Bug 50990

Created attachment 76460 [details] Patch

Comment on attachment 76460 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=76460&action=review > WebCore/css/CSSRuleList.h:37 > + CSSRuleList(); It would be better to use releaseRef() instead of exposing the constructor.

Created attachment 76963 [details] Patch

I used leakRef() instead of releaseRef() as it seems releaseRef() is being removed at some point?

Comment on attachment 76963 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=76963&action=review Overall, this feel tricky. (Leaking the pointer and then in another function in another file doing the adoptRef.) Reinforcing this is the fact that is there is a memory leak bug which several of us missed. (Eric missed it. I didn't see it for a while, and you missed it.) So I'm wondering what benefit is it to remove this variable? (It looks like CSSParser is not a long lived object. It also doesn't appear that lots of them are created at the same time.) > WebCore/css/CSSGrammar.y:415 > + if (!$$) { Nit: No { for single line statements. > WebCore/css/CSSParser.cpp:5518 > if (!media || !rules || !m_styleSheet) The ref count on rules leaks here. I'd suggest putting rules in a RefPtr<> = adoptRef(rules); immediately upon entering this function and then doing a .releaseRef() below.

CSSGrammer.y does not exist on Webkit Github repo as of today. Further, in CSSParser.cpp, there is no mention of createMediaRule and nothing about createRuleList: https://github.com/WebKit/WebKit/blob/a8766e9cb3f1d5446226413afe0de6b0a64dc996/Source/WebCore/css/parser/CSSParser.cpp I think CSSPraser has been changed significantly since this patch and it cannot be applied directly. I am going to mark this as "RESOLVED WONTFIX". Please add anything for future reference or if this is incorrect conclusion. Thanks!