Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d25fc500fa9490878ef1d494f8c15be43054d7cd
https://github.com/WebKit/WebKit/commit/d25fc500fa9490878ef1d494f8c15be43054d7cd
Author: Sosuke Suzuki <[email protected]>
Date: 2026-03-03 (Tue, 03 Mar 2026)
Changed paths:
A JSTests/stress/regexp-backreference-16bit-ignorecase-errorCodePoint.js
M Source/JavaScriptCore/yarr/YarrJIT.cpp
Log Message:
-----------
[YARR] Skip dead errorCodePoint checks in 16-bit ignoreCase backreference
loop for non-Unicode patterns
https://bugs.webkit.org/show_bug.cgi?id=308299
Reviewed by Yusuke Suzuki.
In the 16-bit ignoreCase backreference matching loop, YarrJIT
unconditionally emitted two errorCodePoint checks (cmn + b.eq) before
comparing the input character and the pattern character. However,
errorCodePoint (-1) can only be produced by tryReadUnicodeChar() when
decoding surrogate pairs. In non-Unicode mode, readCharacter() emits
load16Unaligned which zero-extends the result, so the value is always
in [0, 0xFFFF] and can never equal errorCodePoint.
Guard the errorCodePoint checks with m_decodeSurrogatePairs so they are
only emitted in Unicode mode. On AArch64 this reduces the inner loop
from 13 to 11 instructions and from 6 to 4 branches per iteration.
This is the ignoreCase counterpart of r307900, which applied the same
optimization to the case-sensitive backreference loop.
Test: JSTests/stress/regexp-backreference-16bit-ignorecase-errorCodePoint.js
* JSTests/stress/regexp-backreference-16bit-ignorecase-errorCodePoint.js: Added.
(shouldBe):
* Source/JavaScriptCore/yarr/YarrJIT.cpp:
Canonical link: https://commits.webkit.org/308607@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
