This reverts commit 7dcc70b8.

Reason for revert: Fails to compile on V8 Linux gcc https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20gcc/11474/overview

Original change's description:
> [web snapshot] Support numbers
>
> This CL adds support for integer and double values in web snapshots.
>
> Bug: v8:11525, v8:11706
> Change-Id: Ib75c52d440cd51bf78f57eecca09cecf35b801a4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854734
> Commit-Queue: Vicky Kontoura <vkont@google.com>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74259}

Bug: v8:11525
Bug: v8:11706
Change-Id: If107fb890c28a60c2d87859f634fdafeb73dc6c3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857156
Auto-Submit: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74260}

This CL adds support for integer and double values in web snapshots.

Bug: v8:11525, v8:11706
Change-Id: Ib75c52d440cd51bf78f57eecca09cecf35b801a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854734
Commit-Queue: Vicky Kontoura <vkont@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74259}

Use relative paths to access v8 root build rules since // means
something different in a chrome build.

Bug: v8:7330
Change-Id: I4eac73b394daaf0250b0fa2ad415af560b03c114
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2856840
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74258}

Bug: v8:11694
Change-Id: I27122524ee2991aca324867186a9443c57af3552
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2856542Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74257}

This reverts commit dbd5ae52.

Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20internal%20snapshot/33829
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20vtunejit/41526
https://ci.chromium.org/p/v8/builders/ci/V8%20iOS%20-%20sim/12150
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20debug%20-%20perfetto%20-%20builder/12811

Original change's description:
> [build] Enable gn check for most of v8
>
> Currently there are 32 gn check failures across v8 (not including
> third_party). These are due to issues in cppgc and inspector, which are
> not trivially resolveable, so for now 4 targets (+ third_party) are
> being excluded from the checks.
>
> Bug: v8:7330
> Change-Id: I506abe8e452c26239262499fc1fe2a6347a4c84b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851886
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74255}

Bug: v8:7330
Change-Id: I20e4f99217c93794ab523b4018c5161d8364f7b7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2856839
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74256}

Currently there are 32 gn check failures across v8 (not including
third_party). These are due to issues in cppgc and inspector, which are
not trivially resolveable, so for now 4 targets (+ third_party) are
being excluded from the checks.

Bug: v8:7330
Change-Id: I506abe8e452c26239262499fc1fe2a6347a4c84b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851886Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74255}

Bug: v8:7330
Change-Id: I4bb602a41f127d4e3201defa3176f7e99e6d3753
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851894
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#74254}

After the --wasm-shared-engine flag was removed (in
https://crrev.com/c/1864935), there is no point any more in holding the
wasm engine in a shared_ptr. The engine is initialized once for the
whole process, and only deallocated during global tear down.

R=jkummerow@chromium.org

Bug: v8:11384
Change-Id: Id8e96eaecfcab8b44842ec323c94529e9c5a5e25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853589Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74253}

This CL adds the new AllocationTypes kSharedOld and kSharedMap for
the allocation of objects in the shared heap. An Isolate can be converted
into a shared isolate with Isolate::UseAsSharedIsolate(). Client
isolates can then be attached to the shared isolate.

Bug: v8:11708
Change-Id: Ie2ed30b83b404e01e6f6079c5a4bdaa9302e8004
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2850709Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74252}

Moves the v8_check_header_includes part of v8_base_without_compiler into
a separate v8_source_set that depends either directly or transitively on
every rule containing a header file.

Bug: v8:7330
Change-Id: I38bf4d62b514b3bede19c0180fbf436957a75391
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854752
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74251}

The exception concerning type None actually seems avoidable and
can cause issues with incomplete nodes remaining in the graph.

Bug: chromium:1202312, chromium:1202625
Change-Id: I89062715e7f640c66b3f7cdca249db8cde768f29
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2850917
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74250}

Previously we'd allow to replace the source of functions that are on the
current execution stack under certain conditions, but this has resulted
in an endless stream of bugs due to weird edge cases, and so we're now
limiting LiveEdit to functions that don't have any activation (including
not a suspended generator / async function activation).

We might eventually add the ability to LiveEdit functions with
activations and have them "upgrade upon next invocation", but that
doesn't seem to be an extremely important use case right now.

Fixed: chromium:1195927
Change-Id: I87a45ba4d0ddcfbf867bd4e73738d76b2d789e04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2846892
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74249}

When the embedder uses microtask scopes to control microtask execution,
we check in the V8 API that there's always a microtask scope on the
stack when entering V8. However, a microtask might call into the
embedder which in turn can call into V8, so we have to put a fake scope
on the stack before executing microtasks to avoid hitting the check.

Bug: chromium:728583
Change-Id: I99bcbcca26eaaac827d0ec09064044f616fb9efc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853597
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74248}

This reverts commit 317462be.

Reason for revert: Landed prematurely.

Original change's description:
> [compiler] Make BigInts bg-serialized
>
> BigInts are immutable after initialization, thus an acquire-release
> synchronization point is sufficient to read safely from the background
> thread. This CL introduces the `length` field as that sync point.
>
> Bug: v8:7790
> Change-Id: I977f30836b311c3851896dd29e708f78a090f547
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854745
> Auto-Submit: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74245}

Tbr: mvstanton@chromium.org
Bug: v8:7790
Change-Id: I0fab1a8e161c75267aead3735708e26620686fa6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854749
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74247}

This reverts commit 336673f4.

Reason for revert: Verifying a fix - https://chromium-review.googlesource.com/c/v8/v8/+/2853587

Original change's description:
> [test] Disable flaky cctest on stress_concurrent_allocation
>
> Bug: v8:11695
> Change-Id: I3b558260a23b4fb7d16bc8f1e9c57b94bce03838
> No-Try: true
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854299
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Auto-Submit: Maya Lekova <mslekova@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74228}

Bug: v8:11695
Change-Id: Iab080de98a6f2b96f98104bec4f96e0331de4573
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854746
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74246}

BigInts are immutable after initialization, thus an acquire-release
synchronization point is sufficient to read safely from the background
thread. This CL introduces the `length` field as that sync point.

Bug: v8:7790
Change-Id: I977f30836b311c3851896dd29e708f78a090f547
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854745
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74245}

Change-Id: Ieea30b779eb1b0804222cd60872b459cc38855fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853282
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Cr-Commit-Position: refs/heads/master@{#74244}

Bug: chromium:1056170
Change-Id: I470411540fc9d8beaaed52b7aed3c773b9b99b4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854739
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74243}

This renames UBSAN's lists to match the names expected by the sanitizer
config as specified in
https://chromium.googlesource.com/chromium/src/build/+/1343ce81aab4e198c313b113ce278393187dc65c

Bug: v8:10619
Change-Id: I83f671cb68e4541735acb8d86d267f6a1a49b0a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854744Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74242}

.. which traces various stats (time, memory) related to the snapshot.
Due to various flag shuffles, it was broken as of Oct 2020, with some
line items reporting constant 0.

This also refactors --profile-deserialization and
--serialization-statistics s.t. the former only reports
deserialization times and the latter reports memory. Memory.json now
passes both flags.

Change-Id: I7dacbbbe9f7a667e0802d0f7a44703dc34524a4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854742
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74241}

Rather than pushing each root seperately, then emptying the
queue and pushing the next, instead push all roots together then
work through the queue. This reduces the number of node visits
by around 6x compared to pushing roots seperately.

BUG=v8:9684

Change-Id: I481fc177731f9d2b12e00c2a6d1be06a93429ff2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854298
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74240}

Add a special builtin performing a ToBoolean operation for jumps in
baseline code, which

   a) returns the original value as the first return value, to avoid
      needing to save it in the caller, and
   b) returns the true/false value as a Smi, to make the baseline-side
      comparison a cheap comparison against zero.

This reduces JumpIfToBoolean (on x64) from ~40 to ~30 bytes.

Bug: v8:11420
Change-Id: Idee51405b1e450cdd11ccb45ed82ddbc9119ae74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854654
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74239}

With top-level await enabled by default, the behavior of
v8::Module::Evaluate is changed to always return a Promise, and should
be documented.

No-try: true
Change-Id: I8bf41a18d8d98befecd62d6423ab37fdbaac3aad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854874Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74238}

A NativeContext is initialized in two steps: First the map is allocated,
only afterwards the NativeContext. It could happen that there is a GC
happening when allocating the NativeContext. In such a case the
native_context for the Map is still set to null.

Fix this by also allowing null in Map::MapVerify.

Bug: v8:11695
Change-Id: Id8dcd6aef83aff4cbfff45a1e993e555cff8e7bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853587Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74237}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6273d81..94367a1

Rolling v8/third_party/aemu-linux-x64: CMJyNq6nZ3RoBUYmon01iRJ7MYYfVl4ds1kgbGFcNRMC..KmvDYKZZ-xQz7ZzzSKBh3HrWPpQv89vfFY9mBp6RDq4C

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/00b0b51..ca2c407

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/c91f5f6..ae1b2b1

Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/86da5ec..835951a

Rolling v8/tools/luci-go: git_revision:173195137e006c3bbbd2394409e3d752f8b3c62f..git_revision:a3a1f3a2e925eb44367c62783877c922c9ef7289

Rolling v8/tools/luci-go: git_revision:173195137e006c3bbbd2394409e3d752f8b3c62f..git_revision:a3a1f3a2e925eb44367c62783877c922c9ef7289

Rolling v8/tools/luci-go: git_revision:173195137e006c3bbbd2394409e3d752f8b3c62f..git_revision:a3a1f3a2e925eb44367c62783877c922c9ef7289

TBR=v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: Ia1b0769152c8b3e11691c452d8f0e338ede4b3af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2855902Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74236}

MatcherBase::buffer_ defined under "gtest/gtest-matchers.h"
is a union of sizes that may be too large for Config object
currently being passed to it. This might result in `buffer_` to remain
uninitialized.

More information about the error can be found
in the comment section of this CL: https://crrev.com/c/2228887

Change-Id: Ibeef1189a7db8056f00cc85dbccec506d345a7eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854278Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#74235}

R=clemensb@chromium.org

Bug: chromium:1202736
Change-Id: Id4056ba60fdaa5d5fbe2099ef0823da70a28e6ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853601
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74234}

Bug: chromium:1056170
Change-Id: I41ebc2e507d1662588364396f1129c75a0f0841d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851890
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74233}

Bug: v8:11699
Change-Id: I286ea7d3a6455528c66eee3f479455bfc49f190c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2852039
Commit-Queue: Nico Weber <thakis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74232}

Changes:
- Add WasmInitExpr class which knows how to create initializer
  expressions as pairs of {type, value}. Also define a default for every
  type. Emit such pairs to a byte array with emit_init_expr().
- Add an initializer expression to every global (addGlobal() uses the
  default if the argument is absent).
- Introduce wasmI64Const();
- Update tests as needed.

Change-Id: I75ffe96604891506ad78bd3677ce1efe5e0cee07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851892
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74231}

The kInt64, kUint64, and kIntPtr type definitions made no sense.
This CL removes kIntPtr and fixes+renames k(I|Ui)nt64. It also adds
some DCHECKs to avoid similar bugs in the future.

Bug: chromium:1202609
Change-Id: Ibe2e9c7501c22959b850d2b1076e819455440450
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851895Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74230}

Change-Id: Ib492a0165d8aed748d8ece406bc51931ee577391
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2849179Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#74229}

Bug: v8:11695
Change-Id: I3b558260a23b4fb7d16bc8f1e9c57b94bce03838
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2854299Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74228}

Remove a couple of cases where builtins called by the baseline code
needed a context parameter, either because the interface descriptor
accidentally included the context, or by adding a trivial context load
from the frame where appropriate.

Bug: v8:11420
Change-Id: I3f34cd452f42dd876255375ae357feb245c78cdc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2848464
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74227}

FixedDoubleArrays are a special case:

1 The reads are 64-bit and unaligned, thus use memcpy underneath.
2 The compiler only reads FDArray values for (constant) boilerplate
  elements.

1) makes proper atomic reads tricky-to-impossible without a lock.
Luckily, 2) means we know that the array values are immutable after
initialization, thus we can simply do a non-atomic read from the
compiler thread.

Bug: v8:7790
Change-Id: I39698d867543ce2214a2148511c5d90ced6364b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2848410
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74226}

- Move ASAN and MSAN support to base/
- Eval arguments for builds without sanitizer to preserve same
  semantics
- IWYU fixes

Bug: chromium:1056170
Change-Id: I212becf205e03b155c188ffd13cf5629df6f2cb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851887Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74225}

Bug: v8:11700
Change-Id: Ibed6e02fdf17cef267135620a2ceab735be2ee9f
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853593
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74224}

The previously added perf-context Promise-hooks take a v8::Function as
arguments. However, the builtin code was only accepting JSFunctions
which causes cast errors.

Drive-by-fix: Directly pass nativeContext in more places.

Bug: chromium:1201465
Change-Id: Ic8bed11253a1f18a84e71eb9ea809b1ec1c3f428
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2850162Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74223}

The config was mistakenly switched to Bionic already. We keep it
unspecified now to prepare reimaging the bots.

No-Try: true
Bug: chromium:1199430
Change-Id: Ib09d9abbe890fc891af69b6630bf21be85328196
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2853586
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74222}

This is another step towards improving TSAN and test coverage of
concurrent paths.

By purging reconstructible (background-serialized or never-serialized)
ObjectData instances from the cache after serialization, we increase
ObjectData-construction activity on the background thread.

Note that this means ObjectData is no longer canonicalized - two
instances can point at the same underlying object. Losing this
property is unfortunate, but we can revert back to it once work on the
concurrency project is further advanced.

Bug: v8:7790
Change-Id: I44b1366f61dc9087cddc76939512abed17e28d61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2844661
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74221}