Implement these 6 instructions:

- f64x2.convert_low_i32x4_s
- f64x2.convert_low_i32x4_u
- i32x4.trunc_sat_f64x2_s_zero
- i32x4.trunc_sat_f64x2_u_zero
- f32x4.demote_f64x2_zero
- f64x2.promote_low_f32x4

The code sequences are exactly the same as on x64.

Needed to add some more instructions, and we don't have macro lists for
these instructions yet, so individually define them for now. We can
factor them into lists in a future change.

Bug: v8:11265
Change-Id: I606e1226201e3c5ecdc7e3f611315437e917d77c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668913Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72535}

Change-Id: I783c41ca4192d686454728b7c8356935bc67cc98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2675922
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72534}

TranslationArrays (TA) are large and rarely used, thus could benefit
from compression. This CL adds a --turbo-compress-translation-arrays
flag (off by default) to experiment with that.

Each optimized Code object has an associated translation array
(Code->DeoptimizationData->TranslationArray). These translation arrays
have roughly the same size as the Code object itself. They are
used only rarely: when deoptimizing, and when traversing the stack and
looking into optimized frames. Neither of these code paths are
especially performance critical. TA's contain only immutable, untagged
data. They are thus good candidates for compression.

The trade-off is between TA memory consumption and time spent
in decompression/compression. This CL keeps everything on the main
thread, but it would also be possible to move compression (the more
expensive operation by a factor of 5 to 10) to a worker thread.

Numbers from a local Octane2 run:

Sum of Code instructions sizes: 4.6MB
Sum of uncompressed TA sizes:   4.1MB
Sum of compressed TA sizes:     0.6MB

Compression times depend on the selected compression quality, but
roughly:

Compression:   50ms (40us avg per compilation)
Decompression:        7us avg per compilation

Drive-by: Translation arrays currently use run-length encoding;
I disabled this for when --turbo-compress-translation-arrays is
enabled (no need to compress twice).

Bug: v8:11354
Change-Id: I7828d7d91eb074816b383b02f883c5d7b7e318b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2652497
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72533}

We want to remove the gpu:none default as we want to switch to
Mac Minis in the Mac pool that have gpus.

This starts a 3-way change:
1. This CL: Add the gpu dimension for Mac source side.
2. Remove setting it as default for Mac in infra.
3. Flip the value for gpu source side.

This requires merging to beta/stable.

No-Try: true
Bug: chromium:1174040
Change-Id: I81f2f5863593aa93fa668b4534d1116a11768f31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673402
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72532}

In the latest spec, catch_all is encoded as 0x05. This is the same
opcode as "else", but they do not conflict because "else" is not valid
in the context of a try block.

The 0x0a opcode now corresponds to the "unwind" instruction, which
currently has the same semantics as "catch_all".

R=clemensb@chromium.org

Bug: v8:11392
Change-Id: Ie9cd06c9a2001a02d8bea5be7a3c016e3a58ee3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674007
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72531}

Change Isolate::code_coverage_mode to an atomic such that access from
the background thread is safe.

Bug: v8:11378
Change-Id: I26d6915b1662ba022ea6a173a87d184d3ac7cd3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666691
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72530}

Sweeping was already restarted, ignore chunks that might be swept
concurrently.

Bug: chromium:1174007
Change-Id: I954bf4b25ddb27a612b9fd33bad1f1ba34358719
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674005Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72529}

This CL adds PropertyDetails::ToByte and ::FromByte. These are not
applicable to all PropertDetails, but only those for dictionary-backed
properties with an (unused) enumeration index with value 0.

The motivation for this is that those dictionare backing stores that
don't store the enumeration order in the PropertyDetails but store it
in the table itself (like OrderedNameDictionary and the upcoming
SwissNameDictionary), can store PropertyDetails in an array of bytes.

Bug: v8:11388
Change-Id: Id346b924cd7c67b2f33cbc7a7807eec31cefbeec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672029
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72528}

Platform::GetForegroundTaskRunner() can only be used after attaching
an Isolate in V8. Work around that problem by getting the runner only
when needed.

Bug: chromium:1056170
Change-Id: If15ec691e7f5cf11be8b7a3bc18827246ac083d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674009
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72527}

Instead of passing a bunch of objects and pointers to
{GenerateLiftoffDebugSideTable}, just pass the WasmCode pointer for
which the debug sidetable should be created.

This requires changing the corresponding cctests to actually compile
code, such that we can get a WasmCode pointer.

R=thibaudm@chromium.org

Bug: chromium:1172299
Change-Id: If42f06a545feb590f9c2377ce95e6214bbc6f566
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674006Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72526}

ZoneChunkList has more overhead than a simple ZoneVector for storing
uint8_t bytes.

Bug: v8:9684
Change-Id: I5e22286f2628ae2010086e9d82cadbebb176dbee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2661459Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72525}

For dictionary mode objects, whether or not a property is constant was
not tracked before. This CL makes the required non-Turbofan changes,
guarded behind the new flag V8_DICT_PROPERTY_CONST_TRACKING.

In addition, prototypes are not converted to fast mode objects if this
flags is enabled.

Bug: v8:11247
Change-Id: Ia5942733239a97560b6efc015f0e25a35fea3d7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2566757
Commit-Queue: Frank Emrich <emrich@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72524}

Creating a PatchingAssembler has significant overhead, including a
dynamic allocation for the assembler buffer implementation. In the case
of {Assembler::bind} we just need it to overwrite a machine word. Hence
avoid creating the PatchingAssembler for this trivial work and just use
Memcpy directly.

R=jkummerow@chromium.org

Change-Id: I83510cfd7ebdb0d0c378df548b442eabf3727aeb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668827Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72523}

... and mark it as never-serialized wrt turbofan serialization.

Until this CL, the JSRegExp type was used as both for plain
user-visible regexp objects, and for internal regexp boilerplate
descriptions. Boilerplates are special: they are never exposed to the
user, they are only referenced from the feedback vector, they are
immutable.

To clarify this distinction, this CL introduces a dedicated struct
type RegExpBoilerplateDescription to hold the regexp boilerplate
description.

This makes Turbofan serialization simpler: boilerplates can be
accessed through direct reads since they are immutable. TF has no
special requirements on JSRegExp objects (it never reads into these
objects) and thus serializing only the references as a JSObjectRef is
fine.

Bug: v8:7790
Change-Id: I33b337fcfcf861a02bc6be6d0c6311d07cf05718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656257Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72522}

Port: 07b03b83

Bug: v8:10026
Change-Id: Ia9e5f420253a4fb3726a4064ed2471684af610e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2670168
Auto-Submit: Liu yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#72521}

Port: e2aa734a

Bug: v8:11002
Change-Id: I8564a810938a07031afab20bd5448f048d4bb5de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674182
Auto-Submit: Liu yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#72520}

Rolling v8/base/trace_event/common: https://chromium.googlesource.com/chromium/src/base/trace_event/common/+log/9b27757..71cb2ac

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/dc9dc45..10e5511

Rolling v8/third_party/aemu-linux-x64: _nJMIPzu-ykpL-XPjf14IZ3CAFT3iQRtsbzyiSm9u7QC..daCtImfwROvNf-7jcpyqZ6KMCGlIQv9BROkyXnulGioC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4920147..5c5a297

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/8c95595..6dc9cc3

Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/f4147b2..70dd9a6

Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/4d38670..0964a78

Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/ec98581..4ee065a

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I0ae82b75d2cf91fbbde2cb242fd49fa3493bbede
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674325Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#72519}

Bug: v8:11347,v8:11348
Change-Id: I47ba950b80197d1d769d93aa68266131be9bf31d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666146Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72518}

Load lane instructions also need a v128 input.

Bug: chromium:1173488
Change-Id: I45e4c4f8fc93a5b3246ac4d1b07925b41cbe3e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673275Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72517}

Port 8798b3ef
Port 1d3c80d3

Original Commit Message:

    - Fixes some incorrect assumptions about padding in the
      code generation. Slots may have apparent extra padding
      when allocation fragments go unused.
    - Reworks 32 bit push code to simplify skipping slot gaps
      when 'push' instructions are used.
    - Adds a ElementSizeInPointers function on machine
      representations.

R=bbudge@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I076ae8396434610c52fed040ace5e0f49ea3ef88
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673142
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72516}

- Stack adjustment was in slots, when it should be in bytes.

Bug: v8:11391
Change-Id: Ia791f2b637337279be62d66377f9b5be35f31839
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2674062Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72515}

These didn't have the right suffix (i32 instead of i32x4).

Also, names are longer now, so when tracing them, give the names column
more space.

Bug: v8:11384
Change-Id: Id11e0d23b344310121ae4e2e5910528cab2d6f73
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673264Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72514}

Bug: v8:11391
Change-Id: Icb4b6b04cc0591f9b27256f7b58daed6c4fdffa2
No-Try: true
No-Tree-Checks: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673276
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72513}

This reverts commit 64471ba9.

Reason for revert: Fails on nosse3/nosse4 https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/40643/overview

Original change's description:
> [wasm-simd] Update spec tests
>
> We can also unmark some SIMD tests as failed since we are now inline
> with spec.
>
> Bug: v8:11331
> Change-Id: I4b98ae068008c55535dbbbf0312a55aa03e7e83d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668060
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72507}

TBR=ahaas@chromium.org,zhin@chromium.org

Change-Id: I11a6670e42956bdcc66c371d2d852623030948b4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:11331
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2673265Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72512}

Change-Id: Ifa2b160e42bad2b3ae93a3c310d5fa158ffbd286
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672705Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72511}

Implementation for PPC will be added in a later CL.

Port dd90d107

Original Commit Message:

    Code sequence from https://github.com/WebAssembly/simd/pull/379, and
    exactly the same as x64, with minor tweaks for
    ExternalReferenceAsOperand.

R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I2be8a9cf04d0b327c15f47c2575877925238353c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672706Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72510}

roundpd requires SSE4.1.

Bug: v8:11265
Change-Id: I1b5d322946de44f57026b09ec406d32128e5b3bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668916Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72509}

There is a bug in the top-level await spec draft such that async
strongly connected components are not always evaluated before their
depending modules.

See https://github.com/tc39/proposal-top-level-await/pull/161 for full
discussion and spec fix.

Bug: v8:11376
Change-Id: I88bf06afb2e9a5d8d0b757de8276f1d1242a875e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667772Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72508}

We can also unmark some SIMD tests as failed since we are now inline
with spec.

Bug: v8:11331
Change-Id: I4b98ae068008c55535dbbbf0312a55aa03e7e83d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668060Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72507}

This is a reland of 352b9ecb

The test/fix CL has been merged in, as the fixes to return slot
accounting are needed to fix Arm64 issues turned up by the fuzzers:

https://chromium-review.googlesource.com/c/v8/v8/+/2644139

Original change's description:
> Reland "Reland "[compiler][wasm] Align Frame slots to value size""
>
> This is a reland of 1694925c
>
> Minor fix to linkage for constexpr.
>
> TBR=ahaas@chromium.org,neis@chromium.org
>
> Original change's description:
> > Reland "[compiler][wasm] Align Frame slots to value size"
> >
> > This is a reland of cddaf66c
> >
> > Original change's description:
> > > [compiler][wasm] Align Frame slots to value size
> > >
> > > - Adds an AlignedSlotAllocator class and tests, to unify slot
> > >   allocation. This attempts to use alignment holes for smaller
> > >   values.
> > > - Reworks Frame to use the new allocator for stack slots.
> > > - Reworks LinkageAllocator to use the new allocator for stack
> > >   slots and for ARMv7 FP register aliasing.
> > > - Fixes the RegisterAllocator to align spill slots.
> > > - Fixes InstructionSelector to align spill slots.
> > >
> > > Bug: v8:9198
> > >
> > > Change-Id: Ida148db428be89ef95de748ec5fc0e7b0358f523
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2512840
> > > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > > Reviewed-by: Georg Neis <neis@chromium.org>
> > > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#71644}
> >
> > Bug: v8:9198
> > Change-Id: Ib91fa6746370c38496706341e12d05c7bf999389
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2633390
> > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#72195}
>
> Bug: v8:9198
> Change-Id: I91e02b823af8ec925dacf075388fb22e3eeb3384
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2640890
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72209}

Bug: v8:9198
Change-Id: I8258f87463f66417c7028b9a1fed4b9b6d82a3be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2669892Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72506}

OSR compilations happen on main thread and the functions that are called
from would have been already optimized. Also this code is only used for
this invocation. So to limit the amount of time spent on main thread
we could do a quick Turboprop compilation instead of a highly optimized
TurboFan compilaiton.

Change-Id: Ifcdcb5c855d8a9a56b13c1940b4ee0ed3bfb4d67
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659257
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72505}

Bug: chromium:1174040
Change-Id: I2ee539e5074707ac93f97a9a3a131e9c2745cdbe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672180Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72504}

Adds testing API that can only be used after enabling it on a heap.
The call that enables testing is only provided via v8_for_testing or
cppgc_for_testing build targets which protects against misusing from
production code.

Change-Id: I24a8f5543a2bb479481384e2c555d231383e5d12
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667513Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72503}

- Fixes some incorrect assumptions about padding in the
  code generation. Slots may have apparent extra padding
  when allocation fragments go unused.
- Reworks 32 bit push code to simplify skipping slot gaps
  when 'push' instructions are used.
- Adds a ElementSizeInPointers function on machine
  representations.

Bug: chromium:1171759,v8:9198

Change-Id: I029e300fa9c306d7e35344576fd1c68857cf2bca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2660379
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72502}

R=ahaas@chromium.org,ulan@chromium.org

Bug: v8:8091
Change-Id: Ia826e18bd06b5e6d401ff43b33b43b4e4c2a69db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672022Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72501}

IsAnyInitialArrayPrototype doesn't need an handlified input argument
as it doesn't cause GC.

This improves performance of MapData::MapData as canonical handle scope
creation is expensive.

Change-Id: I2e1a46354276857b64867ea3e994356faef8950e
Bug: v8:9684
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2671659
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72500}

When generating getters, Torque needs to decide whether to perform a
normal or relaxed load. Thus far, it has used the somewhat non-obvious
logic that any indexed field with tagged non-smi data gets relaxed
loads. This change adds a new annotation @relaxedRead to be consistent
with the existing @relaxedWrite annotation. I added @relaxedRead
annotations on any field that previously had this automatic behavior and
whose getter is called, except for those in ScopeInfo because I'm
relatively confident that it doesn't need relaxed access.

Bug: v8:7793
Change-Id: I9987eea13760b967f1b8a3189b69742e55140c30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2600113
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72499}

Fix some trailing whitespace issues in files in the tools directory.

Change-Id: If9e9b1dab1d6f521e20619a2a1d093749f0528d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2671660
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72498}

Also access the DescriptorArray through GetPropertyKey concurrently if
the FLAG_turbo_direct_heap_access is on.

Bug: v8:7790
Change-Id: I29e5895fefc3653f954ba56aa85218121402e7ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653232Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72497}

Port 45b99aaa

Original Commit Message:

    In https://crrev.com/c/2645694 we push the full q registers before lazy
    compile, but we did not change the fixed frame size to account for the
    wider registers being pushed.

    This manifested in the frame having data like:

    (gdb) x/10xg start.ptr_
    0x7f5576ff3eb0: 0x0000000000000000      0x0000336b08202759
    0x7f5576ff3ec0: 0x7ff000007f801000      0x0000000000000000
    0x7f5576ff3ed0: 0x7ff000007f801001      0x0000000000000000
    0x7f5576ff3ee0: 0x7ff000007f801002      0x0000000000000000
    0x7f5576ff3ef0: 0x7ff000007f801003      0x0000000000000000

    The GC then walks part of this frame, thinking that 0x7ff000007f801003
    is a heap object, and then crashes.

    Add some static_asserts (similar to builtins-x64) to remind ourselves
    that the pushed registers have to match the size in frame constants.

R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I994f1b7fecbb24ea97d846b1eed98201bc3b08ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2669308Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72496}