mozilla-inbound: changeset 427946:06b69c1525d00ed5eba203c523b061fd210def1d

author	Robert Bartlensky <rbartlensky@mozilla.com>
	Thu, 19 Jul 2018 11:16:42 +0100
changeset 427946	06b69c1525d00ed5eba203c523b061fd210def1d
parent 427945	57d01bdce6b86840f4567d8d68b61d893369a849
child 427947	873b3e2c3d2b1c619a839ce64635fc1daec53d0a
push id	105593
push user	rgurzau@mozilla.com
push date	Tue, 24 Jul 2018 09:55:14 +0000
treeherder	mozilla-inbound@f636b99a8091 [default view] [failures only]
perfherder	[talos] [build metrics] [platform microbench] (compared to previous push)
reviewers	luke
bugs	1472681
milestone	63.0a1
first release with	nightly linux32 1e5fa52a612e / 63.0a1 / 20180724100052 / files nightly linux64 1e5fa52a612e / 63.0a1 / 20180724100052 / files nightly mac 1e5fa52a612e / 63.0a1 / 20180724100052 / files nightly win32 1e5fa52a612e / 63.0a1 / 20180724100052 / files nightly win64 1e5fa52a612e / 63.0a1 / 20180724100052 / files
last release without	nightly linux32 fe48e26ca88c / 63.0a1 / 20180723220051 / files nightly linux64 fe48e26ca88c / 63.0a1 / 20180723220051 / files nightly mac fe48e26ca88c / 63.0a1 / 20180723220051 / files nightly win32 fe48e26ca88c / 63.0a1 / 20180723220051 / files nightly win64 fe48e26ca88c / 63.0a1 / 20180723220051 / files

--- a/js/src/vm/EnvironmentObject-inl.h
+++ b/js/src/vm/EnvironmentObject-inl.h
@@ -12,18 +12,21 @@
 #include "vm/JSObject-inl.h"
 #include "vm/TypeInference-inl.h"
 
 namespace js {
 
 inline LexicalEnvironmentObject&
 NearestEnclosingExtensibleLexicalEnvironment(JSObject* env)
 {
-    while (!IsExtensibleLexicalEnvironment(env))
+    MOZ_ASSERT(env);
+    while (!IsExtensibleLexicalEnvironment(env)) {
         env = env->enclosingEnvironment();
+        MOZ_ASSERT(env);
+    }
     return env->as<LexicalEnvironmentObject>();
 }
 
 inline void
 EnvironmentObject::setAliasedBinding(JSContext* cx, uint32_t slot, PropertyName* name,
                                      const Value& v)
 {
     if (isSingleton()) {