Created attachment 260601 [details] [diff] [review] remove extra addref The branch has a bug where once you nest <svg:svg> to three levels, we will leak everything past the second level. Example: <svg xmlns="http://www.w3.org/2000/svg"> <svg id="leaking"> <svg> </svg> </svg> </svg> Everything at the id="leaking" level and below is leaked. This is happening because the nsSVGInnerSVGFrame::GetCoordContextProvider is QIing its content to a type and raising the refcount before returning it as an already_AddRefed<>. The manual refcount is not needed because the QI already does that.
Comment on attachment 260601 [details] [diff] [review] remove extra addref This simple change fixes a large memory leak in SVG files with a deep (>2) nested structure, which is pretty easy to do with machine generated content. Only affects SVG documents, so low risk from the point of view of what most content the browser deals with. Change itself is also simple, just removing an extraneous addref.
Comment on attachment 260601 [details] [diff] [review] remove extra addref approved for 126.96.36.199 and 188.8.131.52, a=dveditz for release-drivers
Checked in on MOZILLA_1_8_BRANCH and MOZILLA_1_8_0_BRANCH.