A switch can only produce a hole if it does not have fallthrough.
This actually only happens for SwitchOnGeneratorState bytecode.

We calculate the highest post dominating hole by traversing each
target.

Bug: v8:7700
Change-Id: Ia86ac08b1062dc48296e24beb95b3e3c3418ea6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826045
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82529}

due the different offset values on BE vs LE, the field_index
is incorrect on BE causing the visited_fields_ not to be set
to false during reference iteration.

Change-Id: I8f451cee7f9a18990de7ff2c67c904b1769b4f5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3831639
Commit-Queue: Junliang Yan <junyan@redhat.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82528}

This allows V8 to be compiled without zlib.

Currently we use zlib for 3 features:
1. Snapshot compression. The cl asserts v8_snapshot_compression
   implies v8_use_zlib.
2. Compression of translation arrays (experimental flag). The runtime
   flag is only enabled if v8_use_zlib.
3. Snapshot checksums. We fallback to a simple Fletcher algorithm if
   v8_use_zlib is false.

Change-Id: If043c3c21bba4d734573d7e1199d3ddf17b84f41
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3833817
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82527}

This reverts commit a362c78e.

Reason for revert: Failure is fixed now, see bug.

Original change's description:
> Disable failing wasm/grow-memory test on arm64 mac
>
> Bug: v8:13184
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Change-Id: I0200ce6e7877acf06cbffd8f7edd276119278f50
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829468
> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82434}

Bug: v8:13184
Change-Id: I3dbe2e710e036efcc5b6375687cfcb099091ae1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829941
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#82526}

When a name's hash is a forwarding index, HasHashCode() and hash() now
implicitly retreive the hash from the string forwarding table.

Bug: v8:12957
Change-Id: Ibb278df16b1ae6a54c7cbe757c65d3a5210168e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827880
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82525}

Bug: v8:9407
Change-Id: Id4ca4682d3fe4b2222a656c80dff95e5c099d5ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3822671Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Qifan Pan <panq@google.com>
Cr-Commit-Position: refs/heads/main@{#82524}

This CL changes the WasmExportedFunctionData class to store a direct
ExternalPointer to the wasm::FunctionSig instead of referencing it
through a Foreign. This in turn makes it possible to use a unique
pointer tag for that external pointer when the sandbox is enabled.

Drive-by: move WasmInternalFunction::call_target external pointer to the
end of the object, in line with other external pointer fields.

Bug: v8:10391, v8:12949
Change-Id: Ic3ff622a075c9eaa2f8d8835803437466290c928
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829086
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82523}

Very small change to the arm64 macro assembler.
This improves Preact by 0.8% on a Neoverse-N1 machine.

Change-Id: I867e73eb9b999e6f74fd54d72c6bf3f139d3b62f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3833819
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82522}

The way we initialized the "compilation progress" was pretty convoluted,
with multiple levels of functions being called for initializing every
single slot.

This CL refactors this to compute one default value for the whole
module, and only modifies those slots that need special handling (e.g.
because of compilation hints, or lazy/eager compilation after
deserialization).

We also rename "liftoff_functions" to "eager_functions" in the
deserialization path; the idea is that those functions should get
eagerly compiled because we expect them to be needed during execution.
Usually they would be Liftoff-compiled, but it's more consistent to use
the existing logic to choose the baseline tier. In the default
configuration, this will still use Liftoff, but if Liftoff is disabled
we will use TurboFan instead.

R=jkummerow@chromium.org, ahaas@chromium.org

Bug: v8:12425
Change-Id: Ie58840b19efd0b1e98f1b02d5f1d4369410ed8e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829606
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82521}

The Code-less builtins mode is still disabled.

Bug: v8:11880
Change-Id: I725ae4187bb394f79c69d5d0d971961e3ea406e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827879
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82520}

We should only tier to Sparkplug from Ignition. Previously, the
'!ActiveTierIsSparkplug' condition was correct since only Ignition (and
Sparkplug itself) entered the TieringManager. But now that Maglev is
also present, the condition must be clarified to 'ActiveTierIsIgnition'.

Bug: v8:7700
Change-Id: Ic7ea898facf9ce65407d09cead35e0181e49db31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3835562
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82519}

.. just because it's convenient to see the object type and code kind for
short prints.

Before:
 - code: 0x014c00257515 <Other heap object (CODE_DATA_CONTAINER_TYPE)>

After:
 - code: 0x39b7002573b1 <CodeDataContainer MAGLEV>

Bug: v8:11880
Change-Id: I02576ffdef509ed021fc5632ea19448387188130
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826255Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82518}

M1 is known to have regression in MotionMark.
Fuchsia fails due to binary size increase.

Bug: chromium:1325007
Change-Id: I599c53bf1318dfcc7b40764e89df81b972374ed3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3835682Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82517}

This reverts commit 437b311a.

Reason for revert: Causes issues for other CLs: https://ci.chromium.org/ui/p/v8/builders/try/v8_linux_chromium_gn_rel/76508/overview

Original change's description:
> [test] Migrate cctest/test-inspector to unittests/
>
> test-inspector.cc -> inspector-unittest.cc
>
> Bug: v8:12781
> Change-Id: I37d2bc2d023ffd91b94d5a09cdbfe4a6e22fecf1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3813062
> Reviewed-by: Jakob Linke <jgruber@chromium.org>
> Commit-Queue: Jakob Linke <jgruber@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82512}

Bug: v8:12781
Change-Id: I3355e5828814fdd489f7d31ecb694419b95f9c5b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829939Reviewed-by: Liviu Rau <liviurau@google.com>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#82516}

- Move InnerPointerToCodeCache to using internal callbacks.
- Refactor internal and external callbacks to use a unified interface.

Bug: v8:13184
Change-Id: If0006d324b0433f5d6bbf00b6d0fc1a2589227bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3834583Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82515}

Benchmark BitwiseAnd, Divide, and Exponentiate. Add explicitly truncated
cases to Multiply.

Bug: v8:9407
Change-Id: I89b2a624c0a60034fbe875958461a5f2ab826ade
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829467
Commit-Queue: Qifan Pan <panq@google.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82514}

Distinguish internalized forwarding indices from external forwarding
indices stored in a strings hash.

Bug: v8:12957
Change-Id: Ic01386a3291ac8d618cf4282aa7112e74e1b9169
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829471Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82513}

test-inspector.cc -> inspector-unittest.cc

Bug: v8:12781
Change-Id: I37d2bc2d023ffd91b94d5a09cdbfe4a6e22fecf1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3813062Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82512}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/39f80da..339f8c6

Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/98014eb..3d64821

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/22963c3..a56fd8b

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I2570fdd32bbf2a04bd6ba8d05783aef01b39df44
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3835075
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#82511}

Port commit c5d48121

Bug: v8:11708
Change-Id: Ia50968a169d6b13370f65d5e5fb84a8794cfe216
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3835322
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#82510}

Port commit c3ca8158

Change-Id: I76fd54522ec901534a13af6eadb917f6e8608d14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3835264
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#82509}

For Example:
------------------------
691:  Int32Constant[8]
1857: Word32And(1838,691)
1858: Word32Equal(1857,691)
1859: Branch(1858,2141)
======>
691:  Int32Constant[8]
1857: Word32And(1838,691)
1859: Branch(1857,2141)
------------------------


Assembly code:
------------------------
andl r9,0x8
cmpb r9l,0x8
jz 0x7f242017bf3c
======>
testb r9,0x8
jnz 0x7f56c017be2e
------------------------


Change-Id: I62a2a3d4bda5a82011b1c6aa745c1c8dc8cf4525
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3809052Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Jianxiao Lu <jianxiao.lu@intel.com>
Cr-Commit-Position: refs/heads/main@{#82508}

Bug: v8:11544
Change-Id: Iaf285f431e742e607e09d37c47a94d3f86806b13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3833434Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82507}

This reverts commit 6561d415.

Reason for revert: Adds ~300kb of code size, breaking
https://ci.chromium.org/ui/p/chromium/builders/try/fuchsia-binary-size/53196/overview

Original change's description:
> cppgc: Enable pointer compression on all platforms but M1
>
> M1 still seems to have some performance regressions on
> MotionMark/multiply.
>
> Bug: chromium:1325007
> Change-Id: I12ce44b8cef646f09a3c74ba533dfee8dffdd2ce
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829540
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82485}

Bug: chromium:1325007
Change-Id: Ib7aff1e1859ebd17cefd05c5f627a713f045fd26
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3831333
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82506}

Refactoring the code dealing with TimeZone Canonicalization.
Change CanonicalizeTimeZoneName from return MaybeHandle<String> to Handle<String>
Move TimeZoneId from JSDateTimeFormat to Intl and return Handle<String> instead of Handle<Object>


Bug: v8:13112
Change-Id: I678b0e0d407e5e4e9dd8b7120c0e99e7e2d9c5ea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3833435Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82505}

This CL changes the WasmTypeInfo class to have a direct ExternalPointer
to the native type structure instead of using a Foreign. This in turn
makes it possible to use a unique pointer tag for that external pointer
when the sandbox is enabled.

Bug: v8:10391, v8:12949
Change-Id: Ifee4d2103cabfa6a7299d0d09e06d387034e5f8f
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829085Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82504}

The previous CL (https://crrev.com/c/3810187) caused a 86.9kB binary
size regression on arm64 Android.
The 64kB alignment is actually only needed on Linux, as Android
always uses 4kB. This reduces the binary size by 98.3kB in a local test,
resulting in a 11.4kB reduction overall (over both patches).

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: If0c44d1b447e6982876a6ced8680b904613e39d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829473Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82503}

Sync to https://github.com/tc39/proposal-temporal/pull/2278
Use Smi::zero instead of BigInt::FromInt64(isolate, 0)
Rework the BigInt comparions code

Bug: v8:11544
Change-Id: I8b85156927601aad272b10c35ae15fd1c65e01c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3832538Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82502}

Bug: v8:13195
Change-Id: I4a7904e568933df2f6a8cffdb13f9b575fc17eee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3832392
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82501}

Bug: v8:7327
Change-Id: I0de7ee31762db6b95a631eedffd0f82fa2f0ce3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3812034Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Danylo Boiko <danielboyko02@gmail.com>
Cr-Commit-Position: refs/heads/main@{#82500}

Int32MulWithOverflow on arm64 uses a cmp to set flags rather than
the multiply instruction itself, thus we can use a left shift when
the multiplication is by a power of two.

This provides 0.15% for Speedometer2 on a Neoverse-N1 machine,
with React being improved by 0.45%.

Change-Id: Ic8db42ecc7cb14cf1ac7bbbeab0e9d8359104351
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829472
Commit-Queue: George Wort <george.wort@arm.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82499}

Bug: v8:7327
Change-Id: Ic805dc9bb1f653930d0bb34163d21aa34efc6a51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3820069Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Danylo Boiko <danielboyko02@gmail.com>
Cr-Commit-Position: refs/heads/main@{#82498}

This fixes a compile error in C++20 with comparison operator reordering.

Also does a little misc. cleanup to the adjacent code.

Bug: chromium:1284275
Change-Id: I1999c4ef2e8a201d2f1270347fe12c33c961c011
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3830987
Auto-Submit: Peter Kasting <pkasting@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82497}

Bug: v8:7327
Change-Id: Ia0b768fe6a08c6e628fb91ac489556ddedf120ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3805662Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Danylo Boiko <danielboyko02@gmail.com>
Cr-Commit-Position: refs/heads/main@{#82496}

This reverts commit ee89a269.

Reason for revert: Speculative revert https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/24078/overview

Original change's description:
> [wasm-gc] Add extern.externalize
>
> This adds `extern.externalize(ref null any): ref null extern` to wasm
> which packs wasm objects into JS objects if the js-interop flag is not set.
> This is the counterpart to extern.internalize introduced in
> 50ec8a11.
>
> Bug: v8:7748
> Change-Id: I67b8fe6d70b9f526ff6c43b0a4d7861c7ff5dad0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825879
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82492}

Bug: v8:7748
Change-Id: I22c84d69a1dc957208f60ae3125e80278ae739a5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3832389
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#82495}

The {vmar.protect} API used for {SetPermissions} fails when called on
data memory with error -10 (ZX_ERR_INVALID_ARGS).
Skip fuchsia until we figure out the right API to use there.

R=cbruni@chromium.org

Bug: v8:13194
Change-Id: I20754f7212a892b8440f29658bf3db40f7745fe9
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3833820
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82494}

This is a reland of commit a19316d9

- Revert malloc_usable_size() changes temporarily to land them in
  isolation.
- Add cosmetics from https://crrev.com/c/3827876

Original change's description:
> [heap] Rework Worklist base type
>
> Worklist uses a singly-linked list of segments to hold entries.
> Segment size was based on a compile-time constant but already stored
> in the segment itself.
>
> Rework the segments to query `malloc_usable_size()` on allocation and
> adjust the capacity properly. For PartitionAlloc, it turns out that
> there's ~20% more capacity available for the 64-element segments.
>
> This slows down actual allocation of the segments with the upside of
> improving utilization and requiring 20% less segments.
>
> Change-Id: Ib8595c3fb9fb75b02e4022f6c525bb59a2df7ab7
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826047
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Anton Bikineev <bikineev@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#82432}

Change-Id: Ic8c5257cfe3c347b11eea5c513ca7f62e09f637f
Bug: v8:13193
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829475Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82493}

This adds `extern.externalize(ref null any): ref null extern` to wasm
which packs wasm objects into JS objects if the js-interop flag is not set.
This is the counterpart to extern.internalize introduced in
50ec8a11.

Bug: v8:7748
Change-Id: I67b8fe6d70b9f526ff6c43b0a4d7861c7ff5dad0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825879Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82492}

Bug: v8:13035
Change-Id: I028f77f7dea73d56bf9df56ee06908fd01ce8a43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3830034Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82491}

Bug: v8:11880
Change-Id: I4515f98ade8237ac049e782b1b886a2139295b3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827863Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82490}