deps: update V8 to 7.7.299.4

PR-URL: https://github.com/nodejs/node/pull/28918
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

11 files changed, 108 insertions, 81 deletions

diff --git a/deps/v8/src/deoptimizer/OWNERS b/deps/v8/src/deoptimizer/OWNERS
index 97a194d7cf..632607a952 100644
--- a/deps/v8/src/deoptimizer/OWNERS
+++ b/deps/v8/src/deoptimizer/OWNERS
@@ -3,3 +3,5 @@ jarin@chromium.org
 mstarzinger@chromium.org
 sigurds@chromium.org
 tebbi@chromium.org
+
+# COMPONENT: Blink>JavaScript>Runtime
diff --git a/deps/v8/src/deoptimizer/arm/deoptimizer-arm.cc b/deps/v8/src/deoptimizer/arm/deoptimizer-arm.cc
index 4004dfd90f..89e9988f9e 100644
--- a/deps/v8/src/deoptimizer/arm/deoptimizer-arm.cc
+++ b/deps/v8/src/deoptimizer/arm/deoptimizer-arm.cc
@@ -231,7 +231,7 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
     __ pop(lr);
     __ Jump(scratch);
   }
-  __ stop("Unreachable.");
+  __ stop();
 }
 
 bool Deoptimizer::PadTopOfStackRegister() { return false; }
diff --git a/deps/v8/src/deoptimizer/deoptimize-reason.h b/deps/v8/src/deoptimizer/deoptimize-reason.h
index d556e89927..ac2273460a 100644
--- a/deps/v8/src/deoptimizer/deoptimize-reason.h
+++ b/deps/v8/src/deoptimizer/deoptimize-reason.h
@@ -12,6 +12,7 @@ namespace internal {
 
 #define DEOPTIMIZE_REASON_LIST(V)                                              \
   V(ArrayBufferWasDetached, "array buffer was detached")                       \
+  V(BigIntTooBig, "BigInt too big")                                            \
   V(CowArrayElementsChanged, "copy-on-write array's elements changed")         \
   V(CouldNotGrowElements, "failed to grow elements store")                     \
   V(DeoptimizeNow, "%_DeoptimizeNow")                                          \
diff --git a/deps/v8/src/deoptimizer/deoptimizer.cc b/deps/v8/src/deoptimizer/deoptimizer.cc
index 91556cfbdc..47c40d373e 100644
--- a/deps/v8/src/deoptimizer/deoptimizer.cc
+++ b/deps/v8/src/deoptimizer/deoptimizer.cc
@@ -159,7 +159,7 @@ Code Deoptimizer::FindDeoptimizingCode(Address addr) {
   if (function_.IsHeapObject()) {
     // Search all deoptimizing code in the native context of the function.
     Isolate* isolate = isolate_;
-    Context native_context = function_.context().native_context();
+    NativeContext native_context = function_.context().native_context();
     Object element = native_context.DeoptimizedCodeListHead();
     while (!element.IsUndefined(isolate)) {
       Code code = Code::cast(element);
@@ -270,10 +270,10 @@ class ActivationsFinder : public ThreadVisitor {
 
 // Move marked code from the optimized code list to the deoptimized code list,
 // and replace pc on the stack for codes marked for deoptimization.
-void Deoptimizer::DeoptimizeMarkedCodeForContext(Context context) {
+void Deoptimizer::DeoptimizeMarkedCodeForContext(NativeContext native_context) {
   DisallowHeapAllocation no_allocation;
 
-  Isolate* isolate = context.GetIsolate();
+  Isolate* isolate = native_context.GetIsolate();
   Code topmost_optimized_code;
   bool safe_to_deopt_topmost_optimized_code = false;
 #ifdef DEBUG
@@ -315,7 +315,7 @@ void Deoptimizer::DeoptimizeMarkedCodeForContext(Context context) {
   // Move marked code from the optimized code list to the deoptimized code list.
   // Walk over all optimized code objects in this native context.
   Code prev;
-  Object element = context.OptimizedCodeListHead();
+  Object element = native_context.OptimizedCodeListHead();
   while (!element.IsUndefined(isolate)) {
     Code code = Code::cast(element);
     CHECK_EQ(code.kind(), Code::OPTIMIZED_FUNCTION);
@@ -329,12 +329,12 @@ void Deoptimizer::DeoptimizeMarkedCodeForContext(Context context) {
         prev.set_next_code_link(next);
       } else {
         // There was no previous node, the next node is the new head.
-        context.SetOptimizedCodeListHead(next);
+        native_context.SetOptimizedCodeListHead(next);
       }
 
       // Move the code to the _deoptimized_ code list.
-      code.set_next_code_link(context.DeoptimizedCodeListHead());
-      context.SetDeoptimizedCodeListHead(code);
+      code.set_next_code_link(native_context.DeoptimizedCodeListHead());
+      native_context.SetDeoptimizedCodeListHead(code);
     } else {
       // Not marked; preserve this element.
       prev = code;
@@ -373,7 +373,7 @@ void Deoptimizer::DeoptimizeAll(Isolate* isolate) {
   // For all contexts, mark all code, then deoptimize.
   Object context = isolate->heap()->native_contexts_list();
   while (!context.IsUndefined(isolate)) {
-    Context native_context = Context::cast(context);
+    NativeContext native_context = NativeContext::cast(context);
     MarkAllCodeForContext(native_context);
     DeoptimizeMarkedCodeForContext(native_context);
     context = native_context.next_context_link();
@@ -393,15 +393,15 @@ void Deoptimizer::DeoptimizeMarkedCode(Isolate* isolate) {
   // For all contexts, deoptimize code already marked.
   Object context = isolate->heap()->native_contexts_list();
   while (!context.IsUndefined(isolate)) {
-    Context native_context = Context::cast(context);
+    NativeContext native_context = NativeContext::cast(context);
     DeoptimizeMarkedCodeForContext(native_context);
     context = native_context.next_context_link();
   }
 }
 
-void Deoptimizer::MarkAllCodeForContext(Context context) {
-  Object element = context.OptimizedCodeListHead();
-  Isolate* isolate = context.GetIsolate();
+void Deoptimizer::MarkAllCodeForContext(NativeContext native_context) {
+  Object element = native_context.OptimizedCodeListHead();
+  Isolate* isolate = native_context.GetIsolate();
   while (!element.IsUndefined(isolate)) {
     Code code = Code::cast(element);
     CHECK_EQ(code.kind(), Code::OPTIMIZED_FUNCTION);
@@ -590,7 +590,7 @@ int Deoptimizer::GetDeoptimizedCodeCount(Isolate* isolate) {
   // Count all entries in the deoptimizing code list of every context.
   Object context = isolate->heap()->native_contexts_list();
   while (!context.IsUndefined(isolate)) {
-    Context native_context = Context::cast(context);
+    NativeContext native_context = NativeContext::cast(context);
     Object element = native_context.DeoptimizedCodeListHead();
     while (!element.IsUndefined(isolate)) {
       Code code = Code::cast(element);
@@ -633,6 +633,12 @@ bool ShouldPadArguments(int arg_count) {
 // We rely on this function not causing a GC.  It is called from generated code
 // without having a real stack frame in place.
 void Deoptimizer::DoComputeOutputFrames() {
+  // When we call this function, the return address of the previous frame has
+  // been removed from the stack by GenerateDeoptimizationEntries() so the stack
+  // is not iterable by the SafeStackFrameIterator.
+#if V8_TARGET_ARCH_STORES_RETURN_ADDRESS_ON_STACK
+  DCHECK_EQ(0, isolate()->isolate_data()->stack_is_iterable());
+#endif
   base::ElapsedTimer timer;
 
   // Determine basic deoptimization information.  The optimized frame is
@@ -662,10 +668,6 @@ void Deoptimizer::DoComputeOutputFrames() {
     }
   }
 
-  StackGuard* const stack_guard = isolate()->stack_guard();
-  CHECK_GT(static_cast<uintptr_t>(caller_frame_top_),
-           stack_guard->real_jslimit());
-
   if (trace_scope_ != nullptr) {
     timer.Start();
     PrintF(trace_scope_->file(), "[deoptimizing (DEOPT %s): begin ",
@@ -723,7 +725,6 @@ void Deoptimizer::DoComputeOutputFrames() {
 
   // Translate each output frame.
   int frame_index = 0;  // output_frame_index
-  size_t total_output_frame_size = 0;
   for (size_t i = 0; i < count; ++i, ++frame_index) {
     // Read the ast node id, function, and frame height for this output frame.
     TranslatedFrame* translated_frame = &(translated_state_.frames()[i]);
@@ -759,7 +760,6 @@ void Deoptimizer::DoComputeOutputFrames() {
         FATAL("invalid frame");
         break;
     }
-    total_output_frame_size += output_[frame_index]->GetFrameSize();
   }
 
   FrameDescription* topmost = output_[count - 1];
@@ -779,14 +779,6 @@ void Deoptimizer::DoComputeOutputFrames() {
            bailout_id_, node_id.ToInt(), output_[index]->GetPc(),
            caller_frame_top_, ms);
   }
-
-  // TODO(jgruber,neis):
-  // The situation that the output frames do not fit into the stack space should
-  // be prevented by an optimized function's initial stack check: That check
-  // must fail if the (interpreter) frames generated upon deoptimization of the
-  // function would overflow the stack.
-  CHECK_GT(static_cast<uintptr_t>(caller_frame_top_) - total_output_frame_size,
-           stack_guard->real_jslimit());
 }
 
 void Deoptimizer::DoComputeInterpretedFrame(TranslatedFrame* translated_frame,
@@ -1364,21 +1356,25 @@ bool Deoptimizer::BuiltinContinuationModeIsWithCatch(
   UNREACHABLE();
 }
 
-StackFrame::Type Deoptimizer::BuiltinContinuationModeToFrameType(
-    BuiltinContinuationMode mode) {
+namespace {
+
+StackFrame::Type BuiltinContinuationModeToFrameType(
+    Deoptimizer::BuiltinContinuationMode mode) {
   switch (mode) {
-    case BuiltinContinuationMode::STUB:
+    case Deoptimizer::BuiltinContinuationMode::STUB:
       return StackFrame::BUILTIN_CONTINUATION;
-    case BuiltinContinuationMode::JAVASCRIPT:
+    case Deoptimizer::BuiltinContinuationMode::JAVASCRIPT:
       return StackFrame::JAVA_SCRIPT_BUILTIN_CONTINUATION;
-    case BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH:
+    case Deoptimizer::BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH:
       return StackFrame::JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH;
-    case BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION:
+    case Deoptimizer::BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION:
       return StackFrame::JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH;
   }
   UNREACHABLE();
 }
 
+}  // namespace
+
 Builtins::Name Deoptimizer::TrampolineForBuiltinContinuation(
     BuiltinContinuationMode mode, bool must_handle_result) {
   switch (mode) {
@@ -1438,7 +1434,7 @@ Builtins::Name Deoptimizer::TrampolineForBuiltinContinuation(
 //    +-------------------------+
 //    |         context         |<- this non-standard context slot contains
 //    +-------------------------+   the context, even for non-JS builtins.
-//    |     builtin address     |
+//    |      builtin index      |
 //    +-------------------------+
 //    | builtin input GPR reg0  |<- populated from deopt FrameState using
 //    +-------------------------+   the builtin's CallInterfaceDescriptor
@@ -1663,7 +1659,8 @@ void Deoptimizer::DoComputeBuiltinContinuation(
                                    "builtin JavaScript context\n");
 
   // The builtin to continue to.
-  frame_writer.PushRawObject(builtin, "builtin address\n");
+  frame_writer.PushRawObject(Smi::FromInt(builtin.builtin_index()),
+                             "builtin index\n");
 
   for (int i = 0; i < allocatable_register_count; ++i) {
     int code = config->GetAllocatableGeneralCode(i);
@@ -3037,12 +3034,7 @@ int TranslatedState::CreateNextTranslatedValue(
         return translated_value.GetChildrenCount();
       }
       intptr_t value = registers->GetRegister(input_reg);
-#if defined(V8_COMPRESS_POINTERS)
-      Address uncompressed_value = DecompressTaggedAny(
-          isolate()->isolate_root(), static_cast<uint32_t>(value));
-#else
-      Address uncompressed_value = value;
-#endif
+      Address uncompressed_value = DecompressIfNeeded(value);
       if (trace_file != nullptr) {
         PrintF(trace_file, V8PRIxPTR_FMT " ; %s ", uncompressed_value,
                converter.NameOfCPURegister(input_reg));
@@ -3165,12 +3157,7 @@ int TranslatedState::CreateNextTranslatedValue(
       int slot_offset =
           OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
       intptr_t value = *(reinterpret_cast<intptr_t*>(fp + slot_offset));
-#if defined(V8_COMPRESS_POINTERS)
-      Address uncompressed_value = DecompressTaggedAny(
-          isolate()->isolate_root(), static_cast<uint32_t>(value));
-#else
-      Address uncompressed_value = value;
-#endif
+      Address uncompressed_value = DecompressIfNeeded(value);
       if (trace_file != nullptr) {
         PrintF(trace_file, V8PRIxPTR_FMT " ;  [fp %c %3d]  ",
                uncompressed_value, slot_offset < 0 ? '-' : '+',
@@ -3284,6 +3271,15 @@ int TranslatedState::CreateNextTranslatedValue(
   FATAL("We should never get here - unexpected deopt info.");
 }
 
+Address TranslatedState::DecompressIfNeeded(intptr_t value) {
+  if (COMPRESS_POINTERS_BOOL) {
+    return DecompressTaggedAny(isolate()->isolate_root(),
+                               static_cast<uint32_t>(value));
+  } else {
+    return value;
+  }
+}
+
 TranslatedState::TranslatedState(const JavaScriptFrame* frame) {
   int deopt_index = Safepoint::kNoDeoptimizationIndex;
   DeoptimizationData data =
diff --git a/deps/v8/src/deoptimizer/deoptimizer.h b/deps/v8/src/deoptimizer/deoptimizer.h
index 67e3e54405..a2471247ef 100644
--- a/deps/v8/src/deoptimizer/deoptimizer.h
+++ b/deps/v8/src/deoptimizer/deoptimizer.h
@@ -16,7 +16,6 @@
 #include "src/deoptimizer/deoptimize-reason.h"
 #include "src/diagnostics/code-tracer.h"
 #include "src/execution/frame-constants.h"
-#include "src/execution/frames.h"
 #include "src/execution/isolate.h"
 #include "src/objects/feedback-vector.h"
 #include "src/objects/shared-function-info.h"
@@ -28,8 +27,10 @@ namespace v8 {
 namespace internal {
 
 class FrameDescription;
+class JavaScriptFrame;
 class TranslationIterator;
 class DeoptimizedFrameInfo;
+class TranslatedFrame;
 class TranslatedState;
 class RegisterValues;
 class MacroAssembler;
@@ -340,6 +341,7 @@ class TranslatedState {
   int CreateNextTranslatedValue(int frame_index, TranslationIterator* iterator,
                                 FixedArray literal_array, Address fp,
                                 RegisterValues* registers, FILE* trace_file);
+  Address DecompressIfNeeded(intptr_t value);
   Address ComputeArgumentsPosition(Address input_frame_pointer,
                                    CreateArgumentsType type, int* length);
   void CreateArgumentsElementsTranslatedValues(int frame_index,
@@ -499,6 +501,13 @@ class Deoptimizer : public Malloced {
 
   static const int kMaxNumberOfEntries = 16384;
 
+  enum class BuiltinContinuationMode {
+    STUB,
+    JAVASCRIPT,
+    JAVASCRIPT_WITH_CATCH,
+    JAVASCRIPT_HANDLE_EXCEPTION
+  };
+
  private:
   friend class FrameWriter;
   void QueueValueForMaterialization(Address output_address, Object obj,
@@ -521,16 +530,8 @@ class Deoptimizer : public Malloced {
   void DoComputeConstructStubFrame(TranslatedFrame* translated_frame,
                                    int frame_index);
 
-  enum class BuiltinContinuationMode {
-    STUB,
-    JAVASCRIPT,
-    JAVASCRIPT_WITH_CATCH,
-    JAVASCRIPT_HANDLE_EXCEPTION
-  };
   static bool BuiltinContinuationModeIsWithCatch(BuiltinContinuationMode mode);
   static bool BuiltinContinuationModeIsJavaScript(BuiltinContinuationMode mode);
-  static StackFrame::Type BuiltinContinuationModeToFrameType(
-      BuiltinContinuationMode mode);
   static Builtins::Name TrampolineForBuiltinContinuation(
       BuiltinContinuationMode mode, bool must_handle_result);
 
@@ -549,11 +550,8 @@ class Deoptimizer : public Malloced {
                                             Isolate* isolate,
                                             DeoptimizeKind kind);
 
-  // Marks all the code in the given context for deoptimization.
-  static void MarkAllCodeForContext(Context native_context);
-
-  // Deoptimizes all code marked in the given context.
-  static void DeoptimizeMarkedCodeForContext(Context native_context);
+  static void MarkAllCodeForContext(NativeContext native_context);
+  static void DeoptimizeMarkedCodeForContext(NativeContext native_context);
 
   // Some architectures need to push padding together with the TOS register
   // in order to maintain stack alignment.
diff --git a/deps/v8/src/deoptimizer/ia32/deoptimizer-ia32.cc b/deps/v8/src/deoptimizer/ia32/deoptimizer-ia32.cc
index 6b01449ba7..f40ff562be 100644
--- a/deps/v8/src/deoptimizer/ia32/deoptimizer-ia32.cc
+++ b/deps/v8/src/deoptimizer/ia32/deoptimizer-ia32.cc
@@ -116,6 +116,12 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
   // and check that the generated code never deoptimizes with unbalanced stack.
   __ fnclex();
 
+  // Mark the stack as not iterable for the CPU profiler which won't be able to
+  // walk the stack without the return address.
+  __ mov_b(__ ExternalReferenceAsOperand(
+               ExternalReference::stack_is_iterable_address(isolate), edx),
+           Immediate(0));
+
   // Remove the return address and the double registers.
   __ add(esp, Immediate(kDoubleRegsSize + 1 * kSystemPointerSize));
 
@@ -194,6 +200,10 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
     __ push(Operand(esi, offset));
   }
 
+  __ mov_b(__ ExternalReferenceAsOperand(
+               ExternalReference::stack_is_iterable_address(isolate), edx),
+           Immediate(1));
+
   // Restore the registers from the stack.
   __ popad();
 
diff --git a/deps/v8/src/deoptimizer/mips/deoptimizer-mips.cc b/deps/v8/src/deoptimizer/mips/deoptimizer-mips.cc
index a56501660b..07bc9a511b 100644
--- a/deps/v8/src/deoptimizer/mips/deoptimizer-mips.cc
+++ b/deps/v8/src/deoptimizer/mips/deoptimizer-mips.cc
@@ -225,7 +225,7 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
   __ pop(at);  // Get continuation, leave pc on stack.
   __ pop(ra);
   __ Jump(at);
-  __ stop("Unreachable.");
+  __ stop();
 }
 
 // Maximum size of a table entry generated below.
diff --git a/deps/v8/src/deoptimizer/mips64/deoptimizer-mips64.cc b/deps/v8/src/deoptimizer/mips64/deoptimizer-mips64.cc
index 6869199f1b..f85659c4ab 100644
--- a/deps/v8/src/deoptimizer/mips64/deoptimizer-mips64.cc
+++ b/deps/v8/src/deoptimizer/mips64/deoptimizer-mips64.cc
@@ -226,7 +226,7 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
   __ pop(at);  // Get continuation, leave pc on stack.
   __ pop(ra);
   __ Jump(at);
-  __ stop("Unreachable.");
+  __ stop();
 }
 
 // Maximum size of a table entry generated below.
diff --git a/deps/v8/src/deoptimizer/ppc/deoptimizer-ppc.cc b/deps/v8/src/deoptimizer/ppc/deoptimizer-ppc.cc
index 268660c2ef..41616a5af2 100644
--- a/deps/v8/src/deoptimizer/ppc/deoptimizer-ppc.cc
+++ b/deps/v8/src/deoptimizer/ppc/deoptimizer-ppc.cc
@@ -56,11 +56,13 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
       __ StoreP(ToRegister(i), MemOperand(sp, kPointerSize * i));
     }
   }
-
-  __ mov(ip, Operand(ExternalReference::Create(
-                 IsolateAddressId::kCEntryFPAddress, isolate)));
-  __ StoreP(fp, MemOperand(ip));
-
+  {
+    UseScratchRegisterScope temps(masm);
+    Register scratch = temps.Acquire();
+    __ mov(scratch, Operand(ExternalReference::Create(
+                        IsolateAddressId::kCEntryFPAddress, isolate)));
+    __ StoreP(fp, MemOperand(scratch));
+  }
   const int kSavedRegistersAreaSize =
       (kNumberOfRegisters * kPointerSize) + kDoubleRegsSize + kFloatRegsSize;
 
@@ -210,20 +212,28 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
   __ push(r9);
 
   // Restore the registers from the last output frame.
-  DCHECK(!(ip.bit() & restored_regs));
-  __ mr(ip, r5);
-  for (int i = kNumberOfRegisters - 1; i >= 0; i--) {
-    int offset = (i * kPointerSize) + FrameDescription::registers_offset();
-    if ((restored_regs & (1 << i)) != 0) {
-      __ LoadP(ToRegister(i), MemOperand(ip, offset));
+  {
+    UseScratchRegisterScope temps(masm);
+    Register scratch = temps.Acquire();
+    DCHECK(!(scratch.bit() & restored_regs));
+    __ mr(scratch, r5);
+    for (int i = kNumberOfRegisters - 1; i >= 0; i--) {
+      int offset = (i * kPointerSize) + FrameDescription::registers_offset();
+      if ((restored_regs & (1 << i)) != 0) {
+        __ LoadP(ToRegister(i), MemOperand(scratch, offset));
+      }
     }
   }
 
-  __ pop(ip);  // get continuation, leave pc on stack
-  __ pop(r0);
-  __ mtlr(r0);
-  __ Jump(ip);
-  __ stop("Unreachable.");
+  {
+    UseScratchRegisterScope temps(masm);
+    Register scratch = temps.Acquire();
+    __ pop(scratch);  // get continuation, leave pc on stack
+    __ pop(r0);
+    __ mtlr(r0);
+    __ Jump(scratch);
+  }
+  __ stop();
 }
 
 bool Deoptimizer::PadTopOfStackRegister() { return false; }
diff --git a/deps/v8/src/deoptimizer/s390/deoptimizer-s390.cc b/deps/v8/src/deoptimizer/s390/deoptimizer-s390.cc
index db2330a8e8..6da740b0e5 100644
--- a/deps/v8/src/deoptimizer/s390/deoptimizer-s390.cc
+++ b/deps/v8/src/deoptimizer/s390/deoptimizer-s390.cc
@@ -228,7 +228,7 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
   __ pop(ip);  // get continuation, leave pc on stack
   __ pop(r14);
   __ Jump(ip);
-  __ stop("Unreachable.");
+  __ stop();
 }
 
 bool Deoptimizer::PadTopOfStackRegister() { return false; }
diff --git a/deps/v8/src/deoptimizer/x64/deoptimizer-x64.cc b/deps/v8/src/deoptimizer/x64/deoptimizer-x64.cc
index 7654dc965f..cfdd6c9ef1 100644
--- a/deps/v8/src/deoptimizer/x64/deoptimizer-x64.cc
+++ b/deps/v8/src/deoptimizer/x64/deoptimizer-x64.cc
@@ -129,6 +129,12 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
     __ popq(Operand(rbx, dst_offset));
   }
 
+  // Mark the stack as not iterable for the CPU profiler which won't be able to
+  // walk the stack without the return address.
+  __ movb(__ ExternalReferenceAsOperand(
+              ExternalReference::stack_is_iterable_address(isolate)),
+          Immediate(0));
+
   // Remove the return address from the stack.
   __ addq(rsp, Immediate(kPCOnStackSize));
 
@@ -218,6 +224,10 @@ void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm,
     __ popq(r);
   }
 
+  __ movb(__ ExternalReferenceAsOperand(
+              ExternalReference::stack_is_iterable_address(isolate)),
+          Immediate(1));
+
   // Return to the continuation point.
   __ ret(0);
 }