-on: https://chromium-review.googlesource.com/c/1360572
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58023}

Building on https://chromium-review.googlesource.com/c/v8/v8/+/1349243,
which asserted on calls to GetChars() that weren't in a
DisallowHeapAllocation scope, this CL takes a reference to the scope
in order to provide static protection in all builds.


Bug: v8:8238
Change-Id: I481a1dbbd3ae57eb35c5f828c5e242691635be27
Reviewed-on: https://chromium-review.googlesource.com/c/1354038Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58022}

This reverts commit e774cffe.

Reason for revert: Breaks OptimizeForSize tests https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8928056438104852432/+/steps/OptimizeForSize/0/logs/TestCodeAssemblerCode../0

Original change's description:
> [code-comments] Put code comments into the code object
> 
> Code comments in the snapshot can now be enabled with gn
> arg 'v8_enable_snapshot_code_comments'
> 
> Bug: v8:7989
> Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58020}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org

Change-Id: Ie336a99218db4def848bd5c8c58dfb66f0e372b2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7989
Reviewed-on: https://chromium-review.googlesource.com/c/1361165Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58021}

Code comments in the snapshot can now be enabled with gn
arg 'v8_enable_snapshot_code_comments'

Bug: v8:7989
Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
Reviewed-on: https://chromium-review.googlesource.com/c/1329173
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58020}

The flakiness of this test was fixed by
https://chromium-review.googlesource.com/c/v8/v8/+/1280436 which removed
calls to StartTickSample() and FinishTickSample() from tests as this
causes a race.

Bug: v8:6133, v8:5193
Change-Id: Ia6bcfa75cce64547b00a185343ada803d082a12e
Reviewed-on: https://chromium-review.googlesource.com/c/1361163Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58019}

It's possible that we encounter incorrect SP or FP values while
unwinding the stack. One reason is that third-party code like virus
protection may change the stack. If we encounter values for SP or FP
that don't make sense, we should bail out of unwinding and return false.

Bug: v8:8116, chromium:909957
Change-Id: I630fef3f619382c7035be50b86072be349ed185c
Reviewed-on: https://chromium-review.googlesource.com/c/1358514Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58018}

This reverts commit 270437fd.

Reason for revert: Performance regressions look ok, and we need the change going forward.

Original change's description:
> [csa] disable CSA re-scheduling
> 
> Disable CSA re-scheduling for the branch point, to address performance
> regressions.
> 
> Bug: chromium:907011
> Change-Id: I608ae23c20d8e1dd9a233dcb2d3f4ab4d8a5241e
> Reviewed-on: https://chromium-review.googlesource.com/c/1351009
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57930}

TBR=mstarzinger@chromium.org,jarin@chromium.org,tebbi@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:907011
Change-Id: I322f6f3bdd6e833a2a546025995ecdc823961804
Reviewed-on: https://chromium-review.googlesource.com/c/1358513Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58017}

R=delphick@chromium.org

Bug: v8:7281
Change-Id: I4af641218d4646d3cdf3a2776e9bc24141164638
Reviewed-on: https://chromium-review.googlesource.com/c/1357054Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58016}