Since r65468, Chromium buildbots are reporting a lot of crashes inside StringImpl::find. I guess I have found the problem; I'll upload a patch shortly.
Created attachment 64573 [details] Patch
Comment on attachment 64573 [details] Patch Looks good.
Comment on attachment 64573 [details] Patch Clearing flags on attachment: 64573 Committed r65493: <http://trac.webkit.org/changeset/65493>
All reviewed patches have been landed. Closing bug.
Unfortunately, my patch didn't work. Stack trace is available at: http://build.chromium.org/buildbot/waterfall/builders/Chromium%20Reliability/builds/11720/steps/reliability:%20partial%20result%20of%20current%20build/logs/stdio http://build.chromium.org/buildbot/waterfall/builders/Chromium%20Reliability/builds/11721/steps/reliability:%20partial%20result%20of%20current%20build/logs/stdio For now, I'm not sure the real reason why r65468 causes crashes.
Comment on attachment 64573 [details] Patch I would have preferred a fix that used a break inside the loop rather than repeating the logic from inside the loop. for (unsigned i = 0; ; ++i) { if (searchHash == matchHash && equal(searchCharacters + i, matchString, matchLength)) return index + i; if (i >= delta) break; ...
This seems to be happening on Windows, too: http://build.webkit.org/results/Windows%20Debug%20(Tests)/r65537%20(18204)/CrashLog_09b4_2010-08-17_15-14-54-014.txt http://build.webkit.org/results/Windows%20Debug%20(Tests)/r65537%20(18204)/CrashLog_0c14_2010-08-17_15-05-47-171.txt
Created attachment 64650 [details] Fix for second overrun Landed in r65571
Thanks for catching this Yuta. I think the problem is just the overrun, but there is a second find method with the same issue, so I've landed a fix for this. Hopefully this should resolved the remaining crashes.
(In reply to comment #9) > Thanks for catching this Yuta. I think the problem is just the overrun, but there is a second find method with the same issue, so I've landed a fix for this. Hopefully this should resolved the remaining crashes. It seems the crashes are gone. Thanks!