Below is the list of suspected CLs from 'Findit'.

Author: mnaganov@chromium.org
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/e6130b2754e6d6ecc9834fc0b5d30725bba5ba73
Time: Thu Jan 05 10:52:55 2012
The CL last changed line 323 of file ref_counted.h, which is stack frame 0.

Author: levin@chromium.org
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/3b63f8f451afcf414a59c529f627c620e4d449d9
Time: Mon Mar 28 01:54:15 2011
The CL last changed line 331 of file ref_counted.h, which is stack frame 1.

Author: dcheng
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f883604e3ea3a0b9881dc5eb1e933fb66d914003
Time: Wed Nov 26 05:04:55 2014
The CL last changed line 22 of file callback_internal.cc, which is stack frame 2.

Author: tzik
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/c87149e666acfe39d49d7f30a5fd9acc7ef085ea
Time: Thu Nov 20 01:08:20 2014
The CL last changed line 364 of file callback.h, which is stack frame 3.

Author: ben
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/48799d724056efafd4bc7faa6e77459fbd1efad0
Time: Fri Oct 30 02:48:14 2015
The CL last changed line 44 of file runner_connection.cc, which is stack frame 4.

Author: rockot
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/19c030e8689cd94f5bc43fcce349e86e4d1ea405
Time: Fri Feb 26 05:46:58 2016
The CL last changed line 171 of file runner_connection.cc, which is stack frame 5.

Author: danakj
Component: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/a2a688b50544823d93f28b434c61eb3dc9b2cbbe
Time: Thu Dec 03 01:44:23 2015
The CL last changed line 65 of file callback.h, which is stack frame 6.

rockot@, could you please look into this change (https://chromium.googlesource.com/chromium/src//+/19c030e8689cd94f5bc43fcce349e86e4d1ea405) if possible? Please feel free to re-assign in case if this is not your change.

Thank you!

I'll look into this. It's not that change per se that's the problem, but it is likely a problem with nearby code.

Actually I initially misread the crash revision.

This was already fixed by https://chromium.googlesource.com/chromium/src/+/ae23b982 a few revisions later.

ClusterFuzz has detected this issue as fixed in range 381067:381276.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6000036963418112

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: Direct-leak
Crash Address: 
Crash State:
  blink::IDBObjectStoreMetadata::operator=
  blink::IDBTransaction::objectStoreCreated
  blink::IDBTransaction::objectStore
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=381067:381276

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv967boDZx9uWGJU75F587IqZN9EaxMNJTbXJl73_AJ0_ELPhaMGTWTFKAdOPVaqaNvGFoj8areH3qlwsQcio7gWO3bc1H6eKP0G-F0XatZ7QVg3oopLT0RI2EnfO8Q3SEHzRsd9TyagzpIuSZgw7zzusnb4F4Q


Additional requirements: Requires Gestures

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot