From code search on the crashed file "IntermNode.cpp" suspecting the below.
https://chromium.googlesource.com/angle/angle.git/+/af6fc1b48f424981e2d2a32e186972019bc87590
oetuaho@: Could you please take a look into this if its related to your change.

The following revision refers to this bug:
  https://chromium.googlesource.com/angle/angle/+/19ecebe799eaafe232788d8d450bd7983f27cda8

commit 19ecebe799eaafe232788d8d450bd7983f27cda8
Author: Olli Etuaho <oetuaho@nvidia.com>
Date: Wed May 24 15:43:25 2017

Fix compound assignment precision emulation

Precision emulation for compound assignment used to set the wrong type
for the compound assignment nodes, which could cause an assert to
trigger. The wrong rounding function was also being called in the lowp
rounded compound assignment function.

BUG= chromium:699479 
TEST=angle_unittests

Change-Id: I60b4cb3bf1830e8249511c13037348bb2423e5b9
Reviewed-on: https://chromium-review.googlesource.com/514045
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Jamie Madill <jmadill@chromium.org>
Commit-Queue: Olli Etuaho <oetuaho@nvidia.com>

[modify] https://crrev.com/19ecebe799eaafe232788d8d450bd7983f27cda8/src/tests/compiler_tests/DebugShaderPrecision_test.cpp
[modify] https://crrev.com/19ecebe799eaafe232788d8d450bd7983f27cda8/src/compiler/translator/EmulatePrecision.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0a5b43da4d706751276a46486256ad6677014868

commit 0a5b43da4d706751276a46486256ad6677014868
Author: ynovikov <ynovikov@chromium.org>
Date: Fri May 26 00:40:52 2017

Roll ANGLE 9e3bd31..ff77c35

https://chromium.googlesource.com/angle/angle.git/+log/9e3bd31..ff77c35

BUG=None,449754,chromium:723856,chromium:723069,722684,chromium:699479
TBR=jmadill@chromium.org

TEST=bots

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Review-Url: https://codereview.chromium.org/2908513003
Cr-Commit-Position: refs/heads/master@{#474852}

[modify] https://crrev.com/0a5b43da4d706751276a46486256ad6677014868/DEPS

Should be fixed by the latest ANGLE roll.

ClusterFuzz has detected this issue as fixed in range 474845:474881.

Detailed report: https://clusterfuzz.com/testcase?key=4517690699153408

Fuzzer: libfuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  original->getAsTyped()->getType() == replacement->getAsTyped()->getType()
  sh::TIntermUnary::replaceChildNode
  sh::TIntermTraverser::updateTree
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=455091:455226
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=474845:474881

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4517690699153408


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.