From 7eb1eb334924ee9f47839fc97ad139b6e1d90f2a Mon Sep 17 00:00:00 2001
From: Luke Wagner <luke@mozilla.com>
Date: Fri, 3 May 2013 14:43:33 -0700
Subject: [PATCH] Bug 868334 - test for MacroAssembler::oom in nextJump
 (r=sstangl)

--HG--
extra : rebase_source : 0f24502942176278fb94d3d978941deac1d77050
---
 js/src/assembler/assembler/X86Assembler.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/js/src/assembler/assembler/X86Assembler.h b/js/src/assembler/assembler/X86Assembler.h
index a0bed043cc9d..abd648987036 100644
--- a/js/src/assembler/assembler/X86Assembler.h
+++ b/js/src/assembler/assembler/X86Assembler.h
@@ -2650,6 +2650,11 @@ public:
     // the head of the jump list) is bound.
     bool nextJump(const JmpSrc& from, JmpSrc* next)
     {
+        // Sanity check - if the assembler has OOM'd, it will start overwriting
+        // its internal buffer and thus our links could be garbage.
+        if (oom())
+            return false;
+
         char* code = reinterpret_cast<char*>(m_formatter.data());
         int32_t offset = getInt32(code + from.m_offset);
         if (offset == -1)