Fix infinite recursion crash in HarfBuzz' CoreText backend

The font cascade reconfiguration which was introduced as fix for AAT
shaping performance regressions in seems to
occasionally cause CoreText crashes on OS X 10.9. We don't have a better
way of detecting this than by OS or CoreText API version number. This is
one of our top Mac crashers on Mac OS 10.9 with Chrome across versions [1].

This crash does not occur in newer versions of OS X and we can keep this
important performance optimization enabled there.

A big thanks to Robert Sesek (rsesek@) for the patient and thorough
initial investigation. Discussing and working together on this issue we
were able to identify the crash triggering code in HarfBuzz in this


BUG=576941, 625902

Change-Id: Ica6657c3faf2dd03ef94f325e69147c528ea8ffa
Cr-Commit-Position: refs/heads/master@{#407185}
diff --git a/README.fuchsia b/README.fuchsia
index 89fddaa..388ab30 100644
--- a/README.fuchsia
+++ b/README.fuchsia
@@ -26,3 +26,6 @@
    src/*.rl src/ src/ src/hb-directwrite.h \
    src/*.tmpl src/ src/hb-ucdn
 - Added, README.fuchsia
+- Applied a local fix for an infinite recursion crash in hb-coretext on OS X 10.9,
+  skipping the font cascade list reconfiguration on this OS version.
diff --git a/src/ b/src/
index f4d9716..c505373 100644
--- a/src/
+++ b/src/
@@ -145,6 +145,14 @@
     DEBUG_MSG (CORETEXT, cg_font, "Font CTFontCreateWithGraphicsFont() failed");
     return NULL;
+  /* and and the investigation in the latter
+   * bug indicate that the cascade list reconfiguration occasionally causes
+   * crashes in CoreText on OS X 10.9, thus let's skip this step on older
+   * operating system versions. */
+  if (&CTGetCoreTextVersion != NULL && CTGetCoreTextVersion() < kCTVersionNumber10_10)
+    return ct_font;
   CFURLRef original_url = (CFURLRef)CTFontCopyAttribute(ct_font, kCTFontURLAttribute);
   /* Create font copy with cascade list that has LastResort first; this speeds up CoreText