Version: 55.0.2872.0 (Developer Build) (64-bit) with dcheck_always_on=1
OS: Linux
What steps will reproduce the problem?
(1) composing message on inbox.google.com
(2)
(3)
What is the expected output?
What do you see instead?
#
# Fatal error in ../../v8/src/heap/scavenger-inl.h, line 14
# Check failed: object->GetIsolate()->heap()->InFromSpace(object).
#
==== C stack trace ===============================
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x946fbe) [0x7ffff3ef1fbe]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x9446f0) [0x7ffff3eef6f0]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4f0eca) [0x7ffff3a9beca]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4cb334) [0x7ffff3a76334]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x5d4659) [0x7ffff3b7f659]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4ffbd6) [0x7ffff3aaabd6]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4ee099) [0x7ffff3a99099]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4ec540) [0x7ffff3a97540]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4eb82f) [0x7ffff3a9682f]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x4af635) [0x7ffff3a5a635]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x761157) [0x7ffff3d0c157]
/usr/local/google/home/ukai/src/chromium-git/src/out.0/Release/./libv8.so(+0x760e9d) [0x7ffff3d0be9d]
[0x2ef3a6e843a7]
Received signal 4 ILL_ILLOPN 7ffff3ef15df
Received signal 11 SEGV_MAPERR 003000000020
Please use labels and text to provide additional information.
Comment 1 by hablich@chromium.org
, Sep 26 2016Status: Available (was: Untriaged)