V8pedia

Glossary & ubiquitous language

V8's source has its own dialect. The same English word can mean something precise and surprising inside the codebase. This page is a fast reference; each term links to where we cover it in depth. Terms are grouped by area.

Values & objects

  • Tagged value — A machine word that is either a small integer (Smi) or a pointer to a heap object, distinguished by its low bits. See Tagged values & Smis.

  • Smi ("small integer", pronounced "smee") — An integer encoded directly in a tagged word with no heap allocation. 31-bit on 32-bit builds (and on 64-bit builds with pointer compression, where it occupies the upper 32 bits).

  • HeapObject — Any value that lives on the managed heap. Its first word is a pointer to its Map.

  • Map — V8's name for a hidden class (a.k.a. shape or structure). It describes an object's layout, type, and prototype, and anchors the transition tree. Not a JavaScript Map. See HeapObject & Map.

  • Hidden class — The general compiler-engineering term for what V8 calls a Map: a runtime-synthesized description of an object's shape.

  • Descriptor array — The per-Map table describing each named property (key, location, attributes).

  • Transition — The edge from one Map to another when a property is added, forming a tree of shapes shared across objects.

  • Elements — The indexed (array-like) properties of an object, stored separately from named properties. Their elements kind (packed/holey, Smi/double/object/dictionary) drives array performance.

  • In-object property — A property stored inline in the object body, as opposed to in a separate properties backing store.

  • Dictionary mode ("slow mode") — A fallback where properties live in a hash table instead of being described by a Map. Flexible but slow.

  • Tagged pointer / pointer compression — On 64-bit builds, heap pointers are stored as 32-bit offsets within a 4 GB "cage". See Pointer compression.

Execution & compilation

  • Ignition — V8's register-based bytecode interpreter. See Ignition.

  • Sparkplug — The baseline non-optimizing JIT that compiles bytecode to machine code almost 1:1. See Sparkplug.

  • Maglev — The mid-tier optimizing compiler: SSA-based, fast to compile, moderately optimizing. See Maglev.

  • TurboFan — The top-tier optimizing compiler, built on a Sea of Nodes IR. See TurboFan.

  • Tiering / tier-up — Promoting a function to a higher (more optimized) tier based on how hot it is. See Feedback & tiering.

  • OSR (on-stack replacement) — Swapping a running function's frame for optimized code mid-execution, so a long-running loop need not wait for the next call. See OSR.

  • Deoptimization ("deopt") — Bailing out of optimized code back to the interpreter when a speculative assumption proves false. See Deoptimization.

  • Speculative optimization — Compiling code that assumes the types observed so far will keep holding, guarded by checks that trigger deopt on violation.

  • Bytecode — Ignition's instruction set; the unit that Sparkplug and the feedback system are organized around.

  • SFI (SharedFunctionInfo) — The code-agnostic description of a function (its source span, name, bytecode), shared across closures.

  • Bytecode handler — The machine-code routine that executes one bytecode and dispatches to the next.

Feedback

  • Inline cache (IC) — A per-call-site cache that remembers how an operation (property load, store, call) behaved, to take a fast path next time. See Inline caches.

  • Feedback vector — The per-function array of slots where ICs record what they saw (Maps, call targets, type bits).

  • Nexus (FeedbackNexus) — The accessor object that reads/writes a single feedback slot.

  • Monomorphic / polymorphic / megamorphic — IC states: one shape seen, a few seen, or too many (give up and use a generic path).

Memory & GC

  • Orinoco — The project name for V8's mostly-concurrent, parallel, incremental garbage collector. See GC overview.

  • Young / old generation — The generational split: short-lived objects live in the young generation (collected often and cheaply), survivors are promoted to the old generation.

  • Scavenger — The young-generation collector; a parallel copying (Cheney) collector. See Scavenger.

  • Mark-Compact — The old-generation collector: mark live objects, then sweep and compact. See Mark-Compact.

  • Write barrier — A small piece of code run on every pointer store that keeps GC bookkeeping (remembered sets, marking state) correct. See Write barriers.

  • Remembered set — The record of old→young (and other interesting) pointers so the Scavenger need not scan the whole old generation.

  • LAB (linear allocation buffer) — A thread-local region where allocation is a pointer bump.

Runtime & build

  • Isolate — An isolated VM instance with its own heap; the unit of single-threaded execution. See Isolates & contexts.

  • Context — A JavaScript global environment (global object + builtins) within an isolate.

  • Snapshot — A serialized pre-initialized heap deserialized at startup for fast boot (mksnapshot).

  • Builtin — A precompiled function shipped with V8 (e.g. Array.prototype.push).

  • Torque (.tq) — V8's typed DSL for writing builtins safely; compiles to CSA. See Builtins & Torque.

  • CSA (CodeStubAssembler) — A portable assembler abstraction (over TurboFan's backend) for hand-writing builtins.

  • GN / Ninja — V8's meta-build system (GN generates Ninja files; Ninja builds). See Build system.

  • d8 — The standalone V8 developer shell. See d8.

  • Tagged / untagged (in the compiler) — Whether a value carries V8's pointer tag or is a raw machine value (e.g. a Word32); a key distinction in CSA and the optimizing compilers.

An unofficial, community-written guide to the V8 engine. Not affiliated with or endorsed by Google or the V8 team. All source references are pinned to v8/v8@fb8be11.

Content under CC BY 4.0 · V8 source © the V8 project authors (BSD-3-Clause)