Correction - Steps to reproduce the issue.
1. Launch chrome and remove existing user.
2. Go to chrome://settings/help from wrench icon.
3. Click on Report an Issue and observe. (Browser Crashes)

This is a regression issue, broken in M-66 series, Using the per-revision bisect providing the bisect results,

Good Build:66.0.3334.0(Revision:532208)
Bad Build:66.0.3335.0(Revision:533164)

You are probably looking for a change made after 532377 (known good), but no later than 532378 (first known bad).

CHANGELOG URL:

The script might not always return single CL as suspect as some perf builds might get missing due to failure.

https://chromium.googlesource.com/chromium/src/+log/3b5fe53e0b6b49f5e270472792d67562d222926a..33b07d1373210013a53523516bf86cb4277861e4

Suspect: https://chromium.googlesource.com/chromium/src/+/33b07d1373210013a53523516bf86cb4277861e4

dullweber@:Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thank You!

Stack Trace for the provided crash id:
---------------------------------------
Thread 0 (id: 14856) CRASHED [EXCEPTION_ACCESS_VIOLATION_WRITE @ 0x00000014 ] MAGIC SIGNATURE THREAD
Stack Quality100%Show frame trust levels
0x5c9759c6	(chrome_child.dll -HTMLImportLoader.cpp:52 )	blink::HTMLImportLoader::Dispose()
0x5c974d16	(chrome_child.dll -HTMLImportsController.cpp:50 )	blink::HTMLImportsController::Dispose()
0x5abac088	(chrome_child.dll -Document.cpp:2822 )	blink::Document::Shutdown()
0x5aa7b81f	(chrome_child.dll -FrameLoader.cpp:1072 )	blink::FrameLoader::PrepareForCommit()
0x5aa7b5d0	(chrome_child.dll -FrameLoader.cpp:1095 )	blink::FrameLoader::CommitProvisionalLoad()
0x5aa7b42c	(chrome_child.dll -DocumentLoader.cpp:668 )	blink::DocumentLoader::CommitNavigation(WTF::AtomicString const &,blink::KURL const &)
0x5aba6541	(chrome_child.dll -DocumentLoader.cpp:705 )	blink::DocumentLoader::CommitData(char const *,unsigned int)
0x5aba64c5	(chrome_child.dll -DocumentLoader.cpp:760 )	blink::DocumentLoader::ProcessData(char const *,unsigned int)
0x5aba63a3	(chrome_child.dll -DocumentLoader.cpp:739 )	blink::DocumentLoader::DataReceived(blink::Resource *,char const *,unsigned int)
0x5aba62b8	(chrome_child.dll -Resource.cpp:401 )	blink::Resource::AppendData(char const *,unsigned int)
0x5aba60f2	(chrome_child.dll -RawResource.cpp:141 )	blink::RawResource::AppendData(char const *,unsigned int)
0x5aba5652	(chrome_child.dll -web_url_loader_impl.cc:917 )	content::WebURLLoaderImpl::Context::OnReceivedData(std::unique_ptr<content::RequestPeer::ReceivedData,std::default_delete<content::RequestPeer::ReceivedData> >)
0x5aba55c5	(chrome_child.dll -web_url_loader_impl.cc:1110 )	content::WebURLLoaderImpl::RequestPeerImpl::OnReceivedData(std::unique_ptr<content::RequestPeer::ReceivedData,std::default_delete<content::RequestPeer::ReceivedData> >)
0x5aba526f	(chrome_child.dll -url_response_body_consumer.cc:160 )	content::URLResponseBodyConsumer::OnReadable(unsigned int)
0x5aba4f32	(chrome_child.dll -url_loader_client_impl.cc:317 )	content::URLLoaderClientImpl::OnStartLoadingResponseBody(mojo::ScopedHandleBase<mojo::DataPipeConsumerHandle>)
0x5aba4e92	(chrome_child.dll -throttling_url_loader.cc:410 )	content::ThrottlingURLLoader::OnStartLoadingResponseBody(mojo::ScopedHandleBase<mojo::DataPipeConsumerHandle>)
0x5b087c4e	(chrome_child.dll -url_loader.mojom.cc:2224 )	network::mojom::URLLoaderClientStubDispatch::Accept(network::mojom::URLLoaderClient *,mojo::Message *)
0x5b078bb8	(chrome_child.dll -url_loader.mojom.h:454 )	network::mojom::URLLoaderClientStub<mojo::RawPtrImplRefTraits<network::mojom::URLLoaderClient> >::Accept(mojo::Message *)
0x5aa0ed20	(chrome_child.dll -multiplex_router.cc:879 )	mojo::internal::MultiplexRouter::ProcessIncomingMessage(mojo::internal::MultiplexRouter::MessageWrapper *,mojo::internal::MultiplexRouter::ClientCallBehavior,base::SequencedTaskRunner *)
0x5aa0e8d5	(chrome_child.dll -multiplex_router.cc:604 )	mojo::internal::MultiplexRouter::Accept(mojo::Message *)
0x5aa0d958	(chrome_child.dll -connector.cc:444 )	mojo::Connector::ReadSingleMessage(unsigned int *)
0x5aa0d7f6	(chrome_child.dll -connector.cc:474 )	mojo::Connector::ReadAllAvailableMessages()
0x5aa0d7aa	(chrome_child.dll -connector.cc:375 )	mojo::Connector::OnHandleReadyInternal(unsigned int)
0x5aa0d77e	(chrome_child.dll -bind_internal.h:343 )	base::internal::Invoker<base::internal::BindState<bool (content::PepperInProcessRouter::*)(IPC::Message *) __attribute__((thiscall)),base::internal::UnretainedWrapper<content::PepperInProcessRouter> >,bool (IPC::Message *)>::Run
0x5aa0d76a	(chrome_child.dll -simple_watcher.h:193 )	mojo::SimpleWatcher::DiscardReadyState(base::RepeatingCallback<void > const &,unsigned int,mojo::HandleSignalsState const &)
0x5b32372a	(chrome_child.dll -bind_internal.h:350 )	base::internal::Invoker<base::internal::BindState<void (*)(const base::RepeatingCallback<void (unsigned int)> &, unsigned int, const mojo::HandleSignalsState &),base::RepeatingCallback<void (unsigned int)> >,void (unsigned int, const mojo::HandleSignalsState &)>::Run
0x5aa0d6cc	(chrome_child.dll -simple_watcher.cc:275 )	mojo::SimpleWatcher::OnHandleReady(int,unsigned int,mojo::HandleSignalsState const &)
0x5aa0d633	(chrome_child.dll -bind_internal.h:343 )	base::internal::Invoker<base::internal::BindState<void (mojo::SimpleWatcher::*)(int, unsigned int, const mojo::HandleSignalsState &) __attribute__((thiscall)),base::WeakPtr<mojo::SimpleWatcher>,int,unsigned int,mojo::HandleSignalsState>,void ()>::Run
0x5a9ab7c8	(chrome_child.dll -task_annotator.cc:53 )	base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *)
0x5b95cbec	(chrome_child.dll -task_queue_manager.cc:544 )	blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue *,blink::scheduler::LazyNow,base::TimeTicks *)
0x5a9ce956	(chrome_child.dll -task_queue_manager.cc:344 )	blink::scheduler::TaskQueueManager::DoWork(blink::scheduler::internal::Sequence::WorkType)
0x5a9ce7f0	(chrome_child.dll -bind_internal.h:343 )	base::internal::Invoker<base::internal::BindState<void (blink::scheduler::TaskQueueManager::*)(blink::scheduler::internal::Sequence::WorkType) __attribute__((thiscall)),base::WeakPtr<blink::scheduler::TaskQueueManager>,blink::scheduler::internal::Sequence::WorkType>,void ()>::Run
0x5a9ab7c8	(chrome_child.dll -task_annotator.cc:53 )	base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *)
0x5a9ce658	(chrome_child.dll -thread_controller_impl.cc:99 )	blink::scheduler::internal::ThreadControllerImpl::DoWork(blink::scheduler::internal::Sequence::WorkType)
0x5bcb5976	(chrome_child.dll -bind_internal.h:343 )	base::internal::Invoker<base::internal::BindState<void (base::win::ObjectWatcher::*)(base::win::ObjectWatcher::Delegate *) __attribute__((thiscall)),base::WeakPtr<base::win::ObjectWatcher>,base::win::ObjectWatcher::Delegate *>,void ()>::Run
0x5a9ab7c8	(chrome_child.dll -task_annotator.cc:53 )	base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *)
0x5a9ab722	(chrome_child.dll -incoming_task_queue.cc:124 )	base::internal::IncomingTaskQueue::RunTask(base::PendingTask *)
0x5a9ab275	(chrome_child.dll -message_loop.cc:399 )	base::MessageLoop::RunTask(base::PendingTask *)
0x5a9ab096	(chrome_child.dll -message_loop.cc:411 )	base::MessageLoop::DeferOrRunPendingTask(base::PendingTask)
0x5a9a2dad	(chrome_child.dll -message_loop.cc:455 )	base::MessageLoop::DoWork()
0x5a9a2cb6	(chrome_child.dll -message_pump_default.cc:37 )	base::MessagePumpDefault::Run(base::MessagePump::Delegate *)
0x5a9a2c0e	(chrome_child.dll -message_loop.cc:350 )	base::MessageLoop::Run(bool)
0x5a9a2a5d	(chrome_child.dll -run_loop.cc:133 )	base::RunLoop::Run()
0x5a99256f	(chrome_child.dll -renderer_main.cc:232 )	content::RendererMain(content::MainFunctionParams const &)
0x5a9922aa	(chrome_child.dll -content_main_runner.cc:423 )	content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *)
0x5a98cacd	(chrome_child.dll -content_main_runner.cc:713 )	content::ContentMainRunnerImpl::Run()
0x5a9645a5	(chrome_child.dll -main.cc:456 )	service_manager::Main(service_manager::MainParams const &)
0x5a964276	(chrome_child.dll -content_main.cc:19 )	content::ContentMain(content::ContentMainParams const &)
0x5a96190f	(chrome_child.dll -chrome_main.cc:144 )	ChromeMain
0x00952fcd	(chrome.exe -main_dll_loader_win.cc:199 )	MainDllLoader::Launch(HINSTANCE__ *,base::TimeTicks)
0x00951466	(chrome.exe -chrome_exe_main_win.cc:230 )	wWinMain
0x00a0fd57	(chrome.exe -exe_common.inl:283 )	__scrt_common_main_seh
0x76f88743	(KERNEL32.DLL + 0x00018743 )	BaseThreadInitThunk
0x770b582c	(ntdll.dll + 0x0006582c )	__RtlUserThreadStart
0x770b57fc	(ntdll.dll + 0x000657fc )	_RtlUserThreadStart

Adding Release blocker for this issue.Please remove if not the case.

Thank You!

It looks like these crashes have happened since December 6 (go/nehzs). Are sure about the regression range? 

I tried to reproduce this on Linux (66.0.3335.0 (Official Build) (64-bit)) but it didn't crash and I could see the "Tell us what's happening" window.

There is another crash report about feedback and that has a stacktrace related to my change, so I assume this is a duplicate