[gjs: 1/2] context: Use Heap pointers for GC objects stored in vectors

[Cosimo Cecchi <cosimoc src gnome org>]

commit 67e659e6c6e4d7b96c1144c56e1bca94f188ae33
Author: Philip Chimento <philip chimento gmail com>
Date:   Wed May 15 22:28:01 2019 -0700

    context: Use Heap pointers for GC objects stored in vectors
    
    Without JS::Heap wrappers for these pointers, the objects may be moved
    to another location by the garbage collector without the pointers being
    updated. I thought JS::GCVector took care of that, but it doesn't.
    
    So, running the tests with JS_GC_ZEAL=2 (extra frequent garbage
    collections) would occasionally move the job queue objects, and cause a
    crash when subsequently draining the job queue.
    
    This regressed starting with commit ad90c931, where we switched from
    using JS::PersistentRooted (which is not moved around during GC) to
    tracing the job queue vector.

 gjs/context-private.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
---
diff --git a/gjs/context-private.h b/gjs/context-private.h
index 604f640b..10dcf688 100644
--- a/gjs/context-private.h
+++ b/gjs/context-private.h
@@ -37,8 +37,9 @@
 #include "js/GCPolicyAPI.h"
 #include "js/SweepingAPI.h"
 
-using JobQueue = JS::GCVector<JSObject*, 0, js::SystemAllocPolicy>;
-using ObjectInitList = JS::GCVector<JSObject*, 0, js::SystemAllocPolicy>;
+using JobQueue = JS::GCVector<JS::Heap<JSObject*>, 0, js::SystemAllocPolicy>;
+using ObjectInitList =
+    JS::GCVector<JS::Heap<JSObject*>, 0, js::SystemAllocPolicy>;
 using FundamentalTable =
     JS::GCHashMap<void*, JS::Heap<JSObject*>, js::DefaultHasher<void*>,
                   js::SystemAllocPolicy>;