Direct-leak in blink::SourceLocation::Create |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6114961272340480 Fuzzer: afl_content_security_policy_fuzzer Job Type: afl_chrome_asan Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: blink::SourceLocation::Create blink::Document::AddConsoleMessage blink::ContentSecurityPolicy::ApplyPolicySideEffectsToExecutionContext Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=afl_chrome_asan&range=463138:463141 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6114961272340480 Additional requirements: Requires Gestures Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Oct 3 2017
I can't really see how my change could have caused the issue. blink::SourceLocation::Create creates a SourceLocation as a unique ptr and passes it to the execution context's ConsoleMessageStorage, so the execution context is the one that's probably leaking? Adding some more CSP people to get more eyes on it, I actually have no idea. > See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. This link seems dead?
,
Oct 3 2017
As per the Issue 703862 owner assigning this issue to @jbroman. @jbroman -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes. Thanks.
,
Oct 3 2017
cc mmoroz in case there's a better way to suppress this This is allocated in the global initialization, and intentionally leaked (per the recommendations).
,
Oct 3 2017
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Nov 7 2017
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by pnangunoori@chromium.org
, Oct 3 2017Labels: M-61 Test-Predator-Wrong
Owner: kinuko@chromium.org
Status: Assigned (was: Untriaged)