Predator and CL could not provide any possible suspects.
Using Code Search for the file, "OutputASM.cpp" assigning to concern owner.

Suspecting Commit#
https://swiftshader.googlesource.com/SwiftShader.git/+/18e2a972fe701d4903bd74d96765f507872ac590

@sugoi -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

There's definitely no link between glsl::OutputASM::loopCount() and the bitwise not operator. It is more likely linked to changes that directly affect this function, like this change affecting loop unrolling:
https://swiftshader.googlesource.com/SwiftShader.git/+/e3f0555026461583dd514b095cd30341844126be
Delegating to capn@ for further investigation.

ClusterFuzz has detected this issue as fixed in range 505536:505537.

Detailed report: https://clusterfuzz.com/testcase?key=5934321914609664

Fuzzer: inferno_twister_c
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  glsl::OutputASM::loopCount
  glsl::OutputASM::visitLoop
  TIntermLoop::traverse
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=463855:463874
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=505536:505537

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5934321914609664

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5934321914609664 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Definitely not fixed yet. I've checked that there's indeed a risk of integer overflow, but it's no more problematic than having just a very high loop count. So not a big priority, but should be looked into when we have more time.

ClusterFuzz has detected this issue as fixed in range 506407:506477.

Detailed report: https://clusterfuzz.com/testcase?key=5934321914609664

Fuzzer: inferno_twister_c
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  glsl::OutputASM::loopCount
  glsl::OutputASM::visitLoop
  TIntermLoop::traverse
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=463855:463874
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=506407:506477

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5934321914609664

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Filed again as Issue swiftshader:85 since ClusterFuzz keeps insisting this is fixed. It's possible that Chrome may now perform some validation on the loop iteration count itself. But we still need to fix this within SwiftShader itself.