Issue Summary

Somewhere around antisamy-1.6.8-atlassian-5, a bug was introduced which causes a slow but gradual rise in heap usage. Once the heap nears exhaustion, full GC pauses and even {{OutOfMemoryError}}s (OOMEs) can occur as a result.

This is reproducible on Data Center: yes

Steps to Reproduce

1. Install an impacted version of Confluence (7.19.22, 8.5.9, 8.5.10, 8.8.0, 8.8.1, 8.9.0, 8.9.1, 8.9.2)
2. Load some content. In two cases so far, Vietnamese character sets (in the storage format) were common, but eventually any content will trigger a slow rise in heap usage. This may require instance activity over a 1-2 week period for a small heap (ie. 2GB), but over time the rise in heap usage becomes apparent.
3. Monitor GC logs over time to observe the slow but persistent rise in heap usage

Expected Results

Heap usage should remain fairly static over time

Actual Results

Heap usage slowly rises, often leading to full GC and then {{OutOfMemoryError}}s (OOMEs), especially on smaller heaps (ie. less than 4GB)

Heap dumps will show that the the DOM parser for AntiSamy grows bigger and bigger, with all DOM elements added to an internal list that are never cleared.

Workaround

Restart Confluence if heap usage rises too high towards Xmx. The frequency with which restarts are required will depend on heap size and the level of activity on your instance.