Bug 679593 - Null out JSScript (r=dmandelin)
authorBill McCloskey <wmccloskey@mozilla.com>
Mon, 22 Aug 2011 14:33:32 -0700
changeset 75682 c8eea83232b2d0dbf19c9fe8315517dabe09212b
parent 75681 408b90991d1793b1fe70fb367d34f1dd21d7e088
child 75683 e588d3deca71eac74ea98af96738dcaa418798a0
push id3
push userfelipc@gmail.com
push dateFri, 30 Sep 2011 20:09:13 +0000
reviewersdmandelin
bugs679593
milestone9.0a1
Bug 679593 - Null out JSScript (r=dmandelin)
js/src/jsfun.cpp
--- a/js/src/jsfun.cpp
+++ b/js/src/jsfun.cpp
@@ -2477,16 +2477,17 @@ js_CloneFunctionObject(JSContext *cx, JS
         clone->setPrivate(cfun);
         if (cfun->isInterpreted()) {
             JSScript *script = cfun->script();
             JS_ASSERT(script);
             JS_ASSERT(script->compartment == fun->compartment());
             JS_ASSERT(script->compartment != cx->compartment);
             JS_OPT_ASSERT(script->ownerObject == fun);
 
+            cfun->u.i.script = NULL;
             JSScript *cscript = js_CloneScript(cx, script);
             if (!cscript)
                 return NULL;
             cfun->u.i.script = cscript;
             cfun->script()->setOwnerObject(cfun);
 #ifdef CHECK_SCRIPT_OWNER
             cfun->script()->owner = NULL;
 #endif