Predator and CL could not provide any possible suspects.

Using Code Search for the file, "string_impl.h" suspecting the below Cl might have caused this issue

Suspect CL: https://chromium.googlesource.com/chromium/src/+/9d0fd86cf833cd7f35eea342f15c827516938d67

dtapuska@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

mmoroz@ what should we do with this class of issues? PartitionAllocator is stubbed out for the asan fuzzer.. which then can allocate sizes larger than expected.

Problematic code is:
https://cs.chromium.org/chromium/src/base/allocator/partition_allocator/partition_alloc.h?type=cs&q=MEMORY_TOOL_REPLACES_ALLOCATOR&g=0&l=273

In the normal code path it throws a range error that it can't allocate more than the range expected.

ClusterFuzz has detected this issue as fixed in range 619628:619629.

Detailed report: https://clusterfuzz.com/testcase?key=4755491726819328

Fuzzer: inferno_layout_test_fuzzer
Job Type: linux_asan_content_shell_drt
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  length <= in string_impl.h
  blink::TextDecoder::decode
  blink::TextDecoder::decode
  
Sanitizer: address (ASAN)

Fixed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=619628:619629

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4755491726819328

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4755491726819328 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.