and split Smi out of objects.h into smi.h.

Bug: v8:3770, v8:5402
Change-Id: I5ff7461495d29c785a76c79aca2616816a29ab1e
Reviewed-on: https://chromium-review.googlesource.com/c/1313035Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57252}

This CL restores consistency with other platforms. ebx is now the
kRootRegister on ia32, and thus not an allocatable register any more.

The PreserveRootIA32 register configuration can be removed since it is
now identical to the Default configuration.

Bug: v8:6666
Change-Id: If4e2b4c52aa8b5db40bcd3b4469004b29c0e3d99
Reviewed-on: https://chromium-review.googlesource.com/c/1299078
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57018}

This is a reland of a31a6230

Original change's description:
> [ia32] Remove poisoning logic on ia32
>
> Poisoning has been disabled by default on ia32 a while ago. This CL
> removes its logic from ia32 code generation, which will let us move
> towards fuller (and unconditional) root register support.
>
> Bug: chromium:860429, v8:8254
> Change-Id: I8f672cf48a6ffc7bf21e7794c1b7463d7f8b9594
> Reviewed-on: https://chromium-review.googlesource.com/c/1296131
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56978}

Tbr: mstarzinger@chromium.org,jarin@chromium.org
Bug: chromium:860429, v8:8254
Change-Id: Ia65ac57fdc6b9a0f59cc64455d6a000005e9be3b
Reviewed-on: https://chromium-review.googlesource.com/c/1299080Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56984}

This reverts commit a31a6230.

Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20nosnap%20-%20debug/21332

Original change's description:
> [ia32] Remove poisoning logic on ia32
> 
> Poisoning has been disabled by default on ia32 a while ago. This CL
> removes its logic from ia32 code generation, which will let us move
> towards fuller (and unconditional) root register support.
> 
> Bug: chromium:860429, v8:8254
> Change-Id: I8f672cf48a6ffc7bf21e7794c1b7463d7f8b9594
> Reviewed-on: https://chromium-review.googlesource.com/c/1296131
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56978}

TBR=mstarzinger@chromium.org,jarin@chromium.org,jgruber@chromium.org

Change-Id: I305e9e1719fb4b3f8ef267c232723db9b52966e9
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:860429, v8:8254
Reviewed-on: https://chromium-review.googlesource.com/c/1299015Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56980}

Poisoning has been disabled by default on ia32 a while ago. This CL
removes its logic from ia32 code generation, which will let us move
towards fuller (and unconditional) root register support.

Bug: chromium:860429, v8:8254
Change-Id: I8f672cf48a6ffc7bf21e7794c1b7463d7f8b9594
Reviewed-on: https://chromium-review.googlesource.com/c/1296131
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56978}

This removes a bunch of porting helpers, e.g. scopes that mark
the addressability of ebx, printing embedded builtin candidates, and
the call/jump mechanism through a virtual target register.

This also disables root register verification by default on ia32. It
can be completely removed in a bit.

Bug: v8:6666
Change-Id: I4705d61991ddc57c30981c311a1c8c5e2f8ddf4d
Reviewed-on: https://chromium-review.googlesource.com/c/1288271Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56864}

This bundles a bunch of miscellaneous things to make more builtins
isolate-independent (e.g.: using tasm::Move instead of asm::mov
methods).

Drive-by: The isolate-independence whitelist was changed to a blacklist.

Bug: v8:6666
Change-Id: I7e0fbe8bb2ca3dc751ad070f1a92aebb88b43125
Reviewed-on: https://chromium-review.googlesource.com/c/1286331Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56728}

Change-Id: I7691c12acc1b2d0be3e35cf699bb16df4ca84b6e
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/c/1280435
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56695}

Change-Id: If476aa8a759bbf6360ef1fc68dbc3e624f8731e5
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/c/1282971Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56692}

Change-Id: I673c4bddca876dd506be4979bbf2208e6f0af329
Bug: v8:6666
Also-By: jgruber@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/1280326
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56675}

This adds root-relative access in a couple of spots (e.g.: LoadRoot,
CompareRoot, PushRoot, Push, Move, etc.). Some methods now dispatch
based on whether the given Immediate is an embedded object.

ShouldGenerateIsolateIndependentCode() was added as a porting crutch:
it forces isolate-independent code for builtins even though the
builtin is not in the Builtins::IsIsolateIndependent() whitelist. This
allows us to easily figure out which builtins can be white-listed with
--print-embedded-builtin-candidates.

Newly isolate-independent builtins are now whitelisted.

Drive-by: Remove dead CompareRoot and JumpIfRoot helpers.

Bug: v8:6666
Change-Id: I6b5f6f71b90ac22e7e15482af0617b0ca1c319da
Reviewed-on: https://chromium-review.googlesource.com/c/1280665
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56673}

Change-Id: I5804585565acfabc110b019c5fcecdcabbaf022e
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/c/1276428
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56636}

This is the first CL in a series that removes the StaticVariable operand.

Change-Id: I2acdbf4a7481af43321b8af10dbe38f8f481bea8
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/c/1276365
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56635}

Pure refactoring CL. Introduce a symbolic name for the register
used to hold the function index when calling the lazy compile stub.
This makes it easier to see this contract when looking at the
macro assembler.

R=ahaas@chromium.org
CC=clemensh@chromium.org

Change-Id: I714f978883ced001a1435338dcefd96744bfb2ae
Reviewed-on: https://chromium-review.googlesource.com/c/1273099
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56516}

The goal is to remove CL to remove the confusing implications for
full poisoning.

This is an alternative to
https://chromium-review.googlesource.com/c/chromium/src/+/1253341
where chrome has to work around our implication system.

In the optimizing compiler, we already have a bottleneck for setting
mitigation level in src/compiler/pipeline.cc, so it is easy to change
back to partial mitigations.

Bug: chromium:888892
Change-Id: I01de7ed7bb91e8b06f8f79cc2d90657a0600892a
Reviewed-on: https://chromium-review.googlesource.com/c/1252985Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56374}

Bug: v8:6666
Change-Id: I54ee5bcaef729d1a4b9edbae3157951df135df90
Reviewed-on: https://chromium-review.googlesource.com/1238239
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56147}

Change-Id: I2b1eb33e4b7a7c5158bec02c60823669921b619d
Bug: v8:6666, v8:8015
Reviewed-on: https://chromium-review.googlesource.com/1238578Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56139}

R=jgruber@chromium.org

Bug: v8:6666
Change-Id: I3ece4039297f837a3677c62c4a76433b73ebbe15
Reviewed-on: https://chromium-review.googlesource.com/1233916Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#56118}

Change-Id: I9eda6409d05c59085a09ebc7079b9c12c9877574
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/1236577
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56116}

This CL changes Construct, ConstructVarargs, ConstructForwardVarargs and
ConstructFunctionForwardVarargs to preserve the kRootRegister (ebx).

Bug: v8:6666
Change-Id: Ia2c328e419506c029cda76fc210bbd45d9eb5952
Reviewed-on: https://chromium-review.googlesource.com/1233654Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56111}

R=jgruber@chromium.org

Bug: v8:6666, v8:8015
Change-Id: I37c4fc6771247c448ec3194790fe9fad3c9bdebf
Reviewed-on: https://chromium-review.googlesource.com/1236054
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56096}

Drive-by: Clarify code that initializes the allocation site argument
of ArrayNArgumentsConstructor to undefined. Until now, this was done
in InternalArrayConstructor prior to calling the Impl builtin. But the
allocation site is not part of the Impl interface descriptor and
worked only by chance since we did not clobber the register. Also, the
argument is only needed for the path that calls
ArrayNArgumentsConstructor and can be omitted elsewhere. This CL pulls
initialization to just before the final call.

Bug: v8:6666
Change-Id: I24471ca0291a83dfad7af4cc11d699c8923117ec
Reviewed-on: https://chromium-review.googlesource.com/1235917
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56086}

R=jgruber@chromium.org

Bug: v8:6666
Change-Id: Icdf9ab0770cc4d6dd1c7c3a3911ffcc7a493d127
Reviewed-on: https://chromium-review.googlesource.com/1233915
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56085}

This CL ensures that the following builtins preserve
the kRootRegister (ebx):

InterpreterPushUndefinedAndArgsThenCall
InterpreterPushArgsThenCallWithFinalSpread
InterpreterPushArgsThenConstruct
InterpreterPushArgsThenConstructArrayFunction
InterpreterPushZeroAndArgsAndReturnAddress
InterpreterPushArgsThenConstructWithFinalSpread

Bug: v8:6666
Change-Id: I026654b981276c7d435c18c9eedef3f5d33b6533
Reviewed-on: https://chromium-review.googlesource.com/1233754Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56082}

FrameDropperTrampoline
HandleDebuggerStatement
InstantiateAsmJs
NotifyDeoptimized

Bug: v8:6666
Change-Id: I4189e5dcf82eddd1dbce43b10b04c8e6a980123c
Reviewed-on: https://chromium-review.googlesource.com/1235922Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56081}

Bug: v8:6666
Change-Id: Ib189d5bb2d6c9942e7223f0783f1c1fe1fc9aaa4
Reviewed-on: https://chromium-review.googlesource.com/1236093Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56079}

Bug: v8:6666
Change-Id: I427bb8e54a79eb3d7ee226da2f4d90ab4886e353
Reviewed-on: https://chromium-review.googlesource.com/1233656
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56078}

Bug: v8:6666
Change-Id: I5c75eda044312bba6be1ce6bf71afbfe94534afc
Reviewed-on: https://chromium-review.googlesource.com/1233674Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56075}

This CL ensures the kRootRegister (ebx) is preserved in

Call_ReceiverIsNullOrUndefined
Call_ReceiverIsNotNullOrUndefined
Call_ReceiverIsAny

Bug: v8:6666
Change-Id: Ifef8ba544110c45810a8f895869acdd5b61d1d5d
Reviewed-on: https://chromium-review.googlesource.com/1233597Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56071}

Bug: v8:6666
Change-Id: Ifffca8d91c482026e9e7eee09bb5d6ce3e87e212
Reviewed-on: https://chromium-review.googlesource.com/1233598Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56069}

and introduce RootsTable - a V8 heap roots storage.

So, the renaming part looks like this:
  Heap::RootListIndex -> RootIndex
  Heap::kBlahBlahRootIndex -> RootIndex::kBlahBlah

Bug: v8:8015, v8:8182
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I38e1f3e3f6813ef35e37b0bed35e9ae14a62134f
Reviewed-on: https://chromium-review.googlesource.com/1234613Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56067}

This CL ensures that the InterpreterEntryTrampoline, as well as
InterpreterPushArgsThenCall and InterpreterPushArgs preserve
the kRootRegister (ebx).

Bug: v8:6666
Change-Id: I1e5b63f1002ffbe4dac84f039f373b6b77e67d8a
Reviewed-on: https://chromium-review.googlesource.com/1233793Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56047}

R=jgruber@chromium.org

Bug: v8:6666
Change-Id: I51db8fdf5e649884aa94cb6c9e5cc733250b7ce9
Reviewed-on: https://chromium-review.googlesource.com/1233757
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56045}

As part of this, we also update all InvokeFunctionCode callers to pass
ecx as the expected-argc register.

Drive-by: Inline InvokeFunction overload into its single use.

Bug: v8:6666
Change-Id: I67590ecc3f4981d014642c9e18d3ed6db9831e54
Reviewed-on: https://chromium-review.googlesource.com/1233653
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56040}

OnStackReplacement itself was dead code.

Bug: v8:6666
Change-Id: I72df335f23fb749e652899a170bb3dc800992ba7
Reviewed-on: https://chromium-review.googlesource.com/1232635
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56039}

Not much to do here. This CL bakes in incompatibility between
poisoning and embedded builtins, since we cannot unconditionally reset
the poison register (which we reused as kRootRegister) as we used to.

It also exposes a bug introduced in [0] where we set
Isolate::c_function to a garbage value.

[0] https://chromium-review.googlesource.com/1185011

Bug: v8:6666
Change-Id: Ia606f5d0e86c7ff68aa2af22acb89c2844519bf5
Reviewed-on: https://chromium-review.googlesource.com/1233255
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56038}

This also adds checks that ebx contains the root pointer during indirect load.
And we work around a few spots where we create an ebx Register but do not
actually reference it (e.g. when emitting xmm3, which has the same code as
ebx).

Bug: v8:6666
Change-Id: I7ec9e644c2e9c59d6395a71c6c5f479fac711d8d
Reviewed-on: https://chromium-review.googlesource.com/1231093
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56037}

Bug: v8:6666
Change-Id: I6a6ece9ebb573fc6bbd18840400774952778a7e1
Reviewed-on: https://chromium-review.googlesource.com/1230914Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56035}

This CL ensures that ConstructBoundFunction and
ConstructedNonConstructable preserve the kRootRegister (ebx).

Bug: v8:6666
Change-Id: I5aaee07aee9377f62028c98ccc8c6fdfe23dbc6d
Reviewed-on: https://chromium-review.googlesource.com/1233615
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56033}

This CL is part of the effort to remove the usage of 'ebx' as it will
be the kRootRegister on ia32.

R=jgruber@chromium.org

Bug: v8:6666
Change-Id: Iad3d4718423a22790908d5028b2ec9e8b2253126
Reviewed-on: https://chromium-review.googlesource.com/1233258Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#56023}