Bug 1461448 - Add gray marking phase to delayed marking phase. r=sfink, a=RyanVM
authorJon Coppeard <jcoppeard@mozilla.com>
Fri, 18 May 2018 10:29:00 +0100
changeset 805990 8e6e0228335c98145710b164ebe20596f31f2ba2
parent 805989 1816f74764fe159c6b875f520036c075624aa092
child 805991 e6205726237169843c6e1de096a81af6448dc78d
push id112832
push userbballo@mozilla.com
push dateFri, 08 Jun 2018 21:11:22 +0000
reviewerssfink, RyanVM
bugs1461448
milestone60.0.2
Bug 1461448 - Add gray marking phase to delayed marking phase. r=sfink, a=RyanVM
js/src/gc/GenerateStatsPhases.py
js/src/jit-test/tests/gc/bug-1461448.js
--- a/js/src/gc/GenerateStatsPhases.py
+++ b/js/src/gc/GenerateStatsPhases.py
@@ -83,22 +83,24 @@ PhaseKindGraphRoots = [
     PhaseKind("PREPARE", "Prepare For Collection", 69, [
         PhaseKind("UNMARK", "Unmark", 7),
         PhaseKind("BUFFER_GRAY_ROOTS", "Buffer Gray Roots", 49),
         PhaseKind("MARK_DISCARD_CODE", "Mark Discard Code", 3),
         PhaseKind("RELAZIFY_FUNCTIONS", "Relazify Functions", 4),
         PhaseKind("PURGE", "Purge", 5),
         PhaseKind("PURGE_SHAPE_TABLES", "Purge ShapeTables", 60),
         JoinParallelTasksPhaseKind
-        ]),
+    ]),
     PhaseKind("MARK", "Mark", 6, [
         MarkRootsPhaseKind,
         UnmarkGrayPhaseKind,
-        PhaseKind("MARK_DELAYED", "Mark Delayed", 8)
+        PhaseKind("MARK_DELAYED", "Mark Delayed", 8, [
+            UnmarkGrayPhaseKind,
         ]),
+    ]),
     PhaseKind("SWEEP", "Sweep", 9, [
         PhaseKind("SWEEP_MARK", "Mark During Sweeping", 10, [
             UnmarkGrayPhaseKind,
             PhaseKind("SWEEP_MARK_INCOMING_BLACK", "Mark Incoming Black Pointers", 12, [
                 UnmarkGrayPhaseKind,
             ]),
             PhaseKind("SWEEP_MARK_WEAK", "Mark Weak", 13, [
                 UnmarkGrayPhaseKind,
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/gc/bug-1461448.js
@@ -0,0 +1,40 @@
+if (helperThreadCount() === 0)
+    quit();
+
+gczeal(0);
+
+let lfPreamble = `
+  var lfOffThreadGlobal = newGlobal();
+  for (lfLocal in this)
+    try {} catch(lfVare5) {}
+`;
+evaluate(lfPreamble);
+evaluate(`
+  var g = newGlobal();
+  var dbg = new Debugger;
+  var gw = dbg.addDebuggee(g);
+  for (lfLocal in this)
+    if (!(lfLocal in lfOffThreadGlobal))
+      try {
+        lfOffThreadGlobal[lfLocal] = this[lfLocal];
+      } catch(lfVare5) {}
+  var g = newGlobal();
+  var gw = dbg.addDebuggee(g);
+`);
+lfOffThreadGlobal.offThreadCompileScript(`
+  gcparam("markStackLimit", 1);
+  grayRoot()[0] = "foo";
+`);
+lfOffThreadGlobal.runOffThreadScript();
+eval(`
+  var lfOffThreadGlobal = newGlobal();
+  try { evaluate(\`
+    gczeal(18, 1);
+    grayRoot()[0] = "foo";
+    let inst = new WebAssembly.Instance(new WebAssembly.Module(wasmTextToBinary(
+    \\\`(module
+       (memory (export "memory") 1 1)
+     )\\\`
+    )));
+\`); } catch(exc) {}
+`);