The fact that they are working so hard to retrofit a GC into the V8 C++ code IMO calls into question their premise for not using Rust, namely that the majority of V8 security flaws are in the JIT generated code, not V8 itself. That always seemed to be a flimsy excuse to keep using an insecure language for what is supposed to be a very secure language runtime for untrusted code, but now it’s laughable on its face.
The C++ GC is not for V8 code, it's for the users of the V8 API eg. Chrome (Blink). It's not being used for big internal systems like the compilers or GC.
V8 has its first module in Rust and I'm sure more are coming, but it's not necessarily an easy integration.
JS is a GCed language. Are there good examples of Rust interacting well with a GCed language runtime where it is able to free unreachable cross domain pointer cycles? Like a JS object that has a reference to a Rust object, which itself has a reference to a JS object. Add more steps and hopefully you can see that collecting such cycles is a hard problem. This is the problem the C++ GC solves.
By the way you can't always break cycles with weak pointers. The browser standards have semantics you have to adhere to.
