Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: ab6288d351f1e0c83b9060b9583c88dd707e30cc
https://github.com/WebKit/WebKit/commit/ab6288d351f1e0c83b9060b9583c88dd707e30cc
Author: Michael Saboff <msab...@apple.com>
Date: 2025-04-24 (Thu, 24 Apr 2025)
Changed paths:
A JSTests/stress/regexp-unicode-mix-escaped-and-literal-surrogates.js
M Source/JavaScriptCore/yarr/YarrJIT.cpp
Log Message:
-----------
RegExp Unicode JIT treats escaped surrogate followed by literal surrogate as
surrogate pair
https://bugs.webkit.org/show_bug.cgi?id=290567
rdar://148548273
Reviewed by Yusuke Suzuki.
This is due to the multi character optimization in
JSC::Yarr::generatePatternCharacterOnce() where we match
multiple characters by loading the number of characters we are matching
together and then checking that what
was loaded match the concatenation of characters. This bypasses the normal
reading of a valid surrogate pair.
The fix is to process dangling surrogates as individual characters and group
together with surrounding
characters.
* JSTests/stress/regexp-unicode-mix-escaped-and-literal-surrogates.js: Added.
(arrayToString):
(objectToString):
(dumpValue):
(compareArray):
(compareGroups):
(testRegExp):
(testRegExpSyntaxError):
(printErrors):
* Source/JavaScriptCore/yarr/YarrJIT.cpp:
Canonical link: https://commits.webkit.org/294066@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
