[webkit-changes] [WebKit/WebKit] 06b56b: [Yarr] ASSERTION FAILED: m_setOp == CharacterClass...

Wed, 17 May 2023 09:40:12 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 06b56b4c9d0015be87161819dd740b686827980e
      
https://github.com/WebKit/WebKit/commit/06b56b4c9d0015be87161819dd740b686827980e
  Author: Michael Saboff <[email protected]>
  Date:   2023-05-17 (Wed, 17 May 2023)

  Changed paths:
    M JSTests/stress/regexp-vflag-property-of-strings.js
    M Source/JavaScriptCore/yarr/YarrParser.h

  Log Message:
  -----------
  [Yarr] ASSERTION FAILED: m_setOp == CharacterClassSetOp::Default || m_setOp 
== setOp
https://bugs.webkit.org/show_bug.cgi?id=256822
rdar://108256053

Reviewed by Yusuke Suzuki.

Refactored ClassSetParserDelegate state transitions.  Prior to this 
refactoring, ClassSetConstructionState::Empty
was used at both the start of a class set and after a class set operation with 
its left and right operands.
Given that this bug occurred with standalone class set operator, the prior use 
of ClassSetConstructionState::Empty
didn't allow for proper detection of the bug case.  Changed the state after the 
right hand operand of a class set
operator to be ClassSetConstructionState::AfterSetOperand Most of the 
refactoring occurs in
ClassSetParserDelegate::atomPatternCharacter() and 
ClassSetParserDelegate::atomBuiltInCharacterClass().

This change necessitated some other changes.  Added a new ClassSet 
parseEscape() mode to simplify processing of
\q{} class disjunction escapes.  Since class set disjunctions may return 
strings, a parsed class set disjunction
returns a new TokenType, SetDisjunction, to distinguish it from the other parse 
escapes results that resolve to
either a single character, via atomPatternCharacter(), or a builtin character 
class, via atomBuiltInCharacterClass().

Updated regexp-vflag-property-of-strings.js with new test cases.

* JSTests/stress/regexp-vflag-property-of-strings.js:
* Source/JavaScriptCore/yarr/YarrParser.h:
(JSC::Yarr::Parser::ClassSetParserDelegate::nestedClassEnd):
(JSC::Yarr::Parser::ClassSetParserDelegate::setSubtractOp):
(JSC::Yarr::Parser::ClassSetParserDelegate::setIntersectionOp):
(JSC::Yarr::Parser::ClassSetParserDelegate::afterSetOperand):
(JSC::Yarr::Parser::ClassSetParserDelegate::atomPatternCharacter):
(JSC::Yarr::Parser::ClassSetParserDelegate::atomBuiltInCharacterClass):
(JSC::Yarr::Parser::parseEscape):
(JSC::Yarr::Parser::parseClassSetEscape):
(JSC::Yarr::Parser::parseClassSet):
(JSC::Yarr::Parser::parseClassStringDisjunction):
(JSC::Yarr::Parser::ClassSetParserDelegate::afterOperand): Deleted.

Canonical link: https://commits.webkit.org/264153@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to