Skip to site navigation (Press enter)

[webkit-changes] [248229] releases/WebKitGTK/webkit-2.24

mcatanzaro Sat, 03 Aug 2019 20:24:16 -0700

Title: [248229] releases/WebKitGTK/webkit-2.24

Revision: 248229
Author: [email protected]
Date: 2019-08-03 20:23:04 -0700 (Sat, 03 Aug 2019)

Log Message

Merge r245815 - [YARR] Properly handle RegExp's that require large ParenContext space
https://bugs.webkit.org/show_bug.cgi?id=198065


Reviewed by Keith Miller.

JSTests:

New test.

* stress/regexp-large-paren-context.js: Added.
(testLargeRegExp):

Source/_javascript_Core:

Changed what happens when we exceed VM::patternContextBufferSize when compiling a RegExp
that needs ParenCOntextSpace to fail the RegExp JIT compilation and fall back to the YARR
interpreter.  This can save large amounts of JIT memory for a
JIT'ed function that cannot ever succeed.

* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::initParenContextFreeList):
(JSC::Yarr::YarrGenerator::compile):

Modified Paths

releases/WebKitGTK/webkit-2.24/JSTests/ChangeLog
releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/ChangeLog
releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/yarr/YarrJIT.cpp

Added Paths

releases/WebKitGTK/webkit-2.24/JSTests/stress/regexp-large-paren-context.js

Diff

Modified: releases/WebKitGTK/webkit-2.24/JSTests/ChangeLog (248228 => 248229)


--- releases/WebKitGTK/webkit-2.24/JSTests/ChangeLog	2019-08-04 03:23:02 UTC (rev 248228)
+++ releases/WebKitGTK/webkit-2.24/JSTests/ChangeLog	2019-08-04 03:23:04 UTC (rev 248229)
@@ -1,3 +1,15 @@
+2019-05-28  Michael Saboff  <[email protected]>
+
+        [YARR] Properly handle RegExp's that require large ParenContext space
+        https://bugs.webkit.org/show_bug.cgi?id=198065
+
+        Reviewed by Keith Miller.
+
+        New test.
+
+        * stress/regexp-large-paren-context.js: Added.
+        (testLargeRegExp):
+
 2019-05-20  Keith Miller  <[email protected]>
 
         Cleanup Yarr regexp code around paren contexts.

Added: releases/WebKitGTK/webkit-2.24/JSTests/stress/regexp-large-paren-context.js (0 => 248229)


--- releases/WebKitGTK/webkit-2.24/JSTests/stress/regexp-large-paren-context.js	                        (rev 0)
+++ releases/WebKitGTK/webkit-2.24/JSTests/stress/regexp-large-paren-context.js	2019-08-04 03:23:04 UTC (rev 248229)
@@ -0,0 +1,22 @@
+// Test the regular expresions that need lots of parenthesis context space work.
+// This includes falling back to the interpreter.
+
+function testLargeRegExp(terms)
+{
+    let s = '';
+    for (let i = 0; i < terms; i++) {
+        s += '(?:a){0,2}';
+    }
+
+    let r = new RegExp(s);
+    for (let i = 0; i < 10; i++)
+        ''.match(r);
+}
+
+testLargeRegExp(127);
+testLargeRegExp(128);
+testLargeRegExp(255);
+testLargeRegExp(256);
+testLargeRegExp(1000);
+
+

Modified: releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/ChangeLog (248228 => 248229)


--- releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/ChangeLog	2019-08-04 03:23:02 UTC (rev 248228)
+++ releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/ChangeLog	2019-08-04 03:23:04 UTC (rev 248229)
@@ -1,3 +1,19 @@
+2019-05-28  Michael Saboff  <[email protected]>
+
+        [YARR] Properly handle RegExp's that require large ParenContext space
+        https://bugs.webkit.org/show_bug.cgi?id=198065
+
+        Reviewed by Keith Miller.
+
+        Changed what happens when we exceed VM::patternContextBufferSize when compiling a RegExp
+        that needs ParenCOntextSpace to fail the RegExp JIT compilation and fall back to the YARR
+        interpreter.  This can save large amounts of JIT memory for a
+        JIT'ed function that cannot ever succeed.
+
+        * yarr/YarrJIT.cpp:
+        (JSC::Yarr::YarrGenerator::initParenContextFreeList):
+        (JSC::Yarr::YarrGenerator::compile):
+
 2019-05-20  Keith Miller  <[email protected]>
 
         Cleanup Yarr regexp code around paren contexts.

Modified: releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/yarr/YarrJIT.cpp (248228 => 248229)


--- releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/yarr/YarrJIT.cpp	2019-08-04 03:23:02 UTC (rev 248228)
+++ releases/WebKitGTK/webkit-2.24/Source/_javascript_Core/yarr/YarrJIT.cpp	2019-08-04 03:23:04 UTC (rev 248229)
@@ -226,9 +226,10 @@
 
         parenContextSize = WTF::roundUpToMultipleOf<sizeof(uintptr_t)>(parenContextSize);
 
-        // Check that the paren context is a reasonable size.
-        if (parenContextSize > VM::patternContextBufferSize)
-            m_abortExecution.append(jump());
+        if (parenContextSize > VM::patternContextBufferSize) {
+            m_failureReason = JITFailureReason::ParenthesisNestedTooDeep;
+            return;
+        }
 
         Jump emptyFreeList = branchTestPtr(Zero, freelistRegister);
         move(freelistRegister, parenContextPointer);
@@ -3885,8 +3886,13 @@
         initCallFrame();
 
 #if ENABLE(YARR_JIT_ALL_PARENS_EXPRESSIONS)
-        if (m_containsNestedSubpatterns)
+        if (m_containsNestedSubpatterns) {
             initParenContextFreeList();
+            if (m_failureReason) {
+                codeBlock.setFallBackWithFailureReason(*m_failureReason);
+                return;
+            }
+        }
 #endif
         
         if (m_pattern.m_saveInitialStartValue) {

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes