From 27ec37c90fccab15e5457260e64706108b369e7e Mon Sep 17 00:00:00 2001
From: Terrence Cole <terrence@mozilla.com>
Date: Mon, 21 Oct 2013 12:12:48 -0700
Subject: [PATCH] Bug 929065 - Fix an oom handling issue in ion compilation;
 r=bhackett

--HG--
extra : rebase_source : a2996447791b60ca53d02f7eb514143370c232b0
---
 js/src/jit/Ion.cpp          | 3 +++
 js/src/jit/IonAllocPolicy.h | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
index 052216224c4..c9eb461910b 100644
--- a/js/src/jit/Ion.cpp
+++ b/js/src/jit/Ion.cpp
@@ -1586,6 +1586,9 @@ IonCompile(JSContext *cx, JSScript *script,
         return AbortReason_Alloc;
 
     MIRGraph *graph = alloc->new_<MIRGraph>(temp);
+    if (!graph)
+        return AbortReason_Alloc;
+
     CompileInfo *info = alloc->new_<CompileInfo>(script, script->function(), osrPc, constructing,
                                                  executionMode);
     if (!info)
diff --git a/js/src/jit/IonAllocPolicy.h b/js/src/jit/IonAllocPolicy.h
index 55c1a4102c2..53264b50390 100644
--- a/js/src/jit/IonAllocPolicy.h
+++ b/js/src/jit/IonAllocPolicy.h
@@ -90,7 +90,8 @@ class IonAllocPolicy
     }
     void *calloc_(size_t bytes) {
         void *p = GetIonContext()->temp->allocate(bytes);
-        memset(p, 0, bytes);
+        if (p)
+            memset(p, 0, bytes);
         return p;
     }
     void *realloc_(void *p, size_t oldBytes, size_t bytes) {