26368 2009-06-13 02:32:08 -0700 Crashes in JSC::RegExp::match() 2011-06-10 13:01:27 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) PC Linux RESOLVED DUPLICATE 26957 P2 Normal --- 0 enrico.troeger webkit-unassigned barraclough danw jmalonzo maxamillion oldest_to_newest 125606 0 enrico.troeger 2009-06-13 02:32:08 -0700 I can easily trigger crashes in Webkit when opening sites like http://validator.w3.org or http://www.linuxquestions.org/questions/. Tested with Midori and GtkLauncher, Webkit r44649. 125607 1 31230 enrico.troeger 2009-06-13 02:33:18 -0700 Created attachment 31230 Backtrace of Midori and http://validator.w3.org 125608 2 31231 enrico.troeger 2009-06-13 02:33:47 -0700 Created attachment 31231 Backtrace of GtkLauncher with http://www.linuxquestions.org/questions/ 128214 3 danw 2009-06-25 10:51:55 -0700 Backtrace of epiphany and http://www.apple.com/retail/locator/index.html #0 0x00007ffff66c53c5 in JSC::RegExp::match (this=<value optimized out>) from /opt/jhbuild/lib64/libwebkit-1.0.so.2 #1 0x00007ffff66c543e in JSC::RegExpConstructor::performMatch ( this=0x7fffe661dd40, r=0x7fffe6949dc8, s=@0x7fffffffb590, startOffset=78, position=@0x7fffe66d8df8, length=@0x6, ovector=0x0) at JavaScriptCore/runtime/RegExpConstructor.cpp:125 #2 0x00007ffff671b918 in JSC::stringProtoFuncMatch(struct JSC::ExecState *, struct JSC::JSObject *, JSC::JSValue, const struct JSC::ArgList &) ( exec=<value optimized out>, thisValue=<value optimized out>, args=<value optimized out>) at JavaScriptCore/runtime/StringPrototype.cpp:481 #3 0x00007ffff75a32e4 in ?? () #4 0x00007fffe6a36488 in ?? () #5 0x0000000000000001 in ?? () #6 0x0000000000000000 in ?? () Probably the same bug as bug 26390. Maybe the same as bug 26553 and bug 26116. Possibly the same as bug 25819? Given that the Apple Store locator triggers this bug, I am sure Apple is losing millions of dollars in revenue due to all of the people running unstable WebKit on x86_64 who are unable to locate their nearest Apple Store, so you should fix this right away. ;-) 128362 4 jmalonzo 2009-06-25 18:48:30 -0700 (In reply to comment #3) > Backtrace of epiphany and http://www.apple.com/retail/locator/index.html > > Probably the same bug as bug 26390. Maybe the same as bug 26553 and bug 26116. > Possibly the same as bug 25819? > > Given that the Apple Store locator triggers this bug, I am sure Apple is losing > millions of dollars in revenue due to all of the people running unstable WebKit > on x86_64 who are unable to locate their nearest Apple Store, so you should fix > this right away. ;-) When you say unstable you mean Debian unstable? Have you tried the Release build? I can't reproduce this with a release build (ToT WebKit, i.e., I can visit the Apple store locator and validator.w3.org just fine). > 128368 5 danw 2009-06-25 19:39:17 -0700 I meant unstable WebKit, which I guess you call ToT here. (Distro-wise I'm on Fedora 11, which means I'm using gcc 4.4, which someone suggested might be relevant in one of the other bugs.) Also, I should have been clearer that this is x86_64 only. 129839 6 enrico.troeger 2009-07-05 01:13:50 -0700 It seems this crasher got fixed in the meantime. At least the sites I referenced do work fine now with a recent Webkit build (SVN r45548). The Apple Store locator also doesn't crash here anymore even though the search button doesn't work at all but that's another story. Btw, I'm using Debian's 4.3.3-10, so at least this report is not gcc 4.4 specific but anyway, as I said it seems to be fixed. Dan, can you confirm? 131170 7 danw 2009-07-12 08:06:45 -0700 hm. it still crashes for me in basically the same place as before with r45557 131174 8 danw 2009-07-12 09:34:17 -0700 Er... hm... no, it seems to work now. (Maybe I accidentally did a svn up after building and so was confused about what svn revision I had?) So yeah, this seems to be fixed, presumably as an unintended side effect of bug 26957. 179421 9 maxamillion 2010-01-11 10:41:17 -0800 https://bugzilla.redhat.com/show_bug.cgi?id=533528 It would appear this issue is being noticed in Fedora 12 x86_64 running Midori 0.2.2 using WebKitGTK version 1.1.15.4 I noticed someone mentioned that this appears to be fixed in the SVN r45548, was the code causing this issue identified so that it can be backported to current stable? -AdamM 418854 10 barraclough 2011-06-10 13:01:27 -0700 Marking as a dupe based on comments below; please reopen if this bugstill reproduces. *** This bug has been marked as a duplicate of bug 26957 *** 31230 2009-06-13 02:33:18 -0700 2009-06-15 12:36:37 -0700 Backtrace of Midori and http://validator.w3.org webkit_jsc_bt text/plain 1597 enrico.troeger WzExOjIzXSBlbnJpY29AdWtpbyAoMTM5KTogfi9zcmMvd2Via2l0JCBnZGIgbWlkb3JpCkdOVSBn ZGIgNi44CkNvcHlyaWdodCAoQykgMjAwOCBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb24sIEluYy4K TGljZW5zZSBHUEx2Mys6IEdOVSBHUEwgdmVyc2lvbiAzIG9yIGxhdGVyIDxodHRwOi8vZ251Lm9y Zy9saWNlbnNlcy9ncGwuaHRtbD4KVGhpcyBpcyBmcmVlIHNvZnR3YXJlOiB5b3UgYXJlIGZyZWUg dG8gY2hhbmdlIGFuZCByZWRpc3RyaWJ1dGUgaXQuClRoZXJlIGlzIE5PIFdBUlJBTlRZLCB0byB0 aGUgZXh0ZW50IHBlcm1pdHRlZCBieSBsYXcuICBUeXBlICJzaG93IGNvcHlpbmciCmFuZCAic2hv dyB3YXJyYW50eSIgZm9yIGRldGFpbHMuClRoaXMgR0RCIHdhcyBjb25maWd1cmVkIGFzICJ4ODZf NjQtdW5rbm93bi1saW51eC1nbnUiLi4uCihnZGIpIHIgdmFsaWRhdG9yLnczLm9yZwpTdGFydGlu ZyBwcm9ncmFtOiAvaG9tZS9lbnJpY28vYXBwcy9iaW4vbWlkb3JpIHZhbGlkYXRvci53My5vcmcK W1RocmVhZCBkZWJ1Z2dpbmcgdXNpbmcgbGlidGhyZWFkX2RiIGVuYWJsZWRdCndhcm5pbmc6IExv d2VzdCBzZWN0aW9uIGluIC91c3IvbGliL2xpYmljdWRhdGEuc28uNDIgaXMgLmhhc2ggYXQgMDAw MDAwMDAwMDAwMDEyMApbTmV3IFRocmVhZCAweDdmOGNjODQ5Njc2MCAoTFdQIDIyNTI3KV0KW05l dyBUaHJlYWQgMHg3ZjhjYjdmNzU5MTAgKExXUCAyMjUzMCldCltUaHJlYWQgMHg3ZjhjYjdmNzU5 MTAgKExXUCAyMjUzMCkgZXhpdGVkXQpbTmV3IFRocmVhZCAweDdmOGNiN2Y3NTkxMCAoTFdQIDIy NTMxKV0KW05ldyBUaHJlYWQgMHg3ZjhjYjZkNDg5MTAgKExXUCAyMjUzMildCltUaHJlYWQgMHg3 ZjhjYjZkNDg5MTAgKExXUCAyMjUzMikgZXhpdGVkXQpbVGhyZWFkIDB4N2Y4Y2I3Zjc1OTEwIChM V1AgMjI1MzEpIGV4aXRlZF0KClByb2dyYW0gcmVjZWl2ZWQgc2lnbmFsIFNJR1NFR1YsIFNlZ21l bnRhdGlvbiBmYXVsdC4KW1N3aXRjaGluZyB0byBUaHJlYWQgMHg3ZjhjYzg0OTY3NjAgKExXUCAy MjUyNyldCjB4MDAwMDdmOGNjNDRhYTRiNSBpbiBKU0M6OlJlZ0V4cDo6bWF0Y2ggKCkgZnJvbSAv aG9tZS9lbnJpY28vYXBwcy93ZWJraXQvbGliL2xpYndlYmtpdC0xLjAuc28uMgooZ2RiKSBidAoj MCAgMHgwMDAwN2Y4Y2M0NGFhNGI1IGluIEpTQzo6UmVnRXhwOjptYXRjaCAoKSBmcm9tIC9ob21l L2Vucmljby9hcHBzL3dlYmtpdC9saWIvbGlid2Via2l0LTEuMC5zby4yCiMxICAweDAwMDA3Zjhj YzQ0YWE1MmUgaW4gSlNDOjpSZWdFeHBDb25zdHJ1Y3Rvcjo6cGVyZm9ybU1hdGNoICgpIGZyb20g L2hvbWUvZW5yaWNvL2FwcHMvd2Via2l0L2xpYi9saWJ3ZWJraXQtMS4wLnNvLjIKIzIgIDB4MDAw MDdmOGNjNDRmZWFlYyBpbiBKU0M6OnN0cmluZ1Byb3RvRnVuY1JlcGxhY2UgKCkgZnJvbSAvaG9t ZS9lbnJpY28vYXBwcy93ZWJraXQvbGliL2xpYndlYmtpdC0xLjAuc28uMgojMyAgMHgwMDAwN2Y4 Y2I5MmJiMmY0IGluID8/ICgpCiM0ICAweDAwMDA3ZjhjYjZlNTljODAgaW4gPz8gKCkKIzUgIDB4 MDAwMDAwMDAwMDAwMDAwMiBpbiA/PyAoKQojNiAgMHgwMDAwMDAwMDAwMDAwMDAwIGluID8/ICgp Cg== 31231 2009-06-13 02:33:47 -0700 2009-06-15 12:36:42 -0700 Backtrace of GtkLauncher with http://www.linuxquestions.org/questions/ webkit_jsc_bt2 text/plain 2490 enrico.troeger WzExOjI4XSBlbnJpY29AdWtpbyAoMTM5KTogfi9zcmMvd2Via2l0JCBnZGIgUHJvZ3JhbXMvR3Rr TGF1bmNoZXIKR05VIGdkYiA2LjgKQ29weXJpZ2h0IChDKSAyMDA4IEZyZWUgU29mdHdhcmUgRm91 bmRhdGlvbiwgSW5jLgpMaWNlbnNlIEdQTHYzKzogR05VIEdQTCB2ZXJzaW9uIDMgb3IgbGF0ZXIg PGh0dHA6Ly9nbnUub3JnL2xpY2Vuc2VzL2dwbC5odG1sPgpUaGlzIGlzIGZyZWUgc29mdHdhcmU6 IHlvdSBhcmUgZnJlZSB0byBjaGFuZ2UgYW5kIHJlZGlzdHJpYnV0ZSBpdC4KVGhlcmUgaXMgTk8g V0FSUkFOVFksIHRvIHRoZSBleHRlbnQgcGVybWl0dGVkIGJ5IGxhdy4gIFR5cGUgInNob3cgY29w eWluZyIKYW5kICJzaG93IHdhcnJhbnR5IiBmb3IgZGV0YWlscy4KVGhpcyBHREIgd2FzIGNvbmZp Z3VyZWQgYXMgIng4Nl82NC11bmtub3duLWxpbnV4LWdudSIuLi4KKG5vIGRlYnVnZ2luZyBzeW1i b2xzIGZvdW5kKQooZ2RiKSByIGh0dHA6Ly93d3cubGludXhxdWVzdGlvbnMub3JnL3F1ZXN0aW9u cy8KU3RhcnRpbmcgcHJvZ3JhbTogL21udC9oZGIzL3NvdXJjZXMvd2Via2l0L1Byb2dyYW1zL0d0 a0xhdW5jaGVyIGh0dHA6Ly93d3cubGludXhxdWVzdGlvbnMub3JnL3F1ZXN0aW9ucy8Kd2Fybmlu ZzogTG93ZXN0IHNlY3Rpb24gaW4gL3Vzci9saWIvbGliaWN1ZGF0YS5zby40MiBpcyAuaGFzaCBh dCAwMDAwMDAwMDAwMDAwMTIwCltUaHJlYWQgZGVidWdnaW5nIHVzaW5nIGxpYnRocmVhZF9kYiBl bmFibGVkXQpbTmV3IFRocmVhZCAweDdmYmQ4Mjk2Mzc2MCAoTFdQIDIyNjAxKV0KW05ldyBUaHJl YWQgMHg3ZmJkNzQ1YTM5MTAgKExXUCAyMjYwNCldCltUaHJlYWQgMHg3ZmJkNzQ1YTM5MTAgKExX UCAyMjYwNCkgZXhpdGVkXQpbTmV3IFRocmVhZCAweDdmYmQ3NDVhMzkxMCAoTFdQIDIyNjA1KV0K W1RocmVhZCAweDdmYmQ3NDVhMzkxMCAoTFdQIDIyNjA1KSBleGl0ZWRdCltOZXcgVGhyZWFkIDB4 N2ZiZDc0NWEzOTEwIChMV1AgMjI2MDYpXQpbVGhyZWFkIDB4N2ZiZDc0NWEzOTEwIChMV1AgMjI2 MDYpIGV4aXRlZF0KW05ldyBUaHJlYWQgMHg3ZmJkNzQ1YTM5MTAgKExXUCAyMjYwNyldCltOZXcg VGhyZWFkIDB4N2ZiZDczOTkyOTEwIChMV1AgMjI2MDgpXQpbTmV3IFRocmVhZCAweDdmYmQ3MzE5 MTkxMCAoTFdQIDIyNjA5KV0KW1RocmVhZCAweDdmYmQ3Mzk5MjkxMCAoTFdQIDIyNjA4KSBleGl0 ZWRdCltOZXcgVGhyZWFkIDB4N2ZiZDczOTkyOTEwIChMV1AgMjI2MTApXQpbVGhyZWFkIDB4N2Zi ZDczMTkxOTEwIChMV1AgMjI2MDkpIGV4aXRlZF0KW1RocmVhZCAweDdmYmQ3Mzk5MjkxMCAoTFdQ IDIyNjEwKSBleGl0ZWRdCltUaHJlYWQgMHg3ZmJkNzQ1YTM5MTAgKExXUCAyMjYwNykgZXhpdGVk XQpbTmV3IFRocmVhZCAweDdmYmQ3NDVhMzkxMCAoTFdQIDIyNjExKV0KW1RocmVhZCAweDdmYmQ3 NDVhMzkxMCAoTFdQIDIyNjExKSBleGl0ZWRdCltOZXcgVGhyZWFkIDB4N2ZiZDc0NWEzOTEwIChM V1AgMjI2MTIpXQpbVGhyZWFkIDB4N2ZiZDc0NWEzOTEwIChMV1AgMjI2MTIpIGV4aXRlZF0KKG5v IGRlYnVnZ2luZyBzeW1ib2xzIGZvdW5kKQpbTmV3IFRocmVhZCAweDdmYmQ3NDVhMzkxMCAoTFdQ IDIyNjE1KV0KW1RocmVhZCAweDdmYmQ3NDVhMzkxMCAoTFdQIDIyNjE1KSBleGl0ZWRdCltOZXcg VGhyZWFkIDB4N2ZiZDc0NWEzOTEwIChMV1AgMjI2MTYpXQpbVGhyZWFkIDB4N2ZiZDc0NWEzOTEw IChMV1AgMjI2MTYpIGV4aXRlZF0KW05ldyBUaHJlYWQgMHg3ZmJkNzQ1YTM5MTAgKExXUCAyMjYx NyldCltUaHJlYWQgMHg3ZmJkNzQ1YTM5MTAgKExXUCAyMjYxNykgZXhpdGVkXQoKUHJvZ3JhbSBy ZWNlaXZlZCBzaWduYWwgU0lHU0VHViwgU2VnbWVudGF0aW9uIGZhdWx0LgpbU3dpdGNoaW5nIHRv IFRocmVhZCAweDdmYmQ4Mjk2Mzc2MCAoTFdQIDIyNjAxKV0KMHgwMDAwN2ZiZDgxZDI2NGI1IGlu IEpTQzo6UmVnRXhwOjptYXRjaCAoKSBmcm9tIC9ob21lL2Vucmljby9zcmMvd2Via2l0Ly5saWJz L2xpYndlYmtpdC0xLjAuc28uMgooZ2RiKSBidAojMCAgMHgwMDAwN2ZiZDgxZDI2NGI1IGluIEpT Qzo6UmVnRXhwOjptYXRjaCAoKSBmcm9tIC9ob21lL2Vucmljby9zcmMvd2Via2l0Ly5saWJzL2xp YndlYmtpdC0xLjAuc28uMgojMSAgMHgwMDAwN2ZiZDgxZDI2NTJlIGluIEpTQzo6UmVnRXhwQ29u c3RydWN0b3I6OnBlcmZvcm1NYXRjaCAoKSBmcm9tIC9ob21lL2Vucmljby9zcmMvd2Via2l0Ly5s aWJzL2xpYndlYmtpdC0xLjAuc28uMgojMiAgMHgwMDAwN2ZiZDgxZDQyOTM5IGluIEpTQzo6c3Ry aW5nUHJvdG9GdW5jU2VhcmNoICgpIGZyb20gL2hvbWUvZW5yaWNvL3NyYy93ZWJraXQvLmxpYnMv bGlid2Via2l0LTEuMC5zby4yCiMzICAweDAwMDA3ZmJkODI3OWYyZjQgaW4gPz8gKCkKIzQgIDB4 MDAwMDdmYmQ3MzlhMzNiMCBpbiA/PyAoKQojNSAgMHgwMDAwMDAwMDAwMDAwMDAxIGluID8/ICgp CiM2ICAweDAwMDAwMDAwMDAwMDAwMDAgaW4gPz8gKCkKKGdkYikK