Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/5fa0b1a7de7547cb02efdb970f85b9ff25000bc8 ([oilpan] Move CompleteSweep() to ScheduleGCIfNeeded() during allocation to play safe.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5c523fa4278f8fb9bf2ce4730851ab118e846c6d

commit 5c523fa4278f8fb9bf2ce4730851ab118e846c6d
Author: Hannes Payer <hpayer@chromium.org>
Date: Thu May 24 11:51:32 2018

Revert "[oilpan] Move CompleteSweep() to ScheduleGCIfNeeded() during allocation to play safe."

This reverts commit 5fa0b1a7de7547cb02efdb970f85b9ff25000bc8.

Reason for revert:
This is not correct since external memory reporting may 1) start an incremental V8 gc which 2) invokes wrapper tracing 3) which may fail if GC is forbidden, c.f. crbug/846093 I will look into this offline.

Bug: chromium:846093 , chromium:846061

Original change's description:
> [oilpan] Move CompleteSweep() to ScheduleGCIfNeeded() during allocation to play safe.
>
> CompleteSweep() needs to be called before we call ReportMemoryToV8(). This change
> makes this dependency more explicit.
>
> Change-Id: I044af54bcfdc8a7457edbb492fba6bfe4ff210aa
> Reviewed-on: https://chromium-review.googlesource.com/1069271
> Reviewed-by: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#560987}

TBR=haraken@chromium.org,hpayer@chromium.org,mlippautz@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Change-Id: I06899e2e5bf0c4303afdd946fd3e6a99f2954530
Reviewed-on: https://chromium-review.googlesource.com/1071288
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#561467}
[modify] https://crrev.com/5c523fa4278f8fb9bf2ce4730851ab118e846c6d/third_party/blink/renderer/platform/heap/thread_state.cc

ClusterFuzz has detected this issue as fixed in range 561466:561468.

Detailed report: https://clusterfuzz.com/testcase?key=5947348191281152

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  !ThreadState::Current()->IsWrapperTracingForbidden() in script_wrappable_marking
  blink::ScriptWrappableMarkingVisitor::TracePrologue
  v8::internal::IncrementalMarking::StartMarking
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=560986:560988
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=561466:561468

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5947348191281152

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5947348191281152 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

 Issue 846225  has been merged into this issue.