Bug 1693223 - Improve gray marking assertions to take account of clearing mark bits off-thread r=sfink

I don't know whether this will fix this issue, but our assertions are definitely over restrictive here. The mark bits are accessed atomically, and are cleared on a background thread. If the mark bits for a cell span two words (which happens for some cell sizes) we may observe a cell that had both mark bits set (i.e. black) as having only one bit set, and thus appear to be gray. The patch checks whether parallel unmarking is taking place and skips the gray check. Differential Revision: https://phabricator.services.mozilla.com/D154794
2022-08-18 20:14:21 +00:00
parent ce87455536
commit 82bd1b7473
3 changed files with 12 additions and 7 deletions
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@@ -8052,6 +8052,8 @@ static bool GetMarks(JSContext* cx, unsigned argc, Value* vp) {
    JSObject* obj = observers->get()[i];
    if (!obj) {
      color = "dead";
+    } else if (obj->zone()->isGCPreparing()) {
+      color = "unmarked";
    } else {
      gc::TenuredCell* cell = &obj->asTenured();
      if (cell->isMarkedGray()) {