[wasm] Fix committed code space tracking with --perf-prof

If --perf-prof is specified, we commit the whole code range at once, and
never update the {total_committed_code_space_} counter (see
{WasmCodeManager::Commit} and {WasmCodeManager::Decommit}). Hence we
should also not decrement that counter when the native module dies.

R=jkummerow@chromium.org

Bug: chromium:1032753
Change-Id: I9a40f1a1322485d7142ed56f5c9365305aa0e056
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969790
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65476}

src/wasm/wasm-code-manager.cc

@@ -1845,9 +1845,13 @@ void WasmCodeManager::FreeNativeModule(Vector<VirtualMemory> owned_code_space,
   }
 
   DCHECK(IsAligned(committed_size, CommitPageSize()));
-  size_t old_committed = total_committed_code_space_.fetch_sub(committed_size);
-  DCHECK_LE(committed_size, old_committed);
-  USE(old_committed);
+  // TODO(v8:8462): Remove this once perf supports remapping.
+  if (!FLAG_perf_prof) {
+    size_t old_committed =
+        total_committed_code_space_.fetch_sub(committed_size);
+    DCHECK_LE(committed_size, old_committed);
+    USE(old_committed);
+  }
 }
 
 NativeModule* WasmCodeManager::LookupNativeModule(Address pc) const {

test/mjsunit/mjsunit.status

@@ -1093,6 +1093,7 @@
 ['arch not in [x64, arm, arm64] or system != linux', {
   # Unwinding info writer is only supported on x64, arm, and arm64 Linux
   'regress/regress-913844': [SKIP],
+  'regress/wasm/regress-1032753': [SKIP],
 }],
 
 ##############################################################################

test/mjsunit/regress/wasm/regress-1032753.js

@@ -0,0 +1,9 @@
+// Copyright 2019 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --perf-prof
+
+load('test/mjsunit/wasm/wasm-module-builder.js');
+
+new WasmModuleBuilder().instantiate();