Bug 1897013 - Collect the nursery at the start of GC slices if we might run the incremental marking validator r=sfink

Marking (including that done by the incremental marking validator) requires that we evcit the nursery first. This currently doesn't happen and the nursery may be non-empty during an incremental GC. This only affects use of the incremental marking validator which is not present in release builds. Differential Revision: https://phabricator.services.mozilla.com/D210829
2024-05-20 09:28:01 +00:00 · 2024-05-20 09:28:01 +00:00 · 572e93bd60
commit 572e93bd60
parent 681a9a4c83
2 changed files with 11 additions and 0 deletions
--- a/js/src/gc/GC.cpp
+++ b/js/src/gc/GC.cpp
@ -3765,6 +3765,14 @@ void GCRuntime::incrementalSlice(SliceBudget& budget, JS::GCReason reason,
        // this slice.
        rt->mainContextFromOwnThread()->traceWrapperGCRooters(
            marker().tracer());
+
+        // Incremental marking validation re-runs all marking non-incrementally,
+        // which requires collecting the nursery. If that might happen in this
+        // slice, do it now while it's safe to do so.
+        if (isIncremental &&
+            hasZealMode(ZealMode::IncrementalMarkingValidator)) {
+          collectNurseryFromMajorGC(JS::GCReason::EVICT_NURSERY);
+        }
      }

      {
--- a/js/src/gc/Verifier.cpp
+++ b/js/src/gc/Verifier.cpp
@ -496,6 +496,9 @@ void js::gc::MarkingValidator::nonIncrementalMark(AutoGCSession& session) {

  MOZ_ASSERT(!gcmarker->isWeakMarking());

+  /* We require that the nursery is empty at the start of collection. */
+  MOZ_ASSERT(gc->nursery().isEmpty());
+
  /* Wait for off-thread parsing which can allocate. */
  WaitForAllHelperThreads();