195987 – [CSS OM] StyledElementInlineStylePropertyMap creates a Ref cycle with its owner element

RESOLVED FIXED 195987

[CSS OM] StyledElementInlineStylePropertyMap creates a Ref cycle with its owner element

https://bugs.webkit.org/show_bug.cgi?id=195987

Summary [CSS OM] StyledElementInlineStylePropertyMap creates a Ref cycle with its own...

Ryosuke Niwa

Reported 2019-03-19 21:44:41 PDT

There is a very obvious leak here. StyledElementInlineStylePropertyMap ref's its element and Element Ref's the map in ElementRareData. <rdar://problem/47254121>

Attachments
Fixes the bug (6.76 KB, patch) 2019-03-19 22:14 PDT, Ryosuke Niwa	no flags	Details Formatted Diff Diff
Updated the change log (7.24 KB, patch) 2019-03-19 22:18 PDT, Ryosuke Niwa	simon.fraser: review+	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Ryosuke Niwa

Comment 1 2019-03-19 22:14:43 PDT

Created attachment 365308 [details] Fixes the bug

Ryosuke Niwa

Comment 2 2019-03-19 22:18:32 PDT

Created attachment 365309 [details] Updated the change log

Simon Fraser (smfr)

Comment 3 2019-03-20 13:01:45 PDT

Comment on attachment 365309 [details] Updated the change log View in context: https://bugs.webkit.org/attachment.cgi?id=365309&action=review > Source/WebCore/dom/Element.cpp:209 > + if (auto* map = elementRareData()->attributeStyleMap()) > + map->clearElement(); Maybe ElementRareData should have a clearElement or clearNdoe function on it

Ryosuke Niwa

Comment 4 2019-03-20 13:14:00 PDT

(In reply to Simon Fraser (smfr) from comment #3) > Comment on attachment 365309 [details] > Updated the change log > > View in context: > https://bugs.webkit.org/attachment.cgi?id=365309&action=review > > > Source/WebCore/dom/Element.cpp:209 > > + if (auto* map = elementRareData()->attributeStyleMap()) > > + map->clearElement(); > > Maybe ElementRareData should have a clearElement or clearNdoe function on it That approach makes sense as well. Although I'm hoping that I can just add the support for WeakPtr<Element> and remove this code.

Ryosuke Niwa

Comment 5 2019-03-20 14:23:05 PDT

Committed r243239: <https://trac.webkit.org/changeset/243239>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component CSS

Assignee

Ryosuke Niwa

Reported

2019-03-19 21:44 PDT

Modified

2019-03-20 14:23 PDT History

CC List

6 users Show

URL

Keywords InRadar

Depends on

Blocks