From d2ee676eb9e15464a12b84b784dc160721949ceb Mon Sep 17 00:00:00 2001
From: Daniel Bevenius <daniel.bevenius@gmail.com>
Date: Tue, 3 Nov 2020 05:51:45 +0100
Subject: [PATCH] deps: cherry-pick 9a49b22 from V8 upstream
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Original commit message:
  Fix alloc/dealloc size mismatch for v8::BackingStore

  On newer compilers the {operator delete} with explicit {size_t}
  argument would be instantiated for {v8::BackingStore} and used
  in the destructor of {std::unique_ptr<v8::BackingStore>}. The {size_t}
  argument is wrong though, since the pointer actually points
  to a {v8::internal::BackingStore} object.
  The solution is to explicitly provide a {operator delete}, preventing
  an implicitly generated {size_t} operator.

  Bug:v8:11081

  Change-Id: Iee0aa47a67f0e41000bea628942f7e3d70198b83
  Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2506712
  Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
  Reviewed-by: Camillo Bruni <cbruni@chromium.org>
  Cr-Commit-Position: refs/heads/master@{#70916}

PR-URL: https://github.com/nodejs/node/pull/35939
Fixes: https://github.com/nodejs/node/issues/35669
Refs: https://github.com/v8/v8/commit/9a49b2298f65f6b18c5245f3681aca04e5fe4e46
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
---
 deps/v8/include/v8.h | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/deps/v8/include/v8.h b/deps/v8/include/v8.h
index 77bb8469c9f395..fe31e4cac2823b 100644
--- a/deps/v8/include/v8.h
+++ b/deps/v8/include/v8.h
@@ -4975,6 +4975,13 @@ class V8_EXPORT BackingStore : public v8::internal::BackingStoreBase {
    */
   bool IsShared() const;
 
+  /**
+   * Prevent implicit instantiation of operator delete with size_t argument.
+   * The size_t argument would be incorrect because ptr points to the
+   * internal BackingStore object.
+   */
+  void operator delete(void* ptr) { ::operator delete(ptr); }
+
   /**
    * Wrapper around ArrayBuffer::Allocator::Reallocate that preserves IsShared.
    * Assumes that the backing_store was allocated by the ArrayBuffer allocator