Google Git
Sign in
webkit / WebKit / 55f7d00b1c9d5f64837b89d9940c4b03fd4e848a^! / . / Source / JavaScriptCore / runtime / MatchResult.h
commit55f7d00b1c9d5f64837b89d9940c4b03fd4e848a[log] [tgz]
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Fri May 27 14:59:46 2016 +0000
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Fri May 27 14:59:46 2016 +0000
treea33284e33eaf12eed45c619c7891dfa7c9025cdf
parentefdc52ffdbaaf61fbc6ea93be72ca0be1c8c2987 [diff] [blame]
Bogus uses of regexp matching should realize that they will OOM before they start swapping
https://bugs.webkit.org/show_bug.cgi?id=158142

Reviewed by Michael Saboff.
        
Refactored the RegExpObject::matchGlobal() code so that there is less duplication. Took
advantage of this to make the code more resilient in case of absurd situations: if the
result array gets large, it proceeds with a dry run to detect how many matches there will
be. This allows it to OOM before it starts swapping.
        
This also improves the overall performance of the code by using lightweight substrings and
skipping the whole intermediate argument array.
        
This makes some jsfunfuzz tests run a lot faster and use a lot less memory.
        
* builtins/RegExpPrototype.js:
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/MatchResult.cpp: Added.
(JSC::MatchResult::dump):
* runtime/MatchResult.h:
(JSC::MatchResult::empty):
(MatchResult::empty): Deleted.
* runtime/RegExpObject.cpp:
(JSC::RegExpObject::match):
(JSC::collectMatches):
(JSC::RegExpObject::matchGlobal):
* runtime/StringObject.h:
(JSC::jsStringWithReuse):
(JSC::jsSubstring):
* tests/stress/big-match.js: Added. Make sure that this optimization doesn't break big matches.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@201451 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/runtime/MatchResult.h b/Source/JavaScriptCore/runtime/MatchResult.h
index 347bbe9..13dd7f0 100644
--- a/Source/JavaScriptCore/runtime/MatchResult.h
+++ b/Source/JavaScriptCore/runtime/MatchResult.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2012, 2016 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -26,6 +26,11 @@
 #ifndef MatchResult_h
 #define MatchResult_h
 
+#include <wtf/PrintStream.h>
+#include <wtf/Vector.h> // for notFound
+
+namespace JSC {
+
 typedef uint64_t EncodedMatchResult;
 
 struct MatchResult {
@@ -69,9 +74,13 @@
     {
         return start == end;
     }
+    
+    void dump(PrintStream&) const;
 
     size_t start;
     size_t end;
 };
 
+} // namespace JSC
+
 #endif