libv8-node 21.7.2.0-aarch64-linux-musl → 24.12.0.0-aarch64-linux-musl

data/vendor/v8/include/v8-primitive.h

@@ -140,8 +140,14 @@ class V8_EXPORT String : public Name {
    * Returns the number of bytes in the UTF-8 encoded
    * representation of this string.
    */
+  V8_DEPRECATED("Use Utf8LengthV2 instead.")
   int Utf8Length(Isolate* isolate) const;
 
+  /**
+   * Returns the number of bytes needed for the Utf8 encoding of this string.
+   */
+  size_t Utf8LengthV2(Isolate* isolate) const;
+
   /**
    * Returns whether this string is known to contain only one byte data,
    * i.e. ISO-8859-1 code points.
@@ -194,15 +200,72 @@ class V8_EXPORT String : public Name {
   };
 
   // 16-bit character codes.
+  V8_DEPRECATED("Use WriteV2 instead.")
   int Write(Isolate* isolate, uint16_t* buffer, int start = 0, int length = -1,
             int options = NO_OPTIONS) const;
   // One byte characters.
+  V8_DEPRECATED("Use WriteOneByteV2 instead.")
   int WriteOneByte(Isolate* isolate, uint8_t* buffer, int start = 0,
                    int length = -1, int options = NO_OPTIONS) const;
   // UTF-8 encoded characters.
+  V8_DEPRECATED("Use WriteUtf8V2 instead.")
   int WriteUtf8(Isolate* isolate, char* buffer, int length = -1,
                 int* nchars_ref = nullptr, int options = NO_OPTIONS) const;
 
+  struct WriteFlags {
+    enum {
+      kNone = 0,
+      // Indicates that the output string should be null-terminated. In that
+      // case, the output buffer must include sufficient space for the
+      // additional null character.
+      kNullTerminate = 1,
+      // Used by WriteUtf8 to replace orphan surrogate code units with the
+      // unicode replacement character. Needs to be set to guarantee valid UTF-8
+      // output.
+      kReplaceInvalidUtf8 = 2
+    };
+  };
+
+  /**
+   * Write the contents of the string to an external buffer.
+   *
+   * Copies length characters into the output buffer starting at offset. The
+   * output buffer must have sufficient space for all characters and the null
+   * terminator if null termination is requested through the flags.
+   *
+   * \param offset The position within the string at which copying begins.
+   * \param length The number of characters to copy from the string.
+   * \param buffer The buffer into which the string will be copied.
+   * \param flags Various flags that influence the behavior of this operation.
+   */
+  void WriteV2(Isolate* isolate, uint32_t offset, uint32_t length,
+               uint16_t* buffer, int flags = WriteFlags::kNone) const;
+  void WriteOneByteV2(Isolate* isolate, uint32_t offset, uint32_t length,
+                      uint8_t* buffer, int flags = WriteFlags::kNone) const;
+
+  /**
+   * Encode the contents of the string as Utf8 into an external buffer.
+   *
+   * Encodes the characters of this string as Utf8 and writes them into the
+   * output buffer until either all characters were encoded or the buffer is
+   * full. Will not write partial UTF-8 sequences, preferring to stop before
+   * the end of the buffer. If null termination is requested, the output buffer
+   * will always be null terminated even if not all characters fit. In that
+   * case, the capacity must be at least one. The required size of the output
+   * buffer can be determined using Utf8Length().
+   *
+   * \param buffer The buffer into which the string will be written.
+   * \param capacity The number of bytes available in the output buffer.
+   * \param flags Various flags that influence the behavior of this operation.
+   * \param processed_characters_return The number of processed characters from
+   * the buffer.
+   * \return The number of bytes copied to the buffer including the null
+   * terminator (if written).
+   */
+  size_t WriteUtf8V2(Isolate* isolate, char* buffer, size_t capacity,
+                     int flags = WriteFlags::kNone,
+                     size_t* processed_characters_return = nullptr) const;
+
   /**
    * A zero length string.
    */
@@ -223,6 +286,12 @@ class V8_EXPORT String : public Name {
    */
   bool IsExternalOneByte() const;
 
+  /**
+   * Returns the internalized string. See `NewStringType::kInternalized` for
+   * details on internalized strings.
+   */
+  Local<String> InternalizeString(Isolate* isolate);
+
   class V8_EXPORT ExternalStringResourceBase {
    public:
     virtual ~ExternalStringResourceBase() = default;
@@ -234,6 +303,44 @@ class V8_EXPORT String : public Name {
      */
     virtual bool IsCacheable() const { return true; }
 
+    /**
+     * Internally V8 will call this Unaccount method when the external string
+     * resource should be unaccounted for. This method can be overridden in
+     * subclasses to control how allocated external bytes are accounted.
+     */
+    virtual void Unaccount(Isolate* isolate) {}
+
+    /**
+     * Returns an estimate of the memory occupied by this external string, to be
+     * used by V8 when producing a heap snapshot. If this function returns
+     * kDefaultMemoryEstimate, then V8 will estimate the external size based on
+     * the string length. This function should return only memory that is
+     * uniquely owned by this resource. If the resource has shared ownership of
+     * a secondary allocation, it can report that memory by implementing
+     * EstimateSharedMemoryUsage.
+     */
+    virtual size_t EstimateMemoryUsage() const {
+      return kDefaultMemoryEstimate;
+    }
+    static constexpr size_t kDefaultMemoryEstimate = static_cast<size_t>(-1);
+
+    class V8_EXPORT SharedMemoryUsageRecorder {
+     public:
+      /**
+       * Record that a shared allocation at the given location has the given
+       * size.
+       */
+      virtual void RecordSharedMemoryUsage(const void* location,
+                                           size_t size) = 0;
+    };
+
+    /**
+     * Estimates memory that this string resource may share with other string
+     * resources, to be used by V8 when producing a heap snapshot.
+     */
+    virtual void EstimateSharedMemoryUsage(
+        SharedMemoryUsageRecorder* recorder) const {}
+
     // Disallow copying and assigning.
     ExternalStringResourceBase(const ExternalStringResourceBase&) = delete;
     void operator=(const ExternalStringResourceBase&) = delete;
@@ -382,6 +489,8 @@ class V8_EXPORT String : public Name {
    * regardless of the encoding, otherwise return NULL.  The encoding of the
    * string is returned in encoding_out.
    */
+  V8_INLINE ExternalStringResourceBase* GetExternalStringResourceBase(
+      v8::Isolate* isolate, Encoding* encoding_out) const;
   V8_INLINE ExternalStringResourceBase* GetExternalStringResourceBase(
       Encoding* encoding_out) const;
 
@@ -466,8 +575,20 @@ class V8_EXPORT String : public Name {
    * The string is not modified if the operation fails. See NewExternal for
    * information on the lifetime of the resource.
    */
+  V8_DEPRECATE_SOON("Use the version with the isolate argument instead.")
   bool MakeExternal(ExternalStringResource* resource);
 
+  /**
+   * Associate an external string resource with this string by transforming it
+   * in place so that existing references to this string in the JavaScript heap
+   * will use the external string resource. The external string resource's
+   * character contents need to be equivalent to this string.
+   * Returns true if the string has been changed to be an external string.
+   * The string is not modified if the operation fails. See NewExternal for
+   * information on the lifetime of the resource.
+   */
+  bool MakeExternal(Isolate* isolate, ExternalStringResource* resource);
+
   /**
    * Creates a new external string using the one-byte data defined in the given
    * resource. When the external string is no longer live on V8's heap the
@@ -488,8 +609,20 @@ class V8_EXPORT String : public Name {
    * The string is not modified if the operation fails. See NewExternal for
    * information on the lifetime of the resource.
    */
+  V8_DEPRECATE_SOON("Use the version with the isolate argument instead.")
   bool MakeExternal(ExternalOneByteStringResource* resource);
 
+  /**
+   * Associate an external string resource with this string by transforming it
+   * in place so that existing references to this string in the JavaScript heap
+   * will use the external string resource. The external string resource's
+   * character contents need to be equivalent to this string.
+   * Returns true if the string has been changed to be an external string.
+   * The string is not modified if the operation fails. See NewExternal for
+   * information on the lifetime of the resource.
+   */
+  bool MakeExternal(Isolate* isolate, ExternalOneByteStringResource* resource);
+
   /**
    * Returns true if this string can be made external, given the encoding for
    * the external string resource.
@@ -507,14 +640,19 @@ class V8_EXPORT String : public Name {
    * (e.g. due to an exception in the toString() method of the object)
    * then the length() method returns 0 and the * operator returns
    * NULL.
+   *
+   * WARNING: This will unconditionally copy the contents of the JavaScript
+   * string, and should be avoided in situations where performance is a concern.
+   * Consider using WriteUtf8() instead.
    */
   class V8_EXPORT Utf8Value {
    public:
-    Utf8Value(Isolate* isolate, Local<v8::Value> obj);
+    Utf8Value(Isolate* isolate, Local<v8::Value> obj,
+              WriteOptions options = REPLACE_INVALID_UTF8);
     ~Utf8Value();
     char* operator*() { return str_; }
     const char* operator*() const { return str_; }
-    int length() const { return length_; }
+    size_t length() const { return length_; }
 
     // Disallow copying and assigning.
     Utf8Value(const Utf8Value&) = delete;
@@ -522,22 +660,29 @@ class V8_EXPORT String : public Name {
 
    private:
     char* str_;
-    int length_;
+    size_t length_;
   };
 
   /**
    * Converts an object to a two-byte (UTF-16-encoded) string.
+   *
    * If conversion to a string fails (eg. due to an exception in the toString()
    * method of the object) then the length() method returns 0 and the * operator
    * returns NULL.
+   *
+   * WARNING: This will unconditionally copy the contents of the JavaScript
+   * string, and should be avoided in situations where performance is a concern.
    */
   class V8_EXPORT Value {
    public:
+    V8_DEPRECATE_SOON(
+        "Prefer using String::ValueView if you can, or string->Write to a "
+        "buffer if you cannot.")
     Value(Isolate* isolate, Local<v8::Value> obj);
     ~Value();
     uint16_t* operator*() { return str_; }
     const uint16_t* operator*() const { return str_; }
-    int length() const { return length_; }
+    uint32_t length() const { return length_; }
 
     // Disallow copying and assigning.
     Value(const Value&) = delete;
@@ -545,7 +690,56 @@ class V8_EXPORT String : public Name {
 
    private:
     uint16_t* str_;
-    int length_;
+    uint32_t length_;
+  };
+
+  /**
+   * Returns a view onto a string's contents.
+   *
+   * WARNING: This does not copy the string's contents, and will therefore be
+   * invalidated if the GC can move the string while the ValueView is alive. It
+   * is therefore required that no GC or allocation can happen while there is an
+   * active ValueView. This requirement may be relaxed in the future.
+   *
+   * V8 strings are either encoded as one-byte or two-bytes per character.
+   */
+  class V8_EXPORT ValueView {
+   public:
+    ValueView(Isolate* isolate, Local<v8::String> str);
+    ~ValueView();
+    const uint8_t* data8() const {
+#if V8_ENABLE_CHECKS
+      CheckOneByte(true);
+#endif
+      return data8_;
+    }
+    const uint16_t* data16() const {
+#if V8_ENABLE_CHECKS
+      CheckOneByte(false);
+#endif
+      return data16_;
+    }
+    uint32_t length() const { return length_; }
+    bool is_one_byte() const { return is_one_byte_; }
+
+    // Disallow copying and assigning.
+    ValueView(const ValueView&) = delete;
+    void operator=(const ValueView&) = delete;
+
+   private:
+    void CheckOneByte(bool is_one_byte) const;
+
+    Local<v8::String> flat_str_;
+    union {
+      const uint8_t* data8_;
+      const uint16_t* data16_;
+    };
+    uint32_t length_;
+    bool is_one_byte_;
+    // Avoid exposing the internal DisallowGarbageCollection scope.
+    alignas(internal::Internals::
+                kDisallowGarbageCollectionAlign) char no_gc_debug_scope_
+        [internal::Internals::kDisallowGarbageCollectionSize];
   };
 
  private:
@@ -625,6 +819,8 @@ class V8_EXPORT Symbol : public Name {
   static Local<Symbol> GetToPrimitive(Isolate* isolate);
   static Local<Symbol> GetToStringTag(Isolate* isolate);
   static Local<Symbol> GetUnscopables(Isolate* isolate);
+  static Local<Symbol> GetDispose(Isolate* isolate);
+  static Local<Symbol> GetAsyncDispose(Isolate* isolate);
 
   V8_INLINE static Symbol* Cast(Data* data) {
 #ifdef V8_ENABLE_CHECKS
@@ -811,6 +1007,28 @@ String::ExternalStringResource* String::GetExternalStringResource() const {
   return result;
 }
 
+String::ExternalStringResourceBase* String::GetExternalStringResourceBase(
+    v8::Isolate* isolate, String::Encoding* encoding_out) const {
+  using A = internal::Address;
+  using I = internal::Internals;
+  A obj = internal::ValueHelper::ValueAsAddress(this);
+  int type = I::GetInstanceType(obj) & I::kStringRepresentationAndEncodingMask;
+  *encoding_out = static_cast<Encoding>(type & I::kStringEncodingMask);
+  ExternalStringResourceBase* resource;
+  if (type == I::kExternalOneByteRepresentationTag ||
+      type == I::kExternalTwoByteRepresentationTag) {
+    A value = I::ReadExternalPointerField<internal::kExternalStringResourceTag>(
+        isolate, obj, I::kStringResourceOffset);
+    resource = reinterpret_cast<ExternalStringResourceBase*>(value);
+  } else {
+    resource = GetExternalStringResourceBaseSlow(encoding_out);
+  }
+#ifdef V8_ENABLE_CHECKS
+  VerifyExternalStringResourceBase(resource, *encoding_out);
+#endif
+  return resource;
+}
+
 String::ExternalStringResourceBase* String::GetExternalStringResourceBase(
     String::Encoding* encoding_out) const {
   using A = internal::Address;

data/vendor/v8/include/v8-profiler.h

@@ -418,8 +418,11 @@ class V8_EXPORT CpuProfiler {
    * Synchronously collect current stack sample in all profilers attached to
    * the |isolate|. The call does not affect number of ticks recorded for
    * the current top node.
+   * |trace_id| is an optional identifier set to the collected sample.
+   * this is useful to associate the sample with a trace event.
    */
-  static void CollectSample(Isolate* isolate);
+  static void CollectSample(
+      Isolate* isolate, const std::optional<uint64_t> trace_id = std::nullopt);
 
   /**
    * Disposes the CPU profiler object.
@@ -899,9 +902,28 @@ class V8_EXPORT EmbedderGraph {
   /**
    * Returns a node corresponding to the given V8 value. Ownership is not
    * transferred. The result pointer is valid while the graph is alive.
+   *
+   * For now the variant that takes v8::Data is not marked as abstract for
+   * compatibility, but embedders who subclass EmbedderGraph are expected to
+   * implement it. Then in the implementation of the variant that takes
+   * v8::Value, they can simply forward the call to the one that takes
+   * v8::Local<v8::Data>.
    */
   virtual Node* V8Node(const v8::Local<v8::Value>& value) = 0;
 
+  /**
+   * Returns a node corresponding to the given V8 value. Ownership is not
+   * transferred. The result pointer is valid while the graph is alive.
+   *
+   * For API compatibility, this default implementation just checks that the
+   * data is a v8::Value and forward it to the variant that takes v8::Value,
+   * which is currently required to be implemented. In the future we'll remove
+   * the v8::Value variant, and make this variant that takes v8::Data abstract
+   * instead. If the embedder subclasses v8::EmbedderGraph and also use
+   * v8::TracedReference<v8::Data>, they must override this variant.
+   */
+  virtual Node* V8Node(const v8::Local<v8::Data>& value);
+
   /**
    * Adds the given node to the graph and takes ownership of the node.
    * Returns a raw pointer to the node that is valid while the graph is alive.
@@ -918,6 +940,15 @@ class V8_EXPORT EmbedderGraph {
    */
   virtual void AddEdge(Node* from, Node* to, const char* name = nullptr) = 0;
 
+  /**
+   * Adds a count of bytes that are not associated with any particular Node.
+   * An embedder may use this to represent the size of nodes which were omitted
+   * from this EmbedderGraph despite being retained by the graph, or other
+   * overhead costs. This number will contribute to the total size in a heap
+   * snapshot, without being represented in the object graph.
+   */
+  virtual void AddNativeSize(size_t size) {}
+
   virtual ~EmbedderGraph() = default;
 };
 
@@ -956,7 +987,7 @@ class V8_EXPORT HeapProfiler {
 
   /**
    * Callback function invoked during heap snapshot generation to retrieve
-   * the detachedness state of an object referenced by a TracedReference.
+   * the detachedness state of a JS object referenced by a TracedReference.
    *
    * The callback takes Local<Value> as parameter to allow the embedder to
    * unpack the TracedReference into a Local and reuse that Local for different
@@ -1090,6 +1121,12 @@ class V8_EXPORT HeapProfiler {
       ObjectNameResolver* global_object_name_resolver = nullptr,
       bool hide_internals = true, bool capture_numeric_value = false);
 
+  /**
+   * Obtains list of Detached JS Wrapper Objects. This functon calls garbage
+   * collection, then iterates over traced handles in the isolate
+   */
+  std::vector<v8::Local<v8::Value>> GetDetachedJSWrapperObjects();
+
   /**
    * Starts tracking of heap objects population statistics. After calling
    * this method, all heap objects relocations done by the garbage collector
@@ -1179,6 +1216,18 @@ class V8_EXPORT HeapProfiler {
 
   void SetGetDetachednessCallback(GetDetachednessCallback callback, void* data);
 
+  /**
+   * Returns whether the heap profiler is currently taking a snapshot.
+   */
+  bool IsTakingSnapshot();
+
+  /**
+   * Allocates a copy of the provided string within the heap snapshot generator
+   * and returns a pointer to the copy. May only be called during heap snapshot
+   * generation.
+   */
+  const char* CopyNameForHeapSnapshot(const char* name);
+
   /**
    * Default value of persistent handle class ID. Must not be used to
    * define a class. Can be used to reset a class of a persistent

data/vendor/v8/include/v8-promise.h

@@ -14,7 +14,7 @@ namespace v8 {
 class Context;
 
 #ifndef V8_PROMISE_INTERNAL_FIELD_COUNT
-// The number of required internal fields can be defined by embedder.
+// Defined using gn arg `v8_promise_internal_field_count`.
 #define V8_PROMISE_INTERNAL_FIELD_COUNT 0
 #endif
 
@@ -115,7 +115,7 @@ class V8_EXPORT Promise : public Object {
     return static_cast<Promise*>(value);
   }
 
-  static const int kEmbedderFieldCount = V8_PROMISE_INTERNAL_FIELD_COUNT;
+  static constexpr int kEmbedderFieldCount = V8_PROMISE_INTERNAL_FIELD_COUNT;
 
  private:
   Promise();

data/vendor/v8/include/v8-proxy.h

@@ -1,4 +1,3 @@
-
 // Copyright 2021 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

data/vendor/v8/include/v8-regexp.h

@@ -1,4 +1,3 @@
-
 // Copyright 2021 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

data/vendor/v8/include/v8-sandbox.h

@@ -0,0 +1,173 @@
+// Copyright 2024 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef INCLUDE_V8_SANDBOX_H_
+#define INCLUDE_V8_SANDBOX_H_
+
+#include <cstdint>
+
+#include "v8-internal.h"  // NOLINT(build/include_directory)
+#include "v8config.h"     // NOLINT(build/include_directory)
+
+namespace v8 {
+
+/**
+ * A pointer tag used for wrapping and unwrapping `CppHeap` pointers as used
+ * with JS API wrapper objects that rely on `v8::Object::Wrap()` and
+ * `v8::Object::Unwrap()`.
+ *
+ * The CppHeapPointers use a range-based type checking scheme, where on access
+ * to a pointer, the actual type of the pointer is checked to be within a
+ * specified range of types. This allows supporting type hierarchies, where a
+ * type check for a supertype must succeed for any subtype.
+ *
+ * The tag is currently in practice limited to 15 bits since it needs to fit
+ * together with a marking bit into the unused parts of a pointer.
+ */
+enum class CppHeapPointerTag : uint16_t {
+  kFirstTag = 0,
+  kNullTag = 0,
+
+  /**
+   * The lower type ids are reserved for the embedder to assign. For that, the
+   * main requirement is that all (transitive) child classes of a given parent
+   * class have type ids in the same range, and that there are no unrelated
+   * types in that range. For example, given the following type hierarchy:
+   *
+   *          A     F
+   *         / \
+   *        B   E
+   *       / \
+   *      C   D
+   *
+   * a potential type id assignment that satistifes these requirements is
+   * {C: 0, D: 1, B: 2, A: 3, E: 4, F: 5}. With that, the type check for type A
+   * would check for the range [0, 4], while the check for B would check range
+   * [0, 2], and for F it would simply check [5, 5].
+   *
+   * In addition, there is an option for performance tweaks: if the size of the
+   * type range corresponding to a supertype is a power of two and starts at a
+   * power of two (e.g. [0x100, 0x13f]), then the compiler can often optimize
+   * the type check to use even fewer instructions (essentially replace a AND +
+   * SUB with a single AND).
+   */
+
+  kDefaultTag = 0x7000,
+
+  kZappedEntryTag = 0x7ffd,
+  kEvacuationEntryTag = 0x7ffe,
+  kFreeEntryTag = 0x7fff,
+  // The tags are limited to 15 bits, so the last tag is 0x7fff.
+  kLastTag = 0x7fff,
+};
+
+// Convenience struct to represent tag ranges. This is used for type checks
+// against supertypes, which cover a range of types (their subtypes).
+// Both the lower- and the upper bound are inclusive. In other words, this
+// struct represents the range [lower_bound, upper_bound].
+// TODO(saelo): reuse internal::TagRange here.
+struct CppHeapPointerTagRange {
+  constexpr CppHeapPointerTagRange(CppHeapPointerTag lower,
+                                   CppHeapPointerTag upper)
+      : lower_bound(lower), upper_bound(upper) {}
+  CppHeapPointerTag lower_bound;
+  CppHeapPointerTag upper_bound;
+
+  // Check whether the tag of the given CppHeapPointerTable entry is within
+  // this range. This method encodes implementation details of the
+  // CppHeapPointerTable, which is necessary as it is used by
+  // ReadCppHeapPointerField below.
+  // Returns true if the check is successful and the tag of the given entry is
+  // within this range, false otherwise.
+  bool CheckTagOf(uint64_t entry) {
+    // Note: the cast to uint32_t is important here. Otherwise, the uint16_t's
+    // would be promoted to int in the range check below, which would result in
+    // undefined behavior (signed integer undeflow) if the actual value is less
+    // than the lower bound. Then, the compiler would take advantage of the
+    // undefined behavior and turn the range check into a simple
+    // `actual_tag <= last_tag` comparison, which is incorrect.
+    uint32_t actual_tag = static_cast<uint16_t>(entry);
+    // The actual_tag is shifted to the left by one and contains the marking
+    // bit in the LSB. To ignore that during the type check, simply add one to
+    // the (shifted) range.
+    constexpr int kTagShift = internal::kCppHeapPointerTagShift;
+    uint32_t first_tag = static_cast<uint32_t>(lower_bound) << kTagShift;
+    uint32_t last_tag = (static_cast<uint32_t>(upper_bound) << kTagShift) + 1;
+    return actual_tag >= first_tag && actual_tag <= last_tag;
+  }
+};
+
+constexpr CppHeapPointerTagRange kAnyCppHeapPointer(
+    CppHeapPointerTag::kFirstTag, CppHeapPointerTag::kLastTag);
+
+class SandboxHardwareSupport {
+ public:
+  /**
+   * Initialize sandbox hardware support. This needs to be called before
+   * creating any thread that might access sandbox memory since it sets up
+   * hardware permissions to the memory that will be inherited on clone.
+   */
+  V8_EXPORT static void InitializeBeforeThreadCreation();
+};
+
+namespace internal {
+
+#ifdef V8_COMPRESS_POINTERS
+V8_INLINE static Address* GetCppHeapPointerTableBase(v8::Isolate* isolate) {
+  Address addr = reinterpret_cast<Address>(isolate) +
+                 Internals::kIsolateCppHeapPointerTableOffset +
+                 Internals::kExternalPointerTableBasePointerOffset;
+  return *reinterpret_cast<Address**>(addr);
+}
+#endif  // V8_COMPRESS_POINTERS
+
+template <typename T>
+V8_INLINE static T* ReadCppHeapPointerField(v8::Isolate* isolate,
+                                            Address heap_object_ptr, int offset,
+                                            CppHeapPointerTagRange tag_range) {
+#ifdef V8_COMPRESS_POINTERS
+  // See src/sandbox/cppheap-pointer-table-inl.h. Logic duplicated here so
+  // it can be inlined and doesn't require an additional call.
+  const CppHeapPointerHandle handle =
+      Internals::ReadRawField<CppHeapPointerHandle>(heap_object_ptr, offset);
+  const uint32_t index = handle >> kExternalPointerIndexShift;
+  const Address* table = GetCppHeapPointerTableBase(isolate);
+  const std::atomic<Address>* ptr =
+      reinterpret_cast<const std::atomic<Address>*>(&table[index]);
+  Address entry = std::atomic_load_explicit(ptr, std::memory_order_relaxed);
+
+  Address pointer = entry;
+  if (V8_LIKELY(tag_range.CheckTagOf(entry))) {
+    pointer = entry >> kCppHeapPointerPayloadShift;
+  } else {
+    // If the type check failed, we simply return nullptr here. That way:
+    //  1. The null handle always results in nullptr being returned here, which
+    //     is a desired property. Otherwise, we would need an explicit check for
+    //     the null handle above, and therefore an additional branch. This
+    //     works because the 0th entry of the table always contains nullptr
+    //     tagged with the null tag (i.e. an all-zeros entry). As such,
+    //     regardless of whether the type check succeeds, the result will
+    //     always be nullptr.
+    //  2. The returned pointer is guaranteed to crash even on platforms with
+    //     top byte ignore (TBI), such as Arm64. The alternative would be to
+    //     simply return the original entry with the left-shifted payload.
+    //     However, due to TBI, an access to that may not always result in a
+    //     crash (specifically, if the second most significant byte happens to
+    //     be zero). In addition, there shouldn't be a difference on Arm64
+    //     between returning nullptr or the original entry, since it will
+    //     simply compile to a `csel x0, x8, xzr, lo` instead of a
+    //     `csel x0, x10, x8, lo` instruction.
+    pointer = 0;
+  }
+  return reinterpret_cast<T*>(pointer);
+#else   // !V8_COMPRESS_POINTERS
+  return reinterpret_cast<T*>(
+      Internals::ReadRawField<Address>(heap_object_ptr, offset));
+#endif  // !V8_COMPRESS_POINTERS
+}
+
+}  // namespace internal
+}  // namespace v8
+
+#endif  // INCLUDE_V8_SANDBOX_H_