From cc60e9f823aa3a56e74d2f723d1729669e1b44b3 Mon Sep 17 00:00:00 2001
From: Terrence Cole <terrence@mozilla.com>
Date: Thu, 18 Dec 2014 10:17:06 -0800
Subject: [PATCH] Bug 1110931 - interFrameGC is only accessed from the main
 thread; r=sfink

---
 js/src/gc/GCRuntime.h | 2 +-
 js/src/jsgc.cpp       | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/js/src/gc/GCRuntime.h b/js/src/gc/GCRuntime.h
index 3a00a17fc8e0..65916c2f7c4f 100644
--- a/js/src/gc/GCRuntime.h
+++ b/js/src/gc/GCRuntime.h
@@ -793,7 +793,7 @@ class GCRuntime
      * frame, rather than at the beginning. In this case, the next slice will be
      * delayed so that we don't get back-to-back slices.
      */
-    volatile uintptr_t interFrameGC;
+    bool interFrameGC;
 
     /* Default budget for incremental GC slice. See SliceBudget in jsgc.h. */
     int64_t sliceBudget;
diff --git a/js/src/jsgc.cpp b/js/src/jsgc.cpp
index 87ec9825368a..d443f37b1a4a 100644
--- a/js/src/jsgc.cpp
+++ b/js/src/jsgc.cpp
@@ -1110,7 +1110,7 @@ GCRuntime::GCRuntime(JSRuntime *rt) :
 #ifdef JS_GC_MARKING_VALIDATION
     markingValidator(nullptr),
 #endif
-    interFrameGC(0),
+    interFrameGC(false),
     sliceBudget(SliceBudget::Unlimited),
     incrementalAllowed(true),
     generationalDisabled(0),
@@ -6297,6 +6297,8 @@ GCRuntime::finishGC(JS::gcreason::Reason reason)
 void
 GCRuntime::notifyDidPaint()
 {
+    MOZ_ASSERT(CurrentThreadCanAccessRuntime(rt));
+
 #ifdef JS_GC_ZEAL
     if (zealMode == ZealFrameVerifierPreValue) {
         verifyPreBarriers();