The CFDictionaryRef which is used for creating the CTFontDescriptorRef may contain the entry: { key = "UnicodeCharSet", value = CFCharacterSetRef }. When this happens, the following assertion fires: SHOULD NEVER BE REACHED /Volumes/Data/WebKit/OpenSource/Source/WebKit/Shared/cf/ArgumentCodersCF.cpp(127) : IPC::CFType IPC::typeFromCFTypeRef(CFTypeRef) 1 0x507d52259 WTFCrash 2 0x4ebd1d84b WTFCrashWithInfo(int, char const*, char const*, int) 3 0x4ebd309cc IPC::typeFromCFTypeRef(void const*) 4 0x4ebd3280c void IPC::ArgumentCoder<__CFDictionary const*, void>::encode<IPC::Encoder>(IPC::Encoder&, __CFDictionary const*) 5 0x4ecaf170d void IPC::CFRetainPtrArgumentCoder<__CFDictionary const*>::encode<IPC::Encoder>(IPC::Encoder&, WTF::RetainPtr<__CFDictionary const*> const&) 6 0x4ecae349d IPC::Encoder& IPC::Encoder::operator<<<WTF::RetainPtr<__CFDictionary const*>&>(WTF::RetainPtr<__CFDictionary const*>&) 7 0x4ecae2f57 IPC::ArgumentCoder<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> >, void>::encodePlatformData(IPC::Encoder&, WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&) 8 0x4ed39a06f IPC::ArgumentCoder<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> >, void>::encode(IPC::Encoder&, WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&) 9 0x4edd58e2d IPC::Encoder& IPC::Encoder::operator<<<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&>(WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&) 10 0x4edd58ded void IPC::TupleEncoder<1ul, WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&>::encode<IPC::Encoder>(IPC::Encoder&, std::__1::tuple<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&> const&) 11 0x4edd58d9d void IPC::ArgumentCoder<std::__1::tuple<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&>, void>::encode<IPC::Encoder>(IPC::Encoder&, std::__1::tuple<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&> const&) 12 0x4edd58d5d IPC::Encoder& IPC::Encoder::operator<<<std::__1::tuple<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&> const&>(std::__1::tuple<WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> > const&> const&) 13 0x4edd58cdf bool IPC::Connection::send<Messages::RemoteRenderingBackend::CacheFont>(Messages::RemoteRenderingBackend::CacheFont&&, unsigned long long, WTF::OptionSet<IPC::SendOption>, std::__1::optional<WTF::Thread::QOS>) 14 0x4edd58c6e bool IPC::Connection::send<Messages::RemoteRenderingBackend::CacheFont, WebKit::RenderingBackendIdentifierType>(Messages::RemoteRenderingBackend::CacheFont&&, WTF::ObjectIdentifier<WebKit::RenderingBackendIdentifierType>, WTF::OptionSet<IPC::SendOption>, std::__1::optional<WTF::Thread::QOS>) 15 0x4edd58bdd bool IPC::StreamClientConnection::send<Messages::RemoteRenderingBackend::CacheFont, WebKit::RenderingBackendIdentifierType>(Messages::RemoteRenderingBackend::CacheFont&&, WTF::ObjectIdentifier<WebKit::RenderingBackendIdentifierType>, IPC::Timeout) 16 0x4edd58aa4 void WebKit::RemoteRenderingBackendProxy::sendToStream<Messages::RemoteRenderingBackend::CacheFont, WebKit::RenderingBackendIdentifierType>(Messages::RemoteRenderingBackend::CacheFont&&, WTF::ObjectIdentifier<WebKit::RenderingBackendIdentifierType>) 17 0x4edc85ce3 void WebKit::RemoteRenderingBackendProxy::sendToStream<Messages::RemoteRenderingBackend::CacheFont>(Messages::RemoteRenderingBackend::CacheFont&&) 18 0x4edc85c9a WebKit::RemoteRenderingBackendProxy::cacheFont(WTF::Ref<WebCore::Font, WTF::RawPtrTraits<WebCore::Font> >&&) 19 0x4edc68af8 WebKit::RemoteResourceCacheProxy::recordFontUse(WebCore::Font&) 20 0x4edc68a41 WebKit::RemoteDisplayListRecorderProxy::recordResourceUse(WebCore::Font&) 21 0x5301d9831 WebCore::DisplayList::Recorder::drawGlyphsAndCacheFont(WebCore::Font const&, unsigned short const*, CGSize const*, unsigned int, WebCore::FloatPoint const&, WebCore::FontSmoothingMode) 22 0x53014a2dd WebCore::DrawGlyphsRecorder::recordDrawGlyphs(CGRenderingState*, CGGState*, CGAffineTransform const*, unsigned short const*, CGPoint const*, unsigned long) 23 0x53014811c WebCore::drawGlyphs(CGContextDelegate*, CGRenderingState*, CGGState*, CGAffineTransform const*, unsigned short const*, CGPoint const*, unsigned long) 24 0x7fff28ffac95 draw_glyphs.11610 25 0x7fff20ff2077 invocation function for block in DrawGlyphsAtPositions(TFont const*, unsigned short const*, CGPoint const*, unsigned long, CGContext*, CGAffineTransform, CGAffineTransform, bool, TRun const*, CGContextType, void const*) 26 0x7fff20feb14a EnumerateOverlappingGlyphs(CGContext*, TFont const&, unsigned short const*, long, int, void (CFRange, bool) block_pointer) 27 0x7fff20fee8c9 DrawGlyphsAtPositions(TFont const*, unsigned short const*, CGPoint const*, unsigned long, CGContext*, CGAffineTransform, CGAffineTransform, bool, TRun const*, CGContextType, void const*) 28 0x7fff20feec13 CTFontDrawGlyphs 29 0x53014c88a WebCore::showGlyphsWithAdvances(WebCore::FloatPoint const&, WebCore::Font const&, CGContext*, unsigned short const*, CGSize const*, unsigned int, WebCore::AffineTransform const&) 30 0x53014b4ee WebCore::FontCascade::drawGlyphs(WebCore::GraphicsContext&, WebCore::Font const&, unsigned short const*, CGSize const*, unsigned int, WebCore::FloatPoint const&, WebCore::FontSmoothingMode) 31 0x53014b668 WebCore::DrawGlyphsRecorder::drawNonOTSVGRun(WebCore::Font const&, unsigned short const*, CGSize const*, unsigned int, WebCore::FloatPoint const&, WebCore::FontSmoothingMode) com.apple.WebKit.WebContent.Development terminated (pid 13223) because the process crashed
Created attachment 451695 [details] Patch
Comment on attachment 451695 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=451695&action=review > Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:704 > + if (CFDataRef data = CFCharacterSetCreateBitmapRepresentation(nullptr, characterSet)) { Usually for these kind of things we need to encode whether the CFCharacterSetCreateBitmapRepresentation succeeded or not so in the decode case, we know whether to try to decode the CFDataRef. Is there something that makes that not needed here?
Created attachment 451738 [details] Patch
Comment on attachment 451695 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=451695&action=review >> Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:704 >> + if (CFDataRef data = CFCharacterSetCreateBitmapRepresentation(nullptr, characterSet)) { > > Usually for these kind of things we need to encode whether the CFCharacterSetCreateBitmapRepresentation succeeded or not so in the decode case, we know whether to try to decode the CFDataRef. Is there something that makes that not needed here? I agree. Fixed.
Comment on attachment 451738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=451738&action=review > Source/WebKit/Shared/cf/ArgumentCodersCF.cpp:69 > + CFCharacterSet, These are meant to be sorted alphabetically.
Created attachment 451752 [details] Patch
Committed r289680 (247166@main): <https://commits.webkit.org/247166@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 451752 [details].
<rdar://problem/88842002>