Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/e05ba4c58bde7423528fbb71f61b74543bae919c (Reland "Draw Occlusion: Enable Draw Occlusion by Default").

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/49402155f7922665e412fff30298544b2b0070f4

commit 49402155f7922665e412fff30298544b2b0070f4
Author: yiyix <yiyix@chromium.org>
Date: Tue Apr 03 22:52:00 2018

Fix Regression: Integer-overflow in viz::Display::RemoveOverdrawQuads

In draw occlusion algorithm, the total area of drawing is calculated to
measure the effectiveness of draw occlusion. However, the integer
multiplication in the area calculation has caused the integer overflow
crash with huge draw quads. In this patch, I used GetCheckedArea() to
check for the resulting area before assigning.

Bug:  826727 

Cq-Include-Trybots: luci.chromium.try:android_optional_gpu_tests_rel
Change-Id: I667b458ca6f7d477ba13036868536dd842e59068
Reviewed-on: https://chromium-review.googlesource.com/991121
Commit-Queue: Yi Xu <yiyix@chromium.org>
Reviewed-by: danakj <danakj@chromium.org>
Cr-Commit-Position: refs/heads/master@{#547856}
[modify] https://crrev.com/49402155f7922665e412fff30298544b2b0070f4/components/viz/service/display/display.cc
[modify] https://crrev.com/49402155f7922665e412fff30298544b2b0070f4/components/viz/service/display/display_unittest.cc

ClusterFuzz has detected this issue as fixed in range 547855:547856.

Detailed report: https://clusterfuzz.com/testcase?key=5500722330992640

Fuzzer: miaubiz_svg_fuzzer
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  viz::Display::RemoveOverdrawQuads
  viz::Display::DrawAndSwap
  viz::DisplayScheduler::DrawAndSwap
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=546390:546391
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_chrome&range=547855:547856

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5500722330992640

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5500722330992640 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.