Predator and CL did not provide any possible suspects.
Using Code Search for the file, "SkMatrix44.cpp" assigning to the concern owner.
Suspecting Commit#
https://skia.googlesource.com/skia.git/+/271dabaeb246ffbad88c87072432a6670751c7a8

@mtklein -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

https://skia.googlesource.com/skia.git/+/271dabaeb246ffbad88c87072432a6670751c7a8 wouldn't be able to cause this.

@mtklein -- Thank You for the update.

 Issue 713143  has been merged into this issue.

This sounds like the transform tree version of the animation crash that was fixed for opacity animations by https://codereview.chromium.org/2794673002.

It should be fixed when the 'real' fix for that crash (https://codereview.chromium.org/2796013003/) lands.

ClusterFuzz testcase 6194233339019264 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

ClusterFuzz has detected this issue as fixed in range 473029:473088.

Detailed report: https://clusterfuzz.com/testcase?key=6583480319475712

Fuzzer: dstockwell-anim-gen
Job Type: windows_asan_chrome
Platform Id: windows

Crash Type: Null-dereference READ
Crash Address: 0x00000090
Crash State:
  SkMatrix44::operator==
  cc::TransformTree::OnTransformAnimated
  cc::LayerTreeImpl::SetTransformMutated
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_chrome&range=464127:464504
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_chrome&range=473029:473088

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6583480319475712


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.