Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 314bda38516d1c74e79c026b8d507afe5e64340c
https://github.com/WebKit/WebKit/commit/314bda38516d1c74e79c026b8d507afe5e64340c
Author: Sosuke Suzuki <[email protected]>
Date: 2026-02-20 (Fri, 20 Feb 2026)
Changed paths:
A JSTests/stress/regexp-backreference-errorCodePoint-reorder.js
M Source/JavaScriptCore/yarr/YarrJIT.cpp
Log Message:
-----------
[YARR] Skip dead errorCodePoint check in JIT backreference loop for
non-Unicode patterns
https://bugs.webkit.org/show_bug.cgi?id=308181
Reviewed by Yusuke Suzuki.
In the case-sensitive backreference matching loop, YarrJIT unconditionally
emitted an errorCodePoint check (cmn + b.eq) before comparing the input
character against the pattern character. However, errorCodePoint (-1) can
only be produced by tryReadUnicodeChar() when decoding surrogate pairs.
In non-Unicode mode, readCharacter() emits load8 or load16 which
zero-extend the result, so the value is always in [0, 0xFFFF] and can
never equal errorCodePoint.
Guard the errorCodePoint check with m_decodeSurrogatePairs so it is only
emitted in Unicode mode. On AArch64 this reduces the inner loop from 11
to 9 instructions and from 3 to 2 branches per iteration.
Test: JSTests/stress/regexp-backreference-errorCodePoint-reorder.js
* JSTests/stress/regexp-backreference-errorCodePoint-reorder.js: Added.
(shouldBe):
(shouldBe.abc.1.test):
(shouldBeArray):
* Source/JavaScriptCore/yarr/YarrJIT.cpp:
Canonical link: https://commits.webkit.org/307900@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
