Commit e0be0503 authored by erikcorry's avatar erikcorry Committed by Commit bot

Reduce regexp compiler stack size when not optimizing regexps

R=jkummerow@chromium.org
BUG=chromium:475705
LOG=y

Review URL: https://codereview.chromium.org/1082763002

Cr-Commit-Position: refs/heads/master@{#27851}
parent ccc7952e
...@@ -986,7 +986,12 @@ class RegExpCompiler { ...@@ -986,7 +986,12 @@ class RegExpCompiler {
int capture_count, int capture_count,
Handle<String> pattern); Handle<String> pattern);
inline void AddWork(RegExpNode* node) { work_list_->Add(node); } inline void AddWork(RegExpNode* node) {
if (!node->on_work_list() && !node->label()->is_bound()) {
node->set_on_work_list(true);
work_list_->Add(node);
}
}
static const int kImplementationOffset = 0; static const int kImplementationOffset = 0;
static const int kNumberOfRegistersOffset = 0; static const int kNumberOfRegistersOffset = 0;
...@@ -1006,6 +1011,10 @@ class RegExpCompiler { ...@@ -1006,6 +1011,10 @@ class RegExpCompiler {
inline bool one_byte() { return one_byte_; } inline bool one_byte() { return one_byte_; }
inline bool optimize() { return optimize_; } inline bool optimize() { return optimize_; }
inline void set_optimize(bool value) { optimize_ = value; } inline void set_optimize(bool value) { optimize_ = value; }
inline bool limiting_recursion() { return limiting_recursion_; }
inline void set_limiting_recursion(bool value) {
limiting_recursion_ = value;
}
FrequencyCollator* frequency_collator() { return &frequency_collator_; } FrequencyCollator* frequency_collator() { return &frequency_collator_; }
int current_expansion_factor() { return current_expansion_factor_; } int current_expansion_factor() { return current_expansion_factor_; }
...@@ -1027,6 +1036,7 @@ class RegExpCompiler { ...@@ -1027,6 +1036,7 @@ class RegExpCompiler {
bool ignore_case_; bool ignore_case_;
bool one_byte_; bool one_byte_;
bool reg_exp_too_big_; bool reg_exp_too_big_;
bool limiting_recursion_;
bool optimize_; bool optimize_;
int current_expansion_factor_; int current_expansion_factor_;
FrequencyCollator frequency_collator_; FrequencyCollator frequency_collator_;
...@@ -1061,6 +1071,7 @@ RegExpCompiler::RegExpCompiler(Isolate* isolate, Zone* zone, int capture_count, ...@@ -1061,6 +1071,7 @@ RegExpCompiler::RegExpCompiler(Isolate* isolate, Zone* zone, int capture_count,
ignore_case_(ignore_case), ignore_case_(ignore_case),
one_byte_(one_byte), one_byte_(one_byte),
reg_exp_too_big_(false), reg_exp_too_big_(false),
limiting_recursion_(false),
optimize_(FLAG_regexp_optimization), optimize_(FLAG_regexp_optimization),
current_expansion_factor_(1), current_expansion_factor_(1),
frequency_collator_(), frequency_collator_(),
...@@ -1095,7 +1106,9 @@ RegExpEngine::CompilationResult RegExpCompiler::Assemble( ...@@ -1095,7 +1106,9 @@ RegExpEngine::CompilationResult RegExpCompiler::Assemble(
macro_assembler_->Bind(&fail); macro_assembler_->Bind(&fail);
macro_assembler_->Fail(); macro_assembler_->Fail();
while (!work_list.is_empty()) { while (!work_list.is_empty()) {
work_list.RemoveLast()->Emit(this, &new_trace); RegExpNode* node = work_list.RemoveLast();
node->set_on_work_list(false);
if (!node->label()->is_bound()) node->Emit(this, &new_trace);
} }
if (reg_exp_too_big_) return IrregexpRegExpTooBig(isolate_); if (reg_exp_too_big_) return IrregexpRegExpTooBig(isolate_);
...@@ -1371,8 +1384,13 @@ void Trace::Flush(RegExpCompiler* compiler, RegExpNode* successor) { ...@@ -1371,8 +1384,13 @@ void Trace::Flush(RegExpCompiler* compiler, RegExpNode* successor) {
// Create a new trivial state and generate the node with that. // Create a new trivial state and generate the node with that.
Label undo; Label undo;
assembler->PushBacktrack(&undo); assembler->PushBacktrack(&undo);
Trace new_state; if (successor->KeepRecursing(compiler)) {
successor->Emit(compiler, &new_state); Trace new_state;
successor->Emit(compiler, &new_state);
} else {
compiler->AddWork(successor);
assembler->GoTo(successor->label());
}
// On backtrack we need to restore state. // On backtrack we need to restore state.
assembler->Bind(&undo); assembler->Bind(&undo);
...@@ -2213,17 +2231,13 @@ RegExpNode::LimitResult RegExpNode::LimitVersions(RegExpCompiler* compiler, ...@@ -2213,17 +2231,13 @@ RegExpNode::LimitResult RegExpNode::LimitVersions(RegExpCompiler* compiler,
RegExpMacroAssembler* macro_assembler = compiler->macro_assembler(); RegExpMacroAssembler* macro_assembler = compiler->macro_assembler();
if (trace->is_trivial()) { if (trace->is_trivial()) {
if (label_.is_bound()) { if (label_.is_bound() || on_work_list() || !KeepRecursing(compiler)) {
// We are being asked to generate a generic version, but that's already // If a generic version is already scheduled to be generated or we have
// been done so just go to it. // recursed too deeply then just generate a jump to that code.
macro_assembler->GoTo(&label_); macro_assembler->GoTo(&label_);
return DONE; // This will queue it up for generation of a generic version if it hasn't
} // already been queued.
if (compiler->recursion_depth() >= RegExpCompiler::kMaxRecursion) {
// To avoid too deep recursion we push the node to the work queue and just
// generate a goto here.
compiler->AddWork(this); compiler->AddWork(this);
macro_assembler->GoTo(&label_);
return DONE; return DONE;
} }
// Generate generic version of the node and bind the label for later use. // Generate generic version of the node and bind the label for later use.
...@@ -2234,19 +2248,28 @@ RegExpNode::LimitResult RegExpNode::LimitVersions(RegExpCompiler* compiler, ...@@ -2234,19 +2248,28 @@ RegExpNode::LimitResult RegExpNode::LimitVersions(RegExpCompiler* compiler,
// We are being asked to make a non-generic version. Keep track of how many // We are being asked to make a non-generic version. Keep track of how many
// non-generic versions we generate so as not to overdo it. // non-generic versions we generate so as not to overdo it.
trace_count_++; trace_count_++;
if (compiler->optimize() && trace_count_ < kMaxCopiesCodeGenerated && if (KeepRecursing(compiler) && compiler->optimize() &&
compiler->recursion_depth() <= RegExpCompiler::kMaxRecursion) { trace_count_ < kMaxCopiesCodeGenerated) {
return CONTINUE; return CONTINUE;
} }
// If we get here code has been generated for this node too many times or // If we get here code has been generated for this node too many times or
// recursion is too deep. Time to switch to a generic version. The code for // recursion is too deep. Time to switch to a generic version. The code for
// generic versions above can handle deep recursion properly. // generic versions above can handle deep recursion properly.
bool was_limiting = compiler->limiting_recursion();
compiler->set_limiting_recursion(true);
trace->Flush(compiler, this); trace->Flush(compiler, this);
compiler->set_limiting_recursion(was_limiting);
return DONE; return DONE;
} }
bool RegExpNode::KeepRecursing(RegExpCompiler* compiler) {
return !compiler->limiting_recursion() &&
compiler->recursion_depth() <= RegExpCompiler::kMaxRecursion;
}
int ActionNode::EatsAtLeast(int still_to_find, int ActionNode::EatsAtLeast(int still_to_find,
int budget, int budget,
bool not_at_start) { bool not_at_start) {
...@@ -6025,7 +6048,7 @@ RegExpEngine::CompilationResult RegExpEngine::Compile( ...@@ -6025,7 +6048,7 @@ RegExpEngine::CompilationResult RegExpEngine::Compile(
RegExpCompiler compiler(isolate, zone, data->capture_count, ignore_case, RegExpCompiler compiler(isolate, zone, data->capture_count, ignore_case,
is_one_byte); is_one_byte);
compiler.set_optimize(!TooMuchRegExpCode(pattern)); if (compiler.optimize()) compiler.set_optimize(!TooMuchRegExpCode(pattern));
// Sample some characters from the middle of the string. // Sample some characters from the middle of the string.
static const int kSampleSize = 128; static const int kSampleSize = 128;
......
...@@ -570,7 +570,7 @@ extern int kUninitializedRegExpNodePlaceHolder; ...@@ -570,7 +570,7 @@ extern int kUninitializedRegExpNodePlaceHolder;
class RegExpNode: public ZoneObject { class RegExpNode: public ZoneObject {
public: public:
explicit RegExpNode(Zone* zone) explicit RegExpNode(Zone* zone)
: replacement_(NULL), trace_count_(0), zone_(zone) { : replacement_(NULL), on_work_list_(false), trace_count_(0), zone_(zone) {
bm_info_[0] = bm_info_[1] = NULL; bm_info_[0] = bm_info_[1] = NULL;
} }
virtual ~RegExpNode(); virtual ~RegExpNode();
...@@ -618,6 +618,7 @@ class RegExpNode: public ZoneObject { ...@@ -618,6 +618,7 @@ class RegExpNode: public ZoneObject {
// EatsAtLeast, GetQuickCheckDetails. The budget argument is used to limit // EatsAtLeast, GetQuickCheckDetails. The budget argument is used to limit
// the number of nodes we are willing to look at in order to create this data. // the number of nodes we are willing to look at in order to create this data.
static const int kRecursionBudget = 200; static const int kRecursionBudget = 200;
bool KeepRecursing(RegExpCompiler* compiler);
virtual void FillInBMInfo(int offset, virtual void FillInBMInfo(int offset,
int budget, int budget,
BoyerMooreLookahead* bm, BoyerMooreLookahead* bm,
...@@ -658,6 +659,9 @@ class RegExpNode: public ZoneObject { ...@@ -658,6 +659,9 @@ class RegExpNode: public ZoneObject {
// the deferred actions in the current trace and generating a goto. // the deferred actions in the current trace and generating a goto.
static const int kMaxCopiesCodeGenerated = 10; static const int kMaxCopiesCodeGenerated = 10;
bool on_work_list() { return on_work_list_; }
void set_on_work_list(bool value) { on_work_list_ = value; }
NodeInfo* info() { return &info_; } NodeInfo* info() { return &info_; }
BoyerMooreLookahead* bm_info(bool not_at_start) { BoyerMooreLookahead* bm_info(bool not_at_start) {
...@@ -679,6 +683,7 @@ class RegExpNode: public ZoneObject { ...@@ -679,6 +683,7 @@ class RegExpNode: public ZoneObject {
private: private:
static const int kFirstCharBudget = 10; static const int kFirstCharBudget = 10;
Label label_; Label label_;
bool on_work_list_;
NodeInfo info_; NodeInfo info_;
// This variable keeps track of how many times code has been generated for // This variable keeps track of how many times code has been generated for
// this node (in different traces). We don't keep track of where the // this node (in different traces). We don't keep track of where the
......
// Copyright 2015 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Crankshaft changes the stack usage and messes up the binary search for the
// stack depth that causes a stack overflow. The issue only arises without
// regexp optimization, which can happen on pages that create a lot of regexps.
// Flags: --nocrankshaft --noregexp-optimization
// Should not crash with a stack overflow in the regexp compiler, even when the
// JS has used most of the stack.
function use_space_then_do_test(depth) {
try {
// The "+ depth" is to avoid the regexp compilation cache.
var regexp_src = repeat(".(.)", 12) + depth;
use_space(depth, regexp_src);
return true;
} catch (e) {
assertFalse(("" + e).indexOf("tack") == -1); // Check for [Ss]tack.
return false;
}
}
function use_space(n, regexp_src) {
if (--n == 0) {
do_test(regexp_src);
return;
}
use_space(n, regexp_src);
}
function repeat(str, n) {
var answer = "";
while (n-- != 0) {
answer += str;
}
return answer;
}
var subject = repeat("y", 200);
function do_test(regexp_src) {
var re = new RegExp(regexp_src);
re.test(subject);
}
function try_different_stack_limits() {
var lower = 100;
var higher = 100000;
while (lower < higher - 1) {
var average = Math.floor((lower + higher) / 2);
if (use_space_then_do_test(average)) {
lower = average;
} else {
higher = average;
}
}
for (var i = lower - 5; i < higher + 5; i++) {
use_space_then_do_test(i);
}
}
try_different_stack_limits();
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment