Findit result:
===============
Suspected CLs	The result is a list of CLs that change the crashed files.

Author: thestig
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/7b214237e2be6a0d962987d222c73161620c0a27
Time: Thu May 19 06:17:50 2016 -0700
Lines 386-419, 520-534 of file fx_ge_text.cpp which potentially caused crash are changed in this cl (frame #0, "FXGE_GetGlyphsBBox"; frame #1, "CFX_RenderDevice::DrawNormalText").

File fpdf_render_text.cpp is changed in this cl (and is part of stack frame #2, "CPDF_TextRenderer::DrawNormalText"; frame #3, "CPDF_RenderStatus::ProcessText")
Minimum distance from crash line to modified line: 0. (file: fx_ge_text.cpp, crashed on: 386, modified: 386).

Author: thestig
Project: chromium-pdfium
Changelist: https://pdfium.googlesource.com/pdfium.git/+/80f25a5a8135933a405349ffc798d13273b3d690
Time: Thu May 19 14:36:00 2016 -0700
Lines 739-743 of file fpdf_render_text.cpp which potentially caused crash are changed in this cl (frame #2, "CPDF_TextRenderer::DrawNormalText").
Minimum distance from crash line to modified line: 0. (file: fpdf_render_text.cpp, crashed on: 739, modified: 739).

Suspected Project: chromium-pdfium


Assigning to thestig@ for help in investigating this further. 

Rolled DEPS in r412142 to pick up https://pdfium.googlesource.com/pdfium.git/+/19cdfe4d73370b21709aefd9dce06cf463239fa1 in Chromium on trunk. Not sure why bugdroid is being slow.

ClusterFuzz has detected this issue as fixed in range 411957:412168.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5706818192146432

Fuzzer: ochang_search_index_mutator
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  FXGE_GetGlyphsBBox
  CFX_RenderDevice::DrawNormalText
  CPDF_TextRenderer::DrawNormalText
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=394980:395008
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=411957:412168

Minimized Testcase (32.17 Kb): https://cluster-fuzz.appspot.com/download/AMIfv966C9hhNeYdBLqvEuA3ZB-sI5o4K1gOTnIvLXRju_Zgxh1An18Rf_Qc_cgNYM4IcGZcvHTvSU7rX2HBoNnGtRVKK5Saqn9JoN1M0qlE5VIYf-k9LNSIIgXYluBIl8JyuzLNgVCJzTZtRx3a0F2P-6JCzXe9x3HaZpKbdLA7ZqFT5na4zoU?testcase_id=5706818192146432

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot