This is a reland of d1b27019

Fixes include:
Adding missing file to bazel build
Forward-declaring classing before friend-classing them to fix win/gcc
Add missing v8-isolate.h include for vtune builds

Original change's description:
> [include] Split out v8.h
>
> This moves every single class/function out of include/v8.h into a
> separate header in include/, which v8.h then includes so that
> externally nothing appears to have changed.
>
> Every include of v8.h from inside v8 has been changed to a more
> fine-grained include.
>
> Previously inline functions defined at the bottom of v8.h would call
> private non-inline functions in the V8 class. Since that class is now
> in v8-initialization.h and is rarely included (as that would create
> dependency cycles), this is not possible and so those methods have been
> moved out of the V8 class into the namespace v8::api_internal.
>
> None of the previous files in include/ now #include v8.h, which means
> if embedders were relying on this transitive dependency then it will
> give compile failures.
>
> v8-inspector.h does depend on v8-scripts.h for the time being to ensure
> that Chrome continue to compile but that change will be reverted once
> those transitive #includes in chrome are changed to include it directly.
>
> Full design:
> https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing
>
> Bug: v8:11965
> Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76424}

Cq-Include-Trybots: luci.v8.try:v8_linux_vtunejit
Bug: v8:11965
Change-Id: I99f5d3a73bf8fe25b650adfaf9567dc4e44a09e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113629Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76460}

Bug: v8:12128
Change-Id: Ie32a582da7b823f75462c0cea3fff68daf483df1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114140Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76459}

Change-Id: Id807e5e09fff59f4aedfca67461ffe3af3ffbea3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114144
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76458}

Give a little bit of introduction to Oilpan and provide a few links to
navigate the project.

Bug: chromium:1056170
Change-Id: I4ef8c256c8de7932e3393017be6c58ba48ca45f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114141
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76457}

This reverts commit 26609973.

Reason for revert: Breaks code_serializer tests - https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20debug/36427/overview

Original change's description:
> [codegen] Assert that deserialized SFIs have correct origins
>
> Re-use the same check we already have in place for the
> compilation cache for when we use CodeSerializer::Deserialize.
>
> - Move HasOrigin to SharedFunctionInfo::HasMatchingOrigin
> - HasMatchingOrigin no longer allocates
> - Pass ScriptDetails in more places
>
> Bug: v8:10284
> Change-Id: I6e074bd1e7db9a35fdf7123d04a65841d9813e02
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3090968
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76451}

Bug: v8:10284
Change-Id: I234fcf031001819b05dbcdd421f235f71e9805b2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114143
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#76456}

This avoids a benign race in setting the raw pointer inside CTP
destructor by not emitting the write at all. The handle is destructed
which means that we only need to destroy any backing node but may
leave the handle untouched.

Drive-by:
- Add a few more docs.
- Make Clear() thread-safe.
- Make assignment of a sentinel pointer thread-safe.
- Make assignment of a nullptr thread-safe.

Bug: chromium:1242795
Change-Id: I0d9dafa31c298053e87ba1eb75f99fa6e33fa10b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114134
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76455}

Add copies of the NumFuzz CI builders with the infra
staging flag which in turn adds the no fail flag that
ignores exit code 1. We want to see if this catches bugs
with less noise.


Bug: v8:11826
Change-Id: Ide6ffa7475e464075e588df0eaed524503c8cf95
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114133
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76454}

In Blink, WindowProxy may be referred from two diffrent JS wrapper
objects during page refresh (same site navigation reusing parts of the
DOM). In this intermediate state, the old frame state is not yet
reclaimed while the new state is already being added.

We would like to only merge nodes when there's a 1:1 relation between
C++ and JS objects. Unfortunately, WindowProxy breaks that assumption
in that the C++ object doesn't directly point to the wrapper. In
addition, merging this case is important as otherwise detachedness
would not be propagated to the Window object (JS wrapper) which is the
main user of detachedness.

The CL allows overriding merged nodes, picking a random merged state
during pageload while still resulting in the regular snapshot behavior
outside of reloading the same page.

The proper fix is addressing chromium:1218404 and only create merged
nodes when the back reference points to the same object.

Bug: chromium:1241610
Change-Id: Ie77b51a56ce90ef377124304bb025342a724c600
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114139Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76453}

Python client is deprecated.

This removes all references to swarming_client in this repository.
https://source.chromium.org/search?q=swarming_client&sq=&ss=chromium%2Fchromium%2Fsrc:v8%2F

Bug: chromium:984869
Change-Id: I377c47fc696723ae4ba53418682f6e06129812f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114156
Auto-Submit: Takuto Ikuta <tikuta@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76452}

Re-use the same check we already have in place for the
compilation cache for when we use CodeSerializer::Deserialize.

- Move HasOrigin to SharedFunctionInfo::HasMatchingOrigin
- HasMatchingOrigin no longer allocates
- Pass ScriptDetails in more places

Bug: v8:10284
Change-Id: I6e074bd1e7db9a35fdf7123d04a65841d9813e02
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3090968
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76451}

map, filter and values do not return lists in python3.

Change-Id: I608e8f61649f60f6cfeb9c4e12d293655c5647de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3107305Reviewed-by: Lutz Vahl <vahl@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76450}

https://crrev.com/c/3110611 has landed, thus we can revert the temporary
workaround.

Bug: chromium:1237730
Change-Id: Ieb39ff07baddd03dc41c716d921496eb4d539fae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114137
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76449}

This test regularly fails due to my local language setting.

Change-Id: Ic4719ffbe49a8fc9d38d75b05b52ac550315a405
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114138Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76448}

Bug: v8:12132
Change-Id: Ib81c4141a07ad5269eb0abda839ebc42b8170170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114159
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn>
Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#76447}

Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/8fd49d6..e7fa637

[NFC] PFM: actually report package as found, and advertise description (Roman Lebedev)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/e7fa637

Fix links to further doc in user_guide.md (#1215) (Marcel Jacobse)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/0a447f8

Introduce accessors for currently public data members (threads and thread_index) (#1208) (Vy Nguyen)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/dc1a971

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I2d181784851313c5698151934e21849fd3d0c618
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3115194Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#76446}

.. from a StackTraceFrameIterator (STFI). This replaces the (incorrect)
pattern

 StackTraceFrameIterator it(isolate);
 FrameSummary fs = FrameSummary::GetTop(it.javascript_frame());

The STFI has filtering semantics that only iterate over certain JS and
Wasm frames. These semantics (e.g. skipping over frames that are not
subject to debugging) must be preserved when looking into inlined
optimized frames.

The new convenience function GetTopValidFrame encapsulates this logic.

Bug: chromium:1237730
Change-Id: I060b36b5ac6a5decef90da4de45e679516ff93fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110611Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76445}

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3d596a3..a18fc49

Rolling v8/third_party/aemu-linux-x64: GG_dhOWH4FV08NLnsuMmrvJIzuPs-hEVC4Dt900CDY0C..mzkiKxqmdTggBfBNwOHm7OLAedgW6S1290tU-PuR80AC

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/52b4510..cfb4e59

Rolling v8/tools/luci-go: git_revision:24b519169c7848dbeae2dba04698c41666388a45..git_revision:6fd750aec1e6bffc49a4d87e26821a5a05b97b50

Rolling v8/tools/luci-go: git_revision:24b519169c7848dbeae2dba04698c41666388a45..git_revision:6fd750aec1e6bffc49a4d87e26821a5a05b97b50

Rolling v8/tools/luci-go: git_revision:24b519169c7848dbeae2dba04698c41666388a45..git_revision:6fd750aec1e6bffc49a4d87e26821a5a05b97b50

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I2042e531c45a475487b4045d215ebf16b56bdeb7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3115190Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#76444}

As a first step toward generating longer-width SIMD (see design doc),
this change adds the ability to emit 256-bit instructions in the x64
assembler. The `YMMRegister` class indicates that a 256-bit instruction
should be emitted (versus a 128-bit instruction for `XMMRegister`). This
also includes a sample implementation for `vmovdqa` and `vmovdqu` and
the encoded bits are checked against known-good output from NASM.

Design doc: https://docs.google.com/document/d/1VWZbkO5c_DdxlJObmSLN_9zQUZELVgXyudbpzv5WQM0

Change-Id: I18a88565d731786c3a1cedc2293a3a2e78ae838a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3111269
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76443}

This removes 8 arch opcodes.

Bug: v8:11217
Change-Id: I2c7a73b032ba5fa21f9843ebb4325e226a22550a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114590Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76442}

ShiftAdd tests lane_size * len(test_arr)^2, which is a lot of cases. In
local runs of test-run-wasm-simd, I see I32x4ShiftAdd show up
consistently as taking up a lot of time. We reduce the number of cases
tested to lane_size * len(test_arr), which stills give us very good
coverage.

Change-Id: Ida99a378f0dd9b513e8c84a2da3beebf65f0f356
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3105374
Auto-Submit: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76441}

Change-Id: I3a8bdf607ddad2d1a64ea634615105c48116701c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114847Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76440}

Change-Id: Iec0fdde1086b148f4be59815c48262333fd4a5dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114848Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76439}

This patchset introduces instrumentation of the memory usage of the
datatructures maintained by the CPU profiler.
It captures:
* The total size of the strings held in StringsStorage for CodeEntries
* Estimated size held by CodeMap's entries.

The target is to surface that metric through telemetry to get better
visibility into the memory profile of CpuProfiler.

For now, STL containers overhead is ignored as it is implementation
specific.

Change-Id: I8c6a0cd4f14348fe8832dec1f24861befc67d700
Bug: chromium:1241491
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101580
Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76438}

This is addition to https://crrev.com/c/3108289 to
fix load ops for atomic and regular ops.

Change-Id: I1107e0571eb40d858562b12646308b9fe46cc88d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114025Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76437}

Change-Id: I6c87c974b75b8d13e546a19a5c204362ca8536ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3114026Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76436}

No-Try: true
Change-Id: Ibce0c1bf256102ffa71845faf563dc75057b7813
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110612
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76435}

We are running out of encoding space for opcodes on arm64. This patch
merges some wasm simd opcodes of different simd types, encoding the lane
size in the instruction code using LaneSizeField instead. This reduces
the total number of opcodes on arm64 by 71.

Bug: v8:12093
Change-Id: Ib4d96d1db1ff9b08fafd665974f3494a507da770
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3109676Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/main@{#76434}

Port 593fbb69

Change-Id: If97973df5f30af47894e0ba7924cc1c23a5c979a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3111298Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76433}

When eagerly evaluating native accessors in the inspector, treat
rejected promises the same way that we treat exceptions, and also make
sure to mark them as handled, so they are not logged as unhandled
promise rejections by Chromium.

Also-By: jarin@chromium.org
Bug: chromium:1076820, chromium:1199247
Change-Id: I3cef1e7c04ecbf9e734db946d669a3b5186eca5b
Fixed: chromium:1241298
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110610
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76432}

We add ref.func and ref.is_null to the fuzzed module.
ref.is_null returns i32, so it is added to i32 generator.
ref.func is added to GenerateOptRef.
GetRefType function is added to generate reftypes.

Bug: v8:11954
Change-Id: Ia1add950bed573a02b6bec1cba401273d401919e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3106925
Commit-Queue: Rakhim Khismet <khismet@google.com>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76431}

Abstract reference types in the fuzzer have only generated trivial
values. This CL adds the capability for them to generate values of their
subtypes in addition.
Drive-by: Fix emission of multiple tables in wasm-fuzzer-common.

Bug: v8:11954
Change-Id: Id434109c9ae6c1e1b799414c90f18180b8895755
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3109672
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76430}

This aims to speed up stack scanning with a fast on-heap check. The
blooom-filter (at least with caged-heap enabled) is probably not needed
anymore.

Change-Id: I05536025c73df0cacdbbf6c474339dc71ecf33e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2825590
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76429}

This reverts commit d1b27019.

Reason for revert: Broke vtune build, tsan build and possibly others

Original change's description:
> [include] Split out v8.h
>
> This moves every single class/function out of include/v8.h into a
> separate header in include/, which v8.h then includes so that
> externally nothing appears to have changed.
>
> Every include of v8.h from inside v8 has been changed to a more
> fine-grained include.
>
> Previously inline functions defined at the bottom of v8.h would call
> private non-inline functions in the V8 class. Since that class is now
> in v8-initialization.h and is rarely included (as that would create
> dependency cycles), this is not possible and so those methods have been
> moved out of the V8 class into the namespace v8::api_internal.
>
> None of the previous files in include/ now #include v8.h, which means
> if embedders were relying on this transitive dependency then it will
> give compile failures.
>
> v8-inspector.h does depend on v8-scripts.h for the time being to ensure
> that Chrome continue to compile but that change will be reverted once
> those transitive #includes in chrome are changed to include it directly.
>
> Full design:
> https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing
>
> Bug: v8:11965
> Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76424}

Bug: v8:11965
Change-Id: Id57313ae992e720c8b19abc975cd69729e1344aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113627
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76428}

This reverts commit 0179f6a6.

Reason for revert: reverting the CL this fixes

Original change's description:
> [bazel] Missing v8-initialization.h file
>
> No-Try: true
> Change-Id: I1ff26433f68ed9318ddc0f7d9a840df3699cdd4f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113625
> Auto-Submit: Victor Gomes <victorgomes@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76425}

Change-Id: I8fe8d811badf478c2f8d6761e503e322cfd4e6fb
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110609
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76427}

The fast_call_count getter in d8 was not properly initialised as
throwing when called as a constructor. As a result, it was possible
to pass a new object as its `this` and then attempt to "unwrap" it,
resulting in reading OOB in the new object. This CL also strenghtens
slow_call_count and reset_counts and adds a regression test.

Bug: chromium:1241464
Change-Id: I9b6e9a4e38a974dc111a53b911c73514c30de9df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110369Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76426}

No-Try: true
Change-Id: I1ff26433f68ed9318ddc0f7d9a840df3699cdd4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113625
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76425}

This moves every single class/function out of include/v8.h into a
separate header in include/, which v8.h then includes so that
externally nothing appears to have changed.

Every include of v8.h from inside v8 has been changed to a more
fine-grained include.

Previously inline functions defined at the bottom of v8.h would call
private non-inline functions in the V8 class. Since that class is now
in v8-initialization.h and is rarely included (as that would create
dependency cycles), this is not possible and so those methods have been
moved out of the V8 class into the namespace v8::api_internal.

None of the previous files in include/ now #include v8.h, which means
if embedders were relying on this transitive dependency then it will
give compile failures.

v8-inspector.h does depend on v8-scripts.h for the time being to ensure
that Chrome continue to compile but that change will be reverted once
those transitive #includes in chrome are changed to include it directly.

Full design:
https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing

Bug: v8:11965
Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76424}

As a short-term mitigation for the abort() crash that happens
when the g_thread_in_wasm_code flag is set while we attempt to
free a Wasm code object as part of a GC cycle, clear the flag
in Runtime_AllocateInYoungGeneration. (The ...OldGeneration
counterpart is not affected because Wasm code does not request
pretenured allocations currently.)

Bug: chromium:1236668
Change-Id: I97ab9f67935de9aaeca0815e374bdfd8076acf6f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110195Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76423}

Bug: v8:12130
Change-Id: I2cf3513fb09e5844ef827901cbbe73f70b2a3edd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3112986Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#76422}

Bug: chromium:1237730
Change-Id: Ib604a5d3dc8931f195d6508048937ee735e18fd8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3107306
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76421}