Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/61d55b833c39d2a72ca16831f5c2e70a63fcebd2 (cros: Overview animations toning down.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it.

If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

It is an easy fix. Will upload cl soon.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/151534a4099946f095f3e3caf66ff2bde7e93ae4

commit 151534a4099946f095f3e3caf66ff2bde7e93ae4
Author: wutao <wutao@chromium.org>
Date: Wed Feb 21 19:46:32 2018

cros: Fix window selector OnWindowActivated

At some situation when OnWindowActivated, the |gained_active| window
may be not in the |window_grid|. Check |iter| before assign it to
|selected_item_|.

Bug:  813201 
Test: WindowSelectorTest.HandleActiveWindowNotInWindowGrid
Change-Id: I95f582ad962fcab095a0eb330c1a0013f343ef19
Reviewed-on: https://chromium-review.googlesource.com/924944
Reviewed-by: Mitsuru Oshima <oshima@chromium.org>
Commit-Queue: Tao Wu <wutao@chromium.org>
Cr-Commit-Position: refs/heads/master@{#538189}
[modify] https://crrev.com/151534a4099946f095f3e3caf66ff2bde7e93ae4/ash/wm/overview/window_selector.cc
[modify] https://crrev.com/151534a4099946f095f3e3caf66ff2bde7e93ae4/ash/wm/overview/window_selector_unittest.cc

ClusterFuzz has detected this issue as fixed in range 538184:538189.

Detailed report: https://clusterfuzz.com/testcase?key=5936483094233088

Fuzzer: noel-image-surku
Job Type: linux_asan_chrome_chromeos
Platform Id: linux

Crash Type: Heap-buffer-overflow READ 8
Crash Address: 0x6030002d50f8
Crash State:
  wm::FocusController::SetActiveWindow
  wm::FocusController::FocusAndActivateWindow
  views::NativeWidgetAura::Activate
  
Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_chromeos&range=536956:536958
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_chromeos&range=538184:538189

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5936483094233088

Additional requirements: Requires Gestures

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5936483094233088 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot