Predator and CL did not provide any possible suspects.
Using Code Search for the file, "ImageData.cpp" assigning to the concern owner.

Suspecting Commit#
https://chromium.googlesource.com/chromium/src/+/2b0e6a516e0b953adea91efcbbf8399fbca7016c

@zakerinasab -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

This is happening because the cluster fuzz is asking for an image data with buffer size larger than one gigabyte on a 32 bit build. V8 does not allocate more than small integer max (Smi::kMaxValue):

https://cs.chromium.org/chromium/src/v8/src/api.cc?q=v8/src/api.cc&sq=package:chromium&dr&l=8061

Smi::kMaxValue is 2^32 on 64 bit builds (which is the number that is used in ImageData, ImageBitmap, ImageBuffer, etc. code in Blink) and  is 2^30 on 32 bit builds, causing the renderer to crash on this test. I think the right way to do this is to get the max size of allocated memory from V8 in Blink code. We might need to expose Smi::kMaxValue in V8 if it is not exposed.

To correct #c3: allocation does not happen in V8, but in Blink. However V8 does not allow to return a view of memory larger than 1GB to user on 32 bit chrome. What needs to be done is to not allocate the memory in Blink if the requested memory is larger than v8::smi::kMaxValue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f1d65fe05bc781d45f2b89a1e218021261286fd6

commit f1d65fe05bc781d45f2b89a1e218021261286fd6
Author: Reza.Zakerinasab <zakerinasab@chromium.org>
Date: Thu Aug 10 17:23:22 2017

Check the size of TypedArray vs kMaxSize before creation

Before creating a TypedArray that eventually can be returned to the user, make
sure that it's not bigger than v8::TypedArray::kMaxSize. Otherwise, v8 will
not return the memory view to the user.

Bug:  749896 
Change-Id: I9e2b407bf316933744b1b9a132fd65404c32241d
Reviewed-on: https://chromium-review.googlesource.com/596529
Commit-Queue: Mohammad Reza Zakerinasab <zakerinasab@chromium.org>
Reviewed-by: Xida Chen <xidachen@chromium.org>
Reviewed-by: Justin Novosad <junov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#493441}
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/LayoutTests/TestExpectations
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/core/html/ImageData.cpp
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/core/html/ImageDataTest.cpp
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/platform/BUILD.gn
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/platform/graphics/ImageBuffer.cpp
[add] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/platform/graphics/ImageBufferTest.cpp
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/platform/graphics/gpu/DrawingBuffer.cpp
[modify] https://crrev.com/f1d65fe05bc781d45f2b89a1e218021261286fd6/third_party/WebKit/Source/platform/graphics/gpu/DrawingBufferTest.cpp

ClusterFuzz has detected this issue as fixed in range 493400:493447.

Detailed report: https://clusterfuzz.com/testcase?key=5386582604644352

Fuzzer: inferno_canvas_wrecker
Job Type: windows_asan_chrome_no_sandbox
Platform Id: windows

Crash Type: Breakpoint
Crash Address: 0x5afe9880
Crash State:
  v8::Uint8ClampedArray::New
  blink::DOMTypedArray<class WTF::Uint8ClampedArray,class v8::Uint8ClampedArray>::
  blink::ImageData::AssociateWithWrapper
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=476918:476983
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=493400:493447

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5386582604644352

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5386582604644352 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.