The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b3919909ff2a1729179fe1db3e1358a6c5e73850

commit b3919909ff2a1729179fe1db3e1358a6c5e73850
Author: Andy Paicu <andypaicu@chromium.org>
Date: Mon Jun 04 10:12:39 2018

Moved the binding of CSP to the execution context later[worker/worklet]

As part of the init process for workers and worklets, the parsed CSP is
bound to them. As part of this process any stored console messages that
might result from parsing the CSP will be passed to them to send to
the appropriate console.

The issue is that in Worker/Worklet the necessary members have not
yet been initialized (specifically the `thread_` member).

This resulted in the two bugs below.

Bug:  844383 , 844317 
Change-Id: Id65db314d33eeb61dd1165a52f8379ab8ff32fab
Reviewed-on: https://chromium-review.googlesource.com/1073230
Commit-Queue: Andy Paicu <andypaicu@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Reviewed-by: Nate Chapin <japhet@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#564047}
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/main_thread_worklet_global_scope.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/main_thread_worklet_test.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/threaded_worklet_global_scope.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/threaded_worklet_test.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/worker_global_scope.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/worker_or_worklet_global_scope.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/worker_or_worklet_global_scope.h
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/worklet_global_scope.cc
[modify] https://crrev.com/b3919909ff2a1729179fe1db3e1358a6c5e73850/third_party/blink/renderer/core/workers/worklet_global_scope.h

ClusterFuzz has detected this issue as fixed in range 564046:564047.

Detailed report: https://clusterfuzz.com/testcase?key=5928892179939328

Fuzzer: inferno_layout_test_fuzzer
Job Type: windows_asan_content_shell
Platform Id: windows

Crash Type: Breakpoint
Crash Address: 0x000000000000
Crash State:
  InvalidParameter
  blink::ContentSecurityPolicy::ApplyPolicySideEffectsToExecutionContext
  blink::WorkletGlobalScope::WorkletGlobalScope
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=531299:531319
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=564046:564047

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5928892179939328

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5928892179939328 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.