From 3fad1fc91b76cbec33622fa45593fbc46804daa4 Mon Sep 17 00:00:00 2001
From: Jay Bhaskar <jay.bhaskar@oracle.com>
Date: Sat, 19 Feb 2022 17:08:30 +0530
Subject: [PATCH] 8282134: Certain regex can cause a JS trap in WebView

---
 .../native/Source/JavaScriptCore/yarr/YarrJIT.cpp   |  2 +-
 .../test/java/test/javafx/scene/web/LoadTest.java   |  8 ++++++++
 .../src/test/resources/test/html/unicode.html       | 13 +++++++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 modules/javafx.web/src/test/resources/test/html/unicode.html

diff --git a/modules/javafx.web/src/main/native/Source/JavaScriptCore/yarr/YarrJIT.cpp b/modules/javafx.web/src/main/native/Source/JavaScriptCore/yarr/YarrJIT.cpp
index 32600c3a5c8..3ab5db9d311 100644
--- a/modules/javafx.web/src/main/native/Source/JavaScriptCore/yarr/YarrJIT.cpp
+++ b/modules/javafx.web/src/main/native/Source/JavaScriptCore/yarr/YarrJIT.cpp
@@ -2135,7 +2135,7 @@ class YarrGenerator final : public YarrJITInfo, private MacroAssembler {
 
         if (!nonGreedyFailuresDecrementIndex.empty()) {
             nonGreedyFailuresDecrementIndex.link(this);
-            breakpoint();
+            sub32(TrustedImm32(1), index);
         }
         nonGreedyFailures.link(this);
         sub32(countRegister, index);
diff --git a/modules/javafx.web/src/test/java/test/javafx/scene/web/LoadTest.java b/modules/javafx.web/src/test/java/test/javafx/scene/web/LoadTest.java
index 54efc09fca1..651463bcdab 100644
--- a/modules/javafx.web/src/test/java/test/javafx/scene/web/LoadTest.java
+++ b/modules/javafx.web/src/test/java/test/javafx/scene/web/LoadTest.java
@@ -423,4 +423,12 @@ public void onError() {
             throw new AssertionError(ex);
         }
     }
+
+    // JDK-8282134 Certain regex can cause a JS trap in WebView
+    @Test public void jsRegexpTrapTest() {
+        final String FILE = "src/test/resources/test/html/unicode.html";
+        load(new File(FILE));
+        WebEngine web = getEngine();
+        assertTrue("Load task completed successfully", getLoadState() == SUCCEEDED);
+    }
 }
diff --git a/modules/javafx.web/src/test/resources/test/html/unicode.html b/modules/javafx.web/src/test/resources/test/html/unicode.html
new file mode 100644
index 00000000000..4bafe3761d7
--- /dev/null
+++ b/modules/javafx.web/src/test/resources/test/html/unicode.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+    let a = "\ud800\ud800\udc00"
+    let b = /(.*[^x]+?)[^]*([1])/u
+    b.exec(a)
+</script>
+
+<p id="regtest">PASS</p>
+
+</body>
+</html>