Bug 230548

Summary: Crash when rendering a non-system font with 'small-caps' font variant
Product: WebKit Reporter: paul.watkinson
Component: CanvasAssignee: Myles C. Maxfield <mmaxfield>
Status: RESOLVED DUPLICATE    
Severity: Major CC: dino, mmaxfield, paul.watkinson, sabouhallawa, simon.fraser, thorton, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Safari Technology Preview   
Hardware: iPhone / iPad   
OS: Other   
Attachments:
Description Flags
test case none

paul.watkinson
Reported 2021-09-21 04:31:35 PDT
When rendering a non-system font with the 'small-caps' font variant, the page crashes and reloads. This occurs with the following devices: 1. Simulated iPhone 13 + iOS 15.0, WebKit/605.1.15 2. Real iPhone XR + iOS 15.0, WebKit/605.1.15 Reproduction: Adding the following JavaScript to a HTML page; loads a font, waits 5s, and then renders the text to a canvas. This immediately causes a crash. ``` var fontFamily = 'Luckiest Guy'; var link = document.createElement('link'); link.setAttribute('rel', 'stylesheet'); link.setAttribute('href', `https://fonts.googleapis.com/css?family=${fontFamily}`); document.head.appendChild(link); document.body.style.fontFamily = `'${fontFamily}'`; var canvas = document.createElement('canvas'); document.body.appendChild(canvas); var ctx = canvas.getContext('2d'); ctx.font = `normal small-caps normal 48px '${fontFamily}'`; setInterval(() => { console.log('Drawing...'); ctx.fillText('Hello, World!', 0, 48); }, 5e3); ``` Actual Results: The page crashes and is reloaded. Expected Results: The canvas should render the text, with the font-variant specified.
Attachments
test case (594 bytes, text/html)
2021-09-21 09:14 PDT, Alexey Proskuryakov 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2021-09-21 09:14:19 PDT
Created attachment 438828 [details] test case Same test as an attachment.
Alexey Proskuryakov
Comment 2 2021-09-21 09:31:15 PDT
I can reproduce this with 19B50, cannot reproduce with 18F72. There are several simulated crashes in WebContent and GPU processes when opening this test, but I am not seeing any actual crashes. So maybe we are killing the process, I didn't analyze the logs.
Radar WebKit Bug Importer
Comment 3 2021-09-21 09:31:29 PDT
<rdar://problem/83355212>
Simon Fraser (smfr)
Comment 4 2021-09-21 09:32:23 PDT
Pretty sure this has been fixed.
Alexey Proskuryakov
Comment 5 2021-09-21 09:34:40 PDT
Actually, one of the simulated crash logs says: Requesting termination of web process 1156 for reason: "Resource is being released before being cached."
Simon Fraser (smfr)
Comment 6 2021-09-21 10:13:56 PDT
*** This bug has been marked as a duplicate of bug 229401 ***
Note You need to log in before you can comment on or make changes to this bug.