Bug 178175

Summary: Invalid numeric and named references should be early syntax errors
Product: WebKit Reporter: Michael Saboff <msaboff>
Component: JavaScriptCoreAssignee: Alexey Shvayka <ashvayka>
Status: RESOLVED FIXED    
Severity: Trivial CC: ashvayka, darin, ews-watchlist, keith_miller, mark.lam, ross.kirsling, saam, tzagallo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=178174
https://bugs.webkit.org/show_bug.cgi?id=167067
Bug Depends on: 189407    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch none

Michael Saboff
Reported 2017-10-11 11:24:31 PDT
This Test262 test is failing - JSTests/test262/test/built-ins/RegExp/named-groups/unicode-references.js Exception: SyntaxError: Invalid regular expression: invalid backreference for unicode pattern at JSTests/test262/test/built-ins/RegExp/named-groups/unicode-references.js:33 The line in question is: assert(compareArray(["bab", "b"], "bab".match(/\k<a>(?<a>b)\w\k<a>/u))); Here the named group “a” is being referenced before if is defined. Seems like we’re doing the right thing, but we need to check.
Attachments
Patch (27.06 KB, patch)
2020-03-22 13:56 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (28.57 KB, patch)
2020-03-23 05:41 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (28.54 KB, patch)
2020-03-23 06:00 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (36.86 KB, patch)
2020-03-24 13:04 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (38.13 KB, patch)
2020-03-25 15:45 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Patch (38.13 KB, patch)
2020-03-25 15:52 PDT, Alexey Shvayka 		no flags
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Michael Saboff
Comment 1 2017-10-11 11:25:28 PDT
<rdar://problem/34844068>
Alexey Shvayka
Comment 2 2020-03-22 13:56:08 PDT
Created attachment 394228 [details] Patch
Alexey Shvayka
Comment 3 2020-03-22 14:01:12 PDT
I will add ChangeLog entry in a minute; just making sure we are not tackling the same issue separately.
Alexey Shvayka
Comment 4 2020-03-23 05:41:42 PDT
Created attachment 394256 [details] Patch Add ChangeLog and fix build.
Alexey Shvayka
Comment 5 2020-03-23 06:00:06 PDT
Created attachment 394257 [details] Patch Use [[noreturn]] instead of NO_RETURN_DUE_TO_ASSERT.
Ross Kirsling
Comment 6 2020-03-23 12:45:37 PDT
(In reply to Alexey Shvayka from comment #5) > Created attachment 394257 [details] > Patch > > Use [[noreturn]] instead of NO_RETURN_DUE_TO_ASSERT. I think we intentionally avoid this? I think for a release assert you may need to use NO_RETURN_DUE_TO_CRASH.
Alexey Shvayka
Comment 7 2020-03-23 12:53:02 PDT
> > Use [[noreturn]] instead of NO_RETURN_DUE_TO_ASSERT. > > I think we intentionally avoid this? I think for a release assert you may > need to use NO_RETURN_DUE_TO_CRASH. Thank you, there are indeed no usages of [[noreturn]] in WebKit code base. API tests fail because named and numeric references should be disabled for URLFilterParser. I might have need to bring back isValidNamedForwardReference().
Alexey Shvayka
Comment 8 2020-03-24 13:04:04 PDT
Created attachment 394400 [details] Patch Use NO_RETURN_DUE_TO_CRASH, fix API tests, improve error messages, and tweak naming.
Ross Kirsling
Comment 9 2020-03-24 20:10:42 PDT
Comment on attachment 394400 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=394400&action=review Nice work! (Looks like you need a rebase though.) > Source/JavaScriptCore/yarr/YarrErrorCode.h:55 > + InvalidNamedBackreference, Interesting how it's `Backreference` here and `BackReference` elsewhere...though this isn't your fault. :P
Alexey Shvayka
Comment 10 2020-03-25 15:45:10 PDT
Created attachment 394553 [details] Patch Rebase patch, set reviewer, add second m_kIdentityEscapeSeen, check and add a comment explaining m_isUnicode check in handleIllegalReferences().
Alexey Shvayka
Comment 11 2020-03-25 15:52:20 PDT
Created attachment 394555 [details] Patch Camelcase "backreference".
Alexey Shvayka
Comment 12 2020-03-25 15:59:29 PDT
Thank you for taking time to review this patch, Ross. It is quite tricky.
Ross Kirsling
Comment 13 2020-03-25 16:01:17 PDT
Comment on attachment 394555 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=394555&action=review > Source/JavaScriptCore/yarr/YarrParser.h:919 > + if (m_kIdentityEscapeSeen && !m_captureGroupNames.isEmpty()) { > + m_errorCode = ErrorCode::InvalidNamedBackReference; > + return; > + } Do we need a test for this path, if nothing was failing without it?
Alexey Shvayka
Comment 14 2020-03-25 16:05:56 PDT
(In reply to Ross Kirsling from comment #13) > Do we need a test for this path, if nothing was failing without it? We have this covered by test/language/literals/regexp/named-groups/invalid-incomplete-groupname.js test/language/literals/regexp/named-groups/invalid-incomplete-groupname-2.js test/language/literals/regexp/named-groups/invalid-incomplete-groupname-3.js I just didn't run the tests properly.
Ross Kirsling
Comment 15 2020-03-25 16:08:00 PDT
(In reply to Alexey Shvayka from comment #14) > (In reply to Ross Kirsling from comment #13) > > Do we need a test for this path, if nothing was failing without it? > > We have this covered by > test/language/literals/regexp/named-groups/invalid-incomplete-groupname.js > > test/language/literals/regexp/named-groups/invalid-incomplete-groupname-2.js > > test/language/literals/regexp/named-groups/invalid-incomplete-groupname-3.js > > I just didn't run the tests properly. Oh okay, thanks for confirming.
EWS
Comment 16 2020-03-25 18:24:11 PDT
Committed r259026: <https://trac.webkit.org/changeset/259026> All reviewed patches have been landed. Closing bug and clearing flags on attachment 394555 [details].
Note You need to log in before you can comment on or make changes to this bug.