From findit tool:

Author: davve
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/99a0ad7eeaa0d05f7e7973f74536a5a9cdf9a730
Time: Tue Jan 26 12:33:23 2016
The CL last changed line 2849 of file LayoutBox.cpp, which is stack frame 4.

note  bug 620235 

I'll take a look.

Thanks. Reassigning to you then. Feel free to assign back if there is something you think I can help out with.

It seems I don't have permissions to read the minimized test cases. Would it be possible to grant me access to it ?

What usually works for me is going through the detailed report (top link in the description) and following the link to testcases from there, while being the owner of the bug. YMMV.

Thanks @dawe, that worked. 

BTW, it seems that  bug #620235  was marked as fixed, but I didn't land the patch I had implemented for that. Both @cbiesigner and @rune want to go further on the approach to solve the issue. It seems there are several errors in the implementation of preferred width for replaced elements. 

I'll first try to verify whether  bug #620235  was actually fixed or not.

BTW, the ongoing discussion can be followed at issue #2065243003

Obviously, my patch for https://crrev.com/2065243003 fixes this bug. However, as I pointed out in a previous comment, we will probably need more time to figure out a more complete solution. 

Ok, thanks for the update!

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz testcase 5763023124037632 is flaky and no longer reproduces, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This big is still valid. As I said in comment #12, the test case used to reproduce the issue may be not valid anymore, but my patch on https://codereview.chromium.org/2065243003 is still needed. 

The proposed patch, already reviewed and approved, causes 2 browser tests to fail: 

  - PluginPowerSaverBrowserTest.SmallerThanPlayIcon
  - PluginPowerSaverBrowserTest.PosterTests

I haven't been able to find out why my patch causes those tests to fail, so far, so I had to move to other issues. 

Recently, I retake the issue and found out that my patch might have discovered an Flexbox issue with affecting LayoutImages aspect ratio. 

I still think my patch for crrev.com/2065243003 is still valid, so I ll continue working to figure out a solution for the flexbox related issues.

I'm blocked on this issue and need time to re-think the whole approach. I put it on hold for some time because I've got other things more urgent at this moment.

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz has detected this issue as fixed in range 452556:452596.

Detailed report: https://clusterfuzz.com/testcase?key=5763023124037632

Fuzzer: inferno_twister
Job Type: linux_debug_content_shell_drt
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  availableLogicalWidth >= 0
  blink::LayoutBox::fillAvailableMeasure
  blink::LayoutBox::fillAvailableMeasure
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_debug_content_shell_drt&range=352857:352959
Fixed: https://clusterfuzz.com/revisions?job=linux_debug_content_shell_drt&range=452556:452596

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5763023124037632

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.