Open Bug 1450476 Opened 2 years ago Updated 8 months ago

LSan: Indirect leak of 4096 bytes in [@ nsHtml5TreeBuilder]

Categories

(Core :: DOM: HTML Parser, defect, P3)

defect

Tracking

()

Tracking Status
firefox-esr68 --- affected
firefox61 --- wontfix
firefox68 --- wontfix
firefox69 --- affected
firefox70 --- affected

People

(Reporter: tsmith, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: memory-leak, testcase)

Attachments

(3 files, 1 obsolete file)

Attached file testcase.html (obsolete) —
Indirect leak of 4096 byte(s) in 1 object(s) allocated from:
    #0 0x4c1c93 in malloc /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88:3
    #1 0x4f26fd in moz_xmalloc src/memory/mozalloc/mozalloc.cpp:70:17
    #2 0x7fcdbf556ad1 in operator new[] src/obj-firefox/dist/include/mozilla/mozalloc.h:168:12
    #3 0x7fcdbf556ad1 in nsHtml5TreeBuilder src/parser/html/nsHtml5TreeBuilderCppSupplement.h:51
    #4 0x7fcdbf556ad1 in nsHtml5StreamParser::nsHtml5StreamParser(nsHtml5TreeOpExecutor*, nsHtml5Parser*, eParserMode) src/parser/html/nsHtml5StreamParser.cpp:155
    #5 0x7fcdbf54ce7a in nsHtml5Parser::MarkAsNotScriptCreated(char const*) src/parser/html/nsHtml5Parser.cpp:608:35
    #6 0x7fcdc384063e in nsHTMLDocument::StartDocumentLoad(char const*, nsIChannel*, nsILoadGroup*, nsISupports*, nsIStreamListener**, bool, nsIContentSink*) src/dom/html/nsHTMLDocument.cpp
    #7 0x7fcdc6123b1a in nsContentDLF::CreateDocument(char const*, nsIChannel*, nsILoadGroup*, nsIDocShell*, nsID const&, nsIStreamListener**, nsIContentViewer**) src/layout/build/nsContentDLF.cpp:364:13
    #8 0x7fcdc61230ee in nsContentDLF::CreateInstance(char const*, nsIChannel*, nsILoadGroup*, nsTSubstring<char> const&, nsIDocShell*, nsISupports*, nsIStreamListener**, nsIContentViewer**) src/layout/build/nsContentDLF.cpp
    #9 0x7fcdc06d0ac9 in nsExternalResourceMap::PendingLoad::SetupViewer(nsIRequest*, nsIContentViewer**, nsILoadGroup**) src/dom/base/nsDocument.cpp:1103:26
    #10 0x7fcdc06cfc26 in nsExternalResourceMap::PendingLoad::OnStartRequest(nsIRequest*, nsISupports*) src/dom/base/nsDocument.cpp:1031:17
    #11 0x7fcdbd81bd2c in nsBaseChannel::OnStartRequest(nsIRequest*, nsISupports*) src/netwerk/base/nsBaseChannel.cpp:859:25
    #12 0x7fcdbd86e403 in nsInputStreamPump::OnStateStart() src/netwerk/base/nsInputStreamPump.cpp:526:25
    #13 0x7fcdbd86da79 in nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) src/netwerk/base/nsInputStreamPump.cpp:429:25
    #14 0x7fcdbd633042 in nsInputStreamReadyEvent::Run() src/xpcom/io/nsStreamUtils.cpp:102:20
    #15 0x7fcdbd6a2758 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1096:14
    #16 0x7fcdbd6beac0 in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:519:10
    #17 0x7fcdbe58a59a in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:97:21
    #18 0x7fcdbe4dd919 in RunInternal src/ipc/chromium/src/base/message_loop.cc:326:10
    #19 0x7fcdbe4dd919 in RunHandler src/ipc/chromium/src/base/message_loop.cc:319
    #20 0x7fcdbe4dd919 in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:299
    #21 0x7fcdc5098f0a in nsBaseAppShell::Run() src/widget/nsBaseAppShell.cpp:157:27
    #22 0x7fcdc9114a0b in nsAppStartup::Run() src/toolkit/components/startup/nsAppStartup.cpp:290:30
    #23 0x7fcdc931ed3c in XREMain::XRE_mainRun() src/toolkit/xre/nsAppRunner.cpp:4766:22
    #24 0x7fcdc9321e76 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4911:8
    #25 0x7fcdc9323334 in XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:5003:21
    #26 0x4f168b in do_main src/browser/app/nsBrowserApp.cpp:231:22
    #27 0x4f168b in main src/browser/app/nsBrowserApp.cpp:304
    #28 0x7fcddd8aa82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
Attached file lsan.txt
Suppressions file
Priority: -- → P3
Blocks: leak-fuzz
Attached file testcase.html
Attachment #8964130 - Attachment is obsolete: true
Attached file bloatview.log
Attachment #9080226 - Attachment mime type: application/octet-stream → text/plain
You need to log in before you can comment on or make changes to this bug.