Stack Trace:
==============
Thread 0 CRASHED [EXCEPTION_ACCESS_VIOLATION_READ @ 0x0000002e ] MAGIC SIGNATURE THREAD
0x5a51928e	(chrome.dll -parser.c:10287 )	xmlParseVersionInfo
0x5a519446	(chrome.dll -parser.c:10591 )	xmlParseXMLDecl
0x5a510c4c	(chrome.dll -parser.c:10771 )	xmlParseDocument
0x5a519be5	(chrome.dll -parser.c:14713 )	xmlSAXParseDoc
0x5a5109fa	(chrome.dll -parser.c:14738 )	xmlParseDoc
0x59d5cbe9	(chrome.dll -update_response.cc:299 )	update_client::UpdateResponse::Parse(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &)
0x59d59bc1	(chrome.dll -update_checker.cc:144 )	update_client::`anonymous namespace'::UpdateCheckerImpl::OnRequestSenderComplete(net::URLFetcher const *)
0x5908cc62	(chrome.dll -bind_internal.h:350 )	base::internal::Invoker<base::IndexSequence<0>,base::internal::BindState<base::internal::RunnableAdapter<void ( ui::SelectFileDialog::Listener::*)(void *)>,void ,base::internal::UnretainedWrapper<ui::SelectFileDialog::Listener> >,base::internal::TypeList<base::internal::UnwrapTraits<base::internal::UnretainedWrapper<ui::SelectFileDialog::Listener> > >,base::internal::InvokeHelper<0,void,base::internal::RunnableAdapter<void ( ui::SelectFileDialog::Listener::*)(void *)>,base::internal::TypeList<ui::SelectFileDialog::Listener *,void * const &> >,void >::Run(base::internal::BindStateBase *,void * const &)
0x59d5c70c	(chrome.dll -request_sender.cc:57 )	update_client::RequestSender::OnURLFetchComplete(net::URLFetcher const *)
0x592ab00e	(chrome.dll -url_fetcher_core.cc:720 )	net::URLFetcherCore::InformDelegateFetchIsComplete()
0x592aafed	(chrome.dll -url_fetcher_core.cc:713 )	net::URLFetcherCore::OnCompletedURLRequest(base::TimeDelta)
0x59062725	(chrome.dll -bind_internal.h:350 )	base::internal::Invoker<base::IndexSequence<0,1>,base::internal::BindState<base::internal::RunnableAdapter<void ( extensions::ActiveScriptController::*)(__int64)>,void ,base::internal::UnretainedWrapper<extensions::ActiveScriptController>,__int64>,base::internal::TypeList<base::internal::UnwrapTraits<base::internal::UnretainedWrapper<extensions::ActiveScriptController> >,base::internal::UnwrapTraits<__int64> >,base::internal::InvokeHelper<0,void,base::internal::RunnableAdapter<void ( extensions::ActiveScriptController::*)(__int64)>,base::internal::TypeList<extensions::ActiveScriptController *,__int64 const &> >,void >::Run(base::internal::BindStateBase *)
0x58fbdc22	(chrome.dll -task_annotator.cc:51 )	base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask const &)
0x58fbda2c	(chrome.dll -message_loop.cc:486 )	base::MessageLoop::RunTask(base::PendingTask const &)
0x58fbd3cf	(chrome.dll -message_loop.cc:607 )	base::MessageLoop::DoWork()
0x59057284	(chrome.dll -message_pump_win.cc:174 )	base::MessagePumpForUI::DoRunLoop()
0x58fbceab	(chrome.dll -message_pump_win.cc:58 )	base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x58fbcdb4	(chrome.dll -message_loop.cc:450 )	base::MessageLoop::RunHandler()
0x58fbccbc	(chrome.dll -run_loop.cc:56 )	base::RunLoop::Run()
0x5927895d	(chrome.dll -chrome_browser_main.cc:1796 )	ChromeBrowserMainParts::MainMessageLoopRun(int *)
0x592788bd	(chrome.dll -browser_main_loop.cc:946 )	content::BrowserMainLoop::RunMainMessageLoopParts()
0x59278863	(chrome.dll -browser_main_runner.cc:237 )	content::BrowserMainRunnerImpl::Run()
0x58f71c03	(chrome.dll -browser_main.cc:44 )	content::BrowserMain(content::MainFunctionParams const &)
0x58f71a4c	(chrome.dll -content_main_runner.cc:382 )	content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *)
0x58f719c8	(chrome.dll -content_main_runner.cc:787 )	content::ContentMainRunnerImpl::Run()
0x58f57cb9	(chrome.dll -content_main.cc:19 )	content::ContentMain(content::ContentMainParams const &)
0x58f56b37	(chrome.dll -chrome_main.cc:67 )	ChromeMain
0x01027e49	(chrome.exe -main_dll_loader_win.cc:260 )	MainDllLoader::Launch(HINSTANCE__ *)
0x010273d5	(chrome.exe -chrome_exe_main_win.cc:259 )	wWinMain
0x01063dd9	(chrome.exe -crt0.c:251 )	__tmainCRTStartup
0x74b138f3	(KERNEL32.DLL + 0x000138f3 )	BaseThreadInitThunk
0x779b5de2	(ntdll.dll + 0x00065de2 )	__RtlUserThreadStart
0x779b5dad	(ntdll.dll + 0x00065dad )	_RtlUserThreadStart

This is a regression issue seen from M46 - 46.0.2490.86, Below link gives in details of the number of instances in which the crash has occurred for associated builds:
https://crash.corp.google.com/browse?q=product.name%3D%27Chrome%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27xmlParseVersionInfo%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D

1. 13 crashes observed on latest stable M49-49.0.2623.87	
2. No crashes are seen on Beta, Dev and Canary market builds, But most of the crashes are seen on stable builds 
3. Crash is observed only on Windows and Android OS as per below link
https://crash.corp.google.com/browse?q=custom_data.ChromeCrashProto.ptype%3D%27browser%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27xmlParseVersionInfo%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D

Used code search for the file "update_checker.cc" and suspecting the below change
Review URL: https://codereview.chromium.org/1685323002
sorin@: Observed some recent changes on this file. Could you please check if this is caused with respect to your change, if not please help us in reassign the issue to the right owner. 

Thanks!

This crash is expected not to occur in M50. In M50 we have introduced a mechanism to verify the integrity of the XML response before it is handed over to libxml for parsing.

I believe that the cause of this crash is parsing corrupt XML content.

Parsing corrupt XML content in M49 builds and less is a known issues. It has been partially mitigated by using HTTPS for component update checks.

For all versions of Chrome, there are 67 crashes at this call site, most of them having the component updater on the stack:
https://crash.corp.google.com/browse?q=product.name%3D%27Chrome%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27%20OMIT%20RECORD%20IF%20SUM(CrashedStackTrace.StackFrame.FunctionName%3D%27xmlParseVersionInfo%27)%20%3D%200&ignore_case=false&enable_rewrite=true&omit_field_name=CrashedStackTrace.StackFrame.FunctionName&omit_field_value=xmlParseVersionInfo&omit_field_opt=%3D#samplereports:5,clientid:20

No similar crash occurs in M50 or higher.

The crashes are clustered around a few client ids only, but there is a long tail of crashes that indicates that several client can hit this code path.

CLIENT IDdremel
Choose
1	e2d6c6d7-5400-49f2-92f6-77ad301a9fa0	40.30%	27	
2	9b6a8fd6-0e19-42a2-8c67-788ec4fe2de4	14.93%	10	
3	12b72eab-e7f3-42a2-8296-e6a816beff7c	8.96%	6	
4	D9796EFCB4334C8CA0234AC12AC01738	5.97%	4	
5	ebe409d3-34bb-4867-bbb8-49c3fae7cf34	4.48%	3	
6	A83A312D386244BABA49D44C810A45CE	4.48%	3	
7	4D890DF00B9F4331AE4543FBB5A87A45	4.48%	3	
8	0E6EAB27376C4E5E8EECFB0FC243DA35	1.49%	1	
9	67d8cbe5-b6bc-4891-99c4-08eee60b521b	1.49%	1	
10	0decb081-efbc-45c2-b0a5-1ef0a74a1a2b	1.49%	1	
11	c71b1b38-ba54-43d2-8f7b-befc38b7941f	1.49%	1	
12	37C7596CAC37494EAF7C8D47E3F60948	1.49%	1	
13	6F79CC255E3048BF8286A433C4134736	1.49%	1	
14	2EA06D24CDC34B1FB7FF3A96A452833F	1.49%	1	
15	13419CAE291F4B7ABA428E47FF180AA4	1.49%	1	
16	E0C59535B5584E618D3FF982FFA5F2FD	1.49%	1	
17	449A476D9D164D2A96C28F8DD390CBCE	1.49%	1	
18	3331A07E32744A7F8377B0C46991F2DC	1.49%	1	
+10-10
1000
limitTotal:	100.00%	67	
 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot