commit 215da31d6b94511a7187f44120f3ba83dca0b386 parent 277c390572948fbbdf746755176f199e7406873e Author: Jon Coppeard <jcoppeard@mozilla.com> Date: Tue, 11 Nov 2025 15:26:03 +0000 Bug 1999361 - Don't check for gray cells until all atoms have been marked r=jandem I think the problem here is that we're checking the mark state before all atoms have been marked (atoms marked by uncollected zones get marked in updateAtomsBitmap). This wasn't a problem before atoms could be marked gray. Differential Revision: https://phabricator.services.mozilla.com/D272141 Diffstat:
| M | js/src/gc/Sweeping.cpp | | | 18 | +++++++++++------- |
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/js/src/gc/Sweeping.cpp b/js/src/gc/Sweeping.cpp @@ -1657,13 +1657,6 @@ IncrementalProgress GCRuntime::beginSweepingSweepGroup(JS::GCContext* gcx, if (zone->isAtomsZone()) { sweepingAtoms = true; } - -#ifdef DEBUG - for (const auto* cell : zone->cellsToAssertNotGray()) { - JS::AssertCellIsNotGray(cell); - } - zone->cellsToAssertNotGray().clearAndFree(); -#endif } // Updating the atom marking bitmaps. This marks atoms referenced by @@ -1674,6 +1667,17 @@ IncrementalProgress GCRuntime::beginSweepingSweepGroup(JS::GCContext* gcx, updateAtomsBitmap(); } +#ifdef DEBUG + // Now that the final mark state has been computed check any gray marking + // assertions we delayed until this point. + for (SweepGroupZonesIter zone(this); !zone.done(); zone.next()) { + for (const auto* cell : zone->cellsToAssertNotGray()) { + JS::AssertCellIsNotGray(cell); + } + zone->cellsToAssertNotGray().clearAndFree(); + } +#endif + #ifdef JS_GC_ZEAL validateIncrementalMarking(); #endif