From 5ed1fd1a2feaa5db5550a3f1f40b02d5b7ea0da8 Mon Sep 17 00:00:00 2001
From: Steve Fink <sfink@mozilla.com>
Date: Tue, 5 Jun 2018 17:41:12 -0700
Subject: [PATCH] Bug 1466633 - GCManagedDeletePolicy: do not clear edges
 during GC, r=jonco

--HG--
extra : source : 17bb0a45975b93c4003e4436706e3caf7c44d9fd
extra : histedit_source : d267abd514731d4664de12e6b4c2bd6666732dd9
---
 js/src/gc/DeletePolicy.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/js/src/gc/DeletePolicy.h b/js/src/gc/DeletePolicy.h
index edccfcfabc24..27fb8f2dfb09 100644
--- a/js/src/gc/DeletePolicy.h
+++ b/js/src/gc/DeletePolicy.h
@@ -7,6 +7,7 @@
 #ifndef gc_DeletePolicy_h
 #define gc_DeletePolicy_h
 
+#include "gc/Barrier.h"
 #include "js/TracingAPI.h"
 #ifdef ENABLE_BIGINT
 #include "vm/BigIntType.h"
@@ -73,8 +74,13 @@ struct GCManagedDeletePolicy
     void operator()(const T* constPtr) {
         if (constPtr) {
             auto ptr = const_cast<T*>(constPtr);
-            gc::ClearEdgesTracer trc;
-            ptr->trace(&trc);
+            if (JS::CurrentThreadIsHeapCollecting()) {
+                MOZ_ASSERT(js::CurrentThreadIsGCSweeping());
+                // Do not attempt to clear out storebuffer edges.
+            } else {
+                gc::ClearEdgesTracer trc;
+                ptr->trace(&trc);
+            }
             js_delete(ptr);
         }
     }