From c53602c802cfaeaede20cb0bb2180194389eeb05 Mon Sep 17 00:00:00 2001
From: Jon Coppeard <jcoppeard@mozilla.com>
Date: Fri, 22 Mar 2019 13:17:31 +0100
Subject: Reset nursery position when it's disabled.

---
 js/src/gc/Nursery.cpp | 1 +
 js/src/gc/Nursery.h   | 1 +
 2 files changed, 2 insertions(+)

(limited to 'js')

diff --git a/js/src/gc/Nursery.cpp b/js/src/gc/Nursery.cpp
index ea4350fb8..93a0eb6a8 100644
--- a/js/src/gc/Nursery.cpp
+++ b/js/src/gc/Nursery.cpp
@@ -210,6 +210,7 @@ js::Nursery::disable()
         return;
     updateNumChunks(0);
     currentEnd_ = 0;
+    position_ = 0;
     runtime()->gc.storeBuffer.disable();
 }
 
diff --git a/js/src/gc/Nursery.h b/js/src/gc/Nursery.h
index 0d215d997..a839a4979 100644
--- a/js/src/gc/Nursery.h
+++ b/js/src/gc/Nursery.h
@@ -245,6 +245,7 @@ class Nursery
 
     // Free space remaining, not counting chunk trailers.
     MOZ_ALWAYS_INLINE size_t freeSpace() const {
+        MOZ_ASSERT(isEnabled());
         MOZ_ASSERT(currentEnd_ - position_ <= NurseryChunkUsableSize);
         return (currentEnd_ - position_) +
                (numChunks() - currentChunk_ - 1) * NurseryChunkUsableSize;
-- 
cgit v1.2.3