diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
index 12fbd0f616d1..d4606e5e11bf 100644
--- a/js/src/jit/Ion.cpp
+++ b/js/src/jit/Ion.cpp
@@ -469,6 +469,8 @@ PrepareForDebuggerOnIonCompilationHook(JSContext* cx, jit::MIRGraph& graph,
 void
 jit::FinishOffThreadBuilder(JSContext* cx, IonBuilder* builder)
 {
+    MOZ_ASSERT(HelperThreadState().isLocked());
+
     // Clean the references to the pending IonBuilder, if we just finished it.
     if (builder->script()->baselineScript()->hasPendingIonBuilder() &&
         builder->script()->baselineScript()->pendingIonBuilder() == builder)
@@ -583,9 +585,6 @@ jit::LazyLink(JSContext* cx, HandleScript calleeScript)
     AutoScriptVector debugScripts(cx);
     OnIonCompilationInfo info(builder->alloc().lifoAlloc());
 
-    // Remove from pending.
-    builder->removeFrom(HelperThreadState().ionLazyLinkList());
-
     {
         AutoEnterAnalysis enterTypes(cx);
         if (!LinkBackgroundCodeGen(cx, builder, &debugScripts, &info)) {
@@ -599,7 +598,10 @@ jit::LazyLink(JSContext* cx, HandleScript calleeScript)
     if (info.filled())
         Debugger::onIonCompilation(cx, debugScripts, info.graph);
 
-    FinishOffThreadBuilder(cx, builder);
+    {
+        AutoLockHelperThreadState lock;
+        FinishOffThreadBuilder(cx, builder);
+    }
 
     MOZ_ASSERT(calleeScript->hasBaselineScript());
     MOZ_ASSERT(calleeScript->baselineOrIonRawPointer());