Find it tool information
===========================
	Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: danakj@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/2861c33bf14467c8bd23161cac79f7676125d36e
Time: Fri May 09 22:56:14 2014
The CL last changed line 2061 of file WebViewImpl.cpp, which is stack frame 0.

Author: qinmin@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/f95037303ae6e175a5f505a8f0e860ad8a8e8769
Time: Sat Nov 17 15:53:04 2012
The CL last changed line 200 of file webview_plugin.cc, which is stack frame 1.

Author: eric@webkit.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/94c30ad2c5bef40916a677792e570b8d6d500f88
Time: Tue Nov 10 08:09:07 2009
The CL last changed line 162 of file WebPluginContainerImpl.cpp, which is stack frame 2.

Author: wangxianzhu
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/a734170517b9576bedce9feeddfe53473510c4e9
Time: Thu Dec 10 21:45:14 2015
The CL last changed line 117 of file PartPainter.cpp, which is stack frame 3.

Author: chrishtr@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/2f30e56211eb86832744c2f72972b1d69b938d2b
Time: Wed Nov 12 20:07:02 2014
The CL last changed line 254 of file LayoutPart.cpp, which is stack frame 4.

Author: schenney
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/d98e4296e6eab15ff2e56ae93b07de196fc0e37a
Time: Mon Jun 20 20:41:04 2016
The CL last changed line 85 of file PartPainter.cpp, which is stack frame 5.

Author: chrishtr@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/2f30e56211eb86832744c2f72972b1d69b938d2b
Time: Wed Nov 12 20:07:02 2014
The CL last changed line 249 of file LayoutPart.cpp, which is stack frame 6.

Suspected Project: chromium
=====================

From the above information the changed made to the file "webview_plugin.cc" from frame 1 is more related to it.

qinmin@ could you please look into this issue if it is related to your change,else please help us in finding the appropriate owner for this issue.

Thanks,

@qinmin, we may want to merge this into  https://crbug.com/640071 .

my last CL is 2012, which is probably not related

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz has detected this issue as fixed in range 460287:460297.

Detailed report: https://clusterfuzz.com/testcase?key=5851218855591936

Fuzzer: inferno_twister
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  blink::WebViewImpl::paint
  WebViewPlugin::paint
  blink::WebPluginContainerImpl::paint
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=370022:370027
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=460287:460297

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv966ISZkjgZCsSXcf_CHIVwCva7WzzblrkHr0jLpD4B1iGKGJSpKD6ShGFm-CI6LhUbzRvMX7ZOpqx3v_n2mdvgvJ7_7vEvMc0vMVH41nuCJbg4fOaR1qd9RBZKA-h4BHI5bjCCi6AF9WP1W0tam5VgV2t4s0w?testcase_id=5851218855591936


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.