PasswordAutofillAgentTest.FillIntoFocusedWritableField also fails with the same error.

Logs:

  [ RUN      ] PasswordAutofillAgentTest.FillIntoFocusedWritableTextField
  ../../content/public/test/render_view_test.cc:402: Failure
  Expected equality of these values:
    0u
      Which is: 0
    result->number_of_live_documents
      Which is: 1
<< Stack trace >>
  ../../content/public/test/render_view_test.cc:403: Failure
  Expected equality of these values:
    0u
      Which is: 0
    result->number_of_live_nodes
      Which is: 22
<< Stack trace >>
  ../../content/public/test/render_view_test.cc:406: Failure
  Expected equality of these values:
    0u
      Which is: 0
    result->number_of_live_pausable_objects
      Which is: 1
<< Stack trace >>
  ../../content/public/test/render_view_test.cc:408: Failure
  Expected equality of these values:
    0u
      Which is: 0
    result->number_of_live_frames
      Which is: 1
<< Stack trace >>
  ../../content/public/test/render_view_test.cc:411: Failure
  Expected equality of these values:
    0u
      Which is: 0
    result->number_of_live_resource_fetchers
      Which is: 1
<< Stack trace >>
  [  FAILED  ] PasswordAutofillAgentTest.FillIntoFocusedWritableTextField (1495 ms)

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c7e76040b198adbb7f3644ad3f1a27e043e84442

commit c7e76040b198adbb7f3644ad3f1a27e043e84442
Author: Vaclav Brozek <vabr@chromium.org>
Date: Tue Dec 18 17:38:39 2018

Mark disabled PasswordAutofillAgentTests properly

Six of those tests fail because of leaks, as described in the
associated bug. However, the current comments (except for one)
don't provide enough context, so this CL is adding TODOs
annotated with the bug.

Bug: 855383
Change-Id: I64e14aa902529a289a36c210990190e7fac9ae3b
Reviewed-on: https://chromium-review.googlesource.com/c/1380674
Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org>
Commit-Queue: Vaclav Brozek <vabr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#617551}
[modify] https://crrev.com/c7e76040b198adbb7f3644ad3f1a27e043e84442/chrome/renderer/autofill/password_autofill_agent_browsertest.cc

Did you rerun these tests? They did not report any leaks for me.

Did you use the ASAN setup?

I enabled is_asan but missed the full instructions. With those I am able to reproduce this.

My current status is that the culprit seems to be the SpellCheckProvider. If I remove new SpellCheckProvider(render_frame, spellcheck_.get(), this); from chrome_content_renderer_client.cc the leak goes away.

Blink>Editing>Spellchecking team, could you please help with this issue?

The reproduction steps are:

gn args:
  is_asan = true
  is_lsan = true
  enable_nacl = false
  is_debug = fals

ASAN_OPTIONS="detect_odr_violation=0 detect_leaks=1 symbolize=1 external_symbolizer_path=`pwd`/third_party/llvm-build/Release+Asserts/bin/llvm-symbolizer" ./out/my_build/browser_tests --gtest_also_run_disabled_tests --gtest_filter='PasswordAutofillAgentTest.DISABLED_AutocompleteForPrefilledUsernameValue' --no-sandbox 2>&1 | tools/valgrind/asan/asan_symbolize.py

Observe a number of leaks as described in the first comment.

Then change SpellChecker::IsSpellCheckingEnabled() in third_party/blink/renderer/core/editing/spellcheck/spell_checker.cc to always return false.

Observe that the leaks are gone.

(Thanks, Dominic, for further investigating and routing this to appropriate owners. Removing myself for now, as the initial question from #4 has been resolved outside of this bugreport, but happy to be added back for follow-up questions.)

The NextAction date has arrived: 2019-01-08

Sorry I somehow didn't notice this bug earlier...

There's an unfinished SpellCheckRequest holding a reference to the document and  causing the leak. Investigating why it's not cleared at test tear down.

I see.

Timeline:

1. Test page is setup
2. Operations on text fields trigger spellchecker, which stores references to Blink elements in SpellCheckProvider (which is out of Blink)
3. Test finishes and runs RenderViewTest::TearDown()
4. RenderViewTest::TearDown() shuts down and clears all pages
5. RenderViewTest::TearDown() calls BlinkLeakDetector::PerformLeakDetection()
5.1 BlinkLeakDetector::PerformLeakDetection() tries to go through all pages and all frames to release resources and prepare for leak detection
5.2 BlinkLeakDetector::PerformLeakDetection() performs actual leak detection

The issue is that, the page is already cleared in step 4 (while the stored references in SpellCheckProvider remain there). So in step 5.1, it fails to get a reference to the page, and therefore, fails to call SpellChecker::PrepareForLeakDetection() to clear the stored references .

So a leak is detected.

To fix the leak, we need to clear all stored spellcheck requests when a document is shut down.