Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/angle/angle/+/ae4dbf32ba112c767d6e67d6e5734fc81d8c2d8c (Don't allocate name strings for empty symbols).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

ClusterFuzz has detected this issue as fixed in range 525188:525204.

Detailed report: https://clusterfuzz.com/testcase?key=5147581956227072

Fuzzer: libFuzzer_angle_translator_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  sh::TParseContext::addStructDeclaratorList
  sh::TParseContext::addStructDeclaratorListWithQualifiers
  yyparse
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=525039:525066
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=525188:525204

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5147581956227072

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5147581956227072 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Jamie, any idea what might have happened with this bug? When I first saw this I was worried I could have introduced a null pointer dereference with the "don't allocate name strings for empty symbols" patch, but I didn't find any issues looking through the code. Could this have been just the tool malfunctioning?

It's not out of the question, but I suspect if the crash was reproducible it would be real. Maybe you fixed the crash with an unrelated change, or the code was reorganized so the crash would show up in a different place?