Closed Bug 376509 Opened 17 years ago Closed 17 years ago

Leak of nested <svg:svg>


(Core :: SVG, defect)

1.8 Branch
Not set





(Reporter: tor, Unassigned)


(4 keywords)


(1 file)

The branch has a bug where once you nest <svg:svg> to three levels, we will leak everything past the second level.  Example:

<svg xmlns="">
  <svg id="leaking">

Everything at the id="leaking" level and below is leaked.

This is happening because the nsSVGInnerSVGFrame::GetCoordContextProvider is QIing its content to a type and raising the refcount before returning it as an already_AddRefed<>.  The manual refcount is not needed because the QI already does that.
Attachment #260601 - Flags: superreview?(roc)
Attachment #260601 - Flags: review?(jwatt)
Attachment #260601 - Flags: review?(jwatt) → review+
Attachment #260601 - Flags: superreview?(roc) → superreview+
Comment on attachment 260601 [details] [diff] [review]
remove extra addref

This simple change fixes a large memory leak in SVG files with a deep (>2) nested structure, which is pretty easy to do with machine generated content.

Only affects SVG documents, so low risk from the point of view of what most content the browser deals with.  Change itself is also simple, just removing an extraneous addref.
Attachment #260601 - Flags: approval1.8.1.4?
Attachment #260601 - Flags: approval1.8.0.12?
Keywords: mlk, testcase
Comment on attachment 260601 [details] [diff] [review]
remove extra addref

approved for and, a=dveditz for release-drivers
Attachment #260601 - Flags: approval1.8.1.4?
Attachment #260601 - Flags: approval1.8.1.4+
Attachment #260601 - Flags: approval1.8.0.12?
Attachment #260601 - Flags: approval1.8.0.12+
Checked in on MOZILLA_1_8_BRANCH and MOZILLA_1_8_0_BRANCH.
Closed: 17 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.