CRD Webapp intermittently crashes on some machines

CRD Webapp intermittently crashes on some machines

This issue appeared during our M56 release and affected a subset of
machines.  Some users would hit this problem after a few seconds and
others could spend several hours using the app without problems.

I was able to track the problem down to a checkin from last year:
https://codereview.chromium.org/2096643003/

After a bit of additional debugging, I believe I know what the problem
is.  The actual problem is caused by a call to OnPictureReady() in the
PepperVideoRenderer3D class that occurs before we have a decoded frame
ready.  This leads to a cascade of issues where we try to splice an
element from the empty decoded_frames_ list which causes the size of the
list to underflow to 2^32 and inserts a null FrameTracker into the
next_picture_frames_ list.  This null FrameTracker is eventually
dereferenced which causes a crash.

Why does this only happen on certain machines?  I believe the problem is
in the call to GetNextPicture().  This method is called in two places,
once when we finish decoding a frame and again after we have retrieved a
decoded frame.  The machine I have been debugging the crash on is a dual
core celeron which is quite slow.  All of the test machines have at
least a core i5 in it.  My theory is that on the faster machines, the
decoder is fast enough to complete its work before the extra call to
GetNextPicture() results in the PictureReady callback being signalled.
On the slow machines. we set up our callback which ends up triggering
before the decoding completes.

My fix is to prevent setting up the OnPictureReady callback if we do not
have any decoded frames.  A simple fix for a difficult to debug problem.

BUG=689229
Review-Url: https://codereview.chromium.org/2692703002
Cr-Commit-Position: refs/heads/master@{#450132}
(cherry picked from commit 838ec64ba5d7602699ec7c02182c5b17fa06075d)

Review-Url: https://codereview.chromium.org/2692383002 .
Cr-Commit-Position: refs/branch-heads/2987@{#514}
Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}
Committed: https://chromium.googlesource.com/chromium/src/+/dd3c640c1140c46d321b41d3434b660a1cff4860

[joedow, 2017-02-14 23:52:04]

Description was changed from

==========
CRD Webapp intermittently crashes on some machines

This issue appeared during our M56 release and affected a subset of
machines.  Some users would hit this problem after a few seconds and
others could spend several hours using the app without problems.

I was able to track the problem down to a checkin from last year:
https://codereview.chromium.org/2096643003/

After a bit of additional debugging, I believe I know what the problem
is.  The actual problem is caused by a call to OnPictureReady() in the
PepperVideoRenderer3D class that occurs before we have a decoded frame
ready.  This leads to a cascade of issues where we try to splice an
element from the empty decoded_frames_ list which causes the size of the
list to underflow to 2^32 and inserts a null FrameTracker into the
next_picture_frames_ list.  This null FrameTracker is eventually
dereferenced which causes a crash.

Why does this only happen on certain machines?  I believe the problem is
in the call to GetNextPicture().  This method is called in two places,
once when we finish decoding a frame and again after we have retrieved a
decoded frame.  The machine I have been debugging the crash on is a dual
core celeron which is quite slow.  All of the test machines have at
least a core i5 in it.  My theory is that on the faster machines, the
decoder is fast enough to complete its work before the extra call to
GetNextPicture() results in the PictureReady callback being signalled.
On the slow machines. we set up our callback which ends up triggering
before the decoding completes.

My fix is to prevent setting up the OnPictureReady callback if we do not
have any decoded frames.  A simple fix for a difficult to debug problem.

BUG=689229

Review-Url: https://codereview.chromium.org/2692703002
Cr-Commit-Position: refs/heads/master@{#450132}
(cherry picked from commit 838ec64ba5d7602699ec7c02182c5b17fa06075d)
==========

to

==========
CRD Webapp intermittently crashes on some machines

This issue appeared during our M56 release and affected a subset of
machines.  Some users would hit this problem after a few seconds and
others could spend several hours using the app without problems.

I was able to track the problem down to a checkin from last year:
https://codereview.chromium.org/2096643003/

After a bit of additional debugging, I believe I know what the problem
is.  The actual problem is caused by a call to OnPictureReady() in the
PepperVideoRenderer3D class that occurs before we have a decoded frame
ready.  This leads to a cascade of issues where we try to splice an
element from the empty decoded_frames_ list which causes the size of the
list to underflow to 2^32 and inserts a null FrameTracker into the
next_picture_frames_ list.  This null FrameTracker is eventually
dereferenced which causes a crash.

Why does this only happen on certain machines?  I believe the problem is
in the call to GetNextPicture().  This method is called in two places,
once when we finish decoding a frame and again after we have retrieved a
decoded frame.  The machine I have been debugging the crash on is a dual
core celeron which is quite slow.  All of the test machines have at
least a core i5 in it.  My theory is that on the faster machines, the
decoder is fast enough to complete its work before the extra call to
GetNextPicture() results in the PictureReady callback being signalled.
On the slow machines. we set up our callback which ends up triggering
before the decoding completes.

My fix is to prevent setting up the OnPictureReady callback if we do not
have any decoded frames.  A simple fix for a difficult to debug problem.

BUG=689229

Review-Url: https://codereview.chromium.org/2692703002
Cr-Commit-Position: refs/heads/master@{#450132}
(cherry picked from commit 838ec64ba5d7602699ec7c02182c5b17fa06075d)

Review-Url: https://codereview.chromium.org/2692383002 .
Cr-Commit-Position: refs/branch-heads/2987@{#514}
Cr-Branched-From:
ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}
Committed:
https://chromium.googlesource.com/chromium/src/+/dd3c640c1140c46d321b41d3434b...
==========

[joedow, 2017-02-14 23:52:06]

Committed patchset #1 (id:1) manually as
dd3c640c1140c46d321b41d3434b660a1cff4860.