Playing certain Google Slides transitions causes crash
Categories
(Core :: Web Painting, defect)
Tracking
()
People
(Reporter: karthin, Assigned: emilio)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: regression)
Attachments
(4 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0
Steps to reproduce:
- Create a new Google Slides presentation.
- Click "Transitions" near the top, select "Flip", "Cube" or "Gallery".
- Click "Play".
Actual results:
Sudden spike in memory usage before Firefox is killed.
Expected results:
Transition should have played.
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::Audio/Video: Playback' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.
Updated•3 years ago
|
Comment 2•3 years ago
•
|
||
can repro this
- Create a new presentation on google slides - Choose any prebuilt templates
- Select a slide->Slide->Transition
- From the newly opened panel on the right, select cube.
- Click on apply to all slides
- Click on the Play button
ER: Normal transition
AR: OOM and browser crash
Comment 3•3 years ago
•
|
||
https://docs.google.com/presentation/d/1rDhBeEPqsuzJsgZwDho8GzKjRdwHwyHqr775Yi3GO_U/edit?usp=sharing
Open the link
Click on View->slideshow OR press Ctrl+F5
Comment 4•3 years ago
|
||
Updated•3 years ago
|
Updated•3 years ago
|
Comment 6•3 years ago
|
||
Set release status flags based on info from the regressing bug 1716904
Updated•3 years ago
|
Assignee | ||
Comment 7•3 years ago
|
||
Assignee | ||
Comment 8•3 years ago
|
||
Updated•3 years ago
|
Assignee | ||
Comment 9•3 years ago
|
||
Applying it to SVG-transformed frames is wrong, and causes us to
rasterize rather massive SVGs. This is consistent with the other CSS
3d transforms code, and our rendering of the test-case matches other
browsers.
Updated•3 years ago
|
Assignee | ||
Comment 10•3 years ago
|
||
Comment on attachment 9252320 [details]
Bug 1741124 - Don't apply CSS perspective to non-CSS-transformed frames. r=miko,nical
Beta/Release Uplift Approval Request
- User impact if declined: Crash on Google Slides. If the fix looks good to the reviewers I think we should consider uplifting.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: comment 3
- List of other uplifts needed: none
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Relatively simple tweak to CSS perspective handling so that it doesn't apply to SVG inner frames.
- String changes made/needed: none
Assignee | ||
Updated•3 years ago
|
Comment 11•3 years ago
|
||
Comment 13•3 years ago
|
||
https://chat.mozilla.org/#/room/#gfx:mozilla.org/$GoJozhQt6S1RReoifBiUxYkUYk7g09qhcryyH2V3dc0
context: It seems bug 1741124 is OOMing in the WebRender blob code
Comment 14•3 years ago
|
||
bugherder |
Updated•3 years ago
|
Comment 15•3 years ago
|
||
Comment on attachment 9252320 [details]
Bug 1741124 - Don't apply CSS perspective to non-CSS-transformed frames. r=miko,nical
Approved for 95 beta 12, thanks.
Comment 16•3 years ago
|
||
bugherder uplift |
Comment 17•3 years ago
|
||
I have reproduced the issue using Firefox 94.0.2 and I've verified the fix using Firefox Nightly 96.0a1 (20211125043756) on MacOS 11, Ubuntu 20.04 and Windows 10.
Updated•3 years ago
|
Comment 18•3 years ago
|
||
I've also verified the fix on Firefox Beta 95.0b12 (20211125101315)
Updated•3 years ago
|
Comment 20•3 years ago
|
||
this was verified on fixed versions
Updated•3 years ago
|
Description
•