Port 5e0b94c4

Original Commit Message:

    This CL adds features to pack/unpack map words.

    Currently V8 cannot store extra metadata in object headers -- because V8
    objects do not have a proper header, but only a map pointer at the start
    of the object. To store per-object metadata like marking data, a side
    table is required as the per-object metadata storage.

    This CL enables V8 to use higher unused bits in a 64-bit map word as
    per-object metadata storage. Map pointer stores come with an extra step
    to encode the metadata into the pointer (we call it "map packing").
    Map pointer loads will also remove the metadata bits as well (we call it
    "map packing").

    Since the map word is no longer a valid pointer after packing, we also
    change the tag of the packed map word to make it looks like a Smi. This
    helps various GC and barrier code to correctly skip them instead of
    blindly dereferencing this invalid pointer.

    A ninja flag `v8_enable_map_packing` is provided to turn this
    map-packing feature on and off. It is disabled by default.

    * Only works on x64 platform, with `v8_enable_pointer_compression`
      set to `false`

R=wenyu.zhao@anu.edu.au, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I4a13093e7b20bb38990d947c697008a920cfe715
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2821649Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73923}