[KenanSulayman]

I tried it on my iPhone X and it triggers a kernel panic (agxk_mmu.cpp) when trying to allocate memory for WebKit.

It seems it exhausts the memory so fast that it triggers an assertion error somewhere?

Screenshot: https://i.imgur.com/6tDr44q.png

Full serial console log of the device: https://gist.githubusercontent.com/KenanSulayman/867cc399e97...

[barbegal]

The log suggests the device is doing everything correctly. The exploit webpage requires huge amounts of memory to render correctly. It is consuming all the available memory causing allocations for backboardd to fail. The kernel then starts killing off idle processes to free up memory.

I don't see a kernel panic there.

[amaccuish]

Does iOS not enforce reasonable memory limits on apps to prevent a panic?

[MBCook]

It does. Your app will get killed. The OS will be fine.

My understanding is this bug uses up GPU memory/contexts, not normal system RAM, and that’s why it becomes an issue.

[amaccuish]

Ahh thank you :)

[swingline-747]

Ohh.. sneaky: a GPU DoS.

[MBCook]

Yeah. Of course it shouldn’t be possible, but I guess no one had thought of it before or they thought the risk was too low because they figured you’d have to make an app to do it not some random HTML on a webpage.

[jhabdas]

Have you tried the backdoor yet? https://www.gnu.org/proprietary/malware-apple.html#back-door...