Bug 266373

"Xbc".match(/(?<=(ab*?))c/i); Fails with a RELEASE_ASSERT at yarr/YarrInterpreter.cpp(403): 1 0x10a726ed8 WTFCrash 2 0x10ae3cdb4 JSC::IntlNumberFormat::initializeNumberFormat(JSC::JSGlobalObject*, JSC::JSValue, JSC::JSValue) 3 0x10cda7ebc JSC::Yarr::Interpreter<unsigned char>::InputStream::uncheckInput(unsigned int) 4 0x10cdaa524 JSC::Yarr::Interpreter<unsigned char>::backtrackPatternCasedCharacter(JSC::Yarr::ByteTerm&, JSC::Yarr::Interpreter<unsigned char>::DisjunctionContext*) 5 0x10cda5aec JSC::Yarr::Interpreter<unsigned char>::matchDisjunction(JSC::Yarr::ByteDisjunction*, JSC::Yarr::Interpreter<unsigned char>::DisjunctionContext*, bool) 6 0x10cd90114 JSC::Yarr::Interpreter<unsigned char>::interpret() 7 0x10cd8cd28 JSC::Yarr::interpret(JSC::Yarr::BytecodePattern*, WTF::StringView, unsigned int, unsigned int*) 8 0x10bbf51fc int JSC::RegExp::matchInline<WTF::Vector<int, 32ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, (JSC::Yarr::MatchFrom)0>(JSC::JSGlobalObject*, JSC::VM&, WTF::String const&, unsigned int, WTF::Vector<int, 32ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&) 9 0x10bbb028c JSC::createRegExpMatchesArray(JSC::VM&, JSC::JSGlobalObject*, JSC::JSString*, WTF::String const&, JSC::RegExp*, unsigned int, JSC::MatchResult&) ...