No CL in the regression range changes the crashed files. The result is the blame information.

Author: ortuno
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/3fd03b556675834c683e1453a168a874269b83fc
Time: Wed Jun 15 18:10:34 2016
The CL last changed line 256 of file optional.h, which is stack frame 6.

Suspected Project: chromium-skia
Suspected Component: Internals>Skia
======================================

ortuno@: Could you please look into this issue if it is related to your change, else please help us in assigning it to the right owner.

Thanks!

My change doesn't seem related sorry. I don't know anything about Skia so assigning back to brajkumar

Looping in chromium//src/third_party/OWNERS as the suspected CL's shown above are not recent.

brettw@, can you please take a look at this issue and assign it accordingly ?

Integer overflow in Skia rects is statistically almost never a security problem. Skia team will look at this.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4607939820388352

Fuzzer: inferno_twister
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  SkIRect::width
  SkBlurMask::BoxBlur
  SkDraw::DrawToMask
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=370022:370027

Minimized Testcase (0.33 Kb):
Download: https://cluster-fuzz.appspot.com/download/AMIfv975Cb6fkjyQVyiPC_omFtjepOn0imgMHisrpZdp7rpG8y4k1m2gke5vLnetDdc3BsQ3YhrfD1IyTTgFTgY-Fz4TfWFEqZnQ8cxEHTjx2YNhSay9f2AwgAz0KaN8CkbMOgFKNrKhws8L9jJA59OihrPwTelEKQ?testcase_id=4607939820388352
 zoo: moo;<style>
.c21 { list-style-type: upper-alpha; box-shadow: 143px 61px 3px 1560659125px blue;</style><script>
var docElement = document.body ? document.body : document.documentElement;
tCF57 = document.createElementNS("http://www.w3.org/1999/xhtml", "space");
tCF57.setAttribute("class", "c21");
docElement.appendChild(tCF57);
</script>


Additional requirements: Requires HTTP

Filer: mummareddy

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5937524793147392

Fuzzer: inferno_twister
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  SkBlurMask::BoxBlur
  SkDraw::DrawToMask
  SkMaskFilter::filterPath
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=370022:370027

Minimized Testcase (0.40 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96vOPx9q3cU0GIKtd9TG8i4-uBxOaTbozF7M-dFNzXFH8wBu9MkJDmJEEQcpfm2-VBGJagTm69R3HtWdvtgKl7rDbYDxQNp3J6eeqmVal_XN8rOyDrKIpW1hlzWx5bzDk8BVO9t7lxW3PoSfugzi-LUdcLb_Q?testcase_id=5937524793147392

Issue manually filed by: ranjitkan

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz testcase 4607939820388352 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.