The V8 range in question is https://chromium.googlesource.com/v8/v8/+/4acdb5eec2c79331c47081c23f7d51d3244a2bf0

After poking at this for awhile, I realized I'm not actually in the regression range here. The regression range (per Clusterfuzz) is:

https://chromium.googlesource.com/chromium/src/+log/4342d3eacba11f513071dd4bb06b182b4f1245f3..4844f72ece1a4a870e571e8e53746bd4c7d3f6f6

which does not include a V8 roll. What's shown as the V8 revision in Clusterfuzz is simply the last V8 revision (minus version bumps) at the time of the regression, but it's the same at both ends of the regression range.

Sending back to hablich@ to triage to someone who knows more about investigating GC marking than me. :)

ClusterFuzz has detected this issue as fixed in range 495818:495819.

Detailed report: https://clusterfuzz.com/testcase?key=5977328160342016

Fuzzer: inferno_layout_test_unmodified
Job Type: mac_asan_chrome
Platform Id: mac

Crash Type: CHECK failure
Crash Address: 
Crash State:
  IsMarked(object) in mark-compact.cc
  gin::PrintStackTrace
  v8::internal::MarkingVerifier::VerifyMarkingOnPage
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=458024:458029
Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=495818:495819

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5977328160342016

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5977328160342016 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.