UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Steps to reproduce the problem:
Version 69.0.3451.0 (Developer Build) (64-bit)
signal 11 SEGV_MAPERR 000000000058 in operator blink::FrameClient * /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/platform/heap/member.h:88:32
1.Get new version chrome:
 a) Build source code 
    config args.gn file as below:
		use_sanitizer_coverage = true
		is_asan = true
		is_debug = false
		enable_nacl = false
		treat_warnings_as_errors = false
	ninja -j16 -C out/chrome_asan chrome
2.python3.5m -m http.server 8605

3. ./crhome http://127.0.0.1:8605 ./crash.html

What is the expected behavior?

What went wrong?
Received signal 11 SEGV_MAPERR 000000000058

    #0 0x56179236bc31 in __interceptor_backtrace /b/build/slave/linux_upload_clang/build/src/third_party/llvm/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:3980:13
    #1 0x561799b93d1e in base::debug::StackTrace::StackTrace(unsigned long) /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/debug/stack_trace_posix.cc:808:41
    #2 0x561799b92c6d in base::debug::(anonymous namespace)::StackDumpSignalHandler(int, siginfo_t*, void*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/debug/stack_trace_posix.cc:334:3
    #3 0x7fd0a24da390 in __funlockfile ??:?
    #4 0x7fd0a24da390 in ?? ??:0
    #5 0x5617a42628f9 in operator blink::FrameClient * /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/platform/heap/member.h:88:32
    #6 0x5617a42628f9 in Client /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/core/frame/frame.h:302:0
    #7 0x5617a42628f9 in blink::LocalFrame::Client() const /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/core/frame/local_frame.cc:1210:0
    #8 0x5617a7eb4410 in blink::ThreadedWorkletMessagingProxy::Initialize(blink::WorkerClients*, blink::WorkletModuleResponsesMap*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/core/workers/threaded_worklet_messaging_proxy.cc:52:29
    #9 0x5617a7e661a2 in blink::AudioWorklet::CreateGlobalScope() /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/modules/webaudio/audio_worklet.cc:82:10
    #10 0x5617a5d8bae9 in blink::Worklet::FetchAndInvokeScript(blink::KURL const&, blink::WorkletOptions const&, blink::WorkletPendingTasks*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/core/workers/worklet.cc:145:24
    #11 0x5617999a52d9 in Run /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/callback.h:96:12
    #12 0x5617999a52d9 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/debug/task_annotator.cc:101:0
    #13 0x5617988e9298 in base::sequence_manager::internal::ThreadControllerImpl::DoWork(base::sequence_manager::internal::ThreadControllerImpl::WorkType) /home/cowboy/chromium/src/out/chrome_asan_shared/../../third_party/blink/renderer/platform/scheduler/base/thread_controller_impl.cc:166:21
    #14 0x5617999a52d9 in Run /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/callback.h:96:12
    #15 0x5617999a52d9 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/debug/task_annotator.cc:101:0
    #16 0x561799a04a13 in base::MessageLoop::RunTask(base::PendingTask*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/message_loop/message_loop.cc:319:25
    #17 0x561799a05c90 in DeferOrRunPendingTask /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/message_loop/message_loop.cc:329:5
    #18 0x561799a05c90 in base::MessageLoop::DoWork() /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/message_loop/message_loop.cc:373:0
    #19 0x561799a0e5f0 in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/message_loop/message_pump_default.cc:37:31
    #20 0x561799a7fdc1 in base::RunLoop::Run() /home/cowboy/chromium/src/out/chrome_asan_shared/../../base/run_loop.cc:102:14
    #21 0x5617a88eb636 in content::RendererMain(content::MainFunctionParams const&) /home/cowboy/chromium/src/out/chrome_asan_shared/../../content/renderer/renderer_main.cc:218:23
    #22 0x561798f41696 in content::RunZygote(content::ContentMainDelegate*) /home/cowboy/chromium/src/out/chrome_asan_shared/../../content/app/content_main_runner_impl.cc:567:14
    #23 0x561798f4518e in content::ContentMainRunnerImpl::Run() /home/cowboy/chromium/src/out/chrome_asan_shared/../../content/app/content_main_runner_impl.cc:969:10
    #24 0x561798f64c64 in service_manager::Main(service_manager::MainParams const&) /home/cowboy/chromium/src/out/chrome_asan_shared/../../services/service_manager/embedder/main.cc:459:29
    #25 0x561798f3fca8 in content::ContentMain(content::ContentMainParams const&) /home/cowboy/chromium/src/out/chrome_asan_shared/../../content/app/content_main.cc:19:10
    #26 0x5617923f56f0 in ChromeMain /home/cowboy/chromium/src/out/chrome_asan_shared/../../chrome/app/chrome_main.cc:101:12
    #27 0x7fd09b73c830 in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291:0
    #28 0x56179231f02a in _start ??:0:0
  r8: 0000000000000000  r9: 00007fd090cf5245 r10: 00007ffd523e0000 r11: 0000000000000201
 r12: 00000ffa92237400 r13: 00000fd25e4844ec r14: 00007ee689b2db70 r15: 00007e92f2422760
  di: 00005617aacce334  si: 00000000000000f5  bp: 00007ffd52bdd650  bx: 0000000000000058
  dx: 00000fdcd138620f  ax: 000000000000000b  cx: 00007e92f2422550  sp: 00007ffd52bdd640
  ip: 00005617a42628f9 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000058
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Did this work before? N/A 

Chrome version: Version 69.0.3451.0 (Developer Build) (64-bit)  Channel: dev
OS Version: Ubuntu16.04
Flash Version:
 

Deleted: crash.html 879 bytes

crash.html 879 bytes View Download

Deleted: bit-crusher.js 1.5 KB

bit-crusher.js 1.5 KB View Download

Deleted: 1.xhtml 750 bytes

1.xhtml 750 bytes View Download

Deleted: f.wasm 76 bytes

f.wasm 76 bytes Download

Deleted: symbolised.log 5.2 KB

symbolised.log 5.2 KB View Download