175903 2017-08-23 13:26:23 -0700 REGRESSION (r221052): DumpRenderTree crashed in com.apple.JavaScriptCore: JSC::Yarr::YarrCodeBlock::execute + 137 2017-08-23 15:24:35 -0700 1 1 1 Unclassified WebKit JavaScriptCore Other Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 msaboff msaboff buildbot commit-queue keith_miller mark.lam saam webkit-bug-importer oldest_to_newest 1341754 0 msaboff 2017-08-23 13:26:23 -0700 Crashing in code generated by generateCharacterClassGreedy() with something like "a\u{10410}\u{10410}b".match(/a(\u{10410}*)bc|a(\u{10410}*)b/ui). Looks like we increment "count" before checking is we are at the end of the string. 1341755 1 msaboff 2017-08-23 13:26:46 -0700 <rdar://problem/34035972> 1341769 2 318914 msaboff 2017-08-23 14:04:48 -0700 Created attachment 318914 Patch 1341804 3 318914 saam 2017-08-23 14:55:03 -0700 Comment on attachment 318914 Patch r=me 1341822 4 318914 commit-queue 2017-08-23 15:24:34 -0700 Comment on attachment 318914 Patch Clearing flags on attachment: 318914 Committed r221111: <http://trac.webkit.org/changeset/221111> 1341823 5 commit-queue 2017-08-23 15:24:35 -0700 All reviewed patches have been landed. Closing bug. 318914 2017-08-23 14:04:48 -0700 2017-08-23 15:24:34 -0700 Patch 175903.patch text/plain 5350 msaboff SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjIxMTAwKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI3IEBA CisyMDE3LTA4LTIzICBNaWNoYWVsIFNhYm9mZiAgPG1zYWJvZmZAYXBwbGUuY29tPgorCisgICAg ICAgIFJFR1JFU1NJT04gKHIyMjEwNTIpOiBEdW1wUmVuZGVyVHJlZSBjcmFzaGVkIGluIGNvbS5h cHBsZS5KYXZhU2NyaXB0Q29yZTogSlNDOjpZYXJyOjpZYXJyQ29kZUJsb2NrOjpleGVjdXRlICsg MTM3CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xNzU5 MDMKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBJbiBn ZW5lcmF0ZUNoYXJhY3RlckNsYXNzR3JlZWR5IHdlIHdlcmUgaW5jcmVtZW50aW5nIHRoZSAiY291 bnQiIHJlZ2lzdGVyIGJlZm9yZSBjaGVja2luZworICAgICAgICBmb3IgdGhlIGVuZCBvZiB0aGUg aW5wdXQgc3RyaW5nLiAgVGhlIGF0LWVuZC1vZi1pbnB1dCBjaGVjayBpcyB0aGUgZmluYWwgY2hl Y2sgYmVmb3JlCisgICAgICAgIGtub3dpbmcgdGhhdCB0aGUgY3VycmVudCBjaGFyYWN0ZXIgbWF0 Y2hlZC4gIEluIHRoaXMgY2FzZSwgdGhlIGVuZCBvZiBpbnB1dCBjaGVjaworICAgICAgICBpbmRp Y2F0ZXMgdGhhdCB3ZSByYW4gb3V0IG9mIHByZWNoZWNrZWQgY2hhcmFjdGVycyBhbmQgdGhlcmVm b3JlIHNob3VsZCBmYWlsIHRoZSBtYXRjaCBvZgorICAgICAgICB0aGUgY3VycmVudCBjaGFyYWN0 ZXIuICBUaGUgYmFja3RyYWNraW5nIGNvZGUgdXNlcyB0aGUgdmFsdWUgaW4gdGhlICJjb3VudCIg cmVnaXN0ZXIgYXMKKyAgICAgICAgdGhlIG51bWJlciBvZiBjaGFyYWN0ZXIgdGhhdCBzdWNjZXNz ZnVsbHkgbWF0Y2hlZCwgd2hpY2ggc2hvdWxkbid0IGluY2x1ZGUgdGhlIGN1cnJlbnQKKyAgICAg ICAgY2hhcmFjdGVyLiAgVGhlcmVmb3JlIHdlIG5lZWQgdG8gbW92ZSB0aGUgaW5jcmVtZW50aW5n IG9mICJjb3VudCIgdG8gYWZ0ZXIgdGhlCisgICAgICAgIGF0IGVuZCBvZiBpbnB1dCBjaGVjay4K KworICAgICAgICBUaHJvdWdoIGNvZGUgaW5zcGVjdGlvbiBvZiB0aGUgZXhwZWN0YXRpb25zIG9m IG90aGVyIGJhY2t0cmFja2luZyBjb2RlLCBJIGRldGVybWluZWQgdGhhdCAKKyAgICAgICAgdGhl IG5vbiBncmVlZHkgY2hhcmFjdGVyIGNsYXNzIG1hdGNoaW5nIGNvZGUgaGFkIGEgc2ltaWxhciBp c3N1ZS4gIEkgZml4ZWQgdGhhdCBhcyB3ZWxsCisgICAgICAgIGFuZCBhZGRlZCBhIG5ldyB0ZXN0 IGNhc2UuCisKKyAgICAgICAgKiB5YXJyL1lhcnJKSVQuY3BwOgorICAgICAgICAoSlNDOjpZYXJy OjpZYXJyR2VuZXJhdG9yOjpnZW5lcmF0ZUNoYXJhY3RlckNsYXNzR3JlZWR5KToKKyAgICAgICAg KEpTQzo6WWFycjo6WWFyckdlbmVyYXRvcjo6YmFja3RyYWNrQ2hhcmFjdGVyQ2xhc3NOb25HcmVl ZHkpOgorCiAyMDE3LTA4LTIzICBEYXZpZCBLaWx6ZXIgIDxkZGtpbHplckBhcHBsZS5jb20+CiAK ICAgICAgICAgRml4IC1XY2FzdC1xdWFsIHdhcm5pbmdzIGluIEphdmFTY3JpcHRDb3JlIHdpdGgg bmV3IGNsYW5nIGNvbXBpbGVyCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUveWFyci9ZYXJy SklULmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUveWFyci9ZYXJySklU LmNwcAkocmV2aXNpb24gMjIxMDUyKQorKysgU291cmNlL0phdmFTY3JpcHRDb3JlL3lhcnIvWWFy ckpJVC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTEyNjgsNyArMTI2OCw2IEBAIGNsYXNzIFlhcnJH ZW5lcmF0b3IgOiBwcml2YXRlIE1hY3JvQXNzZW0KICAgICAgICAgICAgIG1hdGNoRGVzdC5saW5r KHRoaXMpOwogICAgICAgICB9CiAKLSAgICAgICAgYWRkMzIoVHJ1c3RlZEltbTMyKDEpLCBjb3Vu dFJlZ2lzdGVyKTsKICAgICAgICAgYWRkMzIoVHJ1c3RlZEltbTMyKDEpLCBpbmRleCk7CiAjaWZk ZWYgSklUX1VOSUNPREVfRVhQUkVTU0lPTlMKICAgICAgICAgaWYgKG1fZGVjb2RlU3Vycm9nYXRl UGFpcnMpIHsKQEAgLTEyNzgsNiArMTI3Nyw3IEBAIGNsYXNzIFlhcnJHZW5lcmF0b3IgOiBwcml2 YXRlIE1hY3JvQXNzZW0KICAgICAgICAgICAgIGlzQk1QQ2hhci5saW5rKHRoaXMpOwogICAgICAg ICB9CiAjZW5kaWYKKyAgICAgICAgYWRkMzIoVHJ1c3RlZEltbTMyKDEpLCBjb3VudFJlZ2lzdGVy KTsKIAogICAgICAgICBpZiAodGVybS0+cXVhbnRpdHlNYXhDb3VudCAhPSBxdWFudGlmeUluZmlu aXRlKSB7CiAgICAgICAgICAgICBicmFuY2gzMihOb3RFcXVhbCwgY291bnRSZWdpc3RlciwgSW1t MzIodGVybS0+cXVhbnRpdHlNYXhDb3VudC51bnNhZmVHZXQoKSkpLmxpbmtUbyhsb29wLCB0aGlz KTsKQEAgLTEzNzQsMTUgKzEzNzQsMTYgQEAgY2xhc3MgWWFyckdlbmVyYXRvciA6IHByaXZhdGUg TWFjcm9Bc3NlbQogICAgICAgICAgICAgbWF0Y2hEZXN0LmxpbmsodGhpcyk7CiAgICAgICAgIH0K IAotICAgICAgICBhZGQzMihUcnVzdGVkSW1tMzIoMSksIGNvdW50UmVnaXN0ZXIpOwogICAgICAg ICBhZGQzMihUcnVzdGVkSW1tMzIoMSksIGluZGV4KTsKICNpZmRlZiBKSVRfVU5JQ09ERV9FWFBS RVNTSU9OUwogICAgICAgICBpZiAobV9kZWNvZGVTdXJyb2dhdGVQYWlycykgeworICAgICAgICAg ICAgbm9uR3JlZWR5RmFpbHVyZXMuYXBwZW5kKGF0RW5kT2ZJbnB1dCgpKTsKICAgICAgICAgICAg IEp1bXAgaXNCTVBDaGFyID0gYnJhbmNoMzIoTGVzc1RoYW4sIGNoYXJhY3Rlciwgc3VwcGxlbWVu dGFyeVBsYW5lc0Jhc2UpOwogICAgICAgICAgICAgYWRkMzIoVHJ1c3RlZEltbTMyKDEpLCBpbmRl eCk7CiAgICAgICAgICAgICBpc0JNUENoYXIubGluayh0aGlzKTsKICAgICAgICAgfQogI2VuZGlm CisgICAgICAgIGFkZDMyKFRydXN0ZWRJbW0zMigxKSwgY291bnRSZWdpc3Rlcik7CiAKICAgICAg ICAganVtcChvcC5tX3JlZW50cnkpOwogCkluZGV4OiBMYXlvdXRUZXN0cy9DaGFuZ2VMb2cKPT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PQotLS0gTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCShyZXZpc2lvbiAyMjEwNTIpCisrKyBM YXlvdXRUZXN0cy9DaGFuZ2VMb2cJKHdvcmtpbmcgY29weSkKQEAgLTEsMyArMSwxNSBAQAorMjAx Ny0wOC0yMyAgTWljaGFlbCBTYWJvZmYgIDxtc2Fib2ZmQGFwcGxlLmNvbT4KKworICAgICAgICBS RUdSRVNTSU9OIChyMjIxMDUyKTogRHVtcFJlbmRlclRyZWUgY3Jhc2hlZCBpbiBjb20uYXBwbGUu SmF2YVNjcmlwdENvcmU6IEpTQzo6WWFycjo6WWFyckNvZGVCbG9jazo6ZXhlY3V0ZSArIDEzNwor ICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTc1OTAzCisK KyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgTmV3IHJlZ3Jl c3Npb24gdGVzdCBjYXNlLgorCisgICAgICAgICoganMvcmVnZXhwLXVuaWNvZGUtZXhwZWN0ZWQu dHh0OgorICAgICAgICAqIGpzL3NjcmlwdC10ZXN0cy9yZWdleHAtdW5pY29kZS5qczoKKwogMjAx Ny0wOC0yMiAgTWljaGFlbCBTYWJvZmYgIDxtc2Fib2ZmQGFwcGxlLmNvbT4KIAogICAgICAgICBJ bXBsZW1lbnQgVW5pY29kZSBSZWdFeHAgc3VwcG9ydCBpbiB0aGUgWUFSUiBKSVQKSW5kZXg6IExh eW91dFRlc3RzL2pzL3JlZ2V4cC11bmljb2RlLWV4cGVjdGVkLnR4dAo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBM YXlvdXRUZXN0cy9qcy9yZWdleHAtdW5pY29kZS1leHBlY3RlZC50eHQJKHJldmlzaW9uIDIyMTA1 MikKKysrIExheW91dFRlc3RzL2pzL3JlZ2V4cC11bmljb2RlLWV4cGVjdGVkLnR4dAkod29ya2lu ZyBjb3B5KQpAQCAtMTE5LDYgKzExOSw3IEBAIFBBU1MgIvCQkIAiLm1hdGNoKC9cZCovdSlbMF0u bGVuZ3RoIGlzIDAKIFBBU1MgIjEyM/CQkIAiLm1hdGNoKC9cZCovdSlbMF0gaXMgIjEyMyIKIFBB U1MgIjEyWDPwkJCANCIubWF0Y2goL1xkezAsMX0vdWcpIGlzIFsiMSIsICIyIiwgIiIsICIzIiwg IiIsICI0IiwgIiJdCiBQQVNTICLwkJCC8JCQhfCQkIXwkJCC8JCQhfCQkIXwkJCFIi5tYXRjaCgv 8JCQhXszfS91KVswXSBpcyAi8JCQhfCQkIXwkJCFIgorUEFTUyAiYfCQkJDwkJCQYiIubWF0Y2go L2Eo8JCQkCo/KWJjfGEo8JCQkCo/KWIvdWkpWzBdIGlzICJh8JCQkPCQkJBiIgogUEFTUyBtYXRj aDNbMF0gaXMgImHwkJCQ8JCQkGIiCiBQQVNTIG1hdGNoM1sxXSBpcyB1bmRlZmluZWQuCiBQQVNT IG1hdGNoM1syXSBpcyAiYfCQkJDwkJCQYiIKSW5kZXg6IExheW91dFRlc3RzL2pzL3NjcmlwdC10 ZXN0cy9yZWdleHAtdW5pY29kZS5qcwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9qcy9zY3Jp cHQtdGVzdHMvcmVnZXhwLXVuaWNvZGUuanMJKHJldmlzaW9uIDIyMTA1MikKKysrIExheW91dFRl c3RzL2pzL3NjcmlwdC10ZXN0cy9yZWdleHAtdW5pY29kZS5qcwkod29ya2luZyBjb3B5KQpAQCAt MTU3LDYgKzE1Nyw3IEBAIHNob3VsZEJlKCciXHV7MTA0MDB9Ii5tYXRjaCgvXFxkKi91KVswXS4K IHNob3VsZEJlKCciMTIzXHV7MTA0MDB9Ii5tYXRjaCgvXFxkKi91KVswXScsICciMTIzIicpOwog c2hvdWxkQmUoJyIxMlgzXHV7MTA0MDB9NCIubWF0Y2goL1xcZHswLDF9L3VnKScsICdbIjEiLCAi MiIsICIiLCAiMyIsICIiLCAiNCIsICIiXScpOwogc2hvdWxkQmUoJyJcdXsxMDQwMn1cdXsxMDQw NX1cdXsxMDQwNX1cdXsxMDQwMn1cdXsxMDQwNX1cdXsxMDQwNX1cdXsxMDQwNX0iLm1hdGNoKC9c dXsxMDQwNX17M30vdSlbMF0nLCAnIlx1ezEwNDA1fVx1ezEwNDA1fVx1ezEwNDA1fSInKTsKK3No b3VsZEJlKCciYVx1ezEwNDEwfVx1ezEwNDEwfWIiLm1hdGNoKC9hKFx1ezEwNDEwfSo/KWJjfGEo XHV7MTA0MTB9Kj8pYi91aSlbMF0nLCAnImFcdXsxMDQxMH1cdXsxMDQxMH1iIicpOwogCiB2YXIg cmUzID0gbmV3IFJlZ0V4cCgiKGFcdXsxMDQxMH0qYmMpfChhXHV7MTA0MTB9KmIpIiwgInUiKTsK IHZhciBtYXRjaDMgPSAiYVx1ezEwNDEwfVx1ezEwNDEwfWIiLm1hdGNoKHJlMyk7Cg==