providing findit results for internal purpose:

Suspected CLs	No CL in the regression range changes the crashed files. The result is the blame information.

Author: eae@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/70e39074ac4ebdf18d406fbd56a5ddde4c8e989e
Time: Wed Nov 07 18:33:44 2012
The CL last changed line 648 of file LayoutUnit.h, which is stack frame 0.

Author: eae@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/70e39074ac4ebdf18d406fbd56a5ddde4c8e989e
Time: Wed Nov 07 18:33:44 2012
The CL last changed line 164 of file LayoutPoint.h, which is stack frame 1.

Author: wangxianzhu
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/88719a882e81c1f008c8cbf89584a25769458a31
Time: Tue Jan 05 20:06:27 2016
The CL last changed line 229 of file ObjectPainter.cpp, which is stack frame 2.

Author: wangxianzhu@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/d73c319b1be14ce900c8ecc6d61b75be68f5f02c
Time: Mon Aug 31 19:11:38 2015
The CL last changed line 25 of file InlinePainter.cpp, which is stack frame 3.

Author: chrishtr@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/7bbf28dbf37343355a80aa7cd33c6d4a90728b6a
Time: Sat Sep 20 20:40:40 2014
The CL last changed line 519 of file LayoutInline.cpp, which is stack frame 4.

Author: wangxianzhu@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/8dc679ff9c024183bc1f651d9660b73de5160859
Time: Wed May 20 18:11:20 2015
The CL last changed line 715 of file PaintLayerPainter.cpp, which is stack frame 5.

Author: pdr
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/8b1bccd2aa7837bcd52b217c6b32f2a507240374
Time: Wed Jan 20 20:24:00 2016
The CL last changed line 781 of file PaintLayerPainter.cpp, which is stack frame 6.

Suspected Project: chromium

using codesearch, seeing some changes to LayoutInline.cpp in https://chromium.googlesource.com/chromium/src/+/d666f503ae854fac360cc70da1f5971a6724546a

foolip@, Could you please check the above issue & help us in finding an owner it its not yours.

ClusterFuzz has detected this issue as fixed in range 406657:406809.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6305936469917696

Fuzzer: inferno_twister
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  blink::ObjectPainter::paintOutline
  blink::InlinePainter::paint
  blink::LayoutInline::paint
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=400445:400830
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=406657:406809

Minimized Testcase (0.89 Kb): https://cluster-fuzz.appspot.com/download/AMIfv974Z23ieZV6hsWRx6jctMsm2fPavZkP_HLAGvgsKMUOASbeJfpqVWxZo5ceh_dkOH7xL9m9YWo_kD4uCa98NPehv1yS7MfmJC3oQOM3YQ5AS3SspWV6TjhQfJGtHTuzxKKJtxelaoe7kr6RR54OICKDyro4Aw?testcase_id=6305936469917696

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot