Bug 23516 - Downloadable font causes crash
Summary: Downloadable font causes crash
Status: RESOLVED WORKSFORME
Alias: None
Product: WebKit
Classification: Unclassified
Component: Text (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL: http://philip.html5.org/tests/font/at...
Keywords:
Depends on:
Blocks:
 
Reported: 2009-01-24 03:38 PST by Philip Taylor
Modified: 2014-10-17 12:22 PDT (History)
4 users (show)

See Also:

Attachments
crash report (28.15 KB, text/plain)
2009-01-24 03:38 PST, Philip Taylor 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philip Taylor 2009-01-24 03:38:13 PST 
Steps to reproduce:
1) Start a new instance of WebKit on OS X.
2) Open http://philip.html5.org/tests/font/atsui-kern-crash.html

Expected result: A page with some text and a sort of underlined 'i'.

Actual result: Frequently (but not perfectly reproducibly) a crash. See attached crash report.

The page uses @font-face to download a font (a heavily modified version of Doulos SIL), which is used to render an 'i' followed by COMBINING MACRON BELOW.

The crash is seemingly somewhere in ATSUI while it's doing ProcessKerningRun. I've no idea if it's possibly a security issue.

It affects other ATSUI users, including Opera and Firefox, but apparently the Firefox developers were told by Apple (in the context of a different crash bug) that they should be using Core Text instead of ATSUI and so the underlying ATSUI bugs wouldn't be fixed. In any case, this bug causes WebKit to crash and so it should be fixed on some layer.
Comment 1 Philip Taylor 2009-01-24 03:38:57 PST 
Created attachment 26995 [details]
crash report
Comment 2 Alexey Proskuryakov 2014-10-17 12:22:37 PDT 
This page doesn't cause a crash with Safari 7.1 on 10.9.5. I do not know if the underlying ATSUI issue got fixed or not, but it's not an issue for WebKit any more.