This issue looks similar to that of Bug ID: 684983.

@ahaas -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

 Issue 684983  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/864799d3ebbaeb8d1d54192fe97c6dc30ecd3e66

commit 864799d3ebbaeb8d1d54192fe97c6dc30ecd3e66
Author: ahaas <ahaas@chromium.org>
Date: Thu Feb 02 08:38:34 2017

[wasm] Decoding the names section should stop if there is a problem with locals.

First discovery by the names section fuzzer I think. During the decoding
of the names of locals only ok() of the outer decoder was checked, not
the ok() of the actual names section decoder.

R=tizer@chromium.org
BUG= chromium:684855 

Review-Url: https://codereview.chromium.org/2648383007
Cr-Commit-Position: refs/heads/master@{#42880}

[modify] https://crrev.com/864799d3ebbaeb8d1d54192fe97c6dc30ecd3e66/src/wasm/decoder.h
[modify] https://crrev.com/864799d3ebbaeb8d1d54192fe97c6dc30ecd3e66/src/wasm/module-decoder.cc
[modify] https://crrev.com/864799d3ebbaeb8d1d54192fe97c6dc30ecd3e66/test/unittests/wasm/module-decoder-unittest.cc

 Issue 684854  has been merged into this issue.

This is a low-risk change which avoids crashes. Should be merge it back to M57?

FYI: The original CL introducing the error was already merged back: https://bugs.chromium.org/p/v8/issues/detail?id=5882

ClusterFuzz has detected this issue as fixed in range 447739:447795.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4656194653519872

Fuzzer: libfuzzer_v8_wasm_names_section_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Timeout (exceeds 25 secs)
Crash Address: 
Crash State:
  v8_wasm_names_section_fuzzer
  
Sanitizer: undefined (UBSAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=445689:445740
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=447739:447795

Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97FS4Ex7RPoGO3_hOS2KOZoeiftxnkegO_89eHSilIjPzSnjkoZjdRaNUyOOySCZ7WUwuylMk9TopUpKqJ-_2-9tzJZrC4sUfaNfDmM3EwHrYma_xxS0BPkmL-kS-yTZyTMxCdZBNDtzvimTZheAdASF2Vlk9l8utTyX90T-aARPDwAGpgBzY2pKEBBuHPz6bKoJ4KUS58oOuk2UQgXP3Yht_O_Mf9lnf8FbXr4UDY5p47mQxRR1MBRqrJkvzw0f5rpHbwXiE3lI0pZ8jw_YvOP1e0U4o2dRWuUS-nf7JhjE5DHg1D4pWsL3FFJJwk3HkKGA7JwJP27HXYxmgEzB1R_HmlTQmdGO9YdMoz_MI69ynj9kOA?testcase_id=4656194653519872


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4654951931576320 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.