Issue 517581  has been merged into this issue.

An update here, I haven't been able to reproduce this. If this is still happening consistently for someone, please let me know as I would like to add a patch with some debug info to see what the state is when the crash happens.

I initially filed  Issue 517581  but can no longer repro at r458055.

I've just reproduced this when running a Debug build of chrome and randomly resizing Chrome window with www.engadget.com.

35916:37824:0612/172634.427:FATAL:tiling_data.h(167)] Check failed: i < num_tiles_x_ (2 vs. 2)

I don't know if that might be related to the repro but I had an experimental D3D-vsync flag enabled and also had a patch applied that forces low resolution TimeTicks::Now() (https://codereview.chromium.org/2888833002).

I've been able to reproduce similar issue with an internal test case (that I can't share unfortunately) quite reliably.

I have these locals in PictureLayerTiling::SetRasterSourceAndResize:
before_left = 0
before_top = 0
before_right = 18
before_bottom = 2
after_right = 5
after_bottom = 3

The failing assert is triggered from this loop:
if (after_bottom > before_bottom) {
  DCHECK_EQ(after_bottom, before_bottom + 1);
  for (int i = before_left; i <= before_right; ++i) {
    Tile::CreateInfo info = CreateInfoForTile(i, after_bottom);
    if (ShouldCreateTileAt(info))
      CreateTile(info);
  }
}

The horizontal boundary is before_right (18) which is larger than what is currently in tiling_data_ (5) that is accessed in CreateInfoForTile.
Could it be as simple as the horizontal boundary is wrong and should be after_right instead of before_right?
Looks like a too simple mistake not to be caught (for a long time) by reviews and tests or triggered more problems than this so I might be missing something.

Thanks for all this investigation.  The loop above it is before_top / after_bottom and this inner loop is before_left / before_right.  It certainly looks suspicious.

vmpstr, are you still planning to look into this? Mostly asking since it's been assigned since March.

https://chromium-review.googlesource.com/c/chromium/src/+/730984 addresses it 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1c3e6c9460e94549284268db28e0eec81ac21738

commit 1c3e6c9460e94549284268db28e0eec81ac21738
Author: David Landell <landell@vewd.com>
Date: Wed Oct 25 16:11:08 2017

Use the correct bounds when creating new tiles

Using before_right as a horizontal bound in the related loop triggers
a DCHECK in TilingData since the tiles outside of after_right doesn't
exist after resize of tiling_data_.

Bug:  704705 
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I00a430129543aa29d2d20c7e52dab0d97e23e009
Reviewed-on: https://chromium-review.googlesource.com/730984
Commit-Queue: danakj <danakj@chromium.org>
Reviewed-by: danakj <danakj@chromium.org>
Cr-Commit-Position: refs/heads/master@{#511479}
[modify] https://crrev.com/1c3e6c9460e94549284268db28e0eec81ac21738/cc/tiles/picture_layer_tiling.cc
[modify] https://crrev.com/1c3e6c9460e94549284268db28e0eec81ac21738/cc/tiles/picture_layer_tiling_unittest.cc

Thanks for the debugging and the patch!!

No problem. This was blocking us internally so I was happy to get some help with the reviewing.