ortuno@, your CL is suspected, do you mind to take a look please?

I have a patch out of review that should resolve this.

ClusterFuzz has detected this issue as fixed in range 388349:388397.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6416462406746112

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_content_shell_drt
Platform Id: linux

Crash Type: Heap-use-after-free READ 8
Crash Address: 0x61f0000284a0
Crash State:
  device::MockBluetoothGattNotifySession::DoNotify
  base::Timer::RunScheduledTask
  base::debug::TaskAnnotator::RunTask
  
Recommended Security Severity: High

Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_content_shell_drt&range=387601:387928
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_content_shell_drt&range=388349:388397

Minimized Testcase (25.83 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96Nd4_MFtwx8ExUqG9ywR-6CIk5f3Y1aAHPSS6DvyFxQmly5gccMOz8wOJ8ne2aCj9IjuxKd-Ynh2MMQtPOC92A397mW3l_XV_IbxAOM407gGGxn3uPb6qCspvXYRrCx92x3xOBL1OcOA4r9VZiAYUHus4h-imBDtjcCaENZiNwaUNfbpg

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot