Port dd1dbd99

R=jing.bao@intel.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I857933ec03c7ee57a44eab0629435f9b6c7c5290
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137156Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#67012}

Bug: chromium:1056170
Change-Id: I417a0f05bcd185e969fb087a6b132e88c3fa3a5d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2129635Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67011}

Typed array iteration throws a TypeError if the receiver is not
a typed array. The JSCallReducer didn't take that into account.

Bug: chromium:1067544
Change-Id: Ib065ba1b7881dc0b62242fc416fa16023a7fa244
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135632Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67010}

This reverts commit 44a1ed8f.

Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20gcc/6124?

Original change's description:
> cppgc: Integrate conservative stack scan into GC
> 
> With this change we support allocation of objects and keeping them alive via
> conservative stack scan.
> 
> Change-Id: Id94d7ced503ad0b1378643e0c13c2a8b65ad2327
> Bug: chromium:1056170
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135729
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Anton Bikineev <bikineev@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67008}

TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,bikineev@chromium.org,omerkatz@chromium.org

Change-Id: I71bf7a9b7f54f0ec8d64b1b1781699adb0feb138
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137401Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67009}

With this change we support allocation of objects and keeping them alive via
conservative stack scan.

Change-Id: Id94d7ced503ad0b1378643e0c13c2a8b65ad2327
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135729Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67008}

This reverts commit c9ce1b56.

Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/8923

Original change's description:
> Reland "[wasm] Deduplicate wasm scripts"
> 
> This is a reland of 6ebccbd1
> 
> Original change's description:
> > [wasm] Deduplicate wasm scripts
> > 
> > R=clemensb@chromium.org
> > 
> > Bug: v8:6847
> > Change-Id: I4509a7011a0d32f5bbd2eabf3d2ee6ef5304263d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124320
> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> > Reviewed-by: Clemens Backes <clemensb@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#66981}
> 
> Bug: v8:6847
> Change-Id: I74f51b9b15df74de800fbbf031515d26aaa70dbc
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135735
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67006}

TBR=ulan@chromium.org,clemensb@chromium.org,bmeurer@chromium.org,thibaudm@chromium.org

Change-Id: Ie9da956519673b85262ba0cbcc80a946624d8c45
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135634Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67007}

This is a reland of 6ebccbd1

Original change's description:
> [wasm] Deduplicate wasm scripts
> 
> R=clemensb@chromium.org
> 
> Bug: v8:6847
> Change-Id: I4509a7011a0d32f5bbd2eabf3d2ee6ef5304263d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124320
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66981}

Bug: v8:6847
Change-Id: I74f51b9b15df74de800fbbf031515d26aaa70dbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135735Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67006}

Change-Id: I31aabfe9bdaf02da088620920bbe1e85a9f1859a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135630
Auto-Submit: Marja Hölttä <marja@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67005}

Adds the PersistentHandles class, which serves as a container for
handles that can be passed back and forth between threads. Allocation
and deallocation of this class is thread-safe and the isolate tracks
all PersistentHandles containers.

Design doc: https://docs.google.com/document/d/17yKs-6apE2rGEag7tDsoyeRxg99c1dXyXQ2MfHe65tY/edit?usp=sharing

Bug: v8:10315
Change-Id: I4b9c958c9a57d755ca68862197501f75274670fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2128058
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67004}

Bug: v8:9909
Change-Id: I954c2d48d0116e0f1fcfcb801671e320f8e4fee6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134420Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Jing Bao <jing.bao@intel.com>
Cr-Commit-Position: refs/heads/master@{#67003}

This is a reland of 77b24c06

Original change's description:
> [class] Ship private methods and accessors
> 
> Turns --harmony-private-methods on by default.
> 
> Intent to ship: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/HLpO-HC8aKc/TT32fUNPBAAJ
> ChromeStatus page: https://www.chromestatus.com/feature/5700509656678400
> 
> Bug: v8:8330
> Change-Id: I0d9b21cddd5418be8e7059c24fa05ab98de667b9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2110890
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Cr-Commit-Position: refs/heads/master@{#66933}

Bug: v8:8330
Change-Id: I165e54982b642757b2e9ed9eb42a051ea928703b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2130451Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#67002}

Older gcc versions don't support constexpr source location builtins.

Bug: chromium:1056170
Change-Id: I3ef26e62395b1d86f435fb433b429d62a47fa8c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135737Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67001}

This reverts commit 7d955faa.

Reason for revert: Bad change, modified wrong test file https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/36416

Original change's description:
> [wasm-simd][x64][ia32] Do not overwrite input register
> 
> We are ovewriting input register (contains the shift) when we are
> masking it, instead, move to a temporary,then mask it.
> 
> Bug: chromium:1065599
> Change-Id: Iab72b94581239447e444746681387350b576e24a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2125941
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66997}

TBR=gdeepti@chromium.org,zhin@chromium.org

Change-Id: I50c57906d6eb49758584b477c971179ea3c6e5d3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1065599
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134655Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67000}

This reverts commit df204288.

Reason for revert: Broke noavx https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20debug/31698

Original change's description:
> [wasm-simd][x64] Cleanup unnecessary CpuFeatureScope
> 
> There are a couple more left in some i64x2 ops, but those are not in the
> proposal, so I've left them as it is.
> 
> Bug: v8:9561
> Change-Id: I3f6a4113c8054229eb6532d83ff16174a3208418
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2128849
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66990}

TBR=gdeepti@chromium.org,zhin@chromium.org

Change-Id: Ib42dbf70ab8ee97ed1d2f809ea305c22213ae960
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9561
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134653Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66999}

Bug: v8:8179
Change-Id: I443024e663ebece4465cb58687b49a37624c6bbf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2129274
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66998}

We are ovewriting input register (contains the shift) when we are
masking it, instead, move to a temporary,then mask it.

Bug: chromium:1065599
Change-Id: Iab72b94581239447e444746681387350b576e24a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2125941
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66997}

A WeakCell's unregister_token and holdings are passed in by the user,
and so should be JSAny. A FinalizationRegistry's callback function must
always be Callable.

Bug: v8:8179
Change-Id: I8e447ce4bfeba712594fc9a7c9923ce718adcd62
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2129273Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66996}

Bug: v8:8179
Change-Id: Ic8ae1fcbfaf7d71a4f9924266670fbf1c24cd63e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2129246Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66995}

Effect-control-linearizer will update a basic block to connect it
directly to the end node if it has an Unreachable node. Usually the
block would already have been connected directly to end (via a Throw
node) already, however in some cases it can be connected indirectly
(via a branch, where both end in a throw node).

If this happens, and the Effect-control-linearizer is maintaining the
schedule (e.g., for TurboProp), it will cause the end block to have
unreachable predecessor blocks, which can cause issues with the
register allocator.

To fix this, have the BasicBlockUpdater remove all successor blocks
from the schedule, when they become Unreachable. Also add some tests
to cover this in effect-control-linearizer-unittests.

BUG=v8:10332,v8:9684

Change-Id: Ibce140e6d1f61751a86247e6f8c36075723a1e55
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2120537
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66994}

If there is still Liftoff code installed on a function, we cannot reuse
it when tiering down, since we don't know if it was compiled with
debugging capabilities. This made the "debug-step-into-wasm" test flake.

R=thibaudm@chromium.org

Bug: v8:10368
Change-Id: I3672940015c85ec10ead2e33e7792410b47589d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135732Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66993}

Bug: v8:9909
Change-Id: Ie894f91107c2a6e59c121c7db581112c5340fe48
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2132709Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66992}

Instead of two copies of the lookup code in frames.cc and wasm-debug.cc,
put one lookup method on the WasmCode. This is where it belongs really,
since the WasmCode is the main input to the function (besides the
offset).

Also refactor how source positions are computed in WasmCompiledFrame.
Avoid going through the summary, which is unneccessarily complex. This
also adds another {byte_offset} accessor which can be used for
debugging.

Bug: v8:10235
Change-Id: I5c545ee302754b86009f09bedc5ff6e39ba664f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135726Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66991}

There are a couple more left in some i64x2 ops, but those are not in the
proposal, so I've left them as it is.

Bug: v8:9561
Change-Id: I3f6a4113c8054229eb6532d83ff16174a3208418
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2128849Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66990}

Implement i8x16.bitmask, i16x8.bitmask, i32x4.bitmask on ia32.

Drive by additions of disasm and disasm tests to some instructions.

Bug: v8:10308
Change-Id: I3725ed6959ae55f96ee7950130776a4f08e177c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2127314Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66989}

The new flag controls foreground incremental marking tasks and does not
affect background concurent marking tasks.

Change-Id: I46bda6b10c76b7a7f2ed2e123afe85bc04935624
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135733Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66988}

The code of kArmWord32AtomicPairStore is not self-explanatory,
especially why {ldrexd} is used. This CL adds some documentation to
make it more understandable.

Additionally this CL changes the code generation to use {cmp} instead
of {teq}. It's the preferred (idiomatic) sequence on Arm.

R=v8-arm-ports@googlegroups.com

Bug: v8:10155
Change-Id: I32946a333c352250045dbd8872862529a63c8772
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2129638Reviewed-by: Jacob Bramley <jacob.bramley@arm.com>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66987}

This commit adds a few fixes neccessary for integrating the
fast C API into Blink:
- added default constructor for CFunction
- removed a bogus template specialization allowing void* params
- extended the public Isolate class

Bug: chromium:1052746
Change-Id: I4f2ba84299920e2cc9d66ec1ed59302313db6c0b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2120587
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66986}

Change-Id: If9252354404efcac89ab8fbbd41250a6311fdfd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135731Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66985}

Port ec4ccade

R=zhiguo.zhou@intel.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ide15cd0350633b5fb4f2af0ce55a334b428d1320
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134421Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#66984}

Change-Id: I921cdcf7a1b9dc0d5f8ddcb94c5e374b1fb1c879
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135626Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66983}

This reverts commit 6ebccbd1.

Reason for revert: Fails gc-stress: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/27313

Original change's description:
> [wasm] Deduplicate wasm scripts
>
> R=​clemensb@chromium.org
>
> Bug: v8:6847
> Change-Id: I4509a7011a0d32f5bbd2eabf3d2ee6ef5304263d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124320
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66981}

TBR=ulan@chromium.org,clemensb@chromium.org,thibaudm@chromium.org

Change-Id: I58e857d43b524115be3e29b9524794f05d631544
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135730
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66982}

R=clemensb@chromium.org

Bug: v8:6847
Change-Id: I4509a7011a0d32f5bbd2eabf3d2ee6ef5304263d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2124320
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66981}

Port ec4ccade
https://crrev.com/c/2129176

Change-Id: I6c37c6a2be4a42c440dd8c0920647a587f55e44d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135546Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#66980}

Adding code can happen in parallel (it includes copying the code to the
code region and relocation it). Publishing happens under one lock per
native module though. We eventually want to avoid blocking on this lock
for too long. This CL prepares that by splitting the actions of adding
and publishing code.

R=ahaas@chromium.org

Bug: v8:10330, v8:10387
Change-Id: Iddbdadfe32e691bbf5e7b387ea947579bc3376f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134372
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66979}

For easier debugging of Liftoff code generation issues, add code
comments or out-of-line code.

The name is generated from the {RuntimeStubId}. The respective name
accessor is currently defined on the {NativeModule}, this CL makes it a
top-level function so we can reuse it from Liftoff.

R=thibaudm@chromium.org

Bug: v8:10235
Change-Id: I7b99779217b9c052e34ad132eb34859b20548092
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134307
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66978}

This reverts commit 10360127.

Reason for revert: This fix only had moderate impact and the
underlying CPU bug has now been addressed.

Original change's description:
> Speculative fix to crashes from a CPU bug
> 
> For the last few months Chrome has been seeing many "impossible" crashes
> on Intel Gemini Lake, family 6 model 122 stepping 1 CPUs. These crashes
> only happen with 64-bit Chrome and only happen in the prologue of two
> functions. The crashes come and go across different Chrome versions.
> Analysis of most of the crashes shows that the address of the crashing
> instruction follows some patterns:
> 
> When crashing in GetFieldIndex() the last byte of the address is always
> 1c, 5c, 9c, or dc.
> 
> When crashing in UpdateCaches (fewer unique samples) the last byte of
> the address is always 5d or 9d.
> 
> The address of the function is 0xc or 0xd bytes earlier so the crashing
> functions always start with an address that ends in 10, 50, 90, or d0.
> 
> Those addresses are for the crashes on a load of the __security_cookie.
> The crashes also occasionally happen on the two instructions that follow
> the __security_cookie load in which case the crashing instruction's
> address has been seen to end with 23 or a3. This corresponds to a
> function start address of 10 or 90.
> 
> Since the crash involves reading incorrect instruction bytes when
> crossing a 16-byte boundary and since the crash appears to only happen
> with particular 16-byte alignments it seems reasonable to force the
> function's alignments to a multiple of 32 to see if this reliably
> avoids the crashes. This change uses the gcc/clang __attribute__
> directive to force 32-byte alignment. I have tested this change enough to
> verify that it triggers the desired alignment (with up to 31 "int 3"
> instructions added for padding) but since I have never reproduced this
> crash I have no way of testing its efficacy.
> 
> Bug: chromium:968683, chromium:964273
> Change-Id: Ia6e1c6d1e044b84d274817374b25523303e78b51
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803775
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Bruce Dawson <brucedawson@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63804}

TBR=brucedawson@chromium.org,verwaest@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:968683, chromium:964273
Change-Id: I150ecfebeff95e8f63dbba74d78491867dc17736
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134728
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Bruce Dawson <brucedawson@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66977}

We cannot rely on the clang compiler to generate the trampoline entry
and the right mangling because `__attribute__((naked))` does not
prevent clang from generating TSAN function entry stub
(`__tsan_func_entry`). Even with `__attribute__((no_sanitize_thread)`
annotation clang generates the entry stub.

Upstream bug: https://bugs.llvm.org/show_bug.cgi?id=45400

Bug: chromium:1056170
Change-Id: I7a2063d7d205ee071e6a41ce4d9cb2d8d6423987
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2132797Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66976}

Add support for ia32 Windows using clang. Change the callback
function from a member function to a free function. This the
compiler generating thiscall calling convention for the member
function which allows for keeping the asm trampoline uniform.

Bug: chromium:1056170
Change-Id: Ic8fcac27a628a0de026d8fe7d2e376c8f58a1737
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2134136Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66975}

SourceLocation is needed to track Persistents.

Bug: chromium:1056170
Change-Id: I4d5cf151a4d27b4c29582ff8195cdcb7453afe1c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2132790
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66974}

Remove other variants for the same functionality such as IsCallable(),
TaggedIsCallable(), and !TaggedIsSmi() && IsCallable().

Change-Id: I33bcdf7699c1adf2330b3c11f482f7bbfcd927b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2107515
Commit-Queue: Timothy Gu <timothygu@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66973}