src: fix memory leak for v8.serialize

liuxingbaoyu · liuxingbaoyu · commit 809386aa1193 · 2022-04-12T02:16:57.000+08:00
When Buffer::New passes in existing data, it cannot be garbage collected in js synchronous execution. Fixes: #40828 Refs: #38300
diff --git a/src/node_serdes.cc b/src/node_serdes.cc
@@ -209,9 +209,10 @@ void SerializerContext::ReleaseBuffer(const FunctionCallbackInfo<Value>& args) {
   // Note: Both ValueSerializer and this Buffer::New() variant use malloc()
   // as the underlying allocator.
   std::pair<uint8_t*, size_t> ret = ctx->serializer_.Release();
-  auto buf = Buffer::New(ctx->env(),
+  auto buf = Buffer::Copy(ctx->env(),
                          reinterpret_cast<char*>(ret.first),
                          ret.second);
+  free(ret.first);
 
   if (!buf.IsEmpty()) {
     args.GetReturnValue().Set(buf.ToLocalChecked());
diff --git a/test/parallel/test-v8-serialize-leak.js b/test/parallel/test-v8-serialize-leak.js
@@ -0,0 +1,22 @@
+'use strict';
+// Flags: --expose-gc
+
+require('../common');
+const v8 = require('v8');
+const assert = require('assert');
+
+const before = process.memoryUsage.rss();
+
+for (let i = 0; i < 1000000; i++) {
+  v8.serialize('');
+}
+
+global.gc();
+
+const after = process.memoryUsage.rss();
+
+if (process.config.variables.asan) {
+  assert(before * 10 > after, `asan: before=${before} after=${after}`);
+} else {
+  assert(after - before < 1024 * 1024 * 10, `before=${before} after=${after}`);
+}
