66.0.3343.1	2.70%	2	
66.0.3342.1	8.11%	6	
66.0.3341.1	10.81%	8	
66.0.3340.1	12.16%	9	
66.0.3339.1	18.92%	14	
66.0.3338.1	9.46%	7	
66.0.3335.1	37.84%	28

According to stack traces, it seems that HasPendingActivity() got called while creating |preload_response_property_|, which is created in the constructor of FetchEvent. Since |preload_response_property_| isn't initialized yet at that point, we are dereferencing |preload_response_property_|. Preparing a CL to fix.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/724f30f09274b49fb7ea58c4704ab0ae1e8b3399

commit 724f30f09274b49fb7ea58c4704ab0ae1e8b3399
Author: Kenichi Ishibashi <bashi@chromium.org>
Date: Tue Feb 13 09:15:10 2018

Add null check in FetchEvent::HasPendingActivity()

|preload_response_property_| could be null when HasPendingActivity()
is called because we could run GC while constructing FetchEvent.
This CL adds a null check for |preload_response_property_|.

Bug:  810654 
Change-Id: Ic2544dd0cdda648658fbf7f91f03a363c50d22a9
Reviewed-on: https://chromium-review.googlesource.com/910475
Commit-Queue: Kenichi Ishibashi <bashi@chromium.org>
Reviewed-by: Makoto Shimazu <shimazu@chromium.org>
Reviewed-by: Matt Falkenhagen <falken@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#536310}
[modify] https://crrev.com/724f30f09274b49fb7ea58c4704ab0ae1e8b3399/third_party/WebKit/Source/modules/serviceworkers/FetchEvent.cpp

The fix was in 66.0.3347.0 and we haven't observed crashes after that version. Closing as fixed.