As per Chromium regression revision range 
https://chromium.googlesource.com/chromium/src/+log/3d5a0fb164db4c2c24e83fe859463aa4268918a4..e9f4516076a6e3a3b4b8043347e613f5cc59165e?pretty=fuller

Suspected CL is 
https://chromium.googlesource.com/chromium/src/+/cd889cddd3201471e7b34faf88a2b90f93b12929
jbroman@, could you please take a look and help us to find correct owner if it is not related your changes.

Definitely is that CL. Will look tomorrow.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2e33aac2a71771c2e5780d4e2abb95540760fdcf

commit 2e33aac2a71771c2e5780d4e2abb95540760fdcf
Author: jbroman <jbroman@chromium.org>
Date: Thu Dec 01 02:10:35 2016

Have all overloads of webcrypto::AlgorithmImplementation::DeserializeKeyForClone check the params type.

Presently neither this nor the calling code checks that the algorithm ID
and key params type correspond correctly. This code already knows what
the expected value is, so it seems a reasonable place to check.

BUG= 669649 

Review-Url: https://codereview.chromium.org/2544533002
Cr-Commit-Position: refs/heads/master@{#435528}

[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/components/webcrypto/algorithms/aes.cc
[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/components/webcrypto/algorithms/ec.cc
[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/components/webcrypto/algorithms/hkdf.cc
[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/components/webcrypto/algorithms/hmac.cc
[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/components/webcrypto/algorithms/pbkdf2.cc
[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/components/webcrypto/algorithms/rsa.cc
[modify] https://crrev.com/2e33aac2a71771c2e5780d4e2abb95540760fdcf/third_party/WebKit/Source/bindings/modules/v8/serialization/V8ScriptValueSerializerForModulesTest.cpp

ClusterFuzz has detected this issue as fixed in range 435516:435560.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6666569393635328

Fuzzer: libfuzzer_v8_serialized_script_value_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000028
Crash State:
  blink::PtrStorageImpl<blink::WebCryptoAlgorithmPrivate,
  blink::PtrStorageImpl<blink::WebCryptoAlgorithmPrivate,
  blink::WebPrivatePtr<blink::WebCryptoAlgorithmPrivate,
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=425604:425615
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan&range=435516:435560

Minimized Testcase (0.01 Kb): https://cluster-fuzz.appspot.com/download/AMIfv949Ql9_Q80a1C9SBFfg030gDiR08TlYHeYOE_V0DsBRWNRS6Cu8rcLM9NMnfTzZzeaDw-LUHxo4GR3jK8rtBXan55UbLMattRYJlNIDjokpWiWWUW2KGW78zO9W_7QWXrfXJamFvrNP3Pk6TkmWQ_FWlVc-qQ?testcase_id=6666569393635328

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.