Suspected CLs	Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: mlippautz
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/839f3fd406426a221d74eb7a33a72794c3c7a548
Time: Tue Jun 07 17:28:31 2016
The CL last changed line 1136 of file spaces.cc, which is stack frame 1.

Author: mlippautz
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/849d6b45ef6358cedf2451a56a6179f380c95cf3
Time: Fri Jun 17 10:26:18 2016
The CL last changed line 178 of file spaces-inl.h, which is stack frame 2.

Author: mlippautz
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/4e8736da2da2281979cdb0e97a34fd490644bb3d
Time: Mon Apr 25 14:52:30 2016
The CL last changed line 1914 of file spaces.cc, which is stack frame 3.

Author: mlippautz
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/3f92137209ce3c1d46d6498678cce0944c460b4d
Time: Tue Apr 05 13:11:47 2016
The CL last changed line 1497 of file spaces.cc, which is stack frame 4.

Author: mlippautz
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/2e3165029d4f8d17f909d1afa4d1b06a3445650d
Time: Tue Sep 06 14:34:37 2016
The CL last changed line 5450 of file heap.cc, which is stack frame 5.

Author: danno@chromium.org
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/cbe088fffc1460a213f2d16fff946c8fd3041d33
Time: Mon Feb 25 14:03:09 2013
The CL last changed line 2478 of file isolate.cc, which is stack frame 6.

Author: yangguo
Project: chromium-v8
Changelist: https://chromium.googlesource.com/v8/v8.git/+/7cff32a9bd461a9270ba01502ff9a1c3d8c98f05
Time: Wed Dec 10 11:46:27 2014
The CL last changed line 43 of file snapshot-common.cc, which is stack frame 7.

Suspected Project: chromium-v8
Suspected Component: Blink>JavaScript
==============================================

Keeping it in V-8 clusterfuzz sheriff's queue for further investigation.

Igor, please take a look.

mlippautz @ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/588641f242f4adf5240ca02d95c945afa40ab6c9

commit 588641f242f4adf5240ca02d95c945afa40ab6c9
Author: mlippautz <mlippautz@chromium.org>
Date: Wed Nov 02 13:10:20 2016

[heap] Fix Unmapper::TearDown to include delayed chunks

Delayed chunks in the unmapper are chunks that should be unmapped but could
potentially still be accessed by the sweeper (page header), hence their
unmapping is delayed.

During TearDown, however, we need to properly unmap those pages, i.e., check
that they can now be unmapped (should always hold) and properly unmap them.

BUG= chromium:656537 
R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2472573003
Cr-Commit-Position: refs/heads/master@{#40698}

[modify] https://crrev.com/588641f242f4adf5240ca02d95c945afa40ab6c9/src/heap/spaces.cc
[modify] https://crrev.com/588641f242f4adf5240ca02d95c945afa40ab6c9/src/heap/spaces.h

Couldn't reproduce (also CF flagged it as non-reproducable) but found a corner case that could result in this LSan failure. 

 Issue 656536  has been merged into this issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot