diff --git a/js/src/vm/JSFunction.h b/js/src/vm/JSFunction.h
index d94b3be9b59c..1c11542c2589 100644
--- a/js/src/vm/JSFunction.h
+++ b/js/src/vm/JSFunction.h
@@ -262,6 +262,14 @@ class JSFunction : public js::NativeObject
     }
     bool isLambda()                 const { return flags() & LAMBDA; }
     bool isInterpretedLazy()        const { return flags() & INTERPRETED_LAZY; }
+
+    // This method doesn't check the non-nullness of u.scripted.s.script_,
+    // because it's guaranteed to be non-null when this has INTERPRETED flag,
+    // for live JSFunctions.
+    //
+    // When this JSFunction instance is reached via GC iteration, the above
+    // doesn't hold, and hasUncompletedScript should also be checked.
+    // (see the comment above hasUncompletedScript for more details).
     bool hasScript()                const { return flags() & INTERPRETED; }
 
     bool infallibleIsDefaultClassConstructor(JSContext* cx) const;