From findit tool:

Author: leviw
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/b66c49fa179e76970cc9cf4500fee1f9f0ff2cb8
Time: Thu Mar 03 01:30:11 2016
The CL last changed line 2506 of file LayoutBox.cpp, which is stack frame 5.

Moving this nonessential bug to the next milestone.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

This issue has been moved once and is lower than Pri-1. Removing the milestone.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6270302376165376

Fuzzer: inferno_twister
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x00000008
Crash State:
  blink::LayoutTextControl::computeLogicalHeight
  blink::LayoutBox::updateLogicalHeight
  blink::LayoutBlockFlow::layoutBlockFlow
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=407429:407440

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv95VgkUZBy5gLZE_WFxNinx8uYisLJOq1zjbL7sdZXCqccckEXCfmpebEIWlqC3Crl2Nc7i6RSf2MD16Rzi9l3hqrk7Zx014KsLLY1J9wpDG6nbcD5zF2XQOn3By-Kf74G1mTtJRWucvvte9BHsFluHMOm3n_Mwy5w9t8mXiUqdsxQo1V-Q?testcase_id=6270302376165376


Filer: mmohammad

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6037724861825024

Fuzzer: inferno_twister
Job Type: windows_syzyasan_content_shell
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x00000008
Crash State:
  blink::Node::layoutBox
  blink::LayoutTextControl::computeLogicalHeight
  blink::LayoutBox::updateLogicalHeight
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=windows_syzyasan_content_shell&range=414382:414438

Minimized Testcase (3.22 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96mPdkefYmYG_ybQGnV7g7I7xE1pIn2WiomFY2OH-fgtPfJCYStEBKvxmDzNSrm9sSb92ifrwIh7Sjx6d5RjmPggcveN05c6B6gL9xG6oQcX4q5ucDhPEthljXBoOP97-kJ-l3K732dM6Q6HA8mLUzO6V6T8w?testcase_id=6037724861825024

Additional requirements: Requires HTTP

Issue manually filed by: durga.behera

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz has detected this issue as fixed in range 455091:455394.

Detailed report: https://clusterfuzz.com/testcase?key=5205052268740608

Fuzzer: inferno_twister
Job Type: linux_asan_content_shell_drt
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000010
Crash State:
  blink::Node::layoutBox
  blink::LayoutTextControl::computeLogicalHeight
  blink::LayoutBox::updateLogicalHeight
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=363188:363337
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=455091:455394

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95ukeMHebyPmtEI5REZUsi56IrcivB0ZyjFA3lPFZQ51awQxx-PHD6GXpn3hPiSKcHkwNJRQJHY9PaY8h1K9IUQfIPvxUTlkuJOPfXM37XmOVYzOZ_89Laww7OIC7mxZbj9Pw4ryd_fmv-WbP3dVPnKC9YvLA?testcase_id=5205052268740608


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5205052268740608 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.