[parser] Reset expression_scope_ stack to nullptr when parsing a function body

That way we can properly walk the active ambiguous stack of expressions and
stop where it's non-ambiguous. In the bug we would have forced context
allocation of "this" in an outer function because an inner function was parsed
as part of an arrow function head and "this" was referenced. That caused the
ambiguous arrow head scope to be marked, even though the reference came from a
non-ambiguous function.

Bug: chromium:930580
Change-Id: I0bf0fa569e2d2ca1dc26b0514fe5bdb48ab7ae6f
Reviewed-on: https://chromium-review.googlesource.com/c/1462005Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59488}

src/parsing/parser-base.h

@@ -3808,6 +3808,8 @@ void ParserBase<Impl>::ParseFunctionBody(
     StatementListT* body, IdentifierT function_name, int pos,
     const FormalParametersT& parameters, FunctionKind kind,
     FunctionLiteral::FunctionType function_type, FunctionBodyType body_type) {
+  FunctionBodyParsingScope body_parsing_scope(impl());
+
   if (IsResumableFunction(kind)) impl()->PrepareGeneratorVariables();
 
   DeclarationScope* function_scope = parameters.scope;

test/mjsunit/regress/regress-crbug-930580.js

+// Copyright 2019 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+(function outer() {
+  (arg = (function inner() {
+    return this
+  })()) => 0;
+})();