Providing Findit results for internal purpose:
Suspected CLs	Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: liyuqian
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/38911a7cb53474575e1cd1cb545902b50ee00889
Time: Tue Oct 04 11:23:22 2016 -0700
The CL last changed line 27 of file SkAnalyticEdge.cpp, which is stack frame 0.

Author: liyuqian
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/38911a7cb53474575e1cd1cb545902b50ee00889
Time: Tue Oct 04 11:23:22 2016 -0700
The CL last changed line 136 of file SkAnalyticEdge.cpp, which is stack frame 1.

Author: liyuqian
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/38911a7cb53474575e1cd1cb545902b50ee00889
Time: Tue Oct 04 11:23:22 2016 -0700
The CL last changed line 165 of file SkEdgeBuilder.cpp, which is stack frame 2.

Author: reed@google.com
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/277c3f87656c44e0a651ed0dd56efa16c0ab07b4
Time: Fri May 31 15:17:50 2013 +0000
The CL last changed line 342 of file SkEdgeBuilder.cpp, which is stack frame 3.

Author: reed
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/220f926d9d4b38a9018c922c095847bbd261f583
Time: Wed Dec 17 08:21:04 2014 -0800
The CL last changed line 428 of file SkEdgeBuilder.cpp, which is stack frame 4.

Author: liyuqian
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/38911a7cb53474575e1cd1cb545902b50ee00889
Time: Tue Oct 04 11:23:22 2016 -0700
The CL last changed line 1145 of file SkScan_AAAPath.cpp, which is stack frame 5.

Author: liyuqian
Project: chromium-skia
Changelist: https://skia.googlesource.com/skia.git/+/2add0ffdaab4c33ca6702c81533c88c7b5ca7294
Time: Thu Oct 20 11:04:39 2016 -0700
The CL last changed line 1323 of file SkScan_AAAPath.cpp, which is stack frame 6.

Suspected Project: chromium-skia
Suspected Component: Internals>Skia

requesting Skia team to check the issue.

ClusterFuzz has detected this issue as fixed in range 430262:430287.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6555659991777280

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  quickSkFDot6Div
  SkAnalyticQuadraticEdge::updateQuadratic
  SkEdgeBuilder::addQuad
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=430188:430191
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=430262:430287

Minimized Testcase (0.15 Kb): https://cluster-fuzz.appspot.com/download/AMIfv957CkoWdlV3Tmqfd1oJ6niE9j5gMrhINQCxVHxww081EeWg3DWuAsidLbyBIJXv_U2gKkdbfJlU6kYf2Y_FlBGvLqubjoVxuvo_D-bFLip_6LXHuoNcVEkw3XezrIMRAuLzzru_uFYvR0JGq_7GBbV-0OlKiA?testcase_id=6555659991777280

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot