Ignore:
Timestamp:
Dec 14, 2017, 2:16:38 PM (7 years ago)
Author:
[email protected]
Message:

REGRESSION (r225695): Repro crash on yahoo login page
https://bugs.webkit.org/show_bug.cgi?id=180761

Reviewed by JF Bastien.

JSTests:

New regression test.

  • stress/regress-180761.js: Added.

Source/JavaScriptCore:

Relanding r225695 with a fix.

The fix is that we need to save the return address for a parentheses in
the ParenContext because it is actually used by any immediately contained
alternatives.

Also did a little refactoring, changing occurances of PatternContext to
ParenContext since that is the name of the structure.

  • runtime/RegExp.cpp:

(JSC::byteCodeCompilePattern):
(JSC::RegExp::byteCodeCompileIfNecessary):
(JSC::RegExp::compile):
(JSC::RegExp::compileMatchOnly):

  • runtime/RegExp.h:
  • runtime/RegExpInlines.h:

(JSC::RegExp::matchInline):

  • testRegExp.cpp:

(parseRegExpLine):
(runFromFiles):

  • yarr/Yarr.h:
  • yarr/YarrInterpreter.cpp:

(JSC::Yarr::ByteCompiler::compile):
(JSC::Yarr::ByteCompiler::dumpDisjunction):

  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::ParenContextSizes::ParenContextSizes):
(JSC::Yarr::YarrGenerator::ParenContextSizes::numSubpatterns):
(JSC::Yarr::YarrGenerator::ParenContextSizes::frameSlots):
(JSC::Yarr::YarrGenerator::ParenContext::sizeFor):
(JSC::Yarr::YarrGenerator::ParenContext::nextOffset):
(JSC::Yarr::YarrGenerator::ParenContext::beginOffset):
(JSC::Yarr::YarrGenerator::ParenContext::matchAmountOffset):
(JSC::Yarr::YarrGenerator::ParenContext::returnAddressOffset):
(JSC::Yarr::YarrGenerator::ParenContext::subpatternOffset):
(JSC::Yarr::YarrGenerator::ParenContext::savedFrameOffset):
(JSC::Yarr::YarrGenerator::initParenContextFreeList):
(JSC::Yarr::YarrGenerator::allocateParenContext):
(JSC::Yarr::YarrGenerator::freeParenContext):
(JSC::Yarr::YarrGenerator::saveParenContext):
(JSC::Yarr::YarrGenerator::restoreParenContext):
(JSC::Yarr::YarrGenerator::tryReadUnicodeCharImpl):
(JSC::Yarr::YarrGenerator::storeToFrame):
(JSC::Yarr::YarrGenerator::generateJITFailReturn):
(JSC::Yarr::YarrGenerator::clearMatches):
(JSC::Yarr::YarrGenerator::generate):
(JSC::Yarr::YarrGenerator::backtrack):
(JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
(JSC::Yarr::YarrGenerator::generateEnter):
(JSC::Yarr::YarrGenerator::generateReturn):
(JSC::Yarr::YarrGenerator::YarrGenerator):
(JSC::Yarr::YarrGenerator::compile):

  • yarr/YarrJIT.h:

(JSC::Yarr::YarrCodeBlock::execute):

  • yarr/YarrPattern.cpp:

(JSC::Yarr::indentForNestingLevel):
(JSC::Yarr::dumpUChar32):
(JSC::Yarr::dumpCharacterClass):
(JSC::Yarr::PatternTerm::dump):
(JSC::Yarr::YarrPattern::dumpPattern):

  • yarr/YarrPattern.h:

(JSC::Yarr::PatternTerm::containsAnyCaptures):
(JSC::Yarr::BackTrackInfoParenthesesOnce::returnAddressIndex):
(JSC::Yarr::BackTrackInfoParentheses::beginIndex):
(JSC::Yarr::BackTrackInfoParentheses::returnAddressIndex):
(JSC::Yarr::BackTrackInfoParentheses::matchAmountIndex):
(JSC::Yarr::BackTrackInfoParentheses::parenContextHeadIndex):
(JSC::Yarr::BackTrackInfoAlternative::offsetIndex): Deleted.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/testRegExp.cpp

    r225861 r225930  
    316316}
    317317
    318 static RegExp* parseRegExpLine(VM& vm, char* line, int lineLength)
     318static RegExp* parseRegExpLine(VM& vm, char* line, int lineLength, const char** regexpError)
    319319{
    320320    StringBuilder pattern;
    321    
     321
    322322    if (line[0] != '/')
    323323        return 0;
     
    331331
    332332    RegExp* r = RegExp::create(vm, pattern.toString(), regExpFlags(line + i));
    333     if (r->isValid())
    334         return r;
    335     return nullptr;
     333    if (!r->isValid()) {
     334        *regexpError = r->errorMessage();
     335        return nullptr;
     336    }
     337    return r;
    336338}
    337339
     
    432434        char* linePtr = 0;
    433435        unsigned int lineNumber = 0;
     436        const char* regexpError = nullptr;
    434437
    435438        while ((linePtr = fgets(&lineBuffer[0], MaxLineLength, testCasesFile))) {
     
    445448
    446449            if (linePtr[0] == '/') {
    447                 regexp = parseRegExpLine(vm, linePtr, lineLength);
     450                regexp = parseRegExpLine(vm, linePtr, lineLength, &regexpError);
     451                if (!regexp) {
     452                    failures++;
     453                    fprintf(stderr, "Failure on line %u. '%s' %s\n", lineNumber, linePtr, regexpError);
     454                }
    448455            } else if (linePtr[0] == ' ') {
    449456                RegExpTest* regExpTest = parseTestLine(linePtr, lineLength);
     
    462469                tests++;
    463470                regexp = 0; // Reset the live regexp to avoid confusing other subsequent tests
    464                 bool successfullyParsed = parseRegExpLine(vm, linePtr + 1, lineLength - 1);
     471                bool successfullyParsed = parseRegExpLine(vm, linePtr + 1, lineLength - 1, &regexpError);
    465472                if (successfullyParsed) {
    466473                    failures++;
    467                     fprintf(stderr, "Failure on line %u. '%s' is not a valid regexp\n", lineNumber, linePtr + 1);
     474                    fprintf(stderr, "Failure on line %u. '%s' %s\n", lineNumber, linePtr + 1, regexpError);
    468475                }
    469476            }
Note: See TracChangeset for help on using the changeset viewer.