jmadill @ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

I'm out of office for two weeks. Please assign follow up bugs to cwallez.

Could this be related to signed bit shift overflowing from the left? I thought that would be defined to just discard the extra bits, but maybe it's not the case. Other than that I can't figure out any possible cases where there might still be undefined behavior.

The following revision refers to this bug:
  https://chromium.googlesource.com/angle/angle/+/4310354ebcaca62d4c16e2577e58a5148dffb877

commit 4310354ebcaca62d4c16e2577e58a5148dffb877
Author: Olli Etuaho <oetuaho@nvidia.com>
Date: Mon Oct 10 11:28:13 2016

Handle corner cases of shifting signed integers better

Right-shifting a negative number should sign-extend according to the
ESSL 3.00.6 spec. Implement sign-extending right shift so that it
doesn't hit any undefined behavior in the C++ spec. Negative lhs
operands are now allowed for bit-shift right.

Also implement bit-shift left via conversion to unsigned integer, so
that it does not hit signed integer overflow. Negative lhs operands
are now allowed also for bit-shift left as well.

BUG= chromium:654103 
TEST=angle_unittests

Change-Id: Iee241de9fd0d74c2f8a88219bddec690bb8e4db2
Reviewed-on: https://chromium-review.googlesource.com/395688
Commit-Queue: Olli Etuaho <oetuaho@nvidia.com>
Reviewed-by: Geoff Lang <geofflang@chromium.org>

[modify] https://crrev.com/4310354ebcaca62d4c16e2577e58a5148dffb877/src/tests/compiler_tests/ConstantFolding_test.cpp
[modify] https://crrev.com/4310354ebcaca62d4c16e2577e58a5148dffb877/src/compiler/translator/ConstantUnion.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ab328c117ab17dbd4da154d8444e03b9e6631d47

commit ab328c117ab17dbd4da154d8444e03b9e6631d47
Author: jiajia.qin <jiajia.qin@intel.com>
Date: Fri Oct 14 17:31:14 2016

Roll ANGLE 873d00f..336b147

https://chromium.googlesource.com/angle/angle.git/+log/873d00f..336b147

BUG= chromium:654103 , chromium:618464 ,chromium:650138

TEST=bots

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Review-Url: https://codereview.chromium.org/2421873002
Cr-Commit-Position: refs/heads/master@{#425374}

[modify] https://crrev.com/ab328c117ab17dbd4da154d8444e03b9e6631d47/DEPS

ClusterFuzz has detected this issue as fixed in range 425341:425418.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6470242635350016

Fuzzer: libfuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Undefined-shift
Crash Address: 
Crash State:
  TConstantUnion::lshift
  TIntermConstantUnion::foldBinary
  TIntermBinary::fold
  
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=425341:425418

Minimized Testcase (0.84 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95tlVqKd0Cupd6UW1u4u01grtQ69EMHgkOOdZ485GOoMlB_Vs-HOH3yWJwV90OiO4_VhNlvg262xHGjfgYXevB-riHy7qXW5ZZkqM5AFQRNCQ1XbaK-d02VPlbiOcx2KWYhZpcuQs19ZB3S__FWnUNATCk98A?testcase_id=6470242635350016

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot