A spec change to simplify IsRegExp has been proposed:

https://github.com/tc39/ecma262/pull/1318

This CL adds use counters for cases in which the spec change would
alter behavior:

1. o[@@match] is trueish but o is not a JSRegExp
2. o[@@match] is falseish (but not undefined) and o is a JSRegExp

This is the V8 side of required changes.
The Chromium-side CL: https://crrev.com/c/1360730

Drive-by: TNodeify IsRegExp.

Tbr: yangguo@chromium.org
Bug: v8:8522
Change-Id: I3766e02977f256a80d0e59472d3bafa9c692af9e
Reviewed-on: https://chromium-review.googlesource.com/c/1360630Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58064}

This addresses follow-up comments to https://crrev.com/c/1354887/.

Use DCHECKs instead of CHECKs and make the branch order consistent
across architectures.

Bug: v8:7777
Change-Id: I5c3f8f5ac97b55fa80662bc211aff7833ff12bfa
Reviewed-on: https://chromium-review.googlesource.com/c/1362912
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58063}

TBR=santa

Change-Id: If6722b455219d5113ddbfe1a97e9178e7fad63c9
Reviewed-on: https://chromium-review.googlesource.com/c/1365271Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58062}

This reverts commit 0e8f20d2.

Reason for revert: Breaks layout tests, blocks roll: https://ci.chromium.org/p/chromium/builders/luci.chromium.try/linux-blink-rel/3047

Original change's description:
> [wasm] fix js-api interface
> 
> Make sure WebAssembly's js-api exposes the correct attributes: writable,
> enumerable and configurable.
> 
> Bug: v8:8319
> Change-Id: I427533159d7975a42c0c5cb1babdc8a61f8198b5
> Reviewed-on: https://chromium-review.googlesource.com/c/1351002
> Commit-Queue: Adam Klein <adamk@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Ben Smith <binji@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58053}

TBR=binji@chromium.org,adamk@chromium.org,gdeepti@chromium.org,ssauleau@igalia.com

Change-Id: I16fa44a0e79020850613751ae45a68d67602166d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8319
Reviewed-on: https://chromium-review.googlesource.com/c/1365270Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58061}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/9c85c83..9fee3d5

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/58f2981..a8f4725

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/f28ef98..9875e18

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/0dea619..f6641a3

Rolling v8/tools/luci-go:infra/tools/luci/isolate/${platform}: https://chrome-infra-packages.appspot.com/infra/tools/luci/isolate/${platform}/+log/git_rev..git_rev

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I944970e96d4db2531431643cf54d3369ea977b49
Reviewed-on: https://chromium-review.googlesource.com/c/1364711
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#58060}

Change-Id: Id221faecc9873cb0dbbd89777e055884158dbfb3
Reviewed-on: https://chromium-review.googlesource.com/c/1364370Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58059}

The prefix size is read from the Derived class.
The hash code of the object will be stored in this prefix.

Change-Id: I15646701c9bab99b8aed39ea9ad8ae03f6d605ed
Bug: v8:6443, v8:7569
Reviewed-on: https://chromium-review.googlesource.com/c/1337586
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58058}

Bug: v8:8518
Change-Id: I39db0adbd84627491bcb653b90de724eb988d383
Reviewed-on: https://chromium-review.googlesource.com/c/1363145
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58057}

and
1) make them represent kSystemPointerSize-sized off-heap slots,
2) reintroduce XxxSlots as an on-heap kTaggedSize-sized slots (for now they
   are just aliases to respective FullXxxSlots).

Bug: v8:8518
Change-Id: I8a9177562308bd9420b1eebca959cc52ceaa628e
Reviewed-on: https://chromium-review.googlesource.com/c/1363144
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58056}

A WasmModuleObject represents an instance of WebAssembly.Module. It is
called WasmModuleObject internally, so also use that name externally.

We still have a typedef for WasmCompiledModule which will be deprecated
once chromium has been updated to use WasmModuleObject.

R=titzer@chromium.org, adamk@chromium.org

Bug: v8:8238, chromium:912031
Change-Id: I2d7708d4dc183cb4f4714f741b1ea0c153014430
Reviewed-on: https://chromium-review.googlesource.com/c/1362048Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58055}

Port cfdf6ff8

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I8821b82f181a44b70272d770703136983d821d1c
Reviewed-on: https://chromium-review.googlesource.com/c/1363449Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58054}

Make sure WebAssembly's js-api exposes the correct attributes: writable,
enumerable and configurable.

Bug: v8:8319
Change-Id: I427533159d7975a42c0c5cb1babdc8a61f8198b5
Reviewed-on: https://chromium-review.googlesource.com/c/1351002
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58053}

Bug: v8:7793
Change-Id: I12aae5d61a21f3e6e010e07622fe0d01a5ba03eb
Reviewed-on: https://chromium-review.googlesource.com/c/1344118
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58052}

A fancy new stdlib addition for creating JSObjects from a collection of
key/value pairs, coming soon to a javascript runtime near you.

BUG=v8:8021
R=gsathya@chromium.org, adamk@chromium.org

Change-Id: I5eb1dea75bfef009281eef9864c8c0226af4f1fc
Reviewed-on: https://chromium-review.googlesource.com/c/1363293Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#58051}

Even though descriptor arrays are references by maps in the old
generation, they seems to be short living in benchmarks.

This fixes perf regressions introduced in 1ad0cd56.

Bug:chromium:911073,chromium:910567,chromium:910443,

Change-Id: Iaf933d409e72c6c26df48f6435f9543224ea7d67
Reviewed-on: https://chromium-review.googlesource.com/c/1363146Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58050}

Intrinsic changes:

- Rename %RawCast to %RawObjectCast and add error checking so that it
  only applies to subtypes of Objects.

- Add %RawPointerCast, which is similar to %RawObjectCast but must be
  used for all subtypes of RawPtr.

- Add %RawConstexprCast, which allows one constexpr to be be cast to
  another at compile time. It translate to an appropriate static_cast
  in the generated code

- Add %FromConstexpr, which handles most of the standard cases of
  generating XXXConstant CSA nodes from constexpr constants. It uses
  either SmiConstant, NumberConstant, StringConstant, IntPtrConstant
  or Int32Constant, depending on the cast-to type generic <To> type.

- Add support for intrinsics that return constexpr results.

Cleanup:

- Turn FromConstexpr into a generic with two generic types, a <To> and
  a <From> type. Most FromConstexpr can use the new %FromConstexpr
  intrinsic rather than provide an explicit implementation.

Bug: v8:7793
Change-Id: Icab5db16d203034ec157fa3ad5157d10c7dc8464
Reviewed-on: https://chromium-review.googlesource.com/c/1357049
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58049}

This implementation uses mutex to implement those instructions.
I will add 32-bit version LL/SC after review.

Change-Id: I7b0e2b42527bc21060a84eb5e27099e129f2858f
Reviewed-on: https://chromium-review.googlesource.com/c/1354462Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#58048}

Large code objects are allocated in CODE_LO_SPACE on the heap instead of
CODE_SPACE. Add a test that checks that these objects are still
considered 'InV8' according to the unwinder API.

Bug: v8:8116
Change-Id: I65968913cd92858fac2b1a689df2904d0574641f
Reviewed-on: https://chromium-review.googlesource.com/c/1363134Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58047}

If the size of a large code object is larger than
kMaxRegularHeapObjectSize, then it should be allocated in the large code
space. Currently if the size is > kMaxRegularHeapObjectSize but <
512000, then it can still be allocated in the normal code space.

Change-Id: I72dbd38803c3d5d414bae85e9e0b15482e50e1c2
Reviewed-on: https://chromium-review.googlesource.com/c/1363137Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58046}

We currently compute this value from the size of the external table,
which we get from the Isolate. This size is isolate-independent though,
so it can just be a constant.

R=mstarzinger@chromium.org

Bug: chromium:912043
Change-Id: If1c09a56b1a985b855f5b65818322979c194d772
Reviewed-on: https://chromium-review.googlesource.com/c/1362954Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58045}

The existing implementation embedded an isolate-specific pointer to the
thread-in-wasm flag in the wrapper code. However, when the module code
is shared among multiple workers, this can mean that the workers
share the same thread-in-wasm flag.

With this change we load the pointer to the flag at runtime from the
current isolate. Thereby the correct flag is used even when the same
code is executed on different workers.

Note that we could access the right flag address by going through the
root register. However, changing the code generation to use the root
register requires some inconvenient steps:
* Pass the isolate to the pipeline again, which we don't want.
* Change the WasmCallDescriptor to allow the use of the root register
  for wrappers but not for other code.
To avoid these issues, and allow the CL to be easy to merge back, we
got for the changes proposed here.

R=mstarzinger@chromium.org, ishell@chromium.org

Bug: v8:8533
Change-Id: If15565a7ad7cba835cfc1628e7a4d3fdef90a5c0
Reviewed-on: https://chromium-review.googlesource.com/c/1358518
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58044}

If the input memory index into an atomic operation is a constant, we can
statically check if the {index+offset} is aligned.

R=herhut@chromium.org

Change-Id: Ia830d7c7df10d50ed4ee3382acfef776306f249c
Reviewed-on: https://chromium-review.googlesource.com/c/1362872
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58043}

NOTRY=true
TBR=sergiyb@chromium.org

Bug: v8:8552
Change-Id: I096146072915f2d5baf5d4469421696cf31d72c2
Reviewed-on: https://chromium-review.googlesource.com/c/1363136Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58042}

TBR=sergiyb@chromium.org

Bug: chromium:907752
Change-Id: I06ef5a7e2cb96ebd0912c535e0ad7d8360831bbb
Reviewed-on: https://chromium-review.googlesource.com/c/1362040Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58041}

Bug: chromium:905940, chromium:907343

R=verwaest@chromium.org

Change-Id: Ibe8f06782f8a0bf9a09832d443e1c66c3bda8399
Reviewed-on: https://chromium-review.googlesource.com/c/1362046Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58040}

R=machenbach@chromium.org

No-Try: true
No-Tree-Checks: true
Bug: v8:8532
Change-Id: I2149c795a2d50ed794c0925d632e946b22c3e5d5
Reviewed-on: https://chromium-review.googlesource.com/c/1362042Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58039}

We checked against kNotFound twice; once in
TransitionsAccessor::SearchTransitions and once in TransitionArray::Search. It's
unnecessary to check twice.

In local tests, this speeds up searching for a non-existent transition in a
2-element TransitionArray by ~20%.

BUG=v8:8547

Change-Id: Ic220c4c0bfeeacd9b81953efad212ed15168437e
Reviewed-on: https://chromium-review.googlesource.com/c/1361167Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58038}

Drive-by: Replace uses in CallApi* with a direct call now that they've
been converted to builtins themselves and are thus immovable.

Bug: v8:7777
Change-Id: I660b5788bdac4f5e45cc5c5677b86be17474cd83
Reviewed-on: https://chromium-review.googlesource.com/c/1361161
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58037}

Bug: v8:7777
Change-Id: Iee3e03b0a3fea245408de4d675caa634a74aa188
Reviewed-on: https://chromium-review.googlesource.com/c/1357053Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58036}

This reverts commit a6669bdc.

Reason for revert: Regresses Speedometer 2 (EmberJS-Debug-TodoMVC)

Original change's description:
> [constant-tracking] Track constants by default.
> 
> It is possible this CL results in various regressions, the idea
> is to get some data on where constant tracking helps and where
> it regresses.
> 
> Bug: v8:8361
> Change-Id: I2f291788a8bea03e6eaac9f51564c1da02734d1a
> Reviewed-on: https://chromium-review.googlesource.com/c/1347474
> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58008}

TBR=jarin@chromium.org,ishell@chromium.org

Change-Id: I1e2b18c34829e1f53ea287aae0ef7fcf88980341
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8361
Reviewed-on: https://chromium-review.googlesource.com/c/1362047Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58035}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/f686dfc..9c85c83

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4feee58..58f2981

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/d87b096..f28ef98

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/558f684..0dea619

Rolling v8/tools/luci-go:infra/tools/luci/isolate/${platform}: https://chrome-infra-packages.appspot.com/infra/tools/luci/isolate/${platform}/+log/git_rev..git_rev

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I7dc2bba96c14a275fd728e0567890eb0b21ea795
Reviewed-on: https://chromium-review.googlesource.com/c/1362171
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#58034}

R=joransiu@ca.ibm.com

Change-Id: Ia8cb93f4d01e252ec6b3b538f795550768db5726
Reviewed-on: https://chromium-review.googlesource.com/c/1362083Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58033}

The fix need to be cherrypick from ICU.
Fix in https://github.com/unicode-org/icu/pull/286
Adds regression test for 8469.

Bug: v8:8469
Change-Id: If173058dd1113782fcf2ff5a55f962721f46aba5
Reviewed-on: https://chromium-review.googlesource.com/c/1340733Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58032}

The memory.init and memory.drop instructions have a data segment index
that can only be validated by knowing the number of data segments. This
information is provided by the new DataCount section.

Bug: v8:7747
Change-Id: Ie04d57584fe028637f6e931ab53d00abc5b998a4
Reviewed-on: https://chromium-review.googlesource.com/c/1355624Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58031}

Port c6b0e12e

Original Commit Message:

    This is the first (and major) step towards converting CallApiCallback
    and CallApiGetter stubs into builtins.

    The CallApiCallbackStub was parameterized with the number of arguments
    passed on the stack. This CL converts the compile-time parameter into
    an explicit runtime parameter, and removes all uses of the stub
    parameter.

    (kCallData and kHolder are now passed on the stack).

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I171fbb7d37525c2087e5dd9d7ff8fb5f959f2a7a
Reviewed-on: https://chromium-review.googlesource.com/c/1362163Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58030}

This reverts commit ed3d6472.

Reason for revert: 
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20noi18n%20-%20debug/24178

Original change's description:
> Reland "[code-comments] Put code comments into the code object"
> 
> This is a reland of e774cffe
> 
> This reland disables a test as v8:8548 is blocking it, which was
> broken by a recent CL. CQ did not catch this because the merge-base
> CQ used did not yet contain the CL that caused v8:8548.
> 
> Original change's description:
> > [code-comments] Put code comments into the code object
> >
> > Code comments in the snapshot can now be enabled with gn
> > arg 'v8_enable_snapshot_code_comments'
> >
> > Bug: v8:7989
> > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#58020}
> 
> TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
> 
> Bug: v8:7989, v8:8548
> Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
> Reviewed-on: https://chromium-review.googlesource.com/c/1361166
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58028}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org

Change-Id: I1075bb09de7cb8dad71e31ff51a4e7bb6a200a8b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7989, v8:8548
Reviewed-on: https://chromium-review.googlesource.com/c/1362043Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58029}

This is a reland of e774cffe

This reland disables a test as v8:8548 is blocking it, which was
broken by a recent CL. CQ did not catch this because the merge-base
CQ used did not yet contain the CL that caused v8:8548.

Original change's description:
> [code-comments] Put code comments into the code object
>
> Code comments in the snapshot can now be enabled with gn
> arg 'v8_enable_snapshot_code_comments'
>
> Bug: v8:7989
> Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
> Reviewed-on: https://chromium-review.googlesource.com/c/1329173
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58020}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org

Bug: v8:7989, v8:8548
Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
Reviewed-on: https://chromium-review.googlesource.com/c/1361166Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58028}

R=machenbach@chromium.org

No-Try: true
No-Tree-Checks: true
Bug: v8:8532
Change-Id: I42ec138c542f6fd48e52422a7064073d71d65216
Reviewed-on: https://chromium-review.googlesource.com/c/1361062
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58027}

%RunMicrotasks() call used to cause a nested RunMicrotasks if it's
called from a microtask, and that breaks its invariants.
This CL fixes it by disabling the nested loop.

Change-Id: I2f4a81be0dbf0554abf6eb41b62c25465338f29a
Reviewed-on: https://chromium-review.googlesource.com/c/1358036Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58026}

Port 6c8b4102

Original Commit Message:

    This is a reland of d5f4a33e
    Landing with test disabled for now.

    Original change's description:
    > [cpu-profiler] Fix stack iterability for fast C calls with no exit frame
    >
    > Before fast C calls, store the current FP and PC on the isolate. When
    > iterating frames in SafeStackFrameIterator, check if these fields are
    > set and start iterating at the calling frame's FP instead of the current
    > FP, which will be in C++ code. We need to do this because c_entry_fp is
    > not set on the Isolate for Fast-C-Calls because we don't build an exit
    > frame.
    >
    > This change makes stack samples that occur within 'Fast-C-Calls'
    > iterable, meaning we can properly attribute ticks within the JS caller.
    >
    > Fast-C-Calls can't call back into JS code, so we can only ever have one
    > such call on the stack at a time, allowing us to store the FP on the
    > isolate rather than the stack.
    >
    > TBR=v8-mips-ports@googlegroups.com
    >
    > Bug: v8:8464, v8:7202
    > Change-Id: I7bf39eba779dad34754d5759d741c421b362a406
    > Reviewed-on: https://chromium-review.googlesource.com/c/1340241
    > Commit-Queue: Peter Marshall <petermarshall@chromium.org>
    > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
    > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
    > Reviewed-by: Alexei Filippov <alph@chromium.org>
    > Cr-Commit-Position: refs/heads/master@{#57896}

R=petermarshall@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ie82eaa08ba6ceeb0c0a5bb4de251540becf1f05e
Reviewed-on: https://chromium-review.googlesource.com/c/1361422Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58025}