228537 – SVG image with radius causes page to freeze/hang

Bug 228537 - SVG image with radius causes page to freeze/hang

Summary: SVG image with radius causes page to freeze/hang

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	SVG (show other bugs)
Version:	Safari Technology Preview
Hardware:	All All

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2021-07-27 23:35 PDT by Peter Breuls
Modified:	2021-07-28 07:28 PDT (History)
CC List:	5 users (show)

See Also:

Attachments
HTML page with problematic SVG image (495 bytes, text/html) 2021-07-27 23:35 PDT, Peter Breuls	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Peter Breuls 2021-07-27 23:35:06 PDT

Created attachment 434404 [details]
HTML page with problematic SVG image

Safari loads a page very slowly when a certain SVG image is used on that page. On Mac, the page load may take almost 2 minutes. On iOS, Safari eventually crashes.

This problem was initially reported by a customer as "the page does not load on iPhone". After investigation, using Safari's timeline recording tools, it showed a slow loading SVG image and a slow loading JPG image, plus a long time for a Paint event (30+ before the event starts and almost a minute before it completes). This paint event corresponds to the SVG and the JPG; the SVG is used as an overlay to the JPG.

Replacing the SVG image with something else fixes the problem: no slow loading experience, no hangs. So I've looked at the SVG image specifically: it's a small XML file with nothing more complex than a radius. I have included an HTML page with that SVG as an attachment. Opening it in Safari shows that it loads slowly, albeit somewhat faster than on the customer's website. (This test page currently takes around 25 seconds to load on my machine.)

I tested the page in Safari 14.1.1 (both the current macOS release and the current recent WebKit build (280374)), and in Safari Technology Preview 128 (15.0). Behavior is the same for all versions.

Comment 1 Sam Sneddon [:gsnedders] 2021-07-28 07:27:56 PDT

738  WebCore::RenderSVGRoot::layout() + 1996 (WebCore + 1190124) [0x1566678ec]
   738  WebCore::SVGRenderSupport::layoutChildren(WebCore::RenderElement&, bool) + 818 (WebCore + 33435298) [0x158527ea2]
     738  WebCore::RenderSVGShape::layout() + 299 (WebCore + 1193819) [0x15666875b]
       738  WebCore::RenderSVGRect::updateShapeFromElement() + 1759 (WebCore + 2066111) [0x15673d6bf]
         738  WebCore::RenderSVGShape::updateShapeFromElement() + 282 (WebCore + 1195146) [0x156668c8a]
           738  WebCore::RenderSVGShape::calculateStrokeBoundingBox() const + 147 (WebCore + 1196323) [0x156669123]
             738  WebCore::Path::strokeBoundingRect(WTF::Function<void (WebCore::GraphicsContext&)> const&) const + 186 (WebCore + 30048538) [0x1581ed11a]
               738  CGContextReplacePathWithStrokedPath + 63 (CoreGraphics + 1066835) [0x7ff819470753]

...and then into CoreGraphics. Will post a full spindump on Radar.

Comment 2 Radar WebKit Bug Importer 2021-07-28 07:28:07 PDT

<rdar://problem/81215623>