With the upcoming "exception handling" proposal, we have to ensure
that traps are not catchable. This patch adds missing "uncatchable"
annotations to traps in the C-API and table-related instructions.

Fixed: v8:11813
Change-Id: I7bbd5043ede58a5315bd5117eb496ed014e79e91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2953160
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75082}

- Fix an issue where weak containers would not be marked properly when
  running with full object names. The problem was that in this
  configuration the object graph was not traversed at all in the first
  phase, meaning that no weak links would be found.
- Add edges to weak containers in the second phase that actually builds
  the snapshot.
- Mark all weak containers instead of just ephemerons, to avoid having
  fully weak containers show up as retainers.

Bug: chromium:1056170
Change-Id: I8b29e00a5d77028892c16e3c29258cd598083082
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2951730
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75081}

JS nodes that are connected to C++ nodes are merged with them in the
snapshot.

Bug: chromium:1056170
Change-Id: I137a21b3d847e669bf65962224050f5402bcff7c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2951732Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75080}

Explicitliy add --no-always-opt to prevent Fuzzer failures.

Bug: v8:11853
Change-Id: Idf1ee842fd7e404516e27d1f5f5e6afe87fc5bd1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2951726Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75079}

This is a reland of febfbb21

Original change's description:
> [sparkplug] Adjust compare and jump function in sparkplug
>
> Mips and risc-v do not have the flag register and can not decide
> whether to jump through flags in JumpIf();
>
> Therefor, we merge the comparison with the jump;
>
> Bug: v8:11803
>
> Change-Id: If53752da93b97e8ff65affdfe99e5de8e1a1493f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2921034
> Auto-Submit: Liu yu <liuyu@loongson.cn>
> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75001}

Bug: v8:11803
Change-Id: Ib3cb89d8a9f59aad3fbd857881699e84e8fcd8aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945538
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75078}

We have to not have any instructions between EmitOOLTrapIfNeeded and the
movs. For this reason, we are now emitting EmitTSANStoreOOLIfNeeded
after the store rather than before.

We are also now requiring the code_kind to know if we are compiling a
FOR_TESTING function.

Finally, we have to differentiate between two different wasm-to-js
functions: one lives in the wasm code space, and another one lives on
the heap. The one that lives in wasm code space calls wasm stub calls,
and the other one calls the builtin like JS does.

Bug: v8:7790, v8:11600
Change-Id: Iafb4643068ae4e31881662e032f73af98a66baca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945185
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75077}

We can detect the sequence during instruction selection and
if possible emit a single load/store byte reversed opcode instead
of doing the same separately (i.e load/store and then reverse).

Change-Id: Ib7d0c8c7105382637c33cafac5b5f4e23e8e553d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2950243Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75076}

Migrate the remaining architectures to the new callee save RecordWrite
approach.

Bug: v8:11420
Change-Id: I9da56cbb5bf8c6ca4bcc7c0e2a1233e2f5ef587c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944844
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75075}

- Vertically adjust flamechart to show deep stacks
- Highlight currently hovered function in the complete flamechart

Bug: v8:10644, v8:11835
Change-Id: Ibb5839c332f28c552162943f3eb65435de11a36a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2950244Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75074}

If a label was binded after Branch in 4096 offst, we should use Branchshort.

Change-Id: I2197e2a18a43627370ed9b67b7ef7d678a2a62a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944795
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: Brice Dobry <brice.dobry@futurewei.com>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Cr-Commit-Position: refs/heads/master@{#75073}

In trampoline, we emit auipc+jalr first. But the offset between target and trampoline is less than int21, so we can use jal to replace auipc+jalr.
It can reduce number of execution instruction.

Change-Id: Idc37d80341030130c478209681cb54c63d1ddf27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2939442
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: Brice Dobry <brice.dobry@futurewei.com>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Cr-Commit-Position: refs/heads/master@{#75072}

Batch compilation needs to remain disabled on unsupported platforms
to avoid this compilation error:

error: assignment of read-only location '* conclusion_pointer'

Bug: v8:11790, v8:11420
Change-Id: I64aaf6476fdb585f8210331f31b01ebefe9c61c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949969Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75071}

For Cobalt's purpose in the past, we introduced base::Memcpy to
intercept memcpy calls and replace it with SbMemoryCopy on
Starboard/Cobalt. Recently Cobalt removed SbMemoryCopy because we found
out that memcpy implementation is universal. To reduce the cost to
maintain base::Memcpy, let us remove it and revert back to raw memcpy.

Bug: v8:10927
Change-Id: I060f191f8f1aed8b78ffe4558a3743f3a2da008b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2951462Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: John Xu <johnx@google.com>
Cr-Commit-Position: refs/heads/master@{#75070}

This allows forward references among objects as well as contexts
referencing objects.

Bug: v8:11525
Change-Id: I45fd132344c5e0125d8287c668eac444fe1f8802
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2947408Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75069}

This reverts commit 1f0b0ed0.

Reason for revert: still crashing https://ci.chromium.org/ui/p/chromium/builders/try/android-marshmallow-arm64-rel/877258/test-results

Original change's description:
> Reland "heap: Fix initial GC configuration for C++-only heaps"
>
> This is a reland of 7ef67b2e
>
> Manually checked that the CL was not the culprit breaking
>   media_blink_unittests --gtest_filter=WebMediaPlayerImplTest.MemDumpReporting
>
> Original change's description:
> > heap: Fix initial GC configuration for C++-only heaps
> >
> > Heaps in V8 start with a large limit that is shrunk upon young
> > generation GCs, based on some liveness estimate. This provides best
> > throughput during startup while at the same time finding a reasonable
> > first limit.
> >
> > For C++ (embedder memory) there is no estimate which is why it was
> > piggy-backing on V8. This breaks in scenarios where no JS memory is
> > allocated.
> >
> > In this fix we start a memory reducer after embedder memory has hit
> > the activation threshold if no GC happened so far. As soon as a single
> > Scavenger has happened, we leave it up to the JS estimate to figure
> > out a limit. Memory reducing GCs will then find a regular limit based
> > on the initial live size.
> >
> > Drive-by: Give embedders the same activiation threshold of 8MB as JS.
> >
> > Bug: chromium:1217076
> > Change-Id: I8469696002ac2af8d75d6b47def062d2608387a1
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944935
> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75012}
>
> Bug: chromium:1217076
> Change-Id: I482d8525379e33095834d5b41be8bb49bdd8a5d4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949094
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75048}

Bug: chromium:1217076
Change-Id: Ia409d7a3a22127af749cff5eb5db1ff508b969e4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2951468
Auto-Submit: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75068}

Bug: chromium:1097184
Change-Id: Ifa64885cb74ffe05ef56aca59150c89d8f11dd1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945276
Auto-Submit: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75067}

This change addresses inconsistencies wrt. to stepping into generator
functions and breaking on the implicit initial yield. The new behavior
is the following:

 1. Stepping into a generator function doesn't trigger "generator
    stepping", but rather pauses right before the initial yield
    (assuming there a no non-simple parameters in between).
 2. When paused on the initial yield and stepping into or over, we also
    don't turn on "generator stepping" immediately, but rather return to
    the caller and only enter "generator stepping" on SuspendGenerator
    bytecodes that correspond to `yield`s or `await`s in the source
    code.

This matches the stepping behavior of regular functions more closely and
seems like a good compromise.

Fixed: chromium:901814
Change-Id: Ifc6c174011df1afea183e2c6ec21de27d72b17a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949099
Commit-Queue: Yang Guo <yangguo@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75066}

.. when concurrent inlining is on.

SerializeBackPointer
SerializeForElementLoad
SerializeRootMap

For SerializeRootMap: Due to changed root map access timing, it
is now possible to see an abandoned prototype map - added logic
for that in RemoveImpossibleMaps.

Bug: v8:7790
Change-Id: Icdb3fff12536bfdc84923e7cd40bad9978a2a401
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2948658
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75065}

In fond memory of kPossiblyBackgroundSerialized, this CL adds a new
subtype of kNeverSerialized called NeverEverSerialized. Such refs are
never ever serialized, i.e. not even when concurrent inlining is
disabled.

The first Ref in this category is RegExpBoilerplateDescriptionRef.

The intent is to gradually transition all kNeverSerialized refs to
NeverEverSerialized and then remove NeverEverSerialized (making it the
default behavior).

Bug: v8:7790
Change-Id: I8741a94212426a773ec3dc20758a41cb89f13368
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2947415
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75064}

It adjusts V8 page size for performance reasons.
The main use case is improving Node.js performance.
The design doc is at:https://docs.google.com/document/d/1CO8Q0YZKJ3QKFRTk-aoJzmSFsuI8ALYQLtsjqLzyi-0/edit?usp=sharing

Change-Id: Ie037d405a7116ccd986131d22d417b86ccf6a899
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2860840Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Cr-Commit-Position: refs/heads/master@{#75063}

Bug: chromium:1216696
Change-Id: I0918215c2e2b845bd7b39e06128d74382a467b05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2950262
Commit-Queue: Peter Kasting <pkasting@chromium.org>
Auto-Submit: Peter Kasting <pkasting@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75062}

- Add support for packed types.
- Emit arguments first in wasm-module-builder.cc.

Bug: v8:7748
Change-Id: I358ca13db4332e026ee5850de6f629822bc92b04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2948887Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75061}

Pass along the intended atomicity parameter for a getter in a DCHECK.

Bug: chromium:1218072
Change-Id: Ib83c8f548d3de9c944546c74291cd148643e185c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2950242
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75060}

And also make sure that even long names don't get truncated.

Fixed: chromium:1216284
Change-Id: I2792b60ddeb40a87816cb54fb0414ef0dea45da0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2947409
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75059}

Bug: chromium:1217573
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Change-Id: Ida9cabc4f46f0ad4f35e2b97f5803cc7c30fb972
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2947857
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75058}

Change-Id: Ieeb437abf3ebc59461ee828aeb6c65e06fdb17fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2950241
Commit-Queue: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Auto-Submit: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75057}

For tail calls, we already set the flag kCallTail on CallBufferFlags,
the bool is_tail_cal always matches the flag (and there is only one call
site (L3037).

Drive-by clean up to get SaveFPRegsMode once, this is used when we need
to save and restore caller-saved registers.

Change-Id: Id175922c4cb5162d38b5ab61b84e151aaf2083e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945536Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75056}

By moving this out of counters.h, counters.h no longer needs to depend
on isolate.h.

Change-Id: Ic5272e3b3a729c0a438124dc5cdc1835817f3341
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949098
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75055}

IsPendingAllocation will now load the space from the object's page
header first and then only check the object against the current LAB
of that particular space. Previously we were looking up that object
in the LABs of all spaces.

This new design also makes it feasible to have one dedicated mutex for
original_top/original_limit (respectively pending_object) for each
space. This will reduce contention on the mutexes.

Change-Id: I8e7636410259fd03b7970084bfbbaeadb2d8ba61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2936606
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75054}

Change-Id: Ife5883cf5108dfc25603a57df0044d096b6c5855
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949105
Commit-Queue: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Auto-Submit: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75053}

Better explain why internalized strings have to be in old space. The
scavenger doesn't need to iterate and update references in the string
table and the stub cache.

Change-Id: I93c3e0b743f85fbf4de2ad877f3667abb2e0ae53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949101
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75052}

Change-Id: I4728042456c884f7ba91bd74e3a296973c663715
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949967
Commit-Queue: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Auto-Submit: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75051}

Port f68e1be7
Fix build error for 8ab75a56

Change-Id: I1014b8c036b0b8a8fcad5207fc9692e0668e2cce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945175Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Commit-Queue: Brice Dobry <brice.dobry@futurewei.com>
Cr-Commit-Position: refs/heads/master@{#75050}

Use batch compilation per default for Sparkplug.

Bug: v8:11790, v8:11420
Change-Id: Ie0fd8a0614d674170b0878064292caa0a5ab06e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2948659Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75049}

This is a reland of 7ef67b2e

Manually checked that the CL was not the culprit breaking
  media_blink_unittests --gtest_filter=WebMediaPlayerImplTest.MemDumpReporting

Original change's description:
> heap: Fix initial GC configuration for C++-only heaps
>
> Heaps in V8 start with a large limit that is shrunk upon young
> generation GCs, based on some liveness estimate. This provides best
> throughput during startup while at the same time finding a reasonable
> first limit.
>
> For C++ (embedder memory) there is no estimate which is why it was
> piggy-backing on V8. This breaks in scenarios where no JS memory is
> allocated.
>
> In this fix we start a memory reducer after embedder memory has hit
> the activation threshold if no GC happened so far. As soon as a single
> Scavenger has happened, we leave it up to the JS estimate to figure
> out a limit. Memory reducing GCs will then find a regular limit based
> on the initial live size.
>
> Drive-by: Give embedders the same activiation threshold of 8MB as JS.
>
> Bug: chromium:1217076
> Change-Id: I8469696002ac2af8d75d6b47def062d2608387a1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944935
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75012}

Bug: chromium:1217076
Change-Id: I482d8525379e33095834d5b41be8bb49bdd8a5d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949094
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75048}

Changes:
- Implement a single function
  WriteGlobalValue(const WasmGlobal&, const WasmValue&). Compute an
  intermediate WasmValue when needed.
- Add WasmValue::CopyTo() to avoid reading little endian values in
  WasmValue, and then transforming back to little endian.
- Add WasmValue::to_string() for tracing.

Change-Id: Ia7d9b9cddc7b8f77ae35fc588fe34c41ef444a2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2948664
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75047}

The disassembler cannot decode neg instruction correctly because a single
quote is missed.

Bug: v8:11833
Change-Id: I43f12e8e8e3f1e51244dc891e9bfb611a95f393b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2934617Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Commit-Queue: Brice Dobry <brice.dobry@futurewei.com>
Cr-Commit-Position: refs/heads/master@{#75046}

Change-Id: Ic0edb4a424b7358a40c54984f0f56f5c0ba05b09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2930171
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75045}

Previously, for generating the snapshot, ephemerons containers were just
traced strongly, without handling their ephemeron pairs. This resulted
in the snbapshot missing out on all the value objects (as keys were
traced through regular Visit()).

The fix here
a) Adds ephemeron tracing;
b) Adds a flag to avoid showing the key being retained by the
   ephemeron collection;

Bug: chromium:1056170
Change-Id: I45cc95bf4876879fa78b83154b13f20751b262b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2948889
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75044}

Loop fallthroughs should leave values according to their out-type on the
stack, even when the stack is polymorphic.

Bug: chromium:1217470
Change-Id: I0a7e0569fa24fc16fcac76569a5ba14b6c7b0a9f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2949090Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75043}