Add DateDurationRecord, TimeDurationRecord
and use them in the AO args.
Also change arg and return to struct to avoid passing in pointer for output.

Bug: v8:11544
Change-Id: I34c497ffd341c5cc4693255f51f3dae6d29cfd72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3575464Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80000}

CacheInitialJSArrayMaps was called in the middle of
JSFunction::SetPrototype even though this only happens during
bootstrapping given that Array.prototype os non-configurable and
non-writable.

Changes:
- Rename CacheInitialArrayMaps to InitializeJSArrayMaps
- Add more explicit checks in InitializeJSArrayMaps to link back
  to the Context indices for better code searching


Change-Id: Iad6d20e3d67d715bfd6429037c75ac35ab7f399f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571889Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79973}

Computing the length for variable-length TAs is a lot of code and was
regressing microbenchmarks.

Bug: v8:11111
Change-Id: Ia7c3c92bfb43938068aaf539b290f6a30b049c18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3583898Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79961}

For a while, we shipped a version which writes version 13 data with
JSArrayBufferView flags, and then fixed version 13 to not include the
flags.

This CL adds a compatibility mode for parsing the the version 13
data which includes the flags, since it still occurs in the wild.

Bug: chromium:1314833,chromium:1284506
Change-Id: I96cc432c8574a40b11ec0037394feb1853515760
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3583982Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79959}

1: Clear cache entry 0 before overwriting it to maintain bookkeeping of
the SharedFunctionInfo's OSR code cache state, which tracks how many
cache entries there are for this particular SFI.

2: When inserting into the code cache, we don't know in advance whether
the entry is already present or not (this could happen with multiple
simultaneous compile jobs from different closures of the same SFI).

Fixed: chromium:1314644
Bug: v8:12161
Change-Id: I0085a3a6e0c1879c3d483853220e654aa03660ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578643Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79912}

This is a reland of commit 51b99213

Fixed in reland:
- bytecode_age was incorrectly still accessed as an int8 (instead
  of int16).
- age and osr state were incorrectly reset on ia32 (16-bit write
  instead of 32-bit).

Original change's description:
> [osr] Add an install-by-offset mechanism
>
> .. for concurrent OSR. There, the challenge is to hit the correct
> JumpLoop bytecode once compilation completes, since execution has
> moved on in the meantime.
>
> This CL adds a new mechanism to request installation at a specific
> bytecode offset. We add a new `osr_install_target` field to the
> BytecodeArray:
>
>   bitfield struct OSRUrgencyAndInstallTarget extends uint16 {
>     osr_urgency: uint32: 3 bit;
>     osr_install_target: uint32: 13 bit;
>   }
>
>   // [...]
>   osr_urgency_and_install_target: OSRUrgencyAndInstallTarget;
>   bytecode_age: uint16;  // Only 3 bits used.
>   // [...]
>
> Note urgency and install target are packed into one 16 bit field,
> we can thus merge both checks into one comparison within JumpLoop.
> Note also that these fields are adjacent to the bytecode age; we
> still reset both OSR state and age with a single (now 32-bit)
> store.
>
> The install target is the lowest 13 bits of the bytecode offset.
> When set, every reached JumpLoop will check `is this my offset?`,
> and if yes, jump into runtime to tier up.
>
> Drive-by: Rename BaselineAssembler::LoadByteField to LoadWord8Field.
>
> Bug: v8:12161
> Change-Id: I275d468b19df3a4816392a2fec0713a8d211ef80
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571812
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79853}

Bug: v8:12161
Change-Id: I7c59b2a2aacb1d7d40fdf39396ec9d8d48b0b9ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578543Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79911}

This CL changes frame message from `Function.${staticMethodName}`
to `${className}.${staticMethodName}` for stack trace in class
static methods.

Bug: v8:12778
Change-Id: Ie2b9471066a6ba38265412f4af471789bd375c98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3575759Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#79898}

This allows us to inject maglev compilations into perf profiles.

Bug: v8:7700
Change-Id: Ic1f2671835ca231cd954124db325a5ab8480bee0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579101
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79886}

Prevent thrashing tier up attempts when maglev fails to compile.

Bug: v8:7700
Change-Id: I31f6bd331d1c5aefa0384fcdcb055203b9055f8c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579143
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79879}

Bug: v8:11111
Change-Id: I94f992f78a12a86c89924261bd64c73f935051b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576118Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79869}

Bug: v8:11111
Change-Id: I0c2c8c28f96723b3d586f1469ed4fdd0468c5c3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576120Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79868}

This CL adds the requirements to port object definitions back to C++.
A @cppObjectDefinition is introduced to annotate classes for which
Torque shall merely generate asserts to check that offsets match between
Torque and C++.

As a first object, this CL ports Oddball back to C++.

Bug: v8:12710
Change-Id: I1304d8980f6318ffccbc2ef7284cb9d46ff579e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3523046Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79856}

This reverts commit 51b99213.

Reason for revert: Speculative revert for MSAN failure  https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/43080/overview

Original change's description:
> [osr] Add an install-by-offset mechanism
>
> .. for concurrent OSR. There, the challenge is to hit the correct
> JumpLoop bytecode once compilation completes, since execution has
> moved on in the meantime.
>
> This CL adds a new mechanism to request installation at a specific
> bytecode offset. We add a new `osr_install_target` field to the
> BytecodeArray:
>
>   bitfield struct OSRUrgencyAndInstallTarget extends uint16 {
>     osr_urgency: uint32: 3 bit;
>     osr_install_target: uint32: 13 bit;
>   }
>
>   // [...]
>   osr_urgency_and_install_target: OSRUrgencyAndInstallTarget;
>   bytecode_age: uint16;  // Only 3 bits used.
>   // [...]
>
> Note urgency and install target are packed into one 16 bit field,
> we can thus merge both checks into one comparison within JumpLoop.
> Note also that these fields are adjacent to the bytecode age; we
> still reset both OSR state and age with a single (now 32-bit)
> store.
>
> The install target is the lowest 13 bits of the bytecode offset.
> When set, every reached JumpLoop will check `is this my offset?`,
> and if yes, jump into runtime to tier up.
>
> Drive-by: Rename BaselineAssembler::LoadByteField to LoadWord8Field.
>
> Bug: v8:12161
> Change-Id: I275d468b19df3a4816392a2fec0713a8d211ef80
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571812
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79853}

Bug: v8:12161
Change-Id: I0c47499544465c80b5b23a492c00ec1c62815caa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576121
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#79855}

.. for concurrent OSR. There, the challenge is to hit the correct
JumpLoop bytecode once compilation completes, since execution has
moved on in the meantime.

This CL adds a new mechanism to request installation at a specific
bytecode offset. We add a new `osr_install_target` field to the
BytecodeArray:

  bitfield struct OSRUrgencyAndInstallTarget extends uint16 {
    osr_urgency: uint32: 3 bit;
    osr_install_target: uint32: 13 bit;
  }

  // [...]
  osr_urgency_and_install_target: OSRUrgencyAndInstallTarget;
  bytecode_age: uint16;  // Only 3 bits used.
  // [...]

Note urgency and install target are packed into one 16 bit field,
we can thus merge both checks into one comparison within JumpLoop.
Note also that these fields are adjacent to the bytecode age; we
still reset both OSR state and age with a single (now 32-bit)
store.

The install target is the lowest 13 bits of the bytecode offset.
When set, every reached JumpLoop will check `is this my offset?`,
and if yes, jump into runtime to tier up.

Drive-by: Rename BaselineAssembler::LoadByteField to LoadWord8Field.

Bug: v8:12161
Change-Id: I275d468b19df3a4816392a2fec0713a8d211ef80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571812Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79853}

Bug: v8:11111
Change-Id: I722702faa062e6083496d55cd96ee33d3952998b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571809Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79840}

Bug: v8:12518
Change-Id: Ie22303416749affc0629d60fbed6f9dc4288b09d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494443Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: David Benjamin <davidben@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79834}

Looks like historical leftovers from the time when we had "pixel arrays"
and external array elements kinds. See
https://codereview.chromium.org/1262583002

Bug: v8:11111
Change-Id: I288d47ae802218737bd6226cbb999c3289d1dbaf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574548Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79823}

This reverts commit 8ba60b7a.

Reason for revert: code_serializer failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20debug/38940/overview

Original change's description:
> [string] Non-transitioning shared strings
>
> Instead of transitioning shared strings to ThinString on
> internalization, use a forwarding table to the internalized string and
> store the index into the forwarding table in the string's hash field.
>
> This way we don't need to handle concurrent string transitions that
> modify the underlying string data.
>
> During stop-the-world GC, live strings in the forwarding table are
> migrated to regular ThinStrings.
>
> Bug: v8:12007
> Change-Id: I6c6f3d41c6f644e0aaeafbf25ecec5ce0aa0d2d8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536647
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Jakob Linke <jgruber@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79801}

Bug: v8:12007
Change-Id: I740904f3edfc395331f06c7218e89476b06b0563
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574543
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#79810}

Instead of transitioning shared strings to ThinString on
internalization, use a forwarding table to the internalized string and
store the index into the forwarding table in the string's hash field.

This way we don't need to handle concurrent string transitions that
modify the underlying string data.

During stop-the-world GC, live strings in the forwarding table are
migrated to regular ThinStrings.

Bug: v8:12007
Change-Id: I6c6f3d41c6f644e0aaeafbf25ecec5ce0aa0d2d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536647Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79801}

Add AO: DefaultMergeFields
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.mergefields
https://tc39.es/proposal-temporal/#sec-temporal-defaultmergefields


Bug: v8:11544
Change-Id: I270f8bffb79e57ef50736ae7ce87cfa53f9cafb1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3388428Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79795}

Also add AO: RegulateISODate, ResolveISOMonth, ISODateFromFields

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.datefromfields
https://tc39.es/proposal-temporal/#sec-temporal-regulateisodate
https://tc39.es/proposal-temporal/#sec-temporal-resolveisomonth
https://tc39.es/proposal-temporal/#sec-temporal-isodatefromfields

Note:
This is only the non-intl version. The intl version in
https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.datefromfields
will be implemented in later cl.

Bug: v8:11544
Change-Id: I493dc60694421e9908eb5d785fdb8b07fc968699
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3408462Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79793}

Bug: v8:12750, v8:11111
Change-Id: I3e9947ec8e2883364178b497a49299a3a96332e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3569879Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79792}

If we've already cached OSR'd code for the current function but with a
different osr offset, fall back to synchronous compilation. This avoids
degenerate cases where we repeatedly spawn OSR jobs but then fail to
install them.

Drive-by: More consistent --trace-osr output.
Drive-by: Rename kCompileForOnStackReplacement to kCompileOptimizeOSR
for name consistency.
Drive-by: Add JSFunction::DebugNameCStr() for more convenient PrintF's.

Bug: v8:12161
Change-Id: I2b4a65bc9e082d85d7048a3e92ef86b07d396687
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560431Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79761}

Tweak a few names, remove a few GetIsolate calls, other minor
usability refactors.

It may be worth taking a closer look at the impl in the future,
currently the design choices don't seem ideal (see the added TODO
on top of the class).

The reland is unchanged from the original CL.

Bug: v8:12161
Change-Id: I9971f7f2fb08b7a1ec2d57b2a0e4accdc11191ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568444Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79759}

- Unhandlify OSROptimizedCodeCache::GetOptimizedCode.
- Unstatic-fy FeedbackVector::SetOptimizedCode.
- Remove frame-walking logic during the OSR tierup decision.

The reland is unchanged from the original CL.

Bug: v8:12161
Change-Id: Ibf03a9dd9a6fcd38c0664e5d5014a26d0240e035
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568463Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79752}

This changes the logic for generating method names in `error.stack` to
prepend an inferred type name only when the function name is a valid
ECMAScript identifiers and does not equal the inferred type name, to

(1) give developers more control over the exact name shown in
    `error.stack`, as well as
(2) avoid confusion in the presence of renaming of local variables.

Previously we'd leave the function name as-is if it was prefixed by the
inferred type name, but that condition is unnecessarily strict, and led
to a bunch of inconsistencies around special names like
`<instance_member_initializer>` where this dynamic approached often
prefixed it with the correct type name, but also sometimes got it wrong
and prepended `Object.`, which is very unfortunate and misleading.
Specifically for these special names, we'll add logic later in the
parser to infer a useful (complete) name.

The design doc (https://bit.ly/devtools-method-names-in-stack-traces)
contains more background and examples of why we do this change.

Doc: https://bit.ly/devtools-method-names-in-stack-traces
Fixed: chromium:1294619
Bug: chromium:1283435
Change-Id: Ib8b528ba25255dcd07e9d11044c562c11d699bcb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565724Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79748}

This is a reland of commit 3ce690ee

Changed for the reland:
- Remove the currently-unused BytecodeArray member to avoid MSAN
  failures.
- s/return/continue/ in optimizing-compile-dispatcher.

Original change's description:
> [osr] Basic support for concurrent OSR
>
> This CL adds basic support behind --concurrent-osr,
> disabled by default.
>
> When enabled:
> 1) the first OSR request starts a concurrent OSR compile job.
> 2) on completion, the code object is inserted into the OSR cache.
> 3) the next OSR request picks up the cached code (assuming the request
>    came from the same JumpLoop bytecode).
>
> We add a new osr optimization marker on the feedback vector to
> track whether an OSR compile is currently in progress.
>
> One fundamental issue remains: step 3) above is not guaranteed to
> hit the same JumpLoop, and a mismatch means the OSR'd code cannot
> be installed. This will be addressed in a followup by targeting
> specific bytecode offsets for the install request.
>
> This change is based on fanchen.kong@intel.com's earlier
> change crrev.com/c/3369361, thank you!
>
> Bug: v8:12161
> Change-Id: Ib162906dd4b6ba056f62870aea2990f1369df235
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548820
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79685}

Bug: v8:12161
Change-Id: I48b100e5980c909ec5e79d190aaea730c83e9386
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565720Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79746}

Bug: v8:11880
Change-Id: Id3975d0c10ac5ece5c55d9db5ae7c6786fde2dfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564566Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79739}

... instead of Code objects. This is a step towards not creating Code
objects for embedded builtins.

Bug: v8:11880
Change-Id: Ie9f87b09d06e6b872ce3a5fa5d03a2502df979d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564565Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79733}

.. since they are the same as eager deopts (% an unused counter).

Fixed: v8:12765
Change-Id: I2be6210e476ead4ac6629a49259f28321e965867
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565717Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79729}

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinweek

Note- this is only the non-intl version. intl version in
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinweek
will be implemented in later cl.

Bug: v8:11544
Change-Id: If54733ae7c902b4d189fc22b0800942f8748981c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3439186Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79721}

Spect Text:
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinmonth

Note- this is only the non-intl version. intl version in
https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.daysinmonth
will be implemented in later cl.

Bug: v8:11544
Change-Id: Id5d426d9c5fe1db94c15433afbad443c7056abe3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3441703Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79720}

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplainyearmonth
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplainmonthday

Bug: v8:11544
Change-Id: I5b109282187055df767239ff240822591f95c9a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565009Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79717}

Skipped test: https://crrev.com/c/3561199.
This is a reland of commit 6e2c9bb2

Original change's description:
> [serialize] copy bytes for non detachable array_buffer
> in WriteJSArrayBuffer when array_buffer is not in
> array_buffer_transfer_map_
>
> According to https://html.spec.whatwg.org/multipage/structured-data.html#structuredserializeinternal
> steps 13.3.2-4, should normally serialize array buffer which
> is not detachable.
>
> Bug: v8:12703
> Change-Id: I4554c5d07ae85e1a96a728ebba04c6a071575f6f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518910
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79466}

Bug: v8:12703
Change-Id: I1ad1b8159ac7b13011831a4590e8577e954db946
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557689Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79714}

... in JSObject::DefineOwnPropertyIgnoreAttributes().
Don't execute interceptor again if it declined to handle the operation.

Bug: chromium:1311641
Change-Id: If61ed40665ff7d81e96fa6bf29bbb5dfbeadfcc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3562979Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79707}

This reverts commit 3ce690ee.

Reason for revert: failures on CrOS MSan build: https://crbug.com/1312188

Original change's description:
> [osr] Basic support for concurrent OSR
>
> This CL adds basic support behind --concurrent-osr,
> disabled by default.
>
> When enabled:
> 1) the first OSR request starts a concurrent OSR compile job.
> 2) on completion, the code object is inserted into the OSR cache.
> 3) the next OSR request picks up the cached code (assuming the request
>    came from the same JumpLoop bytecode).
>
> We add a new osr optimization marker on the feedback vector to
> track whether an OSR compile is currently in progress.
>
> One fundamental issue remains: step 3) above is not guaranteed to
> hit the same JumpLoop, and a mismatch means the OSR'd code cannot
> be installed. This will be addressed in a followup by targeting
> specific bytecode offsets for the install request.
>
> This change is based on fanchen.kong@intel.com's earlier
> change crrev.com/c/3369361, thank you!
>
> Bug: v8:12161
> Change-Id: Ib162906dd4b6ba056f62870aea2990f1369df235
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548820
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79685}

Bug: v8:12161, chromium:1312188
Change-Id: Iac1e3fd67ecc658a1cdee8f4d13354c097ed6697
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564983
Auto-Submit: Adam Klein <adamk@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79702}

This reverts commit dc9b48e4.

Reason for revert: https://crbug.com/1312188

Original change's description:
> Address comments from `[osr] Basic support for concurrent OSR`
>
> - Unhandlify OSROptimizedCodeCache::GetOptimizedCode.
> - Unstatic-fy FeedbackVector::SetOptimizedCode.
> - Remove frame-walking logic during the OSR tierup decision.
>
> Bug: v8:12161
> Change-Id: I4fa8c972cb50d369b17898ba57e1909c86e933df
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560478
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79686}

Bug: v8:12161, chromium:1312188
Change-Id: Ia64c4204f9f65f19aa858c61f32658cee310033e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564990
Auto-Submit: Adam Klein <adamk@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#79701}

This reverts commit d368dcf4.

Reason for revert: https://crbug.com/1312188

Original change's description:
> Refactor OSROptimizedCodeCache
>
> Tweak a few names, remove a few GetIsolate calls, other minor
> usability refactors.
>
> It may be worth taking a closer look at the impl in the future,
> currently the design choices don't seem ideal (see the added TODO
> on top of the class).
>
> Bug: v8:12161
> Change-Id: Ib34e372aa58a30c68c9c5cdd0d1da0ec3e86717c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560447
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79687}

Bug: v8:12161, chromium:1312188
Change-Id: Ieb3a91682845a23536fdfdf3208af74b3c6585f8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564989
Auto-Submit: Adam Klein <adamk@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#79700}

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.inleapyear

Note- this is only the non-intl version. intl version in
https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.inleapyear
will be implemented in later cl.


Bug: v8:11544
Change-Id: I0f30d45ed6d742acaeaa2f7ddf5b393ef7fa5437
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531561Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79699}

Also add AO: ToISODayOfWeek
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dayofweek
https://tc39.es/proposal-temporal/#sec-temporal-toisodayofweek

Note- this is only the non-intl version. intl version in
https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.dayofweek
will be implemented in later cl.


Bug: v8:11544
Change-Id: I0b3448209741e4aa56cd8170a331d837853bff17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531564Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79698}