deps: update V8 to 9.2.230.21

PR-URL: https://github.com/nodejs/node/pull/38990
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

10 files changed, 84 insertions, 66 deletions

diff --git a/deps/v8/src/trap-handler/DEPS b/deps/v8/src/trap-handler/DEPS
index 061634d51b..dc6d27e155 100644
--- a/deps/v8/src/trap-handler/DEPS
+++ b/deps/v8/src/trap-handler/DEPS
@@ -6,19 +6,8 @@ include_rules = [
   "-src",
   "-include",
   "+src/trap-handler",
+  # Use the IMMEDIATE_CRASH() macro for crashing non-recoverably on check failure.
+  "+src/base/immediate-crash.h",
+  # Allow include/v8config.h for V8_OS_* macros.
+  "+include/v8config.h",
 ]
-
-specific_include_rules = {
-  "trap-handler.h": [
-    "+src/base/build_config.h",
-    "+src/common/globals.h",
-    "+src/flags/flags.h",
-  ],
-  "handler-inside-posix.h": [
-    # To access V8_OS_LINUX. This file is already included in build_config.h.
-    "+include/v8config.h",
-  ],
-  "handler-inside-win.h": [
-    "+src/base/macros.h",
-  ]
-}
diff --git a/deps/v8/src/trap-handler/handler-inside-posix.h b/deps/v8/src/trap-handler/handler-inside-posix.h
index 49fe23a712..27e46773bb 100644
--- a/deps/v8/src/trap-handler/handler-inside-posix.h
+++ b/deps/v8/src/trap-handler/handler-inside-posix.h
@@ -6,6 +6,7 @@
 #define V8_TRAP_HANDLER_HANDLER_INSIDE_POSIX_H_
 
 #include <signal.h>
+
 #include "include/v8config.h"
 
 namespace v8 {
diff --git a/deps/v8/src/trap-handler/handler-inside-win.h b/deps/v8/src/trap-handler/handler-inside-win.h
index 6db28149e7..9b9b060517 100644
--- a/deps/v8/src/trap-handler/handler-inside-win.h
+++ b/deps/v8/src/trap-handler/handler-inside-win.h
@@ -7,7 +7,7 @@
 
 #include <windows.h>
 
-#include "src/base/macros.h"
+#include "src/trap-handler/trap-handler.h"  // For TH_DISABLE_ASAN.
 
 namespace v8 {
 namespace internal {
@@ -18,7 +18,7 @@ LONG WINAPI HandleWasmTrap(EXCEPTION_POINTERS* exception);
 // On Windows, asan installs its own exception handler which maps shadow
 // memory. Since our exception handler may be executed before the asan exception
 // handler, we have to make sure that asan shadow memory is not accessed here.
-DISABLE_ASAN bool TryHandleWasmTrap(EXCEPTION_POINTERS* exception);
+TH_DISABLE_ASAN bool TryHandleWasmTrap(EXCEPTION_POINTERS* exception);
 
 }  // namespace trap_handler
 }  // namespace internal
diff --git a/deps/v8/src/trap-handler/handler-inside.cc b/deps/v8/src/trap-handler/handler-inside.cc
index 81e37c205a..31d7f24491 100644
--- a/deps/v8/src/trap-handler/handler-inside.cc
+++ b/deps/v8/src/trap-handler/handler-inside.cc
@@ -50,11 +50,14 @@ bool TryFindLandingPad(uintptr_t fault_addr, uintptr_t* landing_pad) {
     if (data == nullptr) {
       continue;
     }
-    const Address base = data->base;
+    const uintptr_t base = data->base;
 
     if (fault_addr >= base && fault_addr < base + data->size) {
       // Hurray, we found the code object. Check for protected addresses.
-      const ptrdiff_t offset = fault_addr - base;
+      const uint32_t offset = static_cast<uint32_t>(fault_addr - base);
+      // The offset must fit in 32 bit, see comment on
+      // ProtectedInstructionData::instr_offset.
+      TH_DCHECK(base + offset == fault_addr);
 
       for (unsigned i = 0; i < data->num_protected_instructions; ++i) {
         if (data->instructions[i].instr_offset == offset) {
diff --git a/deps/v8/src/trap-handler/handler-outside-posix.cc b/deps/v8/src/trap-handler/handler-outside-posix.cc
index 55bcc0075b..004783b64f 100644
--- a/deps/v8/src/trap-handler/handler-outside-posix.cc
+++ b/deps/v8/src/trap-handler/handler-outside-posix.cc
@@ -21,6 +21,8 @@
 
 #include <signal.h>
 
+#include <cstdio>
+
 #include "src/trap-handler/handler-inside-posix.h"
 #include "src/trap-handler/trap-handler-internal.h"
 
@@ -39,7 +41,7 @@ bool g_is_default_signal_handler_registered;
 }  // namespace
 
 bool RegisterDefaultTrapHandler() {
-  CHECK(!g_is_default_signal_handler_registered);
+  TH_CHECK(!g_is_default_signal_handler_registered);
 
   struct sigaction action;
   action.sa_sigaction = HandleSignal;
@@ -61,7 +63,7 @@ bool RegisterDefaultTrapHandler() {
     defined(THREAD_SANITIZER) || defined(LEAK_SANITIZER) ||    \
     defined(UNDEFINED_SANITIZER)
   struct sigaction installed_handler;
-  CHECK_EQ(sigaction(kOobSignal, NULL, &installed_handler), 0);
+  TH_CHECK(sigaction(kOobSignal, NULL, &installed_handler) == 0);
   // If the installed handler does not point to HandleSignal, then
   // allow_user_segv_handler is 0.
   if (installed_handler.sa_sigaction != HandleSignal) {
diff --git a/deps/v8/src/trap-handler/handler-outside-win.cc b/deps/v8/src/trap-handler/handler-outside-win.cc
index 09673c8ccc..307f919d78 100644
--- a/deps/v8/src/trap-handler/handler-outside-win.cc
+++ b/deps/v8/src/trap-handler/handler-outside-win.cc
@@ -40,7 +40,7 @@ void* g_registered_handler = nullptr;
 
 bool RegisterDefaultTrapHandler() {
   constexpr ULONG first = TRUE;
-  CHECK_NULL(g_registered_handler);
+  TH_CHECK(g_registered_handler == nullptr);
   g_registered_handler = AddVectoredExceptionHandler(first, HandleWasmTrap);
 
   return nullptr != g_registered_handler;
diff --git a/deps/v8/src/trap-handler/handler-outside.cc b/deps/v8/src/trap-handler/handler-outside.cc
index 62355a5b60..2eabcca0f7 100644
--- a/deps/v8/src/trap-handler/handler-outside.cc
+++ b/deps/v8/src/trap-handler/handler-outside.cc
@@ -66,7 +66,7 @@ bool IsDisjoint(const CodeProtectionInfo* a, const CodeProtectionInfo* b) {
 // registered.
 void VerifyCodeRangeIsDisjoint(const CodeProtectionInfo* code_info) {
   for (size_t i = 0; i < gNumCodeObjects; ++i) {
-    DCHECK(IsDisjoint(code_info, gCodeObjects[i].code_info));
+    TH_DCHECK(IsDisjoint(code_info, gCodeObjects[i].code_info));
   }
 }
 
@@ -79,11 +79,11 @@ void ValidateCodeObjects() {
 
     // Do some sanity checks on the protected instruction data
     for (unsigned i = 0; i < data->num_protected_instructions; ++i) {
-      DCHECK_GE(data->instructions[i].instr_offset, 0);
-      DCHECK_LT(data->instructions[i].instr_offset, data->size);
-      DCHECK_GE(data->instructions[i].landing_offset, 0);
-      DCHECK_LT(data->instructions[i].landing_offset, data->size);
-      DCHECK_GT(data->instructions[i].landing_offset,
+      TH_DCHECK(data->instructions[i].instr_offset >= 0);
+      TH_DCHECK(data->instructions[i].instr_offset < data->size);
+      TH_DCHECK(data->instructions[i].landing_offset >= 0);
+      TH_DCHECK(data->instructions[i].landing_offset < data->size);
+      TH_DCHECK(data->instructions[i].landing_offset >
                 data->instructions[i].instr_offset);
     }
   }
@@ -92,10 +92,10 @@ void ValidateCodeObjects() {
   size_t free_count = 0;
   for (size_t i = gNextCodeObject; i != gNumCodeObjects;
        i = gCodeObjects[i].next_free) {
-    DCHECK_LT(i, gNumCodeObjects);
+    TH_DCHECK(i < gNumCodeObjects);
     ++free_count;
     // This check will fail if we encounter a cycle.
-    DCHECK_LE(free_count, gNumCodeObjects);
+    TH_DCHECK(free_count <= gNumCodeObjects);
   }
 
   // Check that all free entries are reachable via the free list.
@@ -105,12 +105,12 @@ void ValidateCodeObjects() {
       ++free_count2;
     }
   }
-  DCHECK_EQ(free_count, free_count2);
+  TH_DCHECK(free_count == free_count2);
 }
 }  // namespace
 
 CodeProtectionInfo* CreateHandlerData(
-    Address base, size_t size, size_t num_protected_instructions,
+    uintptr_t base, size_t size, size_t num_protected_instructions,
     const ProtectedInstructionData* protected_instructions) {
   const size_t alloc_size = HandlerDataSize(num_protected_instructions);
   CodeProtectionInfo* data =
@@ -131,9 +131,8 @@ CodeProtectionInfo* CreateHandlerData(
 }
 
 int RegisterHandlerData(
-    Address base, size_t size, size_t num_protected_instructions,
+    uintptr_t base, size_t size, size_t num_protected_instructions,
     const ProtectedInstructionData* protected_instructions) {
-
   CodeProtectionInfo* data = CreateHandlerData(
       base, size, num_protected_instructions, protected_instructions);
 
@@ -188,7 +187,7 @@ int RegisterHandlerData(
     gNumCodeObjects = new_size;
   }
 
-  DCHECK(gCodeObjects[i].code_info == nullptr);
+  TH_DCHECK(gCodeObjects[i].code_info == nullptr);
 
   // Find out where the next entry should go.
   gNextCodeObject = gCodeObjects[i].next_free;
@@ -211,7 +210,7 @@ void ReleaseHandlerData(int index) {
   if (index == kInvalidIndex) {
     return;
   }
-  DCHECK_GE(index, 0);
+  TH_DCHECK(index >= 0);
 
   // Remove the data from the global list if it's there.
   CodeProtectionInfo* data = nullptr;
@@ -230,7 +229,7 @@ void ReleaseHandlerData(int index) {
   }
   // TODO(eholk): on debug builds, ensure there are no more copies in
   // the list.
-  DCHECK_NOT_NULL(data);  // make sure we're releasing legitimate handler data.
+  TH_DCHECK(data);  // make sure we're releasing legitimate handler data.
   free(data);
 }
 
@@ -259,9 +258,9 @@ bool EnableTrapHandler(bool use_v8_handler) {
   // trap handlers are disabled.
   bool can_enable =
       g_can_enable_trap_handler.exchange(false, std::memory_order_relaxed);
-  if (!can_enable) {
-    FATAL("EnableTrapHandler called twice, or after IsTrapHandlerEnabled");
-  }
+  // EnableTrapHandler called twice, or after IsTrapHandlerEnabled.
+  TH_CHECK(can_enable);
+
   if (!V8_TRAP_HANDLER_SUPPORTED) {
     return false;
   }
diff --git a/deps/v8/src/trap-handler/handler-shared.cc b/deps/v8/src/trap-handler/handler-shared.cc
index 0607d2ed54..977d28daee 100644
--- a/deps/v8/src/trap-handler/handler-shared.cc
+++ b/deps/v8/src/trap-handler/handler-shared.cc
@@ -26,7 +26,7 @@ namespace trap_handler {
 // We declare this as int rather than bool as a workaround for a glibc bug, in
 // which the dynamic loader cannot handle executables whose TLS area is only
 // 1 byte in size; see https://sourceware.org/bugzilla/show_bug.cgi?id=14898.
-THREAD_LOCAL int g_thread_in_wasm_code;
+thread_local int g_thread_in_wasm_code;
 
 static_assert(sizeof(g_thread_in_wasm_code) > 1,
               "sizeof(thread_local_var) must be > 1, see "
diff --git a/deps/v8/src/trap-handler/trap-handler-internal.h b/deps/v8/src/trap-handler/trap-handler-internal.h
index 843cd34b70..71588ab895 100644
--- a/deps/v8/src/trap-handler/trap-handler-internal.h
+++ b/deps/v8/src/trap-handler/trap-handler-internal.h
@@ -22,7 +22,7 @@ namespace trap_handler {
 // protected memory access instructions and an offset to a landing pad to handle
 // faults on that instruction.
 struct CodeProtectionInfo {
-  Address base;
+  uintptr_t base;
   size_t size;
   size_t num_protected_instructions;
   ProtectedInstructionData instructions[1];
diff --git a/deps/v8/src/trap-handler/trap-handler.h b/deps/v8/src/trap-handler/trap-handler.h
index fcdc256a38..a27ea236e7 100644
--- a/deps/v8/src/trap-handler/trap-handler.h
+++ b/deps/v8/src/trap-handler/trap-handler.h
@@ -10,15 +10,13 @@
 
 #include <atomic>
 
-#include "src/base/build_config.h"
-#include "src/common/globals.h"
-#include "src/flags/flags.h"
+#include "include/v8config.h"
+#include "src/base/immediate-crash.h"
 
 namespace v8 {
 namespace internal {
 namespace trap_handler {
 
-// TODO(eholk): Support trap handlers on other platforms.
 #if V8_TARGET_ARCH_X64 && V8_OS_LINUX && !V8_OS_ANDROID
 #define V8_TRAP_HANDLER_SUPPORTED true
 #elif V8_TARGET_ARCH_X64 && V8_OS_WIN
@@ -33,6 +31,35 @@ namespace trap_handler {
 #define V8_TRAP_HANDLER_SUPPORTED false
 #endif
 
+// Setup for shared library export.
+#if defined(BUILDING_V8_SHARED) && defined(V8_OS_WIN)
+#define TH_EXPORT_PRIVATE __declspec(dllexport)
+#elif defined(BUILDING_V8_SHARED)
+#define TH_EXPORT_PRIVATE __attribute__((visibility("default")))
+#elif defined(USING_V8_SHARED) && defined(V8_OS_WIN)
+#define TH_EXPORT_PRIVATE __declspec(dllimport)
+#else
+#define TH_EXPORT_PRIVATE
+#endif
+
+#define TH_CHECK(condition) \
+  if (!(condition)) IMMEDIATE_CRASH();
+#ifdef DEBUG
+#define TH_DCHECK(condition) TH_CHECK(condition)
+#else
+#define TH_DCHECK(condition) void(0)
+#endif
+
+#if defined(__has_feature)
+#if __has_feature(address_sanitizer)
+#define TH_DISABLE_ASAN __attribute__((no_sanitize_address))
+#else
+#define TH_DISABLE_ASAN
+#endif
+#else
+#define TH_DISABLE_ASAN
+#endif
+
 struct ProtectedInstructionData {
   // The offset of this instruction from the start of its code object.
   // Wasm code never grows larger than 2GB, so uint32_t is sufficient.
@@ -50,23 +77,14 @@ const int kInvalidIndex = -1;
 ///
 /// This returns a number that can be used to identify the handler data to
 /// ReleaseHandlerData, or -1 on failure.
-int V8_EXPORT_PRIVATE RegisterHandlerData(
-    Address base, size_t size, size_t num_protected_instructions,
+int TH_EXPORT_PRIVATE RegisterHandlerData(
+    uintptr_t base, size_t size, size_t num_protected_instructions,
     const ProtectedInstructionData* protected_instructions);
 
 /// Removes the data from the master list and frees any memory, if necessary.
 /// TODO(mtrofin): We can switch to using size_t for index and not need
 /// kInvalidIndex.
-void V8_EXPORT_PRIVATE ReleaseHandlerData(int index);
-
-#if V8_OS_WIN
-#define THREAD_LOCAL __declspec(thread)
-#elif V8_OS_ANDROID
-// TODO(eholk): fix this before enabling for trap handlers for Android.
-#define THREAD_LOCAL
-#else
-#define THREAD_LOCAL __thread
-#endif
+void TH_EXPORT_PRIVATE ReleaseHandlerData(int index);
 
 // Initially false, set to true if when trap handlers are enabled. Never goes
 // back to false then.
@@ -83,10 +101,10 @@ extern std::atomic<bool> g_can_enable_trap_handler;
 //
 // use_v8_handler indicates that V8 should install its own handler
 // rather than relying on the embedder to do it.
-V8_EXPORT_PRIVATE bool EnableTrapHandler(bool use_v8_handler);
+TH_EXPORT_PRIVATE bool EnableTrapHandler(bool use_v8_handler);
 
 inline bool IsTrapHandlerEnabled() {
-  DCHECK_IMPLIES(g_is_trap_handler_enabled, V8_TRAP_HANDLER_SUPPORTED);
+  TH_DCHECK(!g_is_trap_handler_enabled || V8_TRAP_HANDLER_SUPPORTED);
   // Disallow enabling the trap handler after retrieving the current value.
   // Re-enabling them late can produce issues because code or objects might have
   // been generated under the assumption that trap handlers are disabled.
@@ -97,34 +115,40 @@ inline bool IsTrapHandlerEnabled() {
   return g_is_trap_handler_enabled;
 }
 
-extern THREAD_LOCAL int g_thread_in_wasm_code;
+#if defined(V8_OS_AIX)
+// `thread_local` does not link on AIX:
+// https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100641
+extern __thread int g_thread_in_wasm_code;
+#else
+extern thread_local int g_thread_in_wasm_code;
+#endif
 
 // Return the address of the thread-local {g_thread_in_wasm_code} variable. This
 // pointer can be accessed and modified as long as the thread calling this
 // function exists. Only use if from the same thread do avoid race conditions.
-V8_NOINLINE V8_EXPORT_PRIVATE int* GetThreadInWasmThreadLocalAddress();
+V8_NOINLINE TH_EXPORT_PRIVATE int* GetThreadInWasmThreadLocalAddress();
 
 // On Windows, asan installs its own exception handler which maps shadow
 // memory. Since our exception handler may be executed before the asan exception
 // handler, we have to make sure that asan shadow memory is not accessed here.
-DISABLE_ASAN inline bool IsThreadInWasm() { return g_thread_in_wasm_code; }
+TH_DISABLE_ASAN inline bool IsThreadInWasm() { return g_thread_in_wasm_code; }
 
 inline void SetThreadInWasm() {
   if (IsTrapHandlerEnabled()) {
-    DCHECK(!IsThreadInWasm());
+    TH_DCHECK(!IsThreadInWasm());
     g_thread_in_wasm_code = true;
   }
 }
 
 inline void ClearThreadInWasm() {
   if (IsTrapHandlerEnabled()) {
-    DCHECK(IsThreadInWasm());
+    TH_DCHECK(IsThreadInWasm());
     g_thread_in_wasm_code = false;
   }
 }
 
 bool RegisterDefaultTrapHandler();
-V8_EXPORT_PRIVATE void RemoveTrapHandler();
+TH_EXPORT_PRIVATE void RemoveTrapHandler();
 
 size_t GetRecoveredTrapCount();