From 7dee273c577aa68001390f858a9cce3f7005e061 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" <nicolas.b.pierron@mozilla.com>
Date: Thu, 20 Feb 2014 07:09:34 -0800
Subject: [PATCH] Bug 958172 - Only set the environment while cloning a
 JSFunction. r=jorendorff

---
 js/src/frontend/Parser.cpp |  6 +-----
 js/src/jsfun.cpp           | 10 +++++++++-
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
index da699109104..bacdeb4171c 100644
--- a/js/src/frontend/Parser.cpp
+++ b/js/src/frontend/Parser.cpp
@@ -1247,17 +1247,13 @@ Parser<ParseHandler>::newFunction(GenericParseContext *pc, HandleAtom atom,
     while (pc->parent)
         pc = pc->parent;
 
-    RootedObject parent(context);
-    if (!pc->sc->isFunctionBox() && options().compileAndGo)
-        parent = pc->sc->asGlobalSharedContext()->scopeChain();
-
     RootedFunction fun(context);
     JSFunction::Flags flags = (kind == Expression)
                               ? JSFunction::INTERPRETED_LAMBDA
                               : (kind == Arrow)
                                 ? JSFunction::INTERPRETED_LAMBDA_ARROW
                                 : JSFunction::INTERPRETED;
-    fun = NewFunctionWithProto(context, NullPtr(), nullptr, 0, flags, parent, atom, proto,
+    fun = NewFunctionWithProto(context, NullPtr(), nullptr, 0, flags, NullPtr(), atom, proto,
                                JSFunction::FinalizeKind, MaybeSingletonObject);
     if (!fun)
         return nullptr;
diff --git a/js/src/jsfun.cpp b/js/src/jsfun.cpp
index ff1d2ed867b..f2ce67ed600 100644
--- a/js/src/jsfun.cpp
+++ b/js/src/jsfun.cpp
@@ -409,6 +409,13 @@ js::XDRInterpretedFunction(XDRState<mode> *xdr, HandleObject enclosingScope, Han
 
         atom = fun->displayAtom();
         flagsword = (fun->nargs() << 16) | fun->flags();
+
+        // The environment of any function which is not reused will always be
+        // null, it is later defined when a function is cloned or reused to
+        // mirror the scope chain.
+        JS_ASSERT_IF(fun->hasSingletonType() &&
+                     !((lazy && lazy->hasBeenCloned()) || (script && script->hasBeenCloned())),
+                     fun->environment() == nullptr);
     }
 
     if (!xdr->codeUint32(&firstword))
@@ -421,8 +428,9 @@ js::XDRInterpretedFunction(XDRState<mode> *xdr, HandleObject enclosingScope, Han
             if (!proto)
                 return false;
         }
+
         fun = NewFunctionWithProto(cx, NullPtr(), nullptr, 0, JSFunction::INTERPRETED,
-                                   NullPtr(), NullPtr(), proto,
+                                   /* parent = */ NullPtr(), NullPtr(), proto,
                                    JSFunction::FinalizeKind, TenuredObject);
         if (!fun)
             return false;