Alternatively, the CHECK and load could be removed.

Bug: v8:7790,chromium:1237309
Change-Id: I45b1495002a47f2f4ff2915c7997e34c79c1aed2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3080561
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76154}

.. in AccessInfoFactory. In order to be read safely, they must pass
the IsPendingAllocation predicate, called internally from TryMakeRef.

In a follow-up, DescriptorArrayRef methods should also be updated
similarly.

Bug: v8:7790,chromium:1236373
Change-Id: I96b59458033c327e3d2e01e8e4496e2c91609eb5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3080560
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76153}

.. namely:

 AllocationSite::nested_site
 CodeHandlerInfo::data
 ScopeInfo::OuterScopeInfo

These are all immutable after initialization.

Bug: v8:7790,chromium:1237387
Change-Id: I73f1c366d9f4fa9ad721051dea668227ba987e63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3080559Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76152}

Port: ec717160
Bug: v8:11879
Change-Id: I1e2f1d712a14fee383227c5a2b479cf00dde9e9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3062031Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn>
Auto-Submit: Ji Qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/master@{#76151}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e69b289..1b13158

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I0e3ad135baaac1da14a41595c4ae2b3b4cc68807
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3078875Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#76150}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/db33878..e69b289

Rolling v8/third_party/aemu-linux-x64: SwiFc4HfyqrpEgrdH7vFxbez4XNv6ZZoVOjUMszAYo8C..zSIltuD7SHwbJrbeTyt6t1P_n6bQJXzs-YHXShrGDI8C

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Id26f091082bcf84fa1ba36d3eb538d5d8dc9b450
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3079511Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#76149}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/1ed6f53..db33878

Rolling v8/third_party/aemu-linux-x64: Nw0OOp4j9l4Sj0WpOmaRhNeJ137UfsLg0P1YrF8uzKwC..SwiFc4HfyqrpEgrdH7vFxbez4XNv6ZZoVOjUMszAYo8C

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2e0d77d..c71b1c7

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/bbf0599..e989bf9

Rolling v8/tools/luci-go: git_revision:467ab48f5ed9f3ef32ae17f5b73a117e0c86566b..git_revision:e7749d37e8e52fd6eb9c79266a17d7fcb6f6ec04

Rolling v8/tools/luci-go: git_revision:467ab48f5ed9f3ef32ae17f5b73a117e0c86566b..git_revision:e7749d37e8e52fd6eb9c79266a17d7fcb6f6ec04

Rolling v8/tools/luci-go: git_revision:467ab48f5ed9f3ef32ae17f5b73a117e0c86566b..git_revision:e7749d37e8e52fd6eb9c79266a17d7fcb6f6ec04

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Ic61d8afe7af10676c065dd31f46142635b5491dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077358Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#76148}

Bug: v8:12043
Change-Id: I0691387546ec82616bdf22d19c8a990c8164fca2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3071915Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76147}

This reverts commit fee168ce.

Reason for revert: The DCHECK fails when freeing code
(https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/38292/overview),
which means that the current code is not correct. The added DCHECK
makes the bots red though, so the state before this CL was still
better.

Original change's description:
> [wasm] Check correctness of thread-local write protection
>
> We make an undocumented assumption in {CodeSpaceWriteScope} that a
> single thread will only work on one module at a time. If this is
> violated, the thread-local {code_space_write_nesting_level_} would
> prevent the second module from being switched to writable.
>
> This CL adds a second thread local (in debug only) to check that if
> there is already a {CodeSpaceWriteScope} open that it contains the same
> {NativeModule} as any nested scope.
>
> R=​jkummerow@chromium.org
>
> Change-Id: I43fa886d9d0fdf0e1846137dc411745fcca471fa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074477
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#76134}

TBR=jkummerow@chromium.org

Change-Id: I5262b0e886f99a64452966345fc084a1ab750459
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3078360Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76146}

Change-Id: I48effbb727b523ac1911584d3072c13671633046
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077623Reviewed-by: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#76145}

Adds a minimum estimated size.

Data suggests that estimated instruction size (+ relocation info size)
is linear to bytecode array length. This CL adds a constant for this
equation. The ratio remains the same.

This is important, because we want to increase success rate of
estimation when compiling on-heap.

When off-heap, we round up the assembler buffer to 4kB, so this CL
will only impact JS functions with more than 585 bytecodes, i.e, the
new added constant will be negligible.

Note: Relocation info (for Sparkplug) is usually so small that it is
not useful to have a separate zone for this.

Bug: v8:11872
Change-Id: I789e72f80b970d1f541965e7ae808b61c8174326
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3069155
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76144}

pthread_jit_write_protect* functions are only available on arm64 Mac,
not on iOS (which also sets V8_{TARGET_,}OS_MACOSX).
This CL refactors the logic to detect whether pthread_jit_write_protect
and MAP_JIT are available and defines a global preprocessor macro which
can subsequently be used instead of the existing complex condition.

R=jkummerow@chromium.org, mlippautz@chromium.org

Change-Id: I63894f42df35406d6eee90a4ce5070c2fde7b566
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077154Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76143}

C++ frames can get quite big in sanitizer builds. In the linked bug it
was an ASan debug build, which overflowed the stack by more than 8kB
just from C++ frames (when entering the runtime, there was no overflow
yet).
Hence increase the allowed stack overflow a bit for sanitizer builds,
from 8kB to 32kB.

R=jkummerow@chromium.org

Bug: chromium:1236560
Change-Id: I119fdb859f7ab5e6a0a4174cf79f0a16baa39432
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3078359Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76142}

So that it is possible to differentiate modules in the stack trace even
when they are anonymous.

R=kimanh@chromium.org

Bug: v8:11808
Change-Id: I12a1f07accdf62c404052f32624e9914381a7451
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074472
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76141}

Change-Id: Iffed72ddf703ea868a959c15f65547c34f976200
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077060Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#76140}

Firstly, the fast path checking for applicability of the equality
"A/B = 0 with remainder A" must use the condition "A<B", not "A<=B".
Secondly, *all* early return paths must ensure that enough padding
'0' characters are written.

Fixed: chromium:1236694
Bug: v8:11515
Change-Id: I3fa7e17f5f3969ddbb5417b53abf3bff3fc1355b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3075365Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76139}

This reverts commit fffcbaea.

Reason for revert: Breaks in Chromium (e.g. https://ci.chromium.org/p/v8/builders/ci/Linux%20V8%20FYI%20Release%20%28NVIDIA%29)

Original change's description:
> [counters] Fix reentrant timers for V8.Execute
>
> This CL fixes a long standing issue where reentering TimedHistograms
> scopes would cause spurious measurements. Only the non-nested scopes
> yielded correct results.
>
> Due to the changed numbers, the V8.Execute histogram is renamed to
> V8.ExecuteMicroSeconds. Note that this histogram is also guarded
> behind the --slow-histograms flag due to the additional overhead.
>
> Unlike before, it does no longer include time for external callbacks
> and only measures self time. The following example illustrates the
> new behaviour:
>
> 1. Enter V8:           |--+.......+--| self-time: 4 units (reported)
> 2. Exit V8 (callback):    |-+...+-|    self-time: 2 units (ignored)
> 3. Re-enter V8:             |---|      self-time: 3 units (reported)
>
> This would result in 2 histogram entries with 4 time units for the first
> V8 slice and 3 units for the nested part. Note that the callback time
> itself is ignored.
>
> This CL attempts to clean up how TimedHistograms work:
> - Histogram: the base class
> - TimedHistograms: used for time-related histograms that are not nested
> - NestedTimeHistograms: Extends TimedHistograms and is used for nested
>   histograms
>
> This CL changes Histograms to not measure time themselves. Measurements
> happen in the *HistogramScopes:
> - BaseTimedHistogramScope: Base functionality
> - TimedHistogramScope: For non-nested measurements
> - NestedTimedHistogramScope: For nested measurements
> - PauseNestedTimedHistogramScope: Ignore time during a given scope.
>   This is used to pause timers during callbacks.
>
> Additional changes:
> - ExternalCallbackScope now contains a PauseNestedTimedHistogramScope
>   and always sets VMState<EXTERNAL>
>
> Bug: v8:11946
> Change-Id: I45e4b7ff77b5948b605dd50539044cb26222fa21
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001345
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Victor Gomes <victorgomes@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#76111}

Bug: v8:11946
Change-Id: I954de1afbabf101fb5d4f52eca0d3b80a723385b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077153
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76138}

We add support for struct and arraytypes in wasm-fuzzer-common.
Also, we add addStruct and addArray while generating tests.
Other OptRef types like eqref/anyref have been supported.
Adding struct and arraytypes in wasm-compile has been placed
at the beginning in order to generate them in addSignature.

Bug: v8:11954
Change-Id: Ibe468dd4df70ad40367196c88353b28b7654f086
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074463Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Rakhim Khismet <khismet@google.com>
Cr-Commit-Position: refs/heads/master@{#76137}

We would like to use the name CompilerDispatcher for dispatcher base
class to be used by Sparkplug and OptimizingCompileDispatcher.

Bug: v8:12054
Change-Id: Id69955101c1f46fc2f79b6f77b05c92ed8a31edb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077150
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76136}

This patch makes V8 accept the binary format produced by Binaryen
after https://github.com/WebAssembly/binaryen/pull/3933 when the
--experimental-wasm-gc-experiments flag is present. The explicit
inheritance information is not used for anything. Validation is
performed only insofar as explicit supertypes must be valid types.

Bug: v8:7748
Change-Id: Id5b5050aa03591281632e3a2a161aa93422e10bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3071406Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76135}

We make an undocumented assumption in {CodeSpaceWriteScope} that a
single thread will only work on one module at a time. If this is
violated, the thread-local {code_space_write_nesting_level_} would
prevent the second module from being switched to writable.

This CL adds a second thread local (in debug only) to check that if
there is already a {CodeSpaceWriteScope} open that it contains the same
{NativeModule} as any nested scope.

R=jkummerow@chromium.org

Change-Id: I43fa886d9d0fdf0e1846137dc411745fcca471fa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074477
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76134}

Bug: chromium:1237153
Change-Id: If3c17d46cf53ba73cd6c199703b2854eb55fb68d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077145Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76133}

Change-Id: Iec59381ae9111de130070197c26212a8f9c18159
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3076061Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#76132}

Change-Id: Id8ac0df2ac107c1bfc68b852f47e5928b0fe098e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3076062Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#76131}

This reverts commit 09249d12.

Reason for revert: closes the tree with "gclient runhooks" on https://cr-buildbucket.appspot.com/build/8839654272213578577 V8 Presubmit from 09249d12

Original change's description:
> Make autoroll account owner of auto-updated files
>
> Bug: v8:12049
> Change-Id: Iff1d09a17c3e0bbcd7b62baae7766d3745d0b084
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3071212
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Liviu Rau <liviurau@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#76129}

Bug: v8:12049
Change-Id: Id21c3ef4ea99b29f3c458508da8e27ce0d687d65
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077148Reviewed-by: Liviu Rau <liviurau@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76130}

Bug: v8:12049
Change-Id: Iff1d09a17c3e0bbcd7b62baae7766d3745d0b084
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3071212Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76129}

Lets the macro-assembler compile RISC-V C-Extension instructions
when the corresponding flag is set during runtime.

Change-Id: I443d026653b9945ac7ccff41b0ca3f7db9b65775
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3039384Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/master@{#76128}

Rolling v8/base/trace_event/common: https://chromium.googlesource.com/chromium/src/base/trace_event/common/+log/1169114..3da1e2f

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e360729..1ed6f53

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/cb61e19..2e0d77d

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/0a4dd41..bbf0599

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/dd02422..6a8e571

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I2f211928dd79fb0b8ffd6282acc16f8ce1faa8f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3077639Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#76127}

Verify if Chromium's flag was enabled and toggle the flag
for V8, enabling support for PAC (Pointer Authentication Code)
and BTI (Branch Target Identification).

Bug: v8:10026, chromium:1145581, chromium:919548
Change-Id: I7c40674d2f9c8512639a7320b491006697420e28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3072158
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76126}

This was handled in JS but not in C++.

Bug: chromium:236703, v8:11025
Change-Id: Ic9adc4ceb4d2af2614427fec459c3e950654572f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074460
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76125}

Make sure we update the module status before accessing it's code object
in PrintStatusTransition.

Bug: v8:11949
Change-Id: Ide1745eeeb0d5612034a42680d99fb97a9b110ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3075361Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76124}

Generate the test case before compilation, so that we can generate it
even if compilation crashes.
We can only do this when require_valid is true. Otherwise the test case
depends on whether the module compiles or not.

R=ahaas@chromium.org
CC=​khismet@google.com

Bug: v8:11954
Change-Id: I944e867cc7ca631bff749bd67c4b8baff1df1fa9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074476Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76123}

If no GC happens when we grow the assembler buffer (this could happen
since we allocate a new Code object), we do not need to fix references
to full-embedded-objects.

Bug: v8:11872
Change-Id: I11fb1abcb4c53e124bb7659c9f9995ccb18cf296
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3073741
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76122}

Change-Id: Ic2576da8adff6935758ecae14ce5441d8af6428b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3075123Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#76121}

Change-Id: I3d75f2e5fdb9c43b4795dee80377725318ee271f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3075122Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#76120}

Bug: v8:7790
Change-Id: Ia5903364a774bd49db1a646b3066b9972deac725
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074465
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76119}

Bug: v8:7790
Change-Id: I299678102254ffb7d68be3d5cad11b4a4161492f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3068947
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76118}

Forgot to do this in crrev.com/c/3067226.

Bug: v8:7790,v8:12030
Change-Id: Ic6fbf3feb07e8d08f0fd83d76d54535387c7a27c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074464
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76117}

This CL limits the amount of address space we reserve for shared
WebAssembly memory. Up until now we just reserved either the defined
maximum size of the memory or the V8-defined maximum memory size,
depending on whether the maximum size is defined or not. This could
cause OOMs easily on 32-bit systems due to address space exhaustion.
With this CL we limit the amount of address space we reserve for shared
WebAssembly memory.
1) We try to reserve at least the initial size;
2) If no maximum size is defined, we reserve 1GB by default;
3) If a maximum size is defined, then we reserve that maximum size
   but at most 1GB.

Note that the handling of shared memory here is different than the
handling of not-shared memory because for shared memory it is not
possible to grow with realloc.

R=clemensb@chromium.org

Bug: v8:12038
Change-Id: I00493b330ee00588d65cbffa6f042e039106736e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3071206Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76116}

There was a DCHECK to ensure tests don't miss enabling either bytecode
or baseline code flushing along with stress-flush-code. Fuzzers use
different combination of flags so there we should allow
stress-flush-code without bytecode / baseline code flushing.

Bug: chromium:1236614,v8:11947
Change-Id: I86190b6336015e37288cffffc05de2fa21f496ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3074462
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76115}