[Webkit-unassigned] [Bug 196059] New: Leak of SVGFontFaceElement when RenderStyle holds onto a FontRances which uses it

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Mar 20 23:14:05 PDT 2019


https://bugs.webkit.org/show_bug.cgi?id=196059

            Bug ID: 196059
           Summary: Leak of SVGFontFaceElement when RenderStyle holds onto
                    a FontRances which uses it
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P2
         Component: SVG
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rniwa at webkit.org
                CC: zimmermann at kde.org

SVGFontFaceElement keeps its RenderStyle alive via ElementRareData
but RenderStyle can hold onto FontRanges and therefore CSSFontSource,
which in turn keeps SVGFontFaceElement alive, making a reference cycle.

Complete cycle:
SVGFontFaceElement (1) -> ElementRareData -> StyleInheritedData -> FontCascade -> FontCascadeFonts (2)

FontCascadeFonts (2) -> FontRanges (3)
FontCascadeFonts (2) -> CSSFontSelector -> CSSFontFaceSet -> CSSSegmentedFontFace -> FontRanges (3)

FontRanges (3) -> CSSFontAccessor > CSSFontFace > CSSFontSource -> SVGFontFaceElement (1)

<rdar://problem/47562909>

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190321/094b7dac/attachment-0001.html>


More information about the webkit-unassigned mailing list