Tested the issue in Android and could reproduce the issue.

Steps Followed:
1) Go to https://m.9gag.com/
(2) Tap menu - Add to Home screen to create a webapp link.
(3) Wait for icon to show up and tap Add
(4) Android O only: Click "Add Automatically" for icon placement.
(5) Go to Home screen
(6) Tap the 9GAG link
(7) Long press on the first post picture
(8) Tap "Open in Chrome"

Chrome versions tested:
61.0.3163.98, 62.0.3202.84, 63.0.3239.31, 64.0.3256.0

OS
Android 8.1.0

Android Devices
8.1.0; Pixel XL Build/OPM1.171019.005

"Add to Home screen" is a new feature is introduced in the end of the M60 (60.0.3110.0). 

Please navigate to below link for log's and video--
go/chrome-androidlogs/781358

Unable to find the exact suspect from the below stack trace.

Crash I'd: a5ff2f91c8f9d416

Stack trace:

Thread 0 (id: 16846) CRASHED [DUMP_REQUESTED @ 0xc97f3319 ]
Stack Quality4%Show frame trust levels
0xc97f3319	(libmonochrome.so -exception_handler.cc:678 )	google_breakpad::ExceptionHandler::WriteMinidump()
0xc8c05bf9	(libmonochrome.so -breakpad_linux.cc:744 )	breakpad::(anonymous namespace)::DumpProcess()
0xc7ee98c1	(libmonochrome.so -dump_without_crashing.cc:23 )	base::debug::DumpWithoutCrashing()
0xc7ee60eb	(libmonochrome.so -java_exception_reporter.cc:41 )	Java_org_chromium_base_JavaExceptionReporter_nativeReportJavaException
0xcb1e4185	(base.odex + 0x0003a185 )	
0xe5b3bfea	(dalvik-LinearAlloc (deleted) + 0x0000efea )	
0x134ba8b6	(dalvik-main space (region space) (deleted) + 0x008ba8b6 )	
0x12fb0e5e	(dalvik-main space (region space) (deleted) + 0x003b0e5e )	
0xe4c01f75	(libart.so + 0x00407f75 )	
0x12fb0e5e	(dalvik-main space (region space) (deleted) + 0x003b0e5e )	
0x716dff27	(boot.oat + 0x00027f27 )	
0xcb79e9b1	(base.vdex + 0x005769b1 )	
0xe4c071ed	(libart.so + 0x0040d1ed )	
0xcb732f22	(base.vdex + 0x0050af22 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0x13497e66	(dalvik-main space (region space) (deleted) + 0x00897e66 )	
0xd9639e67	(NotoSansCJK-Regular.ttc + 0x00489e67 )	
0xcb732f22	(base.vdex + 0x0050af22 )	
0x12fb0e5e	(dalvik-main space (region space) (deleted) + 0x003b0e5e )	
0xe48e8611	(libart.so + 0x000ee611 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe5b3bfea	(dalvik-LinearAlloc (deleted) + 0x0000efea )	
0xcb79e9ae	(base.vdex + 0x005769ae )	
0xe48a9f17	(libart.so + 0x000aff17 )	
0xcb79e9ae	(base.vdex + 0x005769ae )	
0x134c2cde	(dalvik-main space (region space) (deleted) + 0x008c2cde )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe5b3bfea	(dalvik-LinearAlloc (deleted) + 0x0000efea )	
0xcb264606	(base.vdex + 0x0003c606 )	
0xe49fcda9	(libart.so + 0x00202da9 )	
0xcb79e9ae	(base.vdex + 0x005769ae )	
0x70f20dee	(system@framework@boot.art + 0x00071dee )	
0xe490f649	(libart.so + 0x00115649 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xcb2bb67a	(base.vdex + 0x0009367a )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe49f82f7	(libart.so + 0x001fe2f7 )	
0xe5b3bfea	(dalvik-LinearAlloc (deleted) + 0x0000efea )	
0x12fb0e5e	(dalvik-main space (region space) (deleted) + 0x003b0e5e )	
0x12fb0e5e	(dalvik-main space (region space) (deleted) + 0x003b0e5e )	
0xe49f81c5	(libart.so + 0x001fe1c5 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe5b3c04a	(dalvik-LinearAlloc (deleted) + 0x0000f04a )	
0xe5b3bfea	(dalvik-LinearAlloc (deleted) + 0x0000efea )	
0xcb504798	(base.vdex + 0x002dc798 )	
0xe4bed1b7	(libart.so + 0x003f31b7 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xcb504798	(base.vdex + 0x002dc798 )	
0xe4bf0c7e	(libart.so + 0x003f6c7e )	
... 143 more
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe4a98763	(libart.so + 0x0029e763 )	
0xb33766bd	(app_process32 + 0x000046bd )	
0xe4b8cd07	(libart.so + 0x00392d07 )	
0xe3960f59	(boot-framework.vdex + 0x00fd4f59 )	
0xe4b5532f	(libart.so + 0x0035b32f )	
0xe3960f59	(boot-framework.vdex + 0x00fd4f59 )	
0xe3960f59	(boot-framework.vdex + 0x00fd4f59 )	
0x12c04c0e	(dalvik-main space (region space) (deleted) + 0x00004c0e )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe48e7c21	(libart.so + 0x000edc21 )	
0xe644ced9	(libandroid_runtime.so + 0x00125ed9 )	
0xe644ced4	(libandroid_runtime.so + 0x00125ed4 )	
0x712447fe	(system@framework@boot-framework.art + 0x0008c7fe )	
0xe4aaf76b	(libart.so + 0x002b576b )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0x715913f6	(system@framework@boot-framework.art + 0x003d93f6 )	
0xe4c2c046	(libart.so + 0x00432046 )	
0xe4c2c03e	(libart.so + 0x0043203e )	
0xe4aa2807	(libart.so + 0x002a8807 )	
0xe4c2c046	(libart.so + 0x00432046 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe4a98763	(libart.so + 0x0029e763 )	
0xb33766bd	(app_process32 + 0x000046bd )	
0xe4b5a7e9	(libart.so + 0x003607e9 )	
0xe4a98763	(libart.so + 0x0029e763 )	
0xb33766bd	(app_process32 + 0x000046bd )	
0xe6db6eaf	(libc.so + 0x0006ceaf )	
0xb33766bd	(app_process32 + 0x000046bd )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xe4a98763	(libart.so + 0x0029e763 )	
0xe4a4dfe9	(libart.so + 0x00253fe9 )	
0xe4a98763	(libart.so + 0x0029e763 )	
0xe6394985	(libandroid_runtime.so + 0x0006d985 )	
0x49f88a5f	(dalvik-main space (region space) (deleted) + 0x37388a5f )	
0xe48af111	(libart.so + 0x000b5111 )	
0xe4a4dbe3	(libart.so + 0x00253be3 )	
0xe4a4df6b	(libart.so + 0x00253f6b )	
0xe6db50bf	(libc.so + 0x0006b0bf )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0xb3373b43	(app_process32 + 0x00001b43 )	
0xb3376a4b	(app_process32 + 0x00004a4b )	
0xcccd1130	(dalvik-data-code-cache (deleted) + 0x00aee130 )	
0x2d69625f	(dalvik-main space (region space) (deleted) + 0x1aa9625f )	
0x2c613774	(dalvik-main space (region space) (deleted) + 0x19a13774 )	
0xe7eb870e	(dalvik-thread local mark stack (deleted) + 0x0001570e )	
0x3f7ffffe	(dalvik-main space (region space) (deleted) + 0x2cbffffe )	
0x33737363	(dalvik-main space (region space) (deleted) + 0x20b37363 )	

Thanks!!

How is the best person to own this issue?

Assigning to dominickn@ to triage for Webapps

Will follow up on this ASAP.

The crash happens because the linkUrl that is being opened is empty, hence Android can't find an activity to handle the link.

The linkUrl is empty all the way from content::RenderFrameImpl::ShowContextMenu, where it's created. The issue is because the 9GAG link being opened is not actually a link; it's an image src.

The element in question:

<div class="post-content" style="min-height: 412px;">
  <div>
    <img src="https://img-9gag-fun.9cache.com/photo/aB8N8N1_460s.jpg" alt="🟟 The perfect toilet paper holder doesn&amp;#039;t exi...">
    <span class="post-indicator gif" style="display: block;">GIF</span>
  </div>
</div>


The context menu params are:

params.link_url: empty
params.src_url: https://img-9gag-fun.9cache.com/photo/aB8N8N1_460s.jpg
params.page_url: https://m.9gag.com/

This has probably been broken since the introduction of the Open in Chrome context menu for fullscreen activities. Chrome CCTs don't have this problem because they seem to use a custom context menu, rather than the usual one that everything else in Chrome uses.

Strawman fix proposal: we should be opening src_url when link_url is empty. And if both are empty, open the page_url.

Dropping RBS for now because I think this has been broken for a very long time (this code path doesn't seem to have changed since at least 2015).

Back over to tedchoc@ for thoughts on c#6. Changes would need to be implemented in tabs/TabContextMenuItemDelegate.java and its callers.

Looks like we should change:
https://chromium.googlesource.com/chromium/src/+/bf3b94f3071bd3152fc865da5260095cd536bdd7/chrome/android/java/src/org/chromium/chrome/browser/contextmenu/ChromeContextMenuPopulator.java#672

To use getUrl() instead of getLinkUrl().

getUrl() does the sanity checking for empty URLs.  As part of this, should we remove getLinkUrl as something exposed?  Do we need it for anything?  Shouldn't all clients use getUrl()?

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9c76ea8faf0ca92636234c40452ddb93bb577fa1

commit 9c76ea8faf0ca92636234c40452ddb93bb577fa1
Author: Lei Tian <ltian@chromium.org>
Date: Fri Nov 10 20:42:20 2017

Use ContextParams.getUrl() to send url for opening in Chrome or in new tab

Sometimes the linkUrl could be empty while srcUrl is not. The
ContextParams.getUrl() is safer than ContextParams.getLinkUrl() becasue
if linkUrl is empty, it returns srcUrl. So all url params for opening in
Chrome or in a new tab should use this instead of getLinkUrl().

And update all context menu ids to consistently start with contextmenu_.

Bug:  781358 
Change-Id: Iafa8611bd03974fbb0cd7d3dbbe855af53551481
Reviewed-on: https://chromium-review.googlesource.com/762132
Reviewed-by: Ted Choc <tedchoc@chromium.org>
Commit-Queue: Lei Tian <ltian@chromium.org>
Cr-Commit-Position: refs/heads/master@{#515667}
[modify] https://crrev.com/9c76ea8faf0ca92636234c40452ddb93bb577fa1/chrome/android/java/res/values/ids.xml
[modify] https://crrev.com/9c76ea8faf0ca92636234c40452ddb93bb577fa1/chrome/android/java/src/org/chromium/chrome/browser/contextmenu/ChromeContextMenuItem.java
[modify] https://crrev.com/9c76ea8faf0ca92636234c40452ddb93bb577fa1/chrome/android/java/src/org/chromium/chrome/browser/contextmenu/ChromeContextMenuPopulator.java
[modify] https://crrev.com/9c76ea8faf0ca92636234c40452ddb93bb577fa1/chrome/android/javatests/src/org/chromium/chrome/browser/webapps/WebappNavigationTest.java