fast/regex/overflow.html -> unexpected DumpRenderTree crash Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef VM Regions Near 0xbbadbeef: --> __TEXT 000000010ae74000-000000010aefa000 [ 536K] r-x/rwx SM=COW /Volumes/VOLUME/* Application Specific Information: objc[27078]: garbage collection is OFF Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x000000010b32f483 WTF::CrashOnOverflow::overflowed() + 35 (CheckedArithmetic.h:72) 1 com.apple.JavaScriptCore 0x000000010b33d127 WTF::Checked<int, WTF::CrashOnOverflow>::Checked<unsigned int>(WTF::Checked<unsigned int, WTF::CrashOnOverflow> const&) + 55 (CheckedArithmetic.h:449) 2 com.apple.JavaScriptCore 0x000000010b33d07d WTF::Checked<int, WTF::CrashOnOverflow>::Checked<unsigned int>(WTF::Checked<unsigned int, WTF::CrashOnOverflow> const&) + 29 (CheckedArithmetic.h:450) 3 com.apple.JavaScriptCore 0x000000010b33b519 JSC::Yarr::YarrGenerator::generateCharacterClassFixed(unsigned long) + 233 (YarrJIT.cpp:876) 4 com.apple.JavaScriptCore 0x000000010b339ed9 JSC::Yarr::YarrGenerator::generateTerm(unsigned long) + 377 (YarrJIT.cpp:1088) 5 com.apple.JavaScriptCore 0x000000010b331f1d JSC::Yarr::YarrGenerator::generate() + 221 (YarrJIT.cpp:1205) 6 com.apple.JavaScriptCore 0x000000010b330740 JSC::Yarr::YarrGenerator::compile(JSC::JSGlobalData*, JSC::Yarr::YarrCodeBlock&) + 368 (YarrJIT.cpp:2429) 7 com.apple.JavaScriptCore 0x000000010b3301e5 JSC::Yarr::jitCompile(JSC::Yarr::YarrPattern&, JSC::JSGlobalData*, JSC::Yarr::YarrCodeBlock&) + 69 (YarrJIT.cpp:2466) 8 com.apple.JavaScriptCore 0x000000010b2d85e0 JSC::RegExp::compile(JSC::JSGlobalData*) + 976 (RegExp.cpp:138) 9 com.apple.JavaScriptCore 0x000000010b2d8fb5 JSC::RegExp::compileIfNecessary(JSC::JSGlobalData&) + 69 (RegExp.h:100) 10 com.apple.JavaScriptCore 0x000000010b2d8804 JSC::RegExp::match(JSC::JSGlobalData&, JSC::UString const&, int, WTF::Vector<int, 32ul>*) + 180 (RegExp.cpp:171) 11 com.apple.JavaScriptCore 0x000000010b2e504a JSC::RegExpConstructor::performMatch(JSC::JSGlobalData&, JSC::RegExp*, JSC::UString const&, int, int&, int&, int**) + 138 (RegExpConstructor.h:120) 12 com.apple.JavaScriptCore 0x000000010b2e419a JSC::RegExpObject::match(JSC::ExecState*) + 298 (RegExpObject.cpp:188) 13 com.apple.JavaScriptCore 0x000000010b2e445d JSC::RegExpObject::exec(JSC::ExecState*) + 29 (RegExpObject.cpp:174) 14 com.apple.JavaScriptCore 0x000000010b2e6030 _ZN3JSCL19regExpProtoFuncExecEPNS_9ExecStateE + 112 (RegExpPrototype.cpp:95) 15 ??? 0x000026c1cb4011f8 0 + 42613780517368 16 com.apple.JavaScriptCore 0x000000010b174554 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) + 100 (JITCode.h:80) 17 com.apple.JavaScriptCore 0x000000010b16c898 JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, int, JSC::ScopeChainNode*) + 2984 (Interpreter.cpp:1296) 18 com.apple.JavaScriptCore 0x000000010b16bc7f JSC::Interpreter::callEval(JSC::ExecState*, JSC::RegisterFile*, JSC::Register*, int, int) + 1583 (Interpreter.cpp:463) 19 com.apple.JavaScriptCore 0x000000010b1b3623 cti_op_call_eval + 803 (JITStubs.cpp:3207) 20 com.apple.JavaScriptCore 0x000000010b1b71a0 0x10b042000 + 1528224 21 com.apple.JavaScriptCore 0x000000010b174554 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) + 100 (JITCode.h:80) 22 com.apple.JavaScriptCore 0x000000010b16fc51 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*) + 5873 (Interpreter.cpp:898) 23 com.apple.JavaScriptCore 0x000000010b0c9016 JSC::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue) + 662 (Completion.cpp:66) 24 com.apple.WebCore 0x000000010cd9631e WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue) + 62 (JSMainThreadExecState.h:57) 25 com.apple.WebCore 0x000000010d4c8b27 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) + 519 (ScriptController.cpp:142) 26 com.apple.WebCore 0x000000010d4c8df4 WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) + 68 (ScriptController.cpp:162) 27 com.apple.WebCore 0x000000010d4e1590 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 560 (ScriptElement.cpp:292) 28 com.apple.WebCore 0x000000010c93ee9f WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent(WebCore::PendingScript&) + 623 (HTMLScriptRunner.cpp:139) 29 com.apple.WebCore 0x000000010c93ebc6 WebCore::HTMLScriptRunner::executeParsingBlockingScript() + 454 (HTMLScriptRunner.cpp:118) 30 com.apple.WebCore 0x000000010c93f7ba WebCore::HTMLScriptRunner::executeParsingBlockingScripts() + 90 (HTMLScriptRunner.cpp:196) 31 com.apple.WebCore 0x000000010c93f959 WebCore::HTMLScriptRunner::executeScriptsWaitingForLoad(WebCore::CachedResource*) + 377 (HTMLScriptRunner.cpp:206) 32 com.apple.WebCore 0x000000010c8b2962 WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 530 (HTMLDocumentParser.cpp:524) 33 com.apple.WebCore 0x000000010c8b2a2f non-virtual thunk to WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 47 34 com.apple.WebCore 0x000000010c20484d WebCore::CachedResource::checkNotify() + 125 (CachedResource.cpp:151) 35 com.apple.WebCore 0x000000010c21fef1 WebCore::CachedScript::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) + 193 (CachedScript.cpp:105) 36 com.apple.WebCore 0x000000010c21e146 WebCore::CachedResourceRequest::didFinishLoading(WebCore::SubresourceLoader*, double) + 614 (CachedResourceRequest.cpp:169) 37 com.apple.WebCore 0x000000010d5cd7de WebCore::SubresourceLoader::didFinishLoading(double) + 206 (SubresourceLoader.cpp:196) 38 com.apple.WebCore 0x000000010d489a9c WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double) + 188 (ResourceLoader.cpp:473) 39 com.apple.WebCore 0x000000010d485a75 -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] + 261 (ResourceHandleMac.mm:891) 40 com.apple.Foundation 0x00007fff8f634302 ___NSURLConnectionDidFinishLoading_block_invoke_1 + 122 41 com.apple.Foundation 0x00007fff8f634282 _NSURLConnectionDidFinishLoading + 81 42 com.apple.CFNetwork 0x00007fff90a06136 URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 296 43 com.apple.CFNetwork 0x00007fff90ab5dfe URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 862 44 com.apple.CFNetwork 0x00007fff90ab5fea URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 1354 45 com.apple.CFNetwork 0x00007fff909e107d URLConnectionClient::processEvents() + 185 46 com.apple.CFNetwork 0x00007fff909e0f22 MultiplexerSource::perform() + 212 47 com.apple.CoreFoundation 0x00007fff96181c51 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 48 com.apple.CoreFoundation 0x00007fff961814bd __CFRunLoopDoSources0 + 253 49 com.apple.CoreFoundation 0x00007fff961a82d9 __CFRunLoopRun + 905 50 com.apple.CoreFoundation 0x00007fff961a7c16 CFRunLoopRunSpecific + 230 51 com.apple.Foundation 0x00007fff8f5d7c3f -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 267 52 DumpRenderTree 0x000000010ae8991e _ZL7runTestRKSs + 2990 (DumpRenderTree.mm:1162) 53 DumpRenderTree 0x000000010ae88caf _ZL20runTestingServerLoopv + 223 (DumpRenderTree.mm:635) 54 DumpRenderTree 0x000000010ae88589 dumpRenderTree(int, char const**) + 361 (DumpRenderTree.mm:688) 55 DumpRenderTree 0x000000010ae8a0ac main + 124 (DumpRenderTree.mm:729)