From bbd4001cb261cc54e2adf804ea7cbeb09078d7d9 Mon Sep 17 00:00:00 2001
From: trav90 <travawine@protonmail.ch>
Date: Sat, 7 Apr 2018 12:24:30 -0500
Subject: Fix Value::isGCThing footgun, stop returning true for NullValue

---
 js/src/jsfriendapi.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'js/src/jsfriendapi.h')

diff --git a/js/src/jsfriendapi.h b/js/src/jsfriendapi.h
index b1c7cb0dc..722085549 100644
--- a/js/src/jsfriendapi.h
+++ b/js/src/jsfriendapi.h
@@ -761,7 +761,7 @@ SetReservedSlot(JSObject* obj, size_t slot, const JS::Value& value)
 {
     MOZ_ASSERT(slot < JSCLASS_RESERVED_SLOTS(GetObjectClass(obj)));
     shadow::Object* sobj = reinterpret_cast<shadow::Object*>(obj);
-    if (sobj->slotRef(slot).isMarkable() || value.isMarkable())
+    if (sobj->slotRef(slot).isGCThing() || value.isGCThing())
         SetReservedOrProxyPrivateSlotWithBarrier(obj, slot, value);
     else
         sobj->slotRef(slot) = value;
-- 
cgit v1.2.3