Assigning to the concern owner from find it results --
The result is a list of CLs that change the crashed files. 

Author: alancutter
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/f9262a06c8d1e0478cbf2cc84a1b29f86d9d89e4
Time: Mon Dec 05 05:51:15 2016
Lines 1814 of file StyleResolver.cpp which potentially caused crash are changed in this cl (frame #7, "blink::StyleResolver::applyMatchedStandardProperties").
Minimum distance from crash line to modified line: 0. (file: StyleResolver.cpp, crashed on: 1814, modified: 1814).

@alancutter -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

 Issue 675166  has been merged into this issue.

There may be many similar cases, see
https://bugs.chromium.org/p/chromium/issues/detail?id=676277#c3

ClusterFuzz has detected this issue as fixed in range 440242:440280.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4738028498321408

Fuzzer: inferno_twister
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Float-cast-overflow
Crash Address: 
Crash State:
  blink::CSSCalcPrimitiveValue::accumulatePixelsAndPercent
  blink::CSSCalcBinaryOperation::accumulatePixelsAndPercent
  blink::CSSCalcValue::toCalcValue
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=435261:438085
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=440242:440280

Minimized Testcase (28.62 Kb): https://cluster-fuzz.appspot.com/download/AMIfv964NMMoM_0QluOp-_ltvH87Eh-onJEhY7oyk8va671kJcb9BJW9AbVeKIfj4orxnb2h6M_oi4wvn75AISHaj4yC1xr-zXTu4ajPHzwXEgEV_AGvZPxofaSVwL7u50WgpzP3CRQQsbMUqKIUVNb9e7g6UF0i6fNsa56bWbK6s9zytnwzE20?testcase_id=4738028498321408

Additional requirements: Requires HTTP

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4738028498321408 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/66a95ed79bb18584d8ea1b045e43a96ec4e80dfc

commit 66a95ed79bb18584d8ea1b045e43a96ec4e80dfc
Author: alancutter <alancutter@chromium.org>
Date: Wed Jan 04 08:09:01 2017

Prevent floating point overflow when using calc() with large values

BUG= 676286 

Review-Url: https://codereview.chromium.org/2597103002
Cr-Commit-Position: refs/heads/master@{#441339}

[add] https://crrev.com/66a95ed79bb18584d8ea1b045e43a96ec4e80dfc/third_party/WebKit/LayoutTests/css3/calc/calc-overflow.html
[modify] https://crrev.com/66a95ed79bb18584d8ea1b045e43a96ec4e80dfc/third_party/WebKit/Source/core/css/CSSCalculationValue.cpp
[modify] https://crrev.com/66a95ed79bb18584d8ea1b045e43a96ec4e80dfc/third_party/WebKit/Source/core/css/resolver/StyleBuilderConverter.cpp