solve the pcre stack overflow #1576 - was: stack vs workspace for pcre and others

[Nils Goroll]

To conclude this discussion:

phk has decided to turn on JIT again unconditionally if compiled against PCRE
versions which we believe is safe (see ce89ba7fbdbeb684789db7c2834bdbff4856ea7f
and others).

As I have explained in previous emails in this thread, I don't agree that this
is a good idea. We had already enabled jit by default in the past only to
disable it again by default later. Should we ever see JIT issues again, users
would need to either recompile varnish or rewrite their regexen to use a vmod
like https://code.uplex.de/uplex-varnish/libvmod-re

Also for binary distributions I fear that runtime linking against a different
pcre version than that used at compile time could be an issue.


What I would like to see is
 - the option to disable jit at runtime (vcl reload) and per re at best
 - stack boundary checking for recursive (non-jit) pcre

For the latter, phk hat added stack boundary info to struct wrk, but today he
stated on irc that he does not want to see it used in core code because the
check depends on the assumption that the stack is continuous and grows downwards
and that there could be platforms for which it does not hold (I am not aware of
any platforms for which the assumption wouldn't hold which varnish supports
currently).

On this basis I don't see what I can do about this topic and will hopefully find
the time to look after adding the jit choice and stack checks to libvmod-re.

Nils