Unable to find the possible suspect using Predator, CL and Code Search.
Could some one please look into the issue.

Thank You.

pp:: is unrelated to Blink>HTML>Parser.

Here is the regression revision range.
https://chromium.googlesource.com/chromium/src/+log/f4401c515320f2b02a9fff9e45ca40254a163f47..a84273d711d666360f9abd8c9a28d08fe36e1b43?pretty=fuller&n=10000

oetuaho@, can you please look into this change (https://chromium.googlesource.com/angle/angle.git/+/7f9a55f73015cc62b7ff63513c52e8720cfff66e) if possible?

Thank you!

The test is hitting a signed int overflow corner case I didn't take into account earlier. Behavior on target platforms should be correct already, but technically it's hitting UB which requires a small fix in ANGLE's ExpressionParser.

The following revision refers to this bug:
  https://chromium.googlesource.com/angle/angle/+/a3d384ada3dc71d6e4ff8beecc6f2e039a5da9a7

commit a3d384ada3dc71d6e4ff8beecc6f2e039a5da9a7
Author: Olli Etuaho <oetuaho@nvidia.com>
Date: Fri Oct 06 14:45:25 2017

Fix signed integer overflow in GLSL preprocessor left shift

Signed integer overflow is undefined in C++, whereas unsigned integer
overflow is not. Always cast left shift operand to unsigned to avoid
UB.

On common compilers, the behavior was already the same before this
patch, so this patch is done mostly for the benefit of automated fuzz
testing.

BUG= chromium:743136 
TEST=angle_unittests

Change-Id: I7aab939036bb19a37f258cef4297b560da3cd9d5
Reviewed-on: https://chromium-review.googlesource.com/704659
Reviewed-by: Jamie Madill <jmadill@chromium.org>
Commit-Queue: Olli Etuaho <oetuaho@nvidia.com>

[modify] https://crrev.com/a3d384ada3dc71d6e4ff8beecc6f2e039a5da9a7/src/tests/preprocessor_tests/if_test.cpp
[modify] https://crrev.com/a3d384ada3dc71d6e4ff8beecc6f2e039a5da9a7/src/compiler/preprocessor/ExpressionParser.cpp
[modify] https://crrev.com/a3d384ada3dc71d6e4ff8beecc6f2e039a5da9a7/src/compiler/preprocessor/ExpressionParser.y

The following revision refers to this bug:
  https://skia.googlesource.com/skia/+/a6e2d8b043a77abd95d4c1a57e2322d409cce224

commit a6e2d8b043a77abd95d4c1a57e2322d409cce224
Author: angle-deps-roller@chromium.org <angle-deps-roller@chromium.org>
Date: Fri Oct 06 16:59:24 2017

Roll skia/third_party/externals/angle2/ b433e872c..a3d384ada (1 commit)

https://chromium.googlesource.com/angle/angle.git/+log/b433e872c87f..a3d384ada3dc

$ git log b433e872c..a3d384ada --date=short --no-merges --format='%ad %ae %s'
2017-10-06 oetuaho Fix signed integer overflow in GLSL preprocessor left shift

Created with:
  roll-dep skia/third_party/externals/angle2
BUG= 743136 


Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls


CQ_INCLUDE_TRYBOTS=skia.primary:Perf-Win10-MSVC-AlphaR2-GPU-RadeonR9M470X-x86_64-Debug-ANGLE,Perf-Win10-MSVC-Golo-GPU-QuadroP400-x86_64-Debug-ANGLE,Perf-Win10-MSVC-NUC5i7RYH-GPU-IntelIris6100-x86_64-Debug-ANGLE,Perf-Win10-MSVC-NUC6i5SYK-GPU-IntelIris540-x86_64-Debug-ANGLE,Perf-Win10-MSVC-NUCD34010WYKH-GPU-IntelHD4400-x86_64-Debug-ANGLE,Perf-Win10-MSVC-ShuttleC-GPU-GTX960-x86_64-Debug-ANGLE,Test-Win10-MSVC-AlphaR2-GPU-RadeonR9M470X-x86_64-Debug-ANGLE,Test-Win10-MSVC-Golo-GPU-QuadroP400-x86_64-Debug-ANGLE,Test-Win10-MSVC-NUC5i7RYH-GPU-IntelIris6100-x86_64-Debug-ANGLE,Test-Win10-MSVC-NUC6i5SYK-GPU-IntelIris540-x86_64-Debug-ANGLE,Test-Win10-MSVC-NUCD34010WYKH-GPU-IntelHD4400-x86_64-Debug-ANGLE,Test-Win10-MSVC-ShuttleC-GPU-GTX960-x86_64-Debug-ANGLE,Build-Debian9-GCC-x86_64-Release-ANGLE
TBR=scroggo@google.com

Change-Id: I92194cd4221d516285ae06faa1331fc0f9bb92b0
Reviewed-on: https://skia-review.googlesource.com/56500
Reviewed-by: angle-deps-roller . <angle-deps-roller@chromium.org>
Commit-Queue: angle-deps-roller . <angle-deps-roller@chromium.org>

[modify] https://crrev.com/a6e2d8b043a77abd95d4c1a57e2322d409cce224/DEPS

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9c0ec54e33e5d02650eb00fb9469452da63dcfd2

commit 9c0ec54e33e5d02650eb00fb9469452da63dcfd2
Author: skia-deps-roller@chromium.org <skia-deps-roller@chromium.org>
Date: Fri Oct 06 19:18:47 2017

Roll src/third_party/skia/ d9a622438..de281c98b (4 commits)

https://skia.googlesource.com/skia.git/+log/d9a622438663..de281c98bab4

$ git log d9a622438..de281c98b --date=short --no-merges --format='%ad %ae %s'
2017-10-06 reed Revert "Revert "remove guard for computeByteSize api""
2017-10-06 angle-deps-roller Roll skia/third_party/externals/angle2/ b433e872c..a3d384ada (1 commit)
2017-10-06 scroggo Generate warning settings for Android framework
2017-10-05 csmartdalton Don't execute onFlush op lists until after GPU data is uploaded

Created with:
  roll-dep src/third_party/skia
BUG= 743136 


Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls


CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel
TBR=scroggo@chromium.org

Change-Id: I8f7f1ea3232a7b215f767f572999adc20e505bb3
Reviewed-on: https://chromium-review.googlesource.com/705534
Reviewed-by: Skia Deps Roller <skia-deps-roller@chromium.org>
Commit-Queue: Skia Deps Roller <skia-deps-roller@chromium.org>
Cr-Commit-Position: refs/heads/master@{#507137}
[modify] https://crrev.com/9c0ec54e33e5d02650eb00fb9469452da63dcfd2/DEPS

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/df36684e0b2cc8c8e2004fe738ee798b58559511

commit df36684e0b2cc8c8e2004fe738ee798b58559511
Author: Geoff Lang <geofflang@chromium.org>
Date: Tue Oct 10 18:16:14 2017

Roll ANGLE 000dab8..af5070f

https://chromium.googlesource.com/angle/angle.git/+log/000dab8..af5070f

BUG=chromium:675997, chromium:743136 , chromium:735497 

TBR=cwallez@chromium.org

TEST=bots

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Change-Id: I12dc98d7721a04f3e3ff45dff571f4f297bff695
Reviewed-on: https://chromium-review.googlesource.com/709468
Reviewed-by: Geoff Lang <geofflang@chromium.org>
Commit-Queue: Geoff Lang <geofflang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#507721}
[modify] https://crrev.com/df36684e0b2cc8c8e2004fe738ee798b58559511/DEPS

Should be fixed after the ANGLE roll.

ClusterFuzz has detected this issue as fixed in range 507719:507736.

Detailed report: https://clusterfuzz.com/testcase?key=5667598294581248

Fuzzer: libFuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Undefined-shift
Crash Address: 
Crash State:
  ppparse
  pp::ExpressionParser::parse
  pp::DirectiveParser::parseLine
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=423278:423338
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=507719:507736

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5667598294581248

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5667598294581248 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.