Possible suspect from the above CL based on the SkDebugCanvas related changes.
https://skia.googlesource.com/skia.git/+/4bf98e7e802edf43effec93bea22fecb031f65f1
bsalomon@: Could you please take a look into this if its related to your change.

SkDebugCanvas is not related. This appears to be in the sw backend.

ClusterFuzz has detected this issue as fixed in range 443650:443891.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4687777225768960

Fuzzer: miaubiz_svg_fuzzer
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  SkBitmapDevice::drawSpecial
  SkCanvas::internalDrawDevice
  SkCanvas::internalRestore
  
Sanitizer: undefined (UBSAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=440242:440280
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=443650:443891

Minimized Testcase (1.53 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94c8Sm6jStgNsI6gtcGDVT_ErUbrmpCA8GaMAk9R9vceJ7n1nFvEBEGRBA_JQcHxUUO_b7XHOfLQwnMYZXIhHxO7hyPDMw2zfJ_YL3XxHANkN2jJuj3QofjsSzLySl9lNf-wcK_DFny87HFfBjmKWhutMGjI0GjV8etKYtYPQo0G8zFunBEd5B4-3XGGGmsTBejKZs-20uXSwZGj0QNJItMC3p1h-yoHJYdtHKRP2sCUlSFyXJzF1NUGNq-vfSutu9Dlx-0zZotYGrnqa4ciIYNusGv6c1Qj7oc1dPMu-cTQ8GI5Ag6YjETiZZceZL653PMQY-5Aa0BwjgOg-ocyXfhICHlFfHq7wsvpOvQ-SM09xi7jKfwEwjb_iSkVPcQgup_ulheiBGJjQzgT5OCmhCO1rCAqA?testcase_id=4687777225768960

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4687777225768960 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.