Ignore:
Timestamp:
Jan 24, 2022, 3:20:23 PM (3 years ago)
Author:
Mikhail R. Gadelha
Message:

[JSC][32bit] Fix regexp crash on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=234476

Reviewed by Yusuke Suzuki.

This patch fixes several regexp crashes on ARMv7 due to an incorrect
offset to retrieve the 5th argument from the stack: in ARMv7, only
4 arguments are passed via registers r0-r3i, and any other argument is
placed on the stack, however, YarrJIT was trying to get the 5th arg
from a fixed offset, so because the generateEnter() method pushed
register into the stack, the offset was wrong. This patch fixes how
the offset is calculated for MIPS and ARMv7.

This patch also introduces some small changes:

  1. Added static_asserts that the YarrJIT calls do indeed have 5 arguments

and that the 5th argument has the type that we expect (MatchingContextHolder*).

  1. Removed an unnecessary pointer from the MatchingContextHolder

constructor.

  1. Fixed some warnings in the YarrJIT code here and there.
  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compileRegExpTestInline):

  • runtime/RegExpInlines.h:

(JSC::RegExp::matchInline):

  • yarr/YarrJIT.cpp:
  • yarr/YarrMatchingContextHolder.h:

(JSC::Yarr::MatchingContextHolder::MatchingContextHolder):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/runtime/RegExp.cpp

    r288401 r288476  
    449449        case JITCode: {
    450450            Yarr::YarrCodeBlock& codeBlock = *m_regExpJITCode.get();
    451             snprintf(jit8BitMatchOnlyAddr, jitAddrSize, "0x%014lx", reinterpret_cast<uintptr_t>(codeBlock.get8BitMatchOnlyAddr()));
    452             snprintf(jit16BitMatchOnlyAddr, jitAddrSize, "0x%014lx", reinterpret_cast<uintptr_t>(codeBlock.get16BitMatchOnlyAddr()));
    453             snprintf(jit8BitMatchAddr, jitAddrSize, "0x%014lx", reinterpret_cast<uintptr_t>(codeBlock.get8BitMatchAddr()));
    454             snprintf(jit16BitMatchAddr, jitAddrSize, "0x%014lx", reinterpret_cast<uintptr_t>(codeBlock.get16BitMatchAddr()));
     451            snprintf(jit8BitMatchOnlyAddr, jitAddrSize, "0x%014" PRIxPTR, reinterpret_cast<uintptr_t>(codeBlock.get8BitMatchOnlyAddr()));
     452            snprintf(jit16BitMatchOnlyAddr, jitAddrSize, "0x%014" PRIxPTR, reinterpret_cast<uintptr_t>(codeBlock.get16BitMatchOnlyAddr()));
     453            snprintf(jit8BitMatchAddr, jitAddrSize, "0x%014" PRIxPTR, reinterpret_cast<uintptr_t>(codeBlock.get8BitMatchAddr()));
     454            snprintf(jit16BitMatchAddr, jitAddrSize, "0x%014" PRIxPTR, reinterpret_cast<uintptr_t>(codeBlock.get16BitMatchAddr()));
    455455            break;
    456456        }
Note: See TracChangeset for help on using the changeset viewer.