commit acc36099bfc1
Author: Steve Fink <sfink@mozilla.com>
Date:   Mon Apr 17 21:04:08 2017 -0700

    Bug 1356709 - Fix uses of uninitialized values in arm64 code, r=sstangl
    
    --HG--
    extra : rebase_source : 2f9a59c88f21dd467fbc4232e2f6b20850fd53ed
    extra : histedit_source : b5110806cf04a3ca056ea89709bcc707368a2e57
---
 js/src/jit/arm64/MacroAssembler-arm64.cpp   |  4 +++-
 js/src/jit/arm64/vixl/Debugger-vixl.cpp     | 10 ++++++----
 js/src/jit/arm64/vixl/Decoder-vixl.cpp      | 12 ++++++------
 js/src/jit/arm64/vixl/Instrument-vixl.cpp   |  4 +++-
 js/src/jit/arm64/vixl/MozSimulator-vixl.cpp |  8 ++++++--
 5 files changed, 24 insertions(+), 14 deletions(-)

diff --git js/src/jit/arm64/MacroAssembler-arm64.cpp js/src/jit/arm64/MacroAssembler-arm64.cpp
index 013fefd85e9b..f1704c622cb6 100644
--- js/src/jit/arm64/MacroAssembler-arm64.cpp
+++ js/src/jit/arm64/MacroAssembler-arm64.cpp
@@ -682,7 +682,9 @@ MacroAssembler::callWithABIPre(uint32_t* stackAdjust, bool callFromWasm)
     *stackAdjust = stackForCall;
     reserveStack(*stackAdjust);
     {
-        moveResolver_.resolve();
+        enoughMemory_ &= moveResolver_.resolve();
+        if (!enoughMemory_)
+            return;
         MoveEmitter emitter(*this);
         emitter.emit(moveResolver_);
         emitter.finish();
diff --git js/src/jit/arm64/vixl/Debugger-vixl.cpp js/src/jit/arm64/vixl/Debugger-vixl.cpp
index 85097ed5a086..2f4966fbef15 100644
--- js/src/jit/arm64/vixl/Debugger-vixl.cpp
+++ js/src/jit/arm64/vixl/Debugger-vixl.cpp
@@ -30,6 +30,7 @@
 
 #include "jit/arm64/vixl/Debugger-vixl.h"
 
+#include "mozilla/Unused.h"
 #include "mozilla/Vector.h"
 
 #include "jsalloc.h"
@@ -1109,6 +1110,7 @@ bool DebugCommand::Match(const char* name, const char** aliases) {
 
 
 DebugCommand* DebugCommand::Parse(char* line) {
+  using mozilla::Unused;
   TokenVector args;
 
   for (char* chunk = strtok(line, " \t");
@@ -1120,15 +1122,15 @@ DebugCommand* DebugCommand::Parse(char* line) {
       Token* format = FormatToken::Tokenize(dot + 1);
       if (format != NULL) {
         *dot = '\0';
-        args.append(Token::Tokenize(chunk));
-        args.append(format);
+        Unused << args.append(Token::Tokenize(chunk));
+        Unused << args.append(format);
       } else {
         // Error while parsing the format, push the UnknownToken so an error
         // can be accurately reported.
-        args.append(Token::Tokenize(chunk));
+        Unused << args.append(Token::Tokenize(chunk));
       }
     } else {
-      args.append(Token::Tokenize(chunk));
+      Unused << args.append(Token::Tokenize(chunk));
     }
   }
 
diff --git js/src/jit/arm64/vixl/Decoder-vixl.cpp js/src/jit/arm64/vixl/Decoder-vixl.cpp
index 5865689ae6fa..c74f71a11b24 100644
--- js/src/jit/arm64/vixl/Decoder-vixl.cpp
+++ js/src/jit/arm64/vixl/Decoder-vixl.cpp
@@ -112,12 +112,12 @@ void Decoder::DecodeInstruction(const Instruction *instr) {
 }
 
 void Decoder::AppendVisitor(DecoderVisitor* new_visitor) {
-  visitors_.append(new_visitor);
+  MOZ_ALWAYS_TRUE(visitors_.append(new_visitor));
 }
 
 
 void Decoder::PrependVisitor(DecoderVisitor* new_visitor) {
-  visitors_.insert(visitors_.begin(), new_visitor);
+  MOZ_ALWAYS_TRUE(visitors_.insert(visitors_.begin(), new_visitor));
 }
 
 
@@ -125,12 +125,12 @@ void Decoder::InsertVisitorBefore(DecoderVisitor* new_visitor,
                                   DecoderVisitor* registered_visitor) {
   for (auto it = visitors_.begin(); it != visitors_.end(); it++) {
     if (*it == registered_visitor) {
-      visitors_.insert(it, new_visitor);
+      MOZ_ALWAYS_TRUE(visitors_.insert(it, new_visitor));
       return;
     }
   }
   // We reached the end of the list without finding registered_visitor.
-  visitors_.append(new_visitor);
+  MOZ_ALWAYS_TRUE(visitors_.append(new_visitor));
 }
 
 
@@ -139,12 +139,12 @@ void Decoder::InsertVisitorAfter(DecoderVisitor* new_visitor,
   for (auto it = visitors_.begin(); it != visitors_.end(); it++) {
     if (*it == registered_visitor) {
       it++;
-      visitors_.insert(it, new_visitor);
+      MOZ_ALWAYS_TRUE(visitors_.insert(it, new_visitor));
       return;
     }
   }
   // We reached the end of the list without finding registered_visitor.
-  visitors_.append(new_visitor);
+  MOZ_ALWAYS_TRUE(visitors_.append(new_visitor));
 }
 
 
diff --git js/src/jit/arm64/vixl/Instrument-vixl.cpp js/src/jit/arm64/vixl/Instrument-vixl.cpp
index 7653e0856281..15d143c8ec13 100644
--- js/src/jit/arm64/vixl/Instrument-vixl.cpp
+++ js/src/jit/arm64/vixl/Instrument-vixl.cpp
@@ -26,6 +26,8 @@
 
 #include "jit/arm64/vixl/Instrument-vixl.h"
 
+#include "mozilla/Unused.h"
+
 namespace vixl {
 
 Counter::Counter(const char* name, CounterType type)
@@ -139,7 +141,7 @@ Instrument::Instrument(const char* datafile, uint64_t sample_period)
   // Construct Counter objects from counter description array.
   for (int i = 0; i < num_counters; i++) {
     if (Counter* counter = js_new<Counter>(kCounterList[i].name, kCounterList[i].type))
-      counters_.append(counter);
+      mozilla::Unused << counters_.append(counter);
   }
 
   DumpCounterNames();
diff --git js/src/jit/arm64/vixl/MozSimulator-vixl.cpp js/src/jit/arm64/vixl/MozSimulator-vixl.cpp
index 0f8acebf9de6..284413bc5875 100644
--- js/src/jit/arm64/vixl/MozSimulator-vixl.cpp
+++ js/src/jit/arm64/vixl/MozSimulator-vixl.cpp
@@ -29,6 +29,7 @@
 #include "jit/arm64/vixl/Debugger-vixl.h"
 #include "jit/arm64/vixl/Simulator-vixl.h"
 #include "jit/IonTypes.h"
+#include "js/Utility.h"
 #include "threading/LockGuard.h"
 #include "vm/Runtime.h"
 #include "wasm/WasmCode.h"
@@ -427,9 +428,12 @@ void Simulator::VisitException(const Instruction* instr) {
         case kCallRtRedirected:
           VisitCallRedirection(instr);
           return;
-        case kMarkStackPointer:
-          spStack_.append(xreg(31, Reg31IsStackPointer));
+        case kMarkStackPointer: {
+          js::AutoEnterOOMUnsafeRegion oomUnsafe;
+          if (!spStack_.append(xreg(31, Reg31IsStackPointer)))
+            oomUnsafe.crash("tracking stack for ARM64 simulator");
           return;
+        }
         case kCheckStackPointer: {
           int64_t current = xreg(31, Reg31IsStackPointer);
           int64_t expected = spStack_.popCopy();
