From 5caa11dafbcb6d2bc3553629dc810f6f07984b82 Mon Sep 17 00:00:00 2001 From: "ricow@chromium.org" Date: Mon, 19 Jul 2010 06:29:30 +0000 Subject: [PATCH] Reorder SharedFunctionInfo setup in lazy compile, quick fix for crbug.com/49099 This fixes issue 49099 (http://crbug.com/49099) that makes chromium crash if a gc is triggered by setting the scopeinfo in CompileLazy. If this gc triggers code flushing the compiled function could be flushed, causing the ASSERT(shared->is_compiled()) to fail. By reordering the two methods we make sure that no allocation happens before the end of the method. Review URL: http://codereview.chromium.org/3035006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5089 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- src/compiler.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/compiler.cc b/src/compiler.cc index 0d1fe99..d87d9da 100755 --- a/src/compiler.cc +++ b/src/compiler.cc @@ -449,8 +449,12 @@ bool Compiler::CompileLazy(CompilationInfo* info) { code); // Update the shared function info with the compiled code and the scope info. - shared->set_code(*code); + // Please note, that the order of the sharedfunction initialization is + // important since set_scope_info might trigger a GC, causing the ASSERT + // below to be invalid if the code was flushed. By settting the code + // object last we avoid this. shared->set_scope_info(*SerializedScopeInfo::Create(info->scope())); + shared->set_code(*code); // Set the expected number of properties for instances. SetExpectedNofPropertiesFromEstimate(shared, lit->expected_property_count()); -- 2.7.4