Assigning to the concern owner from Predator results --
The result is a list of CLs that change the crashed files. 

Author: ksakamoto
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/42bd5bf1a4db228077a4b44c70bff956470f0a75
Time: Mon Mar 06 10:46:09 2017
Lines 250 of file FontFaceSet.cpp which potentially caused crash are changed in this cl (frame #3, "chrome_child!blink::FontFaceSet::ready+0x20").
Minimum distance from crash line to modified line: 0. (file: FontFaceSet.cpp, crashed on: 250, modified: 250).

@ksakamoto -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

This is already fixed.

ClusterFuzz has detected this issue as fixed in range 455091:455389.

Detailed report: https://clusterfuzz.com/testcase?key=5851663115223040

Fuzzer: inferno_twister
Job Type: windows_syzyasan_chrome
Platform Id: windows

Crash Type: UNKNOWN
Crash Address: 0x00000123
Crash State:
  blink::Document::updateStyleAndLayout
  blink::FontFaceSet::ready
  blink::V8FontFaceSet::readyAttributeGetterCallback
  
Memory Tool: SYZYASAN

Regressed: https://clusterfuzz.com/revisions?job=windows_syzyasan_chrome&range=454842:454847
Fixed: https://clusterfuzz.com/revisions?job=windows_syzyasan_chrome&range=455091:455389

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv976NtdgdVI4V0k1x-vIF43oZsNRq8GFZZL1kIb6RXC6EsdAZlJLs74OtXGGkR9t-GOPafW6DwigKw9JRn4nEKzkx50oM-uEBIyEeI5jw0uG18cnoz-AuLH-gdjIrmphA8r8GLHbjxF0D-4WUSRWPv96x02t040nEWjmCryXlCz-bMYLV7B18RSq90nu9qoNaDIzJheb5CZmJ5e0dqIWnmujQjObA_w716a-fE5j8I8CTOUBJaGzaV0ttqwEfLzE9euGDp5QRWLyLFmioQSKtvd7PvHI666APH-jeA0dlTcn-WVgrkiR3xRCxgxfEnrUGLStIo_YdWVOZdw-t49Vbxv-D5MgYLaTUGy-XrBg28BqYP99WJY?testcase_id=5851663115223040


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.