[Webkit-unassigned] [Bug 243949] New: iOS 15.6 compositing with z-index causes crash

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=243949

            Bug ID: 243949
           Summary: iOS 15.6 compositing with z-index causes crash
           Product: WebKit
           Version: Safari 15
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Compositing
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ldebeasi at gmail.com
                CC: simon.fraser at apple.com

Created attachment 461639

  --> https://bugs.webkit.org/attachment.cgi?id=461639&action=review

Code reproduction

When compositing a large number of elements that have z-index, WebKit will crash. This behavior first appeared on iOS 15.6.

Steps to reproduce:

1. Open the code reproduction on a device running iOS 15.6.
2. Inspect the page and open the "Layers" tab in dev tools.
3. Tap the "Crash" button.
4. Observe that memory usage spikes and Safari reloads the page.

Other Information:

- I tested this on an iPhone 11 running iOS 15.6. In my tests, the memory usage spiked to over 1GB.
- This code reproduction does use a large number of elements. While using a smaller number of elements (such as 100) won't crash the browser, it will still cause the memory usage to spike.
- This issue can also been seen on Safari for macOS. On Safari 15.5, clicking the "Crash" button brings the memory usage up to 40mb. On STP 151, clicking the "Crash" button brings the memory usage up to over 700mb. (Tested on a 2021 MacBook Pro with M1 Pro)
- This issue also happens on WKWebView.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220815/82ff2ab8/attachment-0001.htm>