Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

jmadill: can you investigate or assign to somebody else?

It's on my action items list. As important as fuzzer bugs are, I'm going to downgrade this since I'm swamped with Pri-1 issues atm.

Sending to Geoff, feel free to send back if you can't take action in the next day or two.

The following revision refers to this bug:
  https://chromium.googlesource.com/angle/angle/+/34bf2d937d5435597b5962dc543308b20974b440

commit 34bf2d937d5435597b5962dc543308b20974b440
Author: Jamie Madill <jmadill@chromium.org>
Date: Mon Feb 06 22:18:02 2017

translator: Fix ASSERT in array init corner case.

This ASSERT was benign and can be turned into an error check. The
pattern in question is to initialize an array with another array
as the first argument, but dereferencing the array with "." instead
of "[]". This would trip up our error handling.

BUG= chromium:662702 

Change-Id: Ie0e44af7b9d1a66cad03cefae9bf931f8e216cd9
Reviewed-on: https://chromium-review.googlesource.com/437599
Commit-Queue: Jamie Madill <jmadill@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>

[modify] https://crrev.com/34bf2d937d5435597b5962dc543308b20974b440/src/compiler/translator/ParseContext.cpp
[modify] https://crrev.com/34bf2d937d5435597b5962dc543308b20974b440/src/tests/compiler_tests/ShaderValidation_test.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c22f8da406c35d6f6579ec86421849063b9cd9bb

commit c22f8da406c35d6f6579ec86421849063b9cd9bb
Author: jmadill <jmadill@chromium.org>
Date: Mon Feb 06 23:58:44 2017

Roll ANGLE ea20d62..34bf2d9

https://chromium.googlesource.com/angle/angle.git/+log/ea20d62..34bf2d9

BUG=667979, chromium:678870 ,  angleproject:1644 , 668223 , chromium:662702 , chromium:688419 

TBR=geofflang@chromium.org

TEST=bots

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Review-Url: https://codereview.chromium.org/2675413002
Cr-Commit-Position: refs/heads/master@{#448449}

[modify] https://crrev.com/c22f8da406c35d6f6579ec86421849063b9cd9bb/DEPS

ClusterFuzz has detected this issue as fixed in range 448440:448483.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5395720002863104

Fuzzer: libfuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  !argType.isArray()
  TParseContext::checkConstructorArguments
  TParseContext::addConstructor
  
Sanitizer: address (ASAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=420312:420423
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=448440:448483

Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv96pBeV7b4nJQcjk_pTM10S1ejC6T4yo72nGdlb2qutMg24xPSRLQu6xs68GzjRALXsf01Te5QpiWtZUYoQitkNTyqA81JJo5v-ZYhv9rOGKcSJeni9ZE3uFChffHxRtvG9bYb5FjtxV9_J_yox_FRrdpmUSXZuFn2UeGt_OrdoIM7L1P7g2fYTSJkS7T7qmAiH9hu96eCeQiVVv1USL4WEJ3eOYtnvrL7eobcRLXYHuGQ9Qlfs7Oms4lxpo4sbWiMzRTzK32FvigkP6Y4IsYir7qAvvqqsHwwhRNj61x-uEjPz992YLjKJ3KA-Zl9Yz92iNqaKR4qji4_eJALcOUHDJ7vYELBWwffFf3qMWnD6YSa9HYhM?testcase_id=5395720002863104


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5395720002863104 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.