From 59fe6e4b9753f5426f0051b89e85ffb737eeeffd Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Tue, 3 Nov 2020 05:51:45 +0100 Subject: [PATCH] deps: cherry-pick 9a49b22 from V8 upstream MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Original commit message: Fix alloc/dealloc size mismatch for v8::BackingStore On newer compilers the {operator delete} with explicit {size_t} argument would be instantiated for {v8::BackingStore} and used in the destructor of {std::unique_ptr}. The {size_t} argument is wrong though, since the pointer actually points to a {v8::internal::BackingStore} object. The solution is to explicitly provide a {operator delete}, preventing an implicitly generated {size_t} operator. Bug:v8:11081 Change-Id: Iee0aa47a67f0e41000bea628942f7e3d70198b83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2506712 Commit-Queue: Ulan Degenbaev Reviewed-by: Camillo Bruni Cr-Commit-Position: refs/heads/master@{#70916} PR-URL: https://github.com/nodejs/node/pull/35939 Fixes: https://github.com/nodejs/node/issues/35669 Refs: https://github.com/v8/v8/commit/9a49b2298f65f6b18c5245f3681aca04e5fe4e46 Reviewed-By: Jiawen Geng Reviewed-By: Michaƫl Zasso Reviewed-By: Richard Lau Reviewed-By: Rich Trott Reviewed-By: Colin Ihrig Reviewed-By: Gus Caplan --- common.gypi | 2 +- deps/v8/include/v8.h | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/common.gypi b/common.gypi index aaedbd14bfe597..f8440fef992252 100644 --- a/common.gypi +++ b/common.gypi @@ -36,7 +36,7 @@ # Reset this number to 0 on major V8 upgrades. # Increment by one for each non-official patch applied to deps/v8. - 'v8_embedder_string': '-node.14', + 'v8_embedder_string': '-node.15', ##### V8 defaults for Node.js ##### diff --git a/deps/v8/include/v8.h b/deps/v8/include/v8.h index e2871f1c9d8fd7..7999f358ab5e5d 100644 --- a/deps/v8/include/v8.h +++ b/deps/v8/include/v8.h @@ -5054,6 +5054,13 @@ class V8_EXPORT BackingStore : public v8::internal::BackingStoreBase { */ bool IsShared() const; + /** + * Prevent implicit instantiation of operator delete with size_t argument. + * The size_t argument would be incorrect because ptr points to the + * internal BackingStore object. + */ + void operator delete(void* ptr) { ::operator delete(ptr); } + /** * Wrapper around ArrayBuffer::Allocator::Reallocate that preserves IsShared. * Assumes that the backing_store was allocated by the ArrayBuffer allocator