Provide copy ctor and assignment operators as it turned out that they are
useful for embedders in certain scenarios when dealing with TracedGlobal
handles without finalization callbacks.

Bug: v8:9660
Change-Id: I2b04f540baeef61a0bc8329ca06b999571cbfe66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773250
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63439}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3fe260c..370f887

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/c9fdf26..4b46042

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/217195c..ee8d9ce

Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/6a3d632..eb56ee5

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/2ddb2b2..2993c5f

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I4222ca7e78e668890d719e545dc65ee55cd3d314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1774396Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63438}

This extends --trace-block-coverage to output not only all raw coverage
slots, but also a detailed trace of all information that is generated by
coverage collection (i.e. after filtering and transforming collected
counts and ranges).

Example output:

Coverage for function='GetCoverage', SFI=0x3d23ea6dfb59,
has_nonempty_source_range=1, function_is_relevant=1
{start: 278, end: 441, count: 1}
{start: 357, end: 440, count: 0}

Bug: v8:6000,v8:9212
Change-Id: Ide09eb40999541df97409d0682a505ee0070b3a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771777
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63437}

by including them in the "bot_default" and "default" test sets.
The build targets are already up to date, only the test runner
needs to be updated.

Change-Id: I06a4a35a8d00c25ab56874d8eb365418841a02ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768370
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63436}

Command descriptions:
  !handles: print stats for handles or list them;
  !jo_prev, !jo_next, !jo_in_ range: print managed objects near the given address;
  !jo_in_range: print managed objects in the given range;
  !jot: print the tree of referenced objects, starting from a given root;
  !dp: 'dp'-like command, augmented with data about the managed pointers.

Change-Id: Ic72dd52ee8c68bc559f37ae04870d4e63ae0d554
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1772694
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63435}

This CL try to use a phi as a branch condition if the control flow from the
branch is known from previous conditions. This change will open up more branch
folding opportunities for later pass.

Change-Id: I26316ab3a68c2d58d0df53691981288a996d4ba1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674484
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63434}

Bug: v8:8996
Change-Id: I9927d7eb3b32f1f1eb07fd803e44d81bc205f390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1772041
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63433}

Currently the backing store and elements kind might not aligned aka
backing store can be dictionary where elements kind is frozen/sealed
element kinds or the other way around. The reason is that
Object.preventExtensions change elements kind to DICTIONARY while
Object.seal/freeze change elements kind to SEALED/FROZEN element kind.
Apply both these operations can lead to that problem as in
chromium:992914

To solve this issue, we avoid Object.preventExtensions to change backing
store to dictionary by introducing new nonextensible elements kind.
These new nonextensible elements kind are handled similar to frozen,
sealed element kinds. This change not only fixes the problem but also
optimize the performance of nonextensible objects.

Change-Id: Iffc7f14eb48223c11abf3c577f305d2d072eb65b
Bug: chromium:992914, v8:6831
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760976
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63432}

Bug: v8:8665
Bug: v8:9418
Change-Id: Ice4778deb363649ae6ee9f5b5957171587b28798
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1769481Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63431}

This change allows the KeyAccumulator to throw a range error if there
are too many properties to be enumerated.

This CL introduces extensive checks during key enumeration in the run-time,
and might introduce regressions. If so, feel free to revert.

Bug: chromium:918301
Change-Id: I6166c0b15f1a05eac7116a979f12ba4833d1d1b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1545902
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63430}

Replace several NewStringFromStaticChars calls with the explicit root
string access.

Bug: v8:9396
Change-Id: I381e676fa81de24e892afe703b804b7c724a6083
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1774719Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63429}

in order to find out if that is the failing CHECK in a chrome crash
report...

Bug: chromium:996819
Change-Id: Ifdebbc88b0525e61a5b3f83caa0ce4279a8efb75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1774718
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63428}

Bug: v8:7790
Change-Id: I666f545f4b5b7b5aeaed4ce2910240ef54f40c0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773251
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63427}

This partially reverts commit 763f63ff.

Reason for the revert is that the breaking at stack overflow does not
introduce improvement of usability, but rather exposes many issues
caused by the fact that V8 cannot perform a lot of functionality close
to the stack limit.

We keep the test, slightly modified, and use a better way to
detect stack overflow.

Bug: chromium:997469
Change-Id: I32bdf96767812b19f138310cc2dbd6a818fbf031
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771792Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63426}

R=ahaas@chromium.org
BUG=v8:7742

Change-Id: Ifaab43b3ca25eb3e03b7f02a2a3864ecc3f41d61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771791Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63425}

This fixes an invalid assumption when emitting code for matching '^'
(start of line) in multiline regexps and '\b', '\B' in general.

What we used to do: if the current trace's cp_offset (the offset from
the current position) was non-zero, we assumed that we were looking at
subject string index 1 or greater (i.e.: not at the start of the string
or before).

This is no longer valid since cp_offsets can now be negative.

This CL changes the logic to omit start- and bounds-checks only for
strictly positive cp_offsets, where the above assumption still holds.

Bug: chromium:996391
Change-Id: I79be4fc295c6f0b63e41c13d1e91fdd00f2f2b42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771794
Commit-Queue: Erik Corry <erikcorry@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Erik Corry <erikcorry@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63424}

Instead of fully reverting the CL that introduced the old-to-new
invalidated set, simply do not filter recorded slots yet.

Bug: v8:9454
Change-Id: I2b880f64f29e319056ad49e2284dca26eb8770f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773252Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63423}

The previous pseudo-smi storage scheme for caching call target
addresses in a struct without requiring a custom visitor only
works on uncompressed 64-bit platforms. This patch fixes other
platforms (natural or compressed 32-bit) by boxing the address
in a Foreign.

Change-Id: I3c182c1d9ccae4858cac2757fc3daa40d1520998
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771780
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63422}

Remove unnecessary call to Serialize.

Change a Handle cast to a Ref cast.

Add a CHECK to JSHeapBroker::SetFeedback that the source is valid.

Bug: v8:7790
Change-Id: I6a2f10d45456c6b128beff009016009457dc109c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773248
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63421}

Doing some refactoring to perfetto  build files. Rolling to
ensure that we are not breaking embedders in the process.

Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng
Bug: v8:8339
Change-Id: I5c603680cf6dd295e9d11a4eba70785e6dc512ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773244
Auto-Submit: Primiano Tucci <primiano@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63420}

At the moment we only run the js-api spec tests of the core API on our
try bots. With the new staging process we want to introduce for
WebAssembly language features, see
https://docs.google.com/document/d/1hB8mpWmzmtaxZ8PuJEkAWLwFqXTjrw7mJ3Ge9W1dB4E,
we also want to run the js-api spec tests of proposals for which we
already staged the implementation. With this CL I do the following
changes:

1) The tools/wasm/update-wasm-spec-tests.sh now copies the js-api spec
   tests of the main spec and of the proposals to test/wasm-js/tests,
   and then uploads this directory to google cloud storage. The main
   spec tests are in test/wasm-js/tests, the proposal tests are in
   test/wasm-js/tests/proposals/PROPOSAL_NAME/.
2) Adjust the test-runner in test/wasm-js to run tests in
   tests/* instead of data/test/js-api/*. Thereby it also runs the
   proposal tests in test/wasm-js/tests/proposals/PROPOSAL_NAME/.
   For the proposal tests, the test runner now also adds d8 flags.
3) Remove the dependency to https://github.com/WebAssembly/spec from
   DEPS.
4) Cleanup .gitignore and wasm-js.status
5) Disable spec tests we don't pass with the new proposal.

R=tmrts@chromium.org

Bug: v8:9653
Change-Id: Ib3420871f17cb146d6cc7868f5613942a7f79d84
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768372
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63419}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3f22131..3fe260c

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/7ad424d..c9fdf26

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/0e5fff1..217195c

Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/ed2eef6..6a3d632

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I2994dedaf7a48656dd2a05860ef6c8f3efc6e69c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1772412Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#63418}

Launching nullish behind a flag resulted in a small performance
regression in the adwords parsing benchmark. From local tests, doing a
little manual PGO seemed to improve performance slightly.

Parse.duration on this benchmark dropped from 1,639.188 ms to 1,535.312 ms

Bug: chromium:997652
Change-Id: I537985793cdf310a0dda5a69ded9f0ea2c0a7fb0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773098
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63417}

This writes 0 to all trimmed slots and thus ensures that the invariant
that all recorded slots in the trimmed area are valid, which will allow
us to simplify invalidated slots tracking.

Specifically:
1) Arrays are never inserted into the invalidated objects set.
2) The recorded slots outside an invalidated object are valid.

Bug: v8:9454
Change-Id: Ifbef3752d52b5b47f2b694bd2b6c0a4c122abb7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771793Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63416}

R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection-with-exnref
BUG=v8:7742,v8:8091

Change-Id: Ib8bd7b7cfafa3509db743e4404c2f1b573253881
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771790Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63415}

R=ahaas@chromium.org
TEST=mjsunit/wasm/exceptions-global
BUG=v8:8091

Change-Id: I9eb4c92cca087719afda2da5d11c206aaed28c95
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771788Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63414}

Previously variations of #constructor can be parsed when they are
static. This patch throws early errors for them always.

Bug: v8:8330
Change-Id: I51ab9b83f713c70d0896c0e8cab3282ef9a105f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1770332Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#63413}

InvalidatedSlotsCleanup::Free assumed that the size of invalidated
objects was updated after sweeping a page and before allowing
allocations again. This is now not the case anymore, so remove
those CHECKs.

Bug: chromium:997901
Change-Id: Ic9af7136bb336464b8cc023c7c1022a233f4e887
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771786
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63412}

Prior to this CL, collected shared function infos with identical
source ranges were sorted non-deterministically during coverage
collection. This lead to non-deterministically incorrectly-reported
coverage due to an optimization which depended on the sort order later
on.

With this CL, we now sort shared function infos by the source range
*and* call count.

Bug: v8:6000,v8:9212
Change-Id: If8bf900727591e71dbd0df621e472a4303f3a353
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771776Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63411}

Since we use Word32Equal with a (truncating) ReinterpretCast for pointer
compressed TaggedEqual, we also have to allow it in the machine
verifier.

Change-Id: Ic16af837f03ebc51dde5bdc7f0c574b2aaf11909
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771784
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63410}

Using the tool again, the previous iteration accidentally ignored
Node/TNode behind a typedef. Automatic replacement of types with
manual cleanup/addition of CASTs where necessary.

Bug: v8:9396
Change-Id: I33b6d229669cb80586d5d8e82c04542df671f0b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768367
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63409}

This makes sure that all encodings of a table index are based upon a
single implementation in the {TableIndexImmediate} class. It also fixes
one encoding that wasn't extended to support u32v yet.

R=ahaas@chromium.org
TEST=unittests/WasmOpcodeLengthTest.VariableLength

Change-Id: If24b6dc5e303d2d9e1e91cb2640c7c13eac40198
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768375Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63408}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e3f4298..3f22131

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1078fdd..7ad424d

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/31f187e..0e5fff1

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Idd7c0eed9e9e090d9d45448e0b6dfd52583f0928
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771344Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#63407}

RegExpPrototypeDotAllGetter, RegExpPrototypeGlobalGetter,
RegExpPrototypeIgnoreCaseGetter, RegExpPrototypeMultilineGetter,
RegExpPrototypeStickyGetter, RegExpPrototypeUnicodeGetter.

Bug: v8:8976
Change-Id: I2a5c19256cacc2438a6b40516565960f5c847205
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1764491
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63406}

This off-by-1 error surfaces when the load/store opcodes take up 2
bytes, which is the case for v128.load and v128.store SIMD operations.

Bug: v8:9015
Change-Id: Ife17375ed3450a95399b326bc6415dbc3ed3773b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1769480
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63405}

Bug: v8:9642
Change-Id: I2dcd1c0e3c208b15b5c0ec0f08880744134f7474
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1769479Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63404}

By marking maps detached from the transition tree as prototypes, we'll
automatically stop tracking transitions from those detached fast maps. That
allows us to quickly check whether a map is detached (or the initial map
anyway); and saves memory. We can use this information to ignore sibling type
feedback when parsing a JSON array with many distinctly shaped json objects.

Bug: chromium:993980
Change-Id: I86d493ac2cabec2c31c6e322ad5c5a7ace059dfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771778Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63403}

For stores with Double feedback, StoreIC needs to check that the
representation is still Double before doing the store, in case it
accidentally tries to write to an object or worse, mutate a non-mutable
HeapNumber.

Bug: v8:9606
Bug: chromium:997485
Change-Id: I51e0953b40f752648c5e86b8644c23baf636367e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768373
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63402}

This CL adds a new class WasmModuleSourceMap for source map support of WasmModule,
which maps C/C++ source code to WASM bytecode. Via this support, V8 can build a
direct map of source code and JITted code and inform profilers of it, thus the
source-code-level profiling information is presented.

Change-Id: I346f6216809ce4f3bf8b27f1e839dd4efdb00ead
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708029Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Zhiguo Zhou <zhiguo.zhou@intel.com>
Cr-Commit-Position: refs/heads/master@{#63401}

Host info used to be stored on the global reference underlying a Ref;
now it is stored in a JSWeakMap and hence tied to the lifetime of the
actual object on V8's heap.
Additionally, the internal metadata needed for C-API functions is now
stored on the SharedFunctionInfo and no longer overlaps with the host
info mechanism.

Bonus content:
Roll 6db391e: Remove a few more leftover uses of _enum types

Change-Id: Ibb1fa4b0dd5157fef15c030bac705a11aa3beaea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768368Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63400}