Suspected CLs:
==============
Unable to determine culprit CLs without crash revision and regression information

Suspected Project: chromium
Suspected Component: Internals>Aura
==================================
Currently its impacting the Head.
From code search on the crashed file "window.h" suspecting the below.
Suspect : https://codereview.chromium.org/2033843003
sky@ : Could you please take a look into this issue if its related to your change.

ClusterFuzz has detected this issue as fixed in range 37060:37109.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5497580293455872

Fuzzer: mbarbella_js_mutation_layout
Job Type: linux_asan_chrome_v8
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000080
Crash State:
  aura::Window::IsRootWindow
  aura::Window::GetRootWindow
  aura::client::GetWindowTreeClient
  
Regressed: V8: r36614:36625
Fixed: V8: r37060:37109

Minimized Testcase (0.17 Kb):
Download: https://cluster-fuzz.appspot.com/download/AMIfv95td0CFvwATLMUS7C9ix2n-9Vj17ZRVuXvme5wGm9_PPGY5Gxey07s_bYQkVrz8hlgDU4eXt1fFt88DNU4iO6C1xMyn53bUyTEhclbE2PZZWVLZVVIAnEpz5qj4GgWIcCS945gEnBuPg0GL-lyir9CK1odZIQ?testcase_id=5497580293455872
<form>
   <input required="">
   <input id="submit" type="submit"/>
  <script>
setTimeout(delayedSubmit);
function delayedSubmit() {
    submit.click();
}
window.open();
</script>


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot