Predator could not provide any possible suspects.
Using Code Search for the file, "ttinterp.c" assigning to the concern owner who might be related.

@bungeman -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

It appears this is a result of <freetype>/include/freetype/internal/ftobjs.h

#define FT_ABS( a )     ( (a) < 0 ? -(a) : (a) )

I've opened https://savannah.nongnu.org/bugs/index.php?52082 .

Upstream has fixed. Verified that this testcase no longer reports any ubsan issues. Started roll of fix into Chromium at https://chromium-review.googlesource.com/c/chromium/src/+/678395 .

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/417bc010ada9067c2494bbd3148d3547f80009bc

commit 417bc010ada9067c2494bbd3148d3547f80009bc
Author: Ben Wagner <bungeman@chromium.org>
Date: Mon Sep 25 15:34:41 2017

Roll src/third_party/freetype/src/ 1ad07c1c7..6f2b6f8f7 (14 commits)

https://chromium.googlesource.com/chromium/src/third_party/freetype2.git/+log/1ad07c1c7984..6f2b6f8f72ff

$ git log 1ad07c1c7..6f2b6f8f7 --date=short --no-merges --format='%ad %ae %s'
2017-09-24 wl Split off ChangeLog.27.
2017-09-24 jfkthame [sfnt] Fix `premultiply_data' (#52092).
2017-09-24 wl Minor.
2017-09-24 wl Fix handling of ValueRecords.
2017-09-24 wl [otvalid] Handle `GSUB' and `GPOS' v1.1 tables.
2017-09-23 wl [otvalid] Update common table handling to OpenType 1.8.2.
2017-09-23 apodtele [build] Windows-style DLL versioning.
2017-09-23 bungeman [truetype] Really fix #52082.
2017-09-23 wl [otvalid] Handle `GDEF' v1.2 and v1.3 tables.
2017-09-23 wl [otvalid] Handle `BASE' v1.1 table.
2017-09-22 wl [otvalid] Macros for 32bit offset support.
2017-09-22 wl [otvalid] Whitespace.
2017-09-21 apodtele [build] Simplify Visual C++ 2010 project.
2017-09-21 wl [truetype] Integer overflow (#52082).

Created with:
  roll-dep src/third_party/freetype/src
R=bungeman@chromium.org,drott@chromium.org

BUG= chromium:753690 

Change-Id: I1aafcf75c647bc2645c90360493b6bf22f023be4
Reviewed-on: https://chromium-review.googlesource.com/678395
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Commit-Queue: Ben Wagner <bungeman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#504062}
[modify] https://crrev.com/417bc010ada9067c2494bbd3148d3547f80009bc/DEPS
[modify] https://crrev.com/417bc010ada9067c2494bbd3148d3547f80009bc/third_party/freetype/README.chromium
[modify] https://crrev.com/417bc010ada9067c2494bbd3148d3547f80009bc/third_party/freetype/roll-freetype.sh

ClusterFuzz has detected this issue as fixed in range 502108:506092.

Detailed report: https://clusterfuzz.com/testcase?key=5012931304751104

Fuzzer: libFuzzer_pdf_font_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  Ins_MDRP
  TT_RunIns
  tt_size_run_prep
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=483358:483512
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=502108:506092

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5012931304751104

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5012931304751104 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.