230548 2021-09-21 04:31:35 -0700 Crash when rendering a non-system font with 'small-caps' font variant 2021-09-21 10:13:56 -0700 1 1 1 Unclassified WebKit Canvas Safari Technology Preview iPhone / iPad Other RESOLVED DUPLICATE 229401 InRadar P2 Major --- 1 paul.watkinson mmaxfield dino mmaxfield paul.watkinson sabouhallawa simon.fraser thorton webkit-bug-importer oldest_to_newest 1795512 0 paul.watkinson 2021-09-21 04:31:35 -0700 When rendering a non-system font with the 'small-caps' font variant, the page crashes and reloads. This occurs with the following devices: 1. Simulated iPhone 13 + iOS 15.0, WebKit/605.1.15 2. Real iPhone XR + iOS 15.0, WebKit/605.1.15 Reproduction: Adding the following JavaScript to a HTML page; loads a font, waits 5s, and then renders the text to a canvas. This immediately causes a crash. ``` var fontFamily = 'Luckiest Guy'; var link = document.createElement('link'); link.setAttribute('rel', 'stylesheet'); link.setAttribute('href', `https://fonts.googleapis.com/css?family=${fontFamily}`); document.head.appendChild(link); document.body.style.fontFamily = `'${fontFamily}'`; var canvas = document.createElement('canvas'); document.body.appendChild(canvas); var ctx = canvas.getContext('2d'); ctx.font = `normal small-caps normal 48px '${fontFamily}'`; setInterval(() => { console.log('Drawing...'); ctx.fillText('Hello, World!', 0, 48); }, 5e3); ``` Actual Results: The page crashes and is reloaded. Expected Results: The canvas should render the text, with the font-variant specified. 1795588 1 438828 ap 2021-09-21 09:14:19 -0700 Created attachment 438828 test case Same test as an attachment. 1795593 2 ap 2021-09-21 09:31:15 -0700 I can reproduce this with 19B50, cannot reproduce with 18F72. There are several simulated crashes in WebContent and GPU processes when opening this test, but I am not seeing any actual crashes. So maybe we are killing the process, I didn't analyze the logs. 1795594 3 webkit-bug-importer 2021-09-21 09:31:29 -0700 <rdar://problem/83355212> 1795595 4 simon.fraser 2021-09-21 09:32:23 -0700 Pretty sure this has been fixed. 1795596 5 ap 2021-09-21 09:34:40 -0700 Actually, one of the simulated crash logs says: Requesting termination of web process 1156 for reason: "Resource is being released before being cached." 1795623 6 simon.fraser 2021-09-21 10:13:56 -0700 *** This bug has been marked as a duplicate of bug 229401 *** 438828 2021-09-21 09:14:19 -0700 2021-09-21 09:14:19 -0700 test case bug230548.html text/html 594 ap PGJvZHk+CjxzY3JpcHQ+CnZhciBmb250RmFtaWx5ID0gJ0x1Y2tpZXN0IEd1eSc7CnZhciBsaW5r ID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnbGluaycpOwpsaW5rLnNldEF0dHJpYnV0ZSgncmVs JywgJ3N0eWxlc2hlZXQnKTsKbGluay5zZXRBdHRyaWJ1dGUoJ2hyZWYnLCBgaHR0cHM6Ly9mb250 cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PSR7Zm9udEZhbWlseX1gKTsKCmRvY3VtZW50Lmhl YWQuYXBwZW5kQ2hpbGQobGluayk7CmRvY3VtZW50LmJvZHkuc3R5bGUuZm9udEZhbWlseSA9IGAn JHtmb250RmFtaWx5fSdgOwoKdmFyIGNhbnZhcyA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ2Nh bnZhcycpOwpkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKGNhbnZhcyk7Cgp2YXIgY3R4ID0gY2Fu dmFzLmdldENvbnRleHQoJzJkJyk7CmN0eC5mb250ID0gYG5vcm1hbCBzbWFsbC1jYXBzIG5vcm1h bCA0OHB4ICcke2ZvbnRGYW1pbHl9J2A7CgpzZXRJbnRlcnZhbCgoKSA9PiB7CiAgICBjb25zb2xl LmxvZygnRHJhd2luZy4uLicpOwogICAgY3R4LmZpbGxUZXh0KCdIZWxsbywgV29ybGQhJywgMCwg NDgpOwp9LCA1ZTMpOwoKPC9zY3JpcHQ+