[webkit-changes] [WebKit/WebKit] 879906: Unreviewed, relanding "[JSC] Yarr ParenContext sho...

Tue, 02 Dec 2025 16:20:19 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 879906c7a7715e3ae6d853be8baa7bd04c7b01bb
      
https://github.com/WebKit/WebKit/commit/879906c7a7715e3ae6d853be8baa7bd04c7b01bb
  Author: Yusuke Suzuki <[email protected]>
  Date:   2025-12-02 (Tue, 02 Dec 2025)

  Changed paths:
    A JSTests/stress/regexp-paren-context-stack-exhaustion.js
    M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
    M Source/JavaScriptCore/runtime/RegExpInlines.h
    M Source/JavaScriptCore/runtime/VM.cpp
    M Source/JavaScriptCore/runtime/VM.h
    M Source/JavaScriptCore/yarr/YarrJIT.cpp
    M Source/JavaScriptCore/yarr/YarrJIT.h
    M Source/JavaScriptCore/yarr/YarrJITRegisters.h
    M Source/JavaScriptCore/yarr/YarrMatchingContextHolder.h

  Log Message:
  -----------
  Unreviewed, relanding "[JSC] Yarr ParenContext should be allocated from Stack"
https://bugs.webkit.org/show_bug.cgi?id=303427
rdar://165723642

Relanding the change with a bug fix on iOS (JITCage) environment.
The change is that LowLevelInterpreter.asm's `move cfr, sp` is necessary.

* JSTests/stress/regexp-paren-context-stack-exhaustion.js: Added.
(createDeeplyNestedPattern):
(test):
* Source/JavaScriptCore/llint/LowLevelInterpreter.asm:
* Source/JavaScriptCore/runtime/RegExpInlines.h:
(JSC::RegExp::matchInline):
* Source/JavaScriptCore/runtime/VM.cpp:
(JSC::VM::acquireRegExpPatternContexBuffer): Deleted.
(JSC::VM::releaseRegExpPatternContexBuffer): Deleted.
* Source/JavaScriptCore/runtime/VM.h:
* Source/JavaScriptCore/yarr/YarrJIT.cpp:
(JSC::Yarr::tryReadUnicodeCharImpl):
(JSC::Yarr::tryReadUnicodeCharSlowImpl):
* Source/JavaScriptCore/yarr/YarrJIT.h:
* Source/JavaScriptCore/yarr/YarrJITRegisters.h:
* Source/JavaScriptCore/yarr/YarrMatchingContextHolder.h:
(JSC::Yarr::MatchingContextHolder::offsetOfFreeList):
(JSC::Yarr::MatchingContextHolder::stackLimit const):
(JSC::Yarr::MatchingContextHolder::freeList const):
(JSC::Yarr::MatchingContextHolder::MatchingContextHolder):
(JSC::Yarr::MatchingContextHolder::~MatchingContextHolder):
(JSC::Yarr::MatchingContextHolder::offsetOfPatternContextBuffer): Deleted.
(JSC::Yarr::MatchingContextHolder::offsetOfPatternContextBufferSize): Deleted.

Canonical link: https://commits.webkit.org/303796@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to