Revision: 5089
Author: [email protected]
Date: Sun Jul 18 23:29:30 2010
Log: Reorder SharedFunctionInfo setup in lazy compile, quick fix for
crbug.com/49099
This fixes issue 49099 (http://crbug.com/49099) that makes chromium
crash if a gc is triggered by setting the scopeinfo in CompileLazy. If
this gc triggers code flushing the compiled function could be flushed,
causing the ASSERT(shared->is_compiled()) to fail. By reordering the
two methods we make sure that no allocation happens before the end of
the method.
Review URL: http://codereview.chromium.org/3035006
http://code.google.com/p/v8/source/detail?r=5089
Modified:
/branches/bleeding_edge/src/compiler.cc
=======================================
--- /branches/bleeding_edge/src/compiler.cc Wed Jul 14 04:18:09 2010
+++ /branches/bleeding_edge/src/compiler.cc Sun Jul 18 23:29:30 2010
@@ -449,8 +449,12 @@
code);
// Update the shared function info with the compiled code and the scope
info.
- shared->set_code(*code);
+ // Please note, that the order of the sharedfunction initialization is
+ // important since set_scope_info might trigger a GC, causing the ASSERT
+ // below to be invalid if the code was flushed. By settting the code
+ // object last we avoid this.
shared->set_scope_info(*SerializedScopeInfo::Create(info->scope()));
+ shared->set_code(*code);
// Set the expected number of properties for instances.
SetExpectedNofPropertiesFromEstimate(shared,
lit->expected_property_count());
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
