bungeman, it looks like you were investigating Uninitialized Memory in https://skia.googlesource.com/skia/+/4bd3b0905477ea1f005526818305c9a10ef2f6f8 and this appears similar.  Could you also take a look at this one? Thanks !!!

ClusterFuzz has detected this issue as fixed in range 493044:493126.

Detailed report: https://clusterfuzz.com/testcase?key=5709896552284160

Fuzzer: libFuzzer_paint_op_buffer_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  SkMatrix::computeTypeMask
  SkMatrix::getType
  SkMatrix::isIdentity
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=491121:491239
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=493044:493126

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5709896552284160

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5709896552284160 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

If the fixed range is correct, then this was most likely a result of https://chromium-review.googlesource.com/606681 , so this issue probably didn't go away, but the bits in the poc will now be interpreted differently.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot