Chrome Version       : 53.0.2784.3
Platform             : 8530.0.0 (Official Build) daisy, peppy, candy

URLs (if applicable) : https://www.irs.gov/pub/irs-pdf/fw4.pdf


What steps will reproduce the problem?
(1)  open a pdf file, https://www.irs.gov/pub/irs-pdf/fw4.pdf
(2)  scroll up and down the page with the touchpad


What is the expected result? What happens instead?
Render crashes while scrolling up and down the page.

Crash ID : 24eec25600000000

===================
Thread 0 CRASHED [SIGABRT @ 0x00000001 ] MAGIC SIGNATURE THREAD
0xb1c9b636	(libc-2.19.so + 0x00016636 )	__libc_do_syscall
0xb1cab313	(libc-2.19.so -raise.c:56 )	raise
0xb1cac2ff	(libc-2.19.so -abort.c:89 )	abort
0xb2fdb799	(chrome -debugger_posix.cc:249 )	base::debug::BreakDebugger
0xb6415107	(chrome -fling_curve.cc:48 )	ui::FlingCurve::FlingCurve
0xb60f85a7	(chrome -web_gesture_curve_impl.cc:46 )	ui::WebGestureCurveImpl::CreateFromDefaultPlatformCurve
0xb60c2ac7	(chrome -blink_platform_impl.cc:809 )	content::BlinkPlatformImpl::queryLocalizedString
0xb60c2b17	(chrome -blink_platform_impl.cc:846 )	content::BlinkPlatformImpl::createFlingAnimationCurve
0xb3dd6477	(chrome -WebViewImpl.cpp:744 )	blink::WebViewImpl::handleGestureEvent
0xb68d55a4	(chrome + 0x043af5a4 )	_fini
0xb1d91bbd	(libgcc_s.so.1 -bpabi.c:41 )	__gnu_ldivmod_helper
0xb1d89b5f	(libgcc_s.so.1 + 0x0000eb5f )	__aeabi_ldivmod
0xb297ef7b	(chrome -time.cc:82 )	base::TimeDelta::InMilliseconds
0xb29864bf	(chrome -tracked_time.cc:51 )	tracked_objects::TrackedTime::Now
0xb297fd7d	(chrome -tracked_objects.cc:161 )	tracked_objects::ThreadData::TallyRunInAScopedRegionIfTracking
0xb4dc5dc5	(chrome -ppb_proxy_impl.cc:49 )	ReleaseModule
0xb4e864a7	(chrome -host_dispatcher.cc:288 )	ppapi::proxy::ScopedModuleReference::~ScopedModuleReference
0xb4e98715	(chrome -ppb_instance_proxy.cc:217 )	ppapi::proxy::PPB_Instance_Proxy::OnMessageReceived
0xb45c592f	(chrome -V8Window.cpp:5492 )	blink::DOMWindowV8Internal::clearTimeoutMethodCallback
0xb665edde	(chrome + 0x04138dde )	_fini
0xb662a04e	(chrome + 0x0410404e )	_fini
0xb32d92f7	(chrome -url_util.cc:167 )	DoCanonicalize<short unsigned int>
0xb5e35429	(chrome -WTFString.cpp:885 )	WTF::String::fromUTF8
0xb3dedb55	(chrome -PageWidgetDelegate.cpp:181 )	blink::PageWidgetDelegate::handleInputEvent
0xb1d91bbd	(libgcc_s.so.1 -bpabi.c:41 )	__gnu_ldivmod_helper
0xb8fae9be		
0xb1d91bbd	(libgcc_s.so.1 -bpabi.c:41 )	__gnu_ldivmod_helper
0xb1d89b5f	(libgcc_s.so.1 + 0x0000eb5f )	__aeabi_ldivmod
0xb300dab9	(chrome -safe_math_impl.h:211 )	base::internal::CheckedMul<long long int>
0xb3dd7ba5	(chrome -WebViewImpl.cpp:2227 )	blink::WebViewImpl::handleInputEvent
0xb64f607b	(chrome -thread_cache.h:209 )	tc_malloc
0xb298a0a3	(chrome -allocator_shim.cc:150 )	ShimCppNew
0xb64f607b	(chrome -thread_cache.h:209 )	tc_malloc
0xb4db627d	(chrome -stl_tree.h:1175 )	cc::LayerTreeHost::InsertSwapPromiseMonitor
0xb5b0e7a7	(chrome -swap_promise_monitor.cc:19 )	cc::SwapPromiseMonitor::SwapPromiseMonitor
0xb4df23d9	(chrome -render_widget_input_handler.cc:323 )	content::RenderWidgetInputHandler::HandleInputEvent
0xb35336ef	(chrome + 0x0100d6ef )	void std::vector<IPC::SyncChannel::ReceivedSyncMsgQueue::QueuedMessage, std::allocator<IPC::SyncChannel::ReceivedSyncMsgQueue::QueuedMessage> >::emplace_back<IPC::SyncChannel::ReceivedSyncMsgQueue::QueuedMessage>(IPC::SyncChannel::ReceivedSyncMsgQueue::QueuedMessage&&)
0xb2978d79	(chrome -message_loop_task_runner.cc:30 )	base::internal::MessageLoopTaskRunner::PostDelayedTask



Please provide any additional information below. Attach a screenshot if
possible.
Not reproduce the issue on 52.0.2743.57/8350.46.0 - Candy