135049 2014-07-18 07:36:08 -0700 Division by zero in fast-dtoa.cc. 2015-01-27 23:03:01 -0800 1 1 1 Unclassified WebKit Web Template Framework 528+ (Nightly build) Unspecified Unspecified RESOLVED INVALID P2 Normal --- 1 peavo webkit-unassigned achristensen ap benjamin bfulgham cmarcelo commit-queue darin oldest_to_newest 1023253 0 peavo 2014-07-18 07:36:08 -0700 I occasionally get a divison by zero exception on line 445 in fast-dtoa.cc. 444 while (*kappa > 0) { 445 int digit = integrals / divisor; 446 buffer[*length] = '0' + digit; 1023255 1 235127 peavo 2014-07-18 07:39:27 -0700 Created attachment 235127 Patch 1023260 2 235127 darin 2014-07-18 08:26:36 -0700 Comment on attachment 235127 Patch Could you also supply a test case? How did you discover this problem? 1023288 3 peavo 2014-07-18 10:32:10 -0700 (In reply to comment #2) > (From update of attachment 235127 [details]) > Could you also supply a test case? How did you discover this problem? I don't have a testcase available currently, but I can see if I can come up with one. Before adding the check, I got the crash fairly often during "normal" browsing. I don't remember any specific sites, though. 1023310 4 darin 2014-07-18 12:16:54 -0700 (In reply to comment #3) > Before adding the check, I got the crash fairly often during "normal" browsing. I don’t think we have reports of this crash on Mac. I believe Intel processors raise an exception on division by zero, and that’s what Macs use. Is this code that’s not used in the Mac port? 1023625 5 235127 benjamin 2014-07-20 23:47:09 -0700 Comment on attachment 235127 Patch First, I agree with Darin: this must have a test. But even with the test, I do not believe this would be the right fix. If divisor is zero, that likely means the input is invalid. If that happen, we should handle that earlier in the stack (or maybe an early return in DigitGen()). I don't think you can just ignore this loop. 1023719 6 peavo 2014-07-21 11:08:26 -0700 (In reply to comment #5) Thanks for reviewing :) > (From update of attachment 235127 [details]) > First, I agree with Darin: this must have a test. > > But even with the test, I do not believe this would be the right fix. If divisor is zero, that likely means the input is invalid. If that happen, we should handle that earlier in the stack (or maybe an early return in DigitGen()). I don't think you can just ignore this loop. Sounds good, I will try get some more details on the crash, but "unfortunately" I haven't seen the crash the last couple of days ... 1064814 7 peavo 2015-01-27 23:03:01 -0800 I haven't seen this crash in a long time now, so I believe it has been fixed. 235127 2014-07-18 07:39:27 -0700 2014-07-20 23:47:08 -0700 Patch bug-135049-20140718163857.patch text/plain 1232 peavo SW5kZXg6IFNvdXJjZS9XVEYvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XVEYvQ2hh bmdlTG9nCShyZXZpc2lvbiAxNzEyMjApCisrKyBTb3VyY2UvV1RGL0NoYW5nZUxvZwkod29ya2lu ZyBjb3B5KQpAQCAtMSwzICsxLDEyIEBACisyMDE0LTA3LTE4ICBwZWF2b0BvdXRsb29rLmNvbSAg PHBlYXZvQG91dGxvb2suY29tPgorCisgICAgICAgIERpdmlzaW9uIGJ5IHplcm8gaW4gZmFzdC1k dG9hLmNjLgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9 MTM1MDQ5CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAg KiB3dGYvZHRvYS9mYXN0LWR0b2EuY2M6IENoZWNrIGRpdmlzb3IgYmVmb3JlIHBlcmZvcm1pbmcg ZGl2aXNpb24uCisKIDIwMTQtMDctMTUgIENvbW1pdCBRdWV1ZSAgPGNvbW1pdC1xdWV1ZUB3ZWJr aXQub3JnPgogCiAgICAgICAgIFVucmV2aWV3ZWQsIHJvbGxpbmcgb3V0IHIxNzExMDcuCkluZGV4 OiBTb3VyY2UvV1RGL3d0Zi9kdG9hL2Zhc3QtZHRvYS5jYwo9PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2Uv V1RGL3d0Zi9kdG9hL2Zhc3QtZHRvYS5jYwkocmV2aXNpb24gMTcxMTgyKQorKysgU291cmNlL1dU Ri93dGYvZHRvYS9mYXN0LWR0b2EuY2MJKHdvcmtpbmcgY29weSkKQEAgLTQ0MSw3ICs0NDEsNyBA QCBuYW1lc3BhY2UgZG91YmxlX2NvbnZlcnNpb24gewogICAgICAgICAvLyBUaGUgaW52YXJpYW50 IGhvbGRzIGZvciB0aGUgZmlyc3QgaXRlcmF0aW9uOiBrYXBwYSBoYXMgYmVlbiBpbml0aWFsaXpl ZAogICAgICAgICAvLyB3aXRoIHRoZSBkaXZpc29yIGV4cG9uZW50ICsgMS4gQW5kIHRoZSBkaXZp c29yIGlzIHRoZSBiaWdnZXN0IHBvd2VyIG9mIHRlbgogICAgICAgICAvLyB0aGF0IGlzIHNtYWxs ZXIgdGhhbiBpbnRlZ3JhbHMuCi0gICAgICAgIHdoaWxlICgqa2FwcGEgPiAwKSB7CisgICAgICAg IHdoaWxlICgqa2FwcGEgPiAwICYmIGRpdmlzb3IpIHsKICAgICAgICAgICAgIGludCBkaWdpdCA9 IGludGVncmFscyAvIGRpdmlzb3I7CiAgICAgICAgICAgICBidWZmZXJbKmxlbmd0aF0gPSAnMCcg KyBkaWdpdDsKICAgICAgICAgICAgICgqbGVuZ3RoKSsrOwo=