Stack trace for the crash ID generated:

CRASHED [EXCEPTION_ACCESS_VIOLATION_WRITE @ 0x00000040 ] MAGIC SIGNATURE THREAD
Stack Quality100%Show frame trust levels
0x000007fee1f7bcab	(chrome.dll -bookmark_manager_private_api.cc:296 )	extensions::BookmarkManagerPrivateDragEventRouter::BookmarkManagerPrivateDragEventRouter(content::WebContents *)
0x000007fee1f7c796	(chrome.dll -web_contents_user_data.h:38 )	content::WebContentsUserData<extensions::BookmarkManagerPrivateDragEventRouter>::CreateForWebContents(content::WebContents *)
0x000007fee1f7cd11	(chrome.dll -bookmark_manager_private_api.cc:316 )	extensions::BookmarkManagerPrivateDragEventRouter::MaybeCreateForWebContents(content::WebContents *)
0x000007fee1f5d2f8	(chrome.dll -tab_helper.cc:188 )	extensions::TabHelper::TabHelper(content::WebContents *)
0x000007fee1f5d91c	(chrome.dll -web_contents_user_data.h:38 )	content::WebContentsUserData<extensions::TabHelper>::CreateForWebContents(content::WebContents *)
0x000007fee1f5d9ae	(chrome.dll -tab_helper.cc:381 )	extensions::TabHelper::DidCloneToNewWebContents(content::WebContents *,content::WebContents *)
0x000007fee1331e07	(chrome.dll -web_contents_impl.cc:1497 )	content::WebContentsImpl::Clone()
0x000007fee21c258f	(chrome.dll -browser_commands.cc:1195 )	chrome::ViewSource(Browser *,content::WebContents *,GURL const &,content::PageState const &)
0x000007fee21c24f0	(chrome.dll -browser_commands.cc:1185 )	chrome::ViewSource(Browser *,content::WebContents *)
0x000007fee133f577	(chrome.dll -web_contents_impl.cc:3042 )	content::WebContentsImpl::ViewSource()
0x000007fee25764b5	(chrome.dll -render_view_context_menu.cc:1844 )	RenderViewContextMenu::ExecuteCommand(int,int)
0x000007fee22d0052	(chrome.dll -render_view_context_menu_views.cc:187 )	RenderViewContextMenuViews::ExecuteCommand(int,int)
0x000007fee1a2a356	(chrome.dll -simple_menu_model.cc:388 )	ui::SimpleMenuModel::ActivatedAt(int,int)
0x000007fee2667e89	(chrome.dll -menu_model_adapter.cc:154 )	views::MenuModelAdapter::ExecuteCommand(int,int)
0x000007fee267ea44	(chrome.dll -menu_runner_impl.cc:209 )	views::internal::MenuRunnerImpl::MenuDone(views::internal::MenuControllerDelegate::NotifyType,views::MenuItemView *,int)
0x000007fee266e539	(chrome.dll -menu_controller.cc:2581 )	views::MenuController::ExitAsyncRun()
0x000007fee26702e4	(chrome.dll -menu_controller.cc:716 )	views::MenuController::OnMouseReleased(views::SubmenuView *,ui::MouseEvent const &)
0x000007fee2685867	(chrome.dll -menu_host_root_view.cc:28 )	views::MenuHostRootView::OnMouseReleased(ui::MouseEvent const &)
0x000007fee26333a6	(chrome.dll -widget.cc:1211 )	views::Widget::OnMouseEvent(ui::MouseEvent *)
0x000007fee1a4e951	(chrome.dll -event_handler.cc:27 )	ui::EventHandler::OnEvent(ui::Event *)
0x000007fee1a4ecf8	(chrome.dll -event_dispatcher.cc:191 )	ui::EventDispatcher::DispatchEvent(ui::EventHandler *,ui::Event *)
0x000007fee1a4f135	(chrome.dll -event_dispatcher.cc:139 )	ui::EventDispatcher::ProcessEvent(ui::EventTarget *,ui::Event *)
0x000007fee1a4efc9	(chrome.dll -event_dispatcher.cc:86 )	ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget *,ui::Event *)
0x000007fee1a4ed90	(chrome.dll -event_dispatcher.cc:58 )	ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget *,ui::Event *)
0x000007fee27051ab	(chrome.dll -event_processor.cc:35 )	ui::EventProcessor::OnEventFromSource(ui::Event *)
0x000007fee270531e	(chrome.dll -event_source.cc:73 )	ui::EventSource::DeliverEventToProcessor(ui::Event *)
0x000007fee2705414	(chrome.dll -event_source.cc:51 )	ui::EventSource::SendEventToProcessor(ui::Event *)
0x000007fee267384c	(chrome.dll -desktop_window_tree_host_win.cc:829 )	views::DesktopWindowTreeHostWin::HandleMouseEvent(ui::MouseEvent const &)
0x000007fee2687f73	(chrome.dll -hwnd_message_handler.cc:2482 )	views::HWNDMessageHandler::HandleMouseEventInternal(unsigned int,unsigned __int64,__int64,bool)
0x000007fee268c1bb	(chrome.dll -hwnd_message_handler.h:336 )	views::HWNDMessageHandler::_ProcessWindowMessage(HWND__ *,unsigned int,unsigned __int64,__int64,__int64 &,unsigned long)
0x000007fee268adab	(chrome.dll -hwnd_message_handler.cc:897 )	views::HWNDMessageHandler::OnWndProc(unsigned int,unsigned __int64,__int64)
0x000007fee19c7539	(chrome.dll -window_impl.cc:302 )	gfx::WindowImpl::WndProc(HWND__ *,unsigned int,unsigned __int64,__int64)
0x000007fee19c6d1a	(chrome.dll -wrapped_window_proc.h:76 )	base::win::WrappedWindowProc<&gfx::WindowImpl::WndProc(HWND__ *,unsigned int,unsigned __int64,__int64)>(HWND__ *,unsigned int,unsigned __int64,__int64)
0x76d09bd0	(USER32.dll + 0x00019bd0 )	UserCallWinProcCheckWow
0x76d098d9	(USER32.dll + 0x000198d9 )	DispatchMessageWorker
0x000007fee0995564	(chrome.dll -message_pump_win.cc:363 )	base::MessagePumpForUI::ProcessMessageHelper(tagMSG const &)
0x000007fee09951d1	(chrome.dll -message_pump_win.cc:169 )	base::MessagePumpForUI::DoRunLoop()
0x000007fee0994de3	(chrome.dll -message_pump_win.cc:56 )	base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x000007fee0962e82	(chrome.dll -run_loop.cc:35 )	base::RunLoop::Run()
0x000007fee15a6513	(chrome.dll -chrome_browser_main.cc:2009 )	ChromeBrowserMainParts::MainMessageLoopRun(int *)
0x000007fee107afc5	(chrome.dll -browser_main_loop.cc:977 )	content::BrowserMainLoop::RunMainMessageLoopParts()
0x000007fee107c6ea	(chrome.dll -browser_main_runner.cc:155 )	content::BrowserMainRunnerImpl::Run()
0x000007fee1076e4f	(chrome.dll -browser_main.cc:46 )	content::BrowserMain(content::MainFunctionParams const &)
0x000007fee154e962	(chrome.dll -content_main_runner.cc:408 )	content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *)
0x000007fee154e79e	(chrome.dll -content_main_runner.cc:774 )	content::ContentMainRunnerImpl::Run()
0x000007fee154dcef	(chrome.dll -content_main.cc:20 )	content::ContentMain(content::ContentMainParams const &)
0x000007fee0d8fbb0	(chrome.dll -chrome_main.cc:97 )	ChromeMain
0x000000013f58eebd	(chrome.exe -main_dll_loader_win.cc:174 )	MainDllLoader::Launch(HINSTANCE__ *,base::TimeTicks)
0x000000013f58dda8	(chrome.exe -chrome_exe_main_win.cc:247 )	wWinMain
0x000000013f5c1772	(chrome.exe -exe_common.inl:253 )	__scrt_common_main_seh
0x76e0652c	(kernel32.dll + 0x0001652c )	BaseThreadInitThunk
0x76f3c540	(ntdll.dll + 0x0002c540 )	RtlUserThreadStart

Using code search for the crashing file, suspecting change: #430940 could be the possible culprit for the crash

@rdevlin.cronin: Request you to please take a look into it.

Change Log: https://chromium.googlesource.com/chromium/src/+/a32a0900c104b2143e6462febc81e6900dbd2104

Adding Release Block label, please undo if not the case.

Note: Above issue is also reproducible by following steps.
Steps:
1. Launch Chrome and navigate to chrome://bookmarks
2. Right click on page (near search box or Header) and select 'view page source' from context menu.
3. Observe.

Using the per-revision bisect providing the bisect results,
Good build: 56.0.2914.0 (Revision: 430837).
Bad build: 56.0.2915.0 (Revision: 431137).

You are probably looking for a change made after 430939 (known good), but no later than 430940 (first known bad).

CHANGE-LOG URL:
---------------------------------------
https://chromium.googlesource.com/chromium/src/+log/35d322e24f91a372ecdc0b152891e0635187a07e..a32a0900c104b2143e6462febc81e6900dbd2104


From the CL above, assigning the issue to the concern owner

@ rdevlin.cronin : 
------------------
Could you please look into the issue, pardon me if it has nothing to do with your changes and if possible please assign it to concern owner.

Review-Url: https://codereview.chromium.org/2468673003

Note : Able to reproduce the issue in Ubuntu 14.04, Win 10.0 & Mac 10.11.6.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/62fa72cbd02ff4e279efe12145dd4b1a3d221821

commit 62fa72cbd02ff4e279efe12145dd4b1a3d221821
Author: rdevlin.cronin <rdevlin.cronin@chromium.org>
Date: Fri Nov 11 19:03:07 2016

[Extensions] Don't remove the bookmark drag event router as delegate

Previously, the BookmarkManagerPrivateDragEventRouter removed itself as
the BookmarkTabHelper's delegate on destruction.  Since
crrev.com/a32a0900c104b2143e6462febc81e6900dbd2104, both the event router
and the BookmarkTabHelper are WebContentsUserData, and thus will be
destroyed at the "same" time (that is, synchronously - if the
BookmarkTabHelper tried to access the
BookmarkManagerPrivateDragEventRouter in its dtor, it's unsafe, but
hopefully we never do that). Don't remove the
BookmarkManagerPrivateDragEventRouter as a delegate since there's a
chance the BookmarkTabHelper has already been destroyed.

BUG=664371
BUG= 664419 

Review-Url: https://codereview.chromium.org/2488203003
Cr-Commit-Position: refs/heads/master@{#431607}

[modify] https://crrev.com/62fa72cbd02ff4e279efe12145dd4b1a3d221821/chrome/browser/extensions/api/bookmark_manager_private/bookmark_manager_private_api.cc

Should be fixed with @4.