266373 2023-12-13 14:41:02 -0800 [JSC] Assertion in JSC::Yarr::Interpreter<unsigned char>::InputStream::uncheckInput called from backtrackPatternCasedCharacter 2023-12-14 07:53:51 -0800 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 msaboff msaboff webkit-bug-importer oldest_to_newest 1999406 0 msaboff 2023-12-13 14:41:02 -0800 "Xbc".match(/(?<=(ab*?))c/i); Fails with a RELEASE_ASSERT at yarr/YarrInterpreter.cpp(403): 1 0x10a726ed8 WTFCrash 2 0x10ae3cdb4 JSC::IntlNumberFormat::initializeNumberFormat(JSC::JSGlobalObject*, JSC::JSValue, JSC::JSValue) 3 0x10cda7ebc JSC::Yarr::Interpreter<unsigned char>::InputStream::uncheckInput(unsigned int) 4 0x10cdaa524 JSC::Yarr::Interpreter<unsigned char>::backtrackPatternCasedCharacter(JSC::Yarr::ByteTerm&, JSC::Yarr::Interpreter<unsigned char>::DisjunctionContext*) 5 0x10cda5aec JSC::Yarr::Interpreter<unsigned char>::matchDisjunction(JSC::Yarr::ByteDisjunction*, JSC::Yarr::Interpreter<unsigned char>::DisjunctionContext*, bool) 6 0x10cd90114 JSC::Yarr::Interpreter<unsigned char>::interpret() 7 0x10cd8cd28 JSC::Yarr::interpret(JSC::Yarr::BytecodePattern*, WTF::StringView, unsigned int, unsigned int*) 8 0x10bbf51fc int JSC::RegExp::matchInline<WTF::Vector<int, 32ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, (JSC::Yarr::MatchFrom)0>(JSC::JSGlobalObject*, JSC::VM&, WTF::String const&, unsigned int, WTF::Vector<int, 32ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&) 9 0x10bbb028c JSC::createRegExpMatchesArray(JSC::VM&, JSC::JSGlobalObject*, JSC::JSString*, WTF::String const&, JSC::RegExp*, unsigned int, JSC::MatchResult&) ... 1999407 1 msaboff 2023-12-13 14:43:16 -0800 <rdar://119187095> 1999413 2 msaboff 2023-12-13 14:48:06 -0800 Pull request: https://github.com/WebKit/WebKit/pull/21765 1999582 3 ews-feeder 2023-12-14 07:53:49 -0800 Committed 272039@main (f59e18069da6): <https://commits.webkit.org/272039@main> Reviewed commits have been landed. Closing PR #21765 and removing active labels.