From b44e1a8c0c3d187752ea9707b7deb779e5da09d1 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Mon, 17 Apr 2017 12:20:05 +0200 Subject: [PATCH] v8: fix stack overflow in recursive method HGlobalValueNumberingPhase::CollectSideEffectsOnPathsToDominatedBlock() used to self-recurse before this commit, causing stack overflows on systems with small stack sizes. Make it non-recursive by storing intermediate results in a heap-allocated list. Fixes: https://github.com/nodejs/node/issues/11991 PR-URL: https://github.com/nodejs/node/pull/12460 Reviewed-By: James M Snell Reviewed-By: Yang Guo --- deps/v8/src/crankshaft/hydrogen-gvn.cc | 28 ++++++++++++++++---------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/deps/v8/src/crankshaft/hydrogen-gvn.cc b/deps/v8/src/crankshaft/hydrogen-gvn.cc index 70320052b08253..e586f4778f8968 100644 --- a/deps/v8/src/crankshaft/hydrogen-gvn.cc +++ b/deps/v8/src/crankshaft/hydrogen-gvn.cc @@ -5,6 +5,8 @@ #include "src/crankshaft/hydrogen-gvn.h" #include "src/crankshaft/hydrogen.h" +#include "src/list.h" +#include "src/list-inl.h" #include "src/objects-inl.h" #include "src/v8.h" @@ -651,19 +653,23 @@ SideEffects HGlobalValueNumberingPhase::CollectSideEffectsOnPathsToDominatedBlock( HBasicBlock* dominator, HBasicBlock* dominated) { SideEffects side_effects; - for (int i = 0; i < dominated->predecessors()->length(); ++i) { - HBasicBlock* block = dominated->predecessors()->at(i); - if (dominator->block_id() < block->block_id() && - block->block_id() < dominated->block_id() && - !visited_on_paths_.Contains(block->block_id())) { - visited_on_paths_.Add(block->block_id()); - side_effects.Add(block_side_effects_[block->block_id()]); - if (block->IsLoopHeader()) { - side_effects.Add(loop_side_effects_[block->block_id()]); + List blocks; + for (;;) { + for (int i = 0; i < dominated->predecessors()->length(); ++i) { + HBasicBlock* block = dominated->predecessors()->at(i); + if (dominator->block_id() < block->block_id() && + block->block_id() < dominated->block_id() && + !visited_on_paths_.Contains(block->block_id())) { + visited_on_paths_.Add(block->block_id()); + side_effects.Add(block_side_effects_[block->block_id()]); + if (block->IsLoopHeader()) { + side_effects.Add(loop_side_effects_[block->block_id()]); + } + blocks.Add(block); } - side_effects.Add(CollectSideEffectsOnPathsToDominatedBlock( - dominator, block)); } + if (blocks.is_empty()) break; + dominated = blocks.RemoveLast(); } return side_effects; }