Changeset 262342 in webkit for trunk/Source/JavaScriptCore/runtime/JSBigInt.cpp

Timestamp:

May 30, 2020, 12:46:53 AM (5 years ago)

Author:

[email protected]

Message:

[JSC] JSBigInt allocation should be graceful for OOM
​https://bugs.webkit.org/show_bug.cgi?id=212512

Reviewed by Mark Lam.

JSTests:

• stress/bigint-can-throw-oom.js: Copied from JSTests/stress/get-function-realm-not-doing-recursion.js.

(canThrow):
(foo):
(get foo):

• stress/get-function-realm-not-doing-recursion.js:

(canThrow):

Source/JavaScriptCore:

This patch allows JSBigInt's storage allocation to fail gracefully if OOM condition happens.
We thread JSGlobalObject* instead of VM& and throw OOM error if storage allocation failed.
We also rename JSGlobalObject* globalObject parameter to JSGlobalObject* nullOrGlobalObjectForOOM
if it can be nullptr.

• jit/JITOperations.cpp:
• jsc.cpp:

(functionCreateHeapBigInt):

• parser/ParserArena.cpp:

(JSC::IdentifierArena::makeBigIntDecimalIdentifier):

• runtime/BigIntConstructor.cpp:

(JSC::toBigInt):
(JSC::callBigIntConstructor):

• runtime/BigIntPrototype.cpp:

(JSC::toThisBigIntValue):
(JSC::bigIntProtoFuncToString):
(JSC::bigIntProtoFuncToLocaleString):
(JSC::bigIntProtoFuncValueOf):

• runtime/CachedTypes.cpp:

(JSC::CachedBigInt::decode const):

• runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

• runtime/IntlNumberFormatPrototype.cpp:

(JSC::IntlNumberFormatFuncFormat):

• runtime/JSBigInt.cpp:

(JSC::JSBigInt::createZero):
(JSC::JSBigInt::tryCreateZero):
(JSC::JSBigInt::createWithLength):
(JSC::JSBigInt::tryCreateWithLength):
(JSC::JSBigInt::createFrom):
(JSC::JSBigInt::tryCreateFrom):
(JSC::JSBigInt::createFromImpl):
(JSC::JSBigInt::parseInt):
(JSC::HeapBigIntImpl::toHeapBigInt):
(JSC::Int32BigIntImpl::toHeapBigInt):
(JSC::zeroImpl):
(JSC::JSBigInt::exponentiateImpl):
(JSC::JSBigInt::multiplyImpl):
(JSC::JSBigInt::divideImpl):
(JSC::JSBigInt::copy):
(JSC::JSBigInt::unaryMinusImpl):
(JSC::JSBigInt::unaryMinus):
(JSC::JSBigInt::remainderImpl):
(JSC::JSBigInt::incImpl):
(JSC::JSBigInt::decImpl):
(JSC::JSBigInt::addImpl):
(JSC::JSBigInt::subImpl):
(JSC::JSBigInt::bitwiseAndImpl):
(JSC::JSBigInt::bitwiseOrImpl):
(JSC::JSBigInt::bitwiseXorImpl):
(JSC::JSBigInt::absoluteAdd):
(JSC::JSBigInt::absoluteSub):
(JSC::JSBigInt::absoluteDivWithDigitDivisor):
(JSC::JSBigInt::absoluteDivWithBigIntDivisor):
(JSC::JSBigInt::absoluteLeftShiftAlwaysCopy):
(JSC::JSBigInt::absoluteBitwiseOp):
(JSC::JSBigInt::absoluteAnd):
(JSC::JSBigInt::absoluteOr):
(JSC::JSBigInt::absoluteAndNot):
(JSC::JSBigInt::absoluteXor):
(JSC::JSBigInt::absoluteAddOne):
(JSC::JSBigInt::absoluteSubOne):
(JSC::JSBigInt::leftShiftByAbsolute):
(JSC::JSBigInt::rightShiftByAbsolute):
(JSC::JSBigInt::rightShiftByMaximum):
(JSC::JSBigInt::toStringBasePowerOfTwo):
(JSC::JSBigInt::toStringGeneric):
(JSC::JSBigInt::rightTrim):
(JSC::JSBigInt::tryRightTrim):
(JSC::JSBigInt::allocateFor):
(JSC::JSBigInt::asIntNImpl):
(JSC::JSBigInt::asUintNImpl):
(JSC::JSBigInt::truncateToNBits):
(JSC::JSBigInt::truncateAndSubFromPowerOfTwo):
(JSC::JSBigInt::createWithLengthUnchecked): Deleted.

• runtime/JSBigInt.h:
• runtime/JSCJSValue.cpp:

(JSC::JSValue::toThisSlowCase const):

• runtime/VM.cpp:

(JSC::VM::VM):

Source/WebCore:

• bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneDeserializer::readBigInt):

File:

• trunk/Source/JavaScriptCore/runtime/JSBigInt.cpp (modified) (90 diffs)

trunk/Source/JavaScriptCore/runtime/JSBigInt.cpp

@@ -83 +83 @@
 }
 
-JSBigInt* JSBigInt::createZero(VM& vm)
-{
-    JSBigInt* zeroBigInt = createWithLengthUnchecked(vm, 0);
-    return zeroBigInt;
-}
-
-JSBigInt* JSBigInt::tryCreateWithLength(JSGlobalObject* globalObject, unsigned length)
-{
-    VM& vm = globalObject->vm();
+inline JSBigInt* JSBigInt::createZero(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm)
+{
+    return createWithLength(nullOrGlobalObjectForOOM, vm, 0);
+}
+
+JSBigInt* JSBigInt::createZero(JSGlobalObject* globalObject)
+{
+    return createZero(globalObject, globalObject->vm());
+}
+
+JSBigInt* JSBigInt::tryCreateZero(VM& vm)
+{
+    return createZero(nullptr, vm);
+}
+
+inline JSBigInt* JSBigInt::createWithLength(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm, unsigned length)
+{
     auto scope = DECLARE_THROW_SCOPE(vm);
-
     if (UNLIKELY(length > maxLength)) {
-        throwOutOfMemoryError(globalObject, scope, "BigInt generated from this operation is too big"_s);
+        if (nullOrGlobalObjectForOOM)
+            throwOutOfMemoryError(nullOrGlobalObjectForOOM, scope, "BigInt generated from this operation is too big"_s);
         return nullptr;
     }
 
-    scope.release();
-
-    return createWithLengthUnchecked(vm, length);
-}
-
-JSBigInt* JSBigInt::createWithLengthUnchecked(VM& vm, unsigned length)
-{
     ASSERT(length <= maxLength);
-    void* data = Gigacage::malloc(Gigacage::Primitive, length * sizeof(Digit));
+    void* data = Gigacage::tryMalloc(Gigacage::Primitive, length * sizeof(Digit));
+    if (UNLIKELY(!data)) {
+        if (nullOrGlobalObjectForOOM)
+            throwOutOfMemoryError(nullOrGlobalObjectForOOM, scope);
+        return nullptr;
+    }
     JSBigInt* bigInt = new (NotNull, allocateCell<JSBigInt>(vm.heap)) JSBigInt(vm, vm.bigIntStructure.get(), reinterpret_cast<Digit*>(data), length);
     bigInt->finishCreation(vm);
@@ -113 +119 @@
 }
 
-JSBigInt* JSBigInt::createFrom(VM& vm, int32_t value)
+JSBigInt* JSBigInt::tryCreateWithLength(VM& vm, unsigned length)
+{
+    return createWithLength(nullptr, vm, length);
+}
+
+JSBigInt* JSBigInt::createWithLength(JSGlobalObject* globalObject, unsigned length)
+{
+    return createWithLength(globalObject, globalObject->vm(), length);
+}
+
+inline JSBigInt* JSBigInt::createFrom(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm, int32_t value)
 {
     if (!value)
-        return createZero(vm);
-    
-    JSBigInt* bigInt = createWithLengthUnchecked(vm, 1);
+        return createZero(nullOrGlobalObjectForOOM, vm);
+
+    JSBigInt* bigInt = createWithLength(nullOrGlobalObjectForOOM, vm, 1);
+    if (UNLIKELY(!bigInt))
+        return nullptr;
+
     if (value < 0) {
         bigInt->setDigit(0, static_cast<Digit>(-1 * static_cast<int64_t>(value)));
@@ -128 +147 @@
 }
 
-JSBigInt* JSBigInt::createFrom(VM& vm, uint32_t value)
-{
+JSBigInt* JSBigInt::createFrom(JSGlobalObject* globalObject, int32_t value)
+{
+    return createFrom(globalObject, globalObject->vm(), value);
+}
+
+JSBigInt* JSBigInt::tryCreateFrom(VM& vm, int32_t value)
+{
+    return createFrom(nullptr, vm, value);
+}
+
+JSBigInt* JSBigInt::createFrom(JSGlobalObject* globalObject, uint32_t value)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     if (!value)
-        return createZero(vm);
+        RELEASE_AND_RETURN(scope, createZero(globalObject));
     
-    JSBigInt* bigInt = createWithLengthUnchecked(vm, 1);
+    JSBigInt* bigInt = createWithLength(globalObject, 1);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     bigInt->setDigit(0, static_cast<Digit>(value));
     return bigInt;
 }
 
-inline JSBigInt* JSBigInt::createFromImpl(VM& vm, uint64_t value, bool sign)
-{
+inline JSBigInt* JSBigInt::createFromImpl(JSGlobalObject* globalObject, uint64_t value, bool sign)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     if (!value)
-        return createZero(vm);
+        RELEASE_AND_RETURN(scope, createZero(globalObject));
 
     // This path is not just an optimization: because we do not call rightTrim at the end of this function,
     // it would be a bug to create a BigInt with length=2 in this case.
     if (sizeof(Digit) == 8 || value <= UINT32_MAX) {
-        JSBigInt* bigInt = createWithLengthUnchecked(vm, 1);
+        JSBigInt* bigInt = createWithLength(globalObject, 1);
+        RETURN_IF_EXCEPTION(scope, nullptr);
         bigInt->setDigit(0, static_cast<Digit>(value));
         bigInt->setSign(sign);
@@ -153 +190 @@
 
     ASSERT(sizeof(Digit) == 4);
-    JSBigInt* bigInt = createWithLengthUnchecked(vm, 2);
+    JSBigInt* bigInt = createWithLength(globalObject, 2);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     Digit lowBits  = static_cast<Digit>(value & 0xffffffff);
     Digit highBits = static_cast<Digit>((value >> 32) & 0xffffffff);
@@ -166 +204 @@
 }
 
-JSBigInt* JSBigInt::createFrom(VM& vm, uint64_t value)
-{
-    return createFromImpl(vm, value, false);
-}
-
-JSBigInt* JSBigInt::createFrom(VM& vm, int64_t value)
+JSBigInt* JSBigInt::createFrom(JSGlobalObject* globalObject, uint64_t value)
+{
+    return createFromImpl(globalObject, value, false);
+}
+
+JSBigInt* JSBigInt::createFrom(JSGlobalObject* globalObject, int64_t value)
 {
     uint64_t unsignedValue;
@@ -180 +218 @@
     } else
         unsignedValue = value;
-    return createFromImpl(vm, unsignedValue, sign);
-}
-
-JSBigInt* JSBigInt::createFrom(VM& vm, bool value)
-{
+    return createFromImpl(globalObject, unsignedValue, sign);
+}
+
+JSBigInt* JSBigInt::createFrom(JSGlobalObject* globalObject, bool value)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     if (!value)
-        return createZero(vm);
-    
-    JSBigInt* bigInt = createWithLengthUnchecked(vm, 1);
+        RELEASE_AND_RETURN(scope, createZero(globalObject));
+
+    JSBigInt* bigInt = createWithLength(globalObject, 1);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     bigInt->setDigit(0, static_cast<Digit>(value));
     return bigInt;
 }
 
-JSBigInt* JSBigInt::createFrom(VM& vm, double value)
-{
+JSBigInt* JSBigInt::createFrom(JSGlobalObject* globalObject, double value)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ASSERT(isInteger(value));
     if (!value)
-        return createZero(vm);
+        RELEASE_AND_RETURN(scope, createZero(globalObject));
 
     bool sign = value < 0; // -0 was already handled above.
@@ -206 +251 @@
     int32_t exponent = rawExponent - 0x3ff;
     int32_t digits = exponent / digitBits + 1;
-    JSBigInt* result = createWithLengthUnchecked(vm, digits);
+    JSBigInt* result = createWithLength(globalObject, digits);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     ASSERT(result);
     result->initialize(InitializationType::WithZero);
@@ -260 +306 @@
         result->setDigit(digitIndex, digit);
     }
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
@@ -275 +321 @@
 }
 
-JSValue JSBigInt::parseInt(JSGlobalObject* globalObject, VM& vm, StringView s, uint8_t radix, ErrorParseMode parserMode, ParseIntSign sign)
+JSValue JSBigInt::parseInt(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm, StringView s, uint8_t radix, ErrorParseMode parserMode, ParseIntSign sign)
 {
     if (s.is8Bit())
-        return parseInt(globalObject, vm, s.characters8(), s.length(), 0, radix, parserMode, sign, ParseIntMode::DisallowEmptyString);
-    return parseInt(globalObject, vm, s.characters16(), s.length(), 0, radix, parserMode, sign, ParseIntMode::DisallowEmptyString);
+        return parseInt(nullOrGlobalObjectForOOM, vm, s.characters8(), s.length(), 0, radix, parserMode, sign, ParseIntMode::DisallowEmptyString);
+    return parseInt(nullOrGlobalObjectForOOM, vm, s.characters16(), s.length(), 0, radix, parserMode, sign, ParseIntMode::DisallowEmptyString);
 }
 
@@ -319 +365 @@
     ALWAYS_INLINE unsigned length() { return m_bigInt->length(); }
     ALWAYS_INLINE JSBigInt::Digit digit(unsigned i) { return m_bigInt->digit(i); }
-    ALWAYS_INLINE JSBigInt* toHeapBigInt(VM&) { return m_bigInt; }
+    ALWAYS_INLINE JSBigInt* toHeapBigInt(JSGlobalObject*, VM&) { return m_bigInt; }
+    ALWAYS_INLINE JSBigInt* toHeapBigInt(JSGlobalObject*) { return m_bigInt; }
 
 private:
@@ -344 +391 @@
     }
 
-    ALWAYS_INLINE JSBigInt* toHeapBigInt(VM& vm) { return JSBigInt::createFrom(vm, m_value); }
+    ALWAYS_INLINE JSBigInt* toHeapBigInt(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm)
+    {
+        return JSBigInt::createFrom(nullOrGlobalObjectForOOM, vm, m_value);
+    }
+
+    ALWAYS_INLINE JSBigInt* toHeapBigInt(JSGlobalObject* globalObject)
+    {
+        return JSBigInt::createFrom(globalObject, m_value);
+    }
 
 private:
@@ -403 +458 @@
 }
 
-static ALWAYS_INLINE JSBigInt::ImplResult zeroImpl(VM& vm)
+static ALWAYS_INLINE JSBigInt::ImplResult zeroImpl(JSGlobalObject* globalObject)
 {
 #if USE(BIGINT32)
-    UNUSED_PARAM(vm);
+    UNUSED_PARAM(globalObject);
     return jsBigInt32(0);
 #else
-    return JSBigInt::createZero(vm);
+    return JSBigInt::createZero(globalObject);
 #endif
 }
@@ -432 +487 @@
     // 2. If base is 0n and exponent is 0n, return 1n.
     if (exponent.isZero())
-        return JSBigInt::createFrom(vm, 1);
+        RELEASE_AND_RETURN(scope, JSBigInt::createFrom(globalObject, 1));
     
     // 3. Return a BigInt representing the mathematical value of base raised
@@ -442 +497 @@
         // (-1) ** even_number == 1.
         if (base.sign() && !(exponent.digit(0) & 1))
-            return JSBigInt::unaryMinusImpl(vm, base);
+            RELEASE_AND_RETURN(scope, JSBigInt::unaryMinusImpl(globalObject, base));
 
         // (-1) ** odd_number == -1; 1 ** anything == 1.
@@ -469 +524 @@
         // Fast path for 2^n.
         int neededDigits = 1 + (n / digitBits);
-        JSBigInt* result = JSBigInt::tryCreateWithLength(globalObject, neededDigits);
+        JSBigInt* result = JSBigInt::createWithLength(globalObject, neededDigits);
         RETURN_IF_EXCEPTION(scope, nullptr);
 
@@ -484 +539 @@
 
     JSBigInt* result = nullptr;
-    JSBigInt* runningSquare = base.toHeapBigInt(vm);
+    JSBigInt* runningSquare = base.toHeapBigInt(globalObject);
+    RETURN_IF_EXCEPTION(scope, nullptr);
 
     // This implicitly sets the result's sign correctly.
-    if (n & 1)
-        result = base.toHeapBigInt(vm);
+    if (n & 1) {
+        result = base.toHeapBigInt(globalObject);
+        RETURN_IF_EXCEPTION(scope, nullptr);
+    }
 
     n >>= 1;
@@ -549 +607 @@
 
     unsigned resultLength = x.length() + y.length();
-    JSBigInt* result = JSBigInt::tryCreateWithLength(globalObject, resultLength);
+    JSBigInt* result = JSBigInt::createWithLength(globalObject, resultLength);
     RETURN_IF_EXCEPTION(scope, nullptr);
     result->initialize(InitializationType::WithZero);
@@ -557 +615 @@
 
     result->setSign(x.sign() != y.sign());
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
@@ -591 +649 @@
     //    integral value.
     if (absoluteCompare(x, y) == ComparisonResult::LessThan)
-        return zeroImpl(vm);
+        RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
 
     JSBigInt* quotient = nullptr;
@@ -597 +655 @@
     if (y.length() == 1) {
         Digit divisor = y.digit(0);
-        if (divisor == 1)
-            return resultSign == x.sign() ? JSBigInt::ImplResult { x } : JSBigInt::unaryMinusImpl(vm, x);
+        if (divisor == 1) {
+            if (resultSign == x.sign())
+                return JSBigInt::ImplResult { x };
+            RELEASE_AND_RETURN(scope, JSBigInt::unaryMinusImpl(globalObject, x));
+        }
 
         Digit remainder;
-        absoluteDivWithDigitDivisor(vm, x, divisor, &quotient, remainder);
+        absoluteDivWithDigitDivisor(globalObject, vm, x, divisor, &quotient, remainder);
+        RETURN_IF_EXCEPTION(scope, nullptr);
     } else {
-        absoluteDivWithBigIntDivisor(globalObject, x, y.toHeapBigInt(vm), &quotient, nullptr);
+        JSBigInt* yBigInt = y.toHeapBigInt(globalObject);
         RETURN_IF_EXCEPTION(scope, nullptr);
+        absoluteDivWithBigIntDivisor(globalObject, x, yBigInt, &quotient, nullptr);
+        RETURN_IF_EXCEPTION(scope, nullptr);
     }
 
     quotient->setSign(resultSign);
-    return quotient->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, quotient->rightTrim(globalObject));
 }
 
@@ -627 +691 @@
 
 template <typename BigIntImpl>
-JSBigInt* JSBigInt::copy(VM& vm, BigIntImpl x)
-{
+JSBigInt* JSBigInt::copy(JSGlobalObject* globalObject, BigIntImpl x)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ASSERT(!x.isZero());
 
-    JSBigInt* result = JSBigInt::createWithLengthUnchecked(vm, x.length());
+    JSBigInt* result = createWithLength(globalObject, x.length());
+    RETURN_IF_EXCEPTION(scope, nullptr);
+
     for (unsigned i = 0; i < result->length(); ++i)
         result->setDigit(i, x.digit(i));
@@ -639 +708 @@
 
 template <typename BigIntImpl>
-JSBigInt::ImplResult JSBigInt::unaryMinusImpl(VM& vm, BigIntImpl x)
-{
+JSBigInt::ImplResult JSBigInt::unaryMinusImpl(JSGlobalObject* globalObject, BigIntImpl x)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     if (x.isZero())
-        return zeroImpl(vm);
-
-    JSBigInt* result = copy(vm, x);
+        RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
+
+    JSBigInt* result = copy(globalObject, x);
+    RETURN_IF_EXCEPTION(scope, nullptr);
+
     result->setSign(!x.sign());
     return result;
 }
 
-JSValue JSBigInt::unaryMinus(VM& vm, JSBigInt* x)
-{
-    return tryConvertToBigInt32(unaryMinusImpl(vm, HeapBigIntImpl { x }));
+JSValue JSBigInt::unaryMinus(JSGlobalObject* globalObject, JSBigInt* x)
+{
+    return tryConvertToBigInt32(unaryMinusImpl(globalObject, HeapBigIntImpl { x }));
 }
 
@@ -675 +749 @@
         Digit divisor = y.digit(0);
         if (divisor == 1)
-            return zeroImpl(vm);
+            RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
 
         Digit remainderDigit;
-        absoluteDivWithDigitDivisor(vm, x, divisor, nullptr, remainderDigit);
+        absoluteDivWithDigitDivisor(globalObject, vm, x, divisor, nullptr, remainderDigit);
+        RETURN_IF_EXCEPTION(scope, nullptr);
+
         if (!remainderDigit)
-            return zeroImpl(vm);
-
-        remainder = createWithLengthUnchecked(vm, 1);
+            RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
+
+        remainder = createWithLength(globalObject, 1);
+        RETURN_IF_EXCEPTION(scope, nullptr);
         remainder->setDigit(0, remainderDigit);
     } else {
-        absoluteDivWithBigIntDivisor(globalObject, x, y.toHeapBigInt(vm), nullptr, &remainder);
+        JSBigInt* yBigInt = y.toHeapBigInt(globalObject);
         RETURN_IF_EXCEPTION(scope, nullptr);
+        absoluteDivWithBigIntDivisor(globalObject, x, yBigInt, nullptr, &remainder);
+        RETURN_IF_EXCEPTION(scope, nullptr);
     }
 
     remainder->setSign(x.sign());
-    return remainder->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, remainder->rightTrim(globalObject));
 }
 JSValue JSBigInt::remainder(JSGlobalObject* globalObject, JSBigInt* x, JSBigInt* y)
@@ -710 +789 @@
 JSBigInt::ImplResult JSBigInt::incImpl(JSGlobalObject* globalObject, BigIntImpl x)
 {
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     if (!x.sign())
-        return absoluteAddOne(globalObject, x, SignOption::Unsigned);
+        RELEASE_AND_RETURN(scope, absoluteAddOne(globalObject, x, SignOption::Unsigned));
     JSBigInt* result = absoluteSubOne(globalObject, x, x.length());
+    RETURN_IF_EXCEPTION(scope, nullptr);
     if (result->isZero())
         return result;
@@ -731 +814 @@
         return jsBigInt32(-1);
 #else
-        return createFrom(globalObject->vm(), -1);
+        return createFrom(globalObject, -1);
 #endif
     }
@@ -747 +830 @@
 JSBigInt::ImplResult JSBigInt::addImpl(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y)
 {
-    VM& vm = globalObject->vm();
     bool xSign = x.sign();
 
@@ -759 +841 @@
     ComparisonResult comparisonResult = absoluteCompare(x, y);
     if (comparisonResult == ComparisonResult::GreaterThan || comparisonResult == ComparisonResult::Equal)
-        return absoluteSub(vm, x, y, xSign);
-
-    return absoluteSub(vm, y, x, !xSign);
+        return absoluteSub(globalObject, x, y, xSign);
+
+    return absoluteSub(globalObject, y, x, !xSign);
 }
 JSValue JSBigInt::add(JSGlobalObject* globalObject, JSBigInt* x, JSBigInt* y)
@@ -781 +863 @@
 JSBigInt::ImplResult JSBigInt::subImpl(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y)
 {
-    VM& vm = globalObject->vm();
     bool xSign = x.sign();
     if (xSign != y.sign()) {
@@ -792 +873 @@
     ComparisonResult comparisonResult = absoluteCompare(x, y);
     if (comparisonResult == ComparisonResult::GreaterThan || comparisonResult == ComparisonResult::Equal)
-        return absoluteSub(vm, x, y, xSign);
-
-    return absoluteSub(vm, y, x, !xSign);
+        return absoluteSub(globalObject, x, y, xSign);
+
+    return absoluteSub(globalObject, y, x, !xSign);
 }
 
@@ -818 +899 @@
     auto scope = DECLARE_THROW_SCOPE(vm);
 
-    if (!x.sign() && !y.sign()) {
-        scope.release();
-        return absoluteAnd(vm, x, y);
-    }
+    if (!x.sign() && !y.sign())
+        RELEASE_AND_RETURN(scope, absoluteAnd(globalObject, x, y));
     
     if (x.sign() && y.sign()) {
@@ -832 +911 @@
         JSBigInt* y1 = absoluteSubOne(globalObject, y, y.length());
         RETURN_IF_EXCEPTION(scope, nullptr);
-        result = absoluteOr(vm, HeapBigIntImpl { result }, HeapBigIntImpl { y1 });
-        scope.release();
-        return absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed);
+        result = absoluteOr(globalObject, HeapBigIntImpl { result }, HeapBigIntImpl { y1 });
+        RETURN_IF_EXCEPTION(scope, nullptr);
+        RELEASE_AND_RETURN(scope, absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed));
     }
 
@@ -844 +923 @@
         JSBigInt* y1 = absoluteSubOne(globalObject, y, y.length());
         RETURN_IF_EXCEPTION(scope, nullptr);
-        return absoluteAndNot(vm, x, HeapBigIntImpl { y1 });
+        RELEASE_AND_RETURN(scope, absoluteAndNot(globalObject, x, HeapBigIntImpl { y1 }));
     };
     if (x.sign())
@@ -874 +953 @@
     unsigned resultLength = std::max(x.length(), y.length());
 
-    if (!x.sign() && !y.sign()) {
-        scope.release();
-        return absoluteOr(vm, x, y);
-    }
+    if (!x.sign() && !y.sign())
+        RELEASE_AND_RETURN(scope, absoluteOr(globalObject, x, y));
     
     if (x.sign() && y.sign()) {
@@ -886 +963 @@
         JSBigInt* y1 = absoluteSubOne(globalObject, y, y.length());
         RETURN_IF_EXCEPTION(scope, nullptr);
-        result = absoluteAnd(vm, HeapBigIntImpl { result }, HeapBigIntImpl { y1 });
+        result = absoluteAnd(globalObject, HeapBigIntImpl { result }, HeapBigIntImpl { y1 });
         RETURN_IF_EXCEPTION(scope, nullptr);
-
-        scope.release();
-        return absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed);
+        RELEASE_AND_RETURN(scope, absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed));
     }
     
@@ -902 +977 @@
         JSBigInt* result = absoluteSubOne(globalObject, y, resultLength);
         RETURN_IF_EXCEPTION(scope, nullptr);
-        result = absoluteAndNot(vm, HeapBigIntImpl { result }, x);
-
-        scope.release();
-        return absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed);
+        result = absoluteAndNot(globalObject, HeapBigIntImpl { result }, x);
+        RETURN_IF_EXCEPTION(scope, nullptr);
+        RELEASE_AND_RETURN(scope, absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed));
     };
 
@@ -934 +1008 @@
     auto scope = DECLARE_THROW_SCOPE(vm);
 
-    if (!x.sign() && !y.sign()) {
-        scope.release();
-        return absoluteXor(vm, x, y);
-    }
+    if (!x.sign() && !y.sign())
+        RELEASE_AND_RETURN(scope, absoluteXor(globalObject, x, y));
     
     if (x.sign() && y.sign()) {
@@ -947 +1019 @@
         JSBigInt* y1 = absoluteSubOne(globalObject, y, y.length());
         RETURN_IF_EXCEPTION(scope, nullptr);
-
-        scope.release();
-        return absoluteXor(vm, HeapBigIntImpl { result }, HeapBigIntImpl { y1 });
+        RELEASE_AND_RETURN(scope, absoluteXor(globalObject, HeapBigIntImpl { result }, HeapBigIntImpl { y1 }));
     }
     ASSERT(x.sign() != y.sign());
@@ -961 +1031 @@
         RETURN_IF_EXCEPTION(scope, nullptr);
 
-        result = absoluteXor(vm, HeapBigIntImpl { result }, x);
-        scope.release();
-        return absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed);
+        result = absoluteXor(globalObject, HeapBigIntImpl { result }, x);
+        RETURN_IF_EXCEPTION(scope, nullptr);
+        RELEASE_AND_RETURN(scope, absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed));
     };
     
@@ -1375 +1445 @@
 {
     VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
 
     if (x.length() < y.length())
-        return absoluteAdd(globalObject, y, x, resultSign);
+        RELEASE_AND_RETURN(scope, absoluteAdd(globalObject, y, x, resultSign));
 
     if (x.isZero()) {
@@ -1384 +1455 @@
     }
 
-    if (y.isZero())
-        return resultSign == x.sign() ? x : unaryMinusImpl(vm, x);
-
-    JSBigInt* result = JSBigInt::tryCreateWithLength(globalObject, x.length() + 1);
-    if (!result)
-        return nullptr;
+    if (y.isZero()) {
+        if (resultSign == x.sign())
+            return x;
+        RELEASE_AND_RETURN(scope, unaryMinusImpl(globalObject, x));
+    }
+
+    JSBigInt* result = createWithLength(globalObject, x.length() + 1);
+    RETURN_IF_EXCEPTION(scope, nullptr);
+    ASSERT(result);
     Digit carry = 0;
     unsigned i = 0;
@@ -1410 +1484 @@
     result->setSign(resultSign);
 
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
 template <typename BigIntImpl1, typename BigIntImpl2>
-JSBigInt::ImplResult JSBigInt::absoluteSub(VM& vm, BigIntImpl1 x, BigIntImpl2 y, bool resultSign)
-{
+JSBigInt::ImplResult JSBigInt::absoluteSub(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y, bool resultSign)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ComparisonResult comparisonResult = absoluteCompare(x, y);
     ASSERT(x.length() >= y.length());
@@ -1425 +1502 @@
     }
 
-    if (y.isZero())
-        return resultSign == x.sign() ? ImplResult { x } : JSBigInt::unaryMinusImpl(vm, x);
+    if (y.isZero()) {
+        if (resultSign == x.sign())
+            return ImplResult { x };
+        RELEASE_AND_RETURN(scope, JSBigInt::unaryMinusImpl(globalObject, x));
+    }
 
     if (comparisonResult == ComparisonResult::Equal)
-        return zeroImpl(vm);
-
-    JSBigInt* result = JSBigInt::createWithLengthUnchecked(vm, x.length());
+        RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
+
+    JSBigInt* result = createWithLength(globalObject, x.length());
+    RETURN_IF_EXCEPTION(scope, nullptr);
 
     Digit borrow = 0;
@@ -1452 +1533 @@
     ASSERT(!borrow);
     result->setSign(resultSign);
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
@@ -1463 +1544 @@
 // also be nullptr if the caller is only interested in the remainder.
 template <typename BigIntImpl>
-void JSBigInt::absoluteDivWithDigitDivisor(VM& vm, BigIntImpl x, Digit divisor, JSBigInt** quotient, Digit& remainder)
+bool JSBigInt::absoluteDivWithDigitDivisor(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm, BigIntImpl x, Digit divisor, JSBigInt** quotient, Digit& remainder)
 {
     ASSERT(divisor);
@@ -1470 +1551 @@
     remainder = 0;
     if (divisor == 1) {
-        if (quotient)
-            *quotient = x.toHeapBigInt(vm);
-        return;
+        if (quotient) {
+            JSBigInt* result = x.toHeapBigInt(nullOrGlobalObjectForOOM, vm);
+            if (UNLIKELY(!result))
+                return false;
+            *quotient = result;
+        }
+        return true;
     }
 
     unsigned length = x.length();
     if (quotient) {
-        if (*quotient == nullptr)
-            *quotient = JSBigInt::createWithLengthUnchecked(vm, length);
+        if (*quotient == nullptr) {
+            JSBigInt* result = createWithLength(nullOrGlobalObjectForOOM, vm, length);
+            if (UNLIKELY(!result))
+                return false;
+            *quotient = result;
+        }
 
         for (int i = length - 1; i >= 0; i--) {
@@ -1488 +1577 @@
             digitDiv(remainder, x.digit(i), divisor, remainder);
     }
+    return true;
 }
 
@@ -1513 +1603 @@
     // The quotient to be computed.
     JSBigInt* q = nullptr;
-    if (quotient != nullptr)
-        q = createWithLengthUnchecked(globalObject->vm(), m + 1);
+    if (quotient != nullptr) {
+        q = createWithLength(globalObject, m + 1);
+        RETURN_IF_EXCEPTION(scope, void());
+    }
     
     // In each iteration, {qhatv} holds {divisor} * {current quotient digit}.
     // "v" is the book's name for {divisor}, "qhat" the current quotient digit.
-    JSBigInt* qhatv = tryCreateWithLength(globalObject, n + 1);
+    JSBigInt* qhatv = createWithLength(globalObject, n + 1);
     RETURN_IF_EXCEPTION(scope, void());
     
@@ -1668 +1760 @@
 JSBigInt* JSBigInt::absoluteLeftShiftAlwaysCopy(JSGlobalObject* globalObject, BigIntImpl x, unsigned shift, LeftShiftMode mode)
 {
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ASSERT(shift < digitBits);
     ASSERT(!x.isZero());
@@ -1673 +1768 @@
     unsigned n = x.length();
     unsigned resultLength = mode == LeftShiftMode::AlwaysAddOneDigit ? n + 1 : n;
-    JSBigInt* result = tryCreateWithLength(globalObject, resultLength);
-    if (!result)
-        return nullptr;
+    JSBigInt* result = createWithLength(globalObject, resultLength);
+    RETURN_IF_EXCEPTION(scope, { });
 
     if (!shift) {
@@ -1717 +1811 @@
 // result: [  0 ][ x3 ][ r2 ][ r1 ][ r0 ]
 template <typename BigIntImpl1, typename BigIntImpl2, typename BitwiseOp>
-inline JSBigInt* JSBigInt::absoluteBitwiseOp(VM& vm, BigIntImpl1 x, BigIntImpl2 y, ExtraDigitsHandling extraDigits, BitwiseOp&& op)
-{
+inline JSBigInt* JSBigInt::absoluteBitwiseOp(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y, ExtraDigitsHandling extraDigits, BitwiseOp&& op)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     unsigned xLength = x.length();
     unsigned yLength = y.length();
@@ -1731 +1828 @@
     ASSERT(maxLength == std::max(xLength, yLength));
     unsigned resultLength = extraDigits == ExtraDigitsHandling::Copy ? maxLength : numPairs;
-    JSBigInt* result = createWithLengthUnchecked(vm, resultLength);
+    JSBigInt* result = createWithLength(globalObject, resultLength);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     unsigned i = 0;
     for (; i < numPairs; i++)
@@ -1749 +1847 @@
         result->setDigit(i, 0);
 
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
 template <typename BigIntImpl1, typename BigIntImpl2>
-JSBigInt* JSBigInt::absoluteAnd(VM& vm, BigIntImpl1 x, BigIntImpl2 y)
+JSBigInt* JSBigInt::absoluteAnd(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y)
 {
     auto digitOperation = [](Digit a, Digit b) {
         return a & b;
     };
-    return absoluteBitwiseOp(vm, x, y, ExtraDigitsHandling::Skip, digitOperation);
+    return absoluteBitwiseOp(globalObject, x, y, ExtraDigitsHandling::Skip, digitOperation);
 }
 
 template <typename BigIntImpl1, typename BigIntImpl2>
-JSBigInt* JSBigInt::absoluteOr(VM& vm, BigIntImpl1 x, BigIntImpl2 y)
+JSBigInt* JSBigInt::absoluteOr(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y)
 {
     auto digitOperation = [](Digit a, Digit b) {
         return a | b;
     };
-    return absoluteBitwiseOp(vm, x, y, ExtraDigitsHandling::Copy, digitOperation);
+    return absoluteBitwiseOp(globalObject, x, y, ExtraDigitsHandling::Copy, digitOperation);
 }
 
 template <typename BigIntImpl1, typename BigIntImpl2>
-JSBigInt* JSBigInt::absoluteAndNot(VM& vm, BigIntImpl1 x, BigIntImpl2 y)
+JSBigInt* JSBigInt::absoluteAndNot(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y)
 {
     // x & ~y
+
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
 
     unsigned xLength = x.length();
@@ -1779 +1880 @@
     unsigned resultLength = xLength;
 
-    JSBigInt* result = createWithLengthUnchecked(vm, resultLength);
+    JSBigInt* result = createWithLength(globalObject, resultLength);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     unsigned i = 0;
     for (; i < std::min(xLength, yLength); i++)
@@ -1786 +1888 @@
         result->setDigit(i, x.digit(i));
 
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
 template <typename BigIntImpl1, typename BigIntImpl2>
-JSBigInt* JSBigInt::absoluteXor(VM& vm, BigIntImpl1 x, BigIntImpl2 y)
+JSBigInt* JSBigInt::absoluteXor(JSGlobalObject* globalObject, BigIntImpl1 x, BigIntImpl2 y)
 {
     auto digitOperation = [](Digit a, Digit b) {
         return a ^ b;
     };
-    return absoluteBitwiseOp(vm, x, y, ExtraDigitsHandling::Copy, digitOperation);
+    return absoluteBitwiseOp(globalObject, x, y, ExtraDigitsHandling::Copy, digitOperation);
 }
     
@@ -1801 +1903 @@
 JSBigInt* JSBigInt::absoluteAddOne(JSGlobalObject* globalObject, BigIntImpl x, SignOption signOption)
 {
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     unsigned inputLength = x.length();
     // The addition will overflow into a new digit if all existing digits are
@@ -1813 +1918 @@
 
     unsigned resultLength = inputLength + willOverflow;
-    JSBigInt* result = tryCreateWithLength(globalObject, resultLength);
-    if (!result)
-        return nullptr;
+    JSBigInt* result = createWithLength(globalObject, resultLength);
+    RETURN_IF_EXCEPTION(scope, nullptr);
 
     Digit carry = 1;
@@ -1829 +1933 @@
 
     result->setSign(signOption == SignOption::Signed);
-    return result->rightTrim(globalObject->vm());
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
@@ -1840 +1944 @@
     auto scope = DECLARE_THROW_SCOPE(vm);
 
-    JSBigInt* result = tryCreateWithLength(globalObject, resultLength);
+    JSBigInt* result = createWithLength(globalObject, resultLength);
     RETURN_IF_EXCEPTION(scope, nullptr);
 
@@ -1854 +1958 @@
         result->setDigit(i, borrow);
 
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
@@ -1880 +1984 @@
     }
 
-    JSBigInt* result = tryCreateWithLength(globalObject, resultLength);
+    JSBigInt* result = createWithLength(globalObject, resultLength);
     RETURN_IF_EXCEPTION(scope, nullptr);
     if (!bitsShift) {
@@ -1907 +2011 @@
 
     result->setSign(x.sign());
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
@@ -1914 +2018 @@
 {
     VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     unsigned length = x.length();
     bool sign = x.sign();
     auto optionalShift = toShiftAmount(y);
     if (!optionalShift)
-        return rightShiftByMaximum(vm, sign);
+        RELEASE_AND_RETURN(scope, rightShiftByMaximum(globalObject, sign));
 
     Digit shift = *optionalShift;
@@ -1925 +2031 @@
     int resultLength = length - digitalShift;
     if (resultLength <= 0)
-        return rightShiftByMaximum(vm, sign);
+        RELEASE_AND_RETURN(scope, rightShiftByMaximum(globalObject, sign));
 
     // For negative numbers, round down if any bit was shifted out (so that e.g.
@@ -1956 +2062 @@
 
     ASSERT(static_cast<unsigned>(resultLength) <= length);
-    JSBigInt* result = createWithLengthUnchecked(vm, static_cast<unsigned>(resultLength));
+    JSBigInt* result = createWithLength(globalObject, static_cast<unsigned>(resultLength));
+    RETURN_IF_EXCEPTION(scope, nullptr);
+
     if (!bitsShift) {
         for (unsigned i = digitalShift; i < length; i++)
@@ -1976 +2084 @@
             // Since the result is negative, rounding down means adding one to
             // its absolute value. This cannot overflow.
-            result = result->rightTrim(vm);
-            return absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed);
+            result = result->rightTrim(globalObject);
+            RETURN_IF_EXCEPTION(scope, nullptr);
+            RELEASE_AND_RETURN(scope, absoluteAddOne(globalObject, HeapBigIntImpl { result }, SignOption::Signed));
         }
     }
 
-    return result->rightTrim(vm);
-}
-
-JSBigInt::ImplResult JSBigInt::rightShiftByMaximum(VM& vm, bool sign)
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
+}
+
+JSBigInt::ImplResult JSBigInt::rightShiftByMaximum(JSGlobalObject* globalObject, bool sign)
 {
     if (sign)
-        return createFrom(vm, -1);
-
-    return createZero(vm);
+        return createFrom(globalObject, -1);
+
+    return createZero(globalObject);
 }
 
@@ -2035 +2144 @@
 }
 
-String JSBigInt::toStringBasePowerOfTwo(VM& vm, JSGlobalObject* globalObject, JSBigInt* x, unsigned radix)
+String JSBigInt::toStringBasePowerOfTwo(VM& vm, JSGlobalObject* nullOrGlobalObjectForOOM, JSBigInt* x, unsigned radix)
 {
     ASSERT(hasOneBitSet(radix));
@@ -2055 +2164 @@
 
     if (charsRequired > JSString::MaxLength) {
-        if (globalObject) {
+        if (nullOrGlobalObjectForOOM) {
             auto scope = DECLARE_THROW_SCOPE(vm);
-            throwOutOfMemoryError(globalObject, scope);            
+            throwOutOfMemoryError(nullOrGlobalObjectForOOM, scope);
         }
         return String();
@@ -2097 +2206 @@
 }
 
-String JSBigInt::toStringGeneric(VM& vm, JSGlobalObject* globalObject, JSBigInt* x, unsigned radix)
+String JSBigInt::toStringGeneric(VM& vm, JSGlobalObject* nullOrGlobalObjectForOOM, JSBigInt* x, unsigned radix)
 {
     // FIXME: [JSC] Revisit usage of Vector into JSBigInt::toString
@@ -2113 +2222 @@
 
     if (maximumCharactersRequired > JSString::MaxLength) {
-        if (globalObject) {
+        if (nullOrGlobalObjectForOOM) {
             auto scope = DECLARE_THROW_SCOPE(vm);
-            throwOutOfMemoryError(globalObject, scope);            
+            throwOutOfMemoryError(nullOrGlobalObjectForOOM, scope);
         }
         return String();
@@ -2141 +2250 @@
         do {
             Digit chunk;
-            absoluteDivWithDigitDivisor(vm, HeapBigIntImpl { *dividend }, chunkDivisor, &rest, chunk);
+            bool success = absoluteDivWithDigitDivisor(nullOrGlobalObjectForOOM, vm, HeapBigIntImpl { *dividend }, chunkDivisor, &rest, chunk);
+            if (!success)
+                return String();
             dividend = &rest;
             for (unsigned i = 0; i < chunkChars; i++) {
@@ -2182 +2293 @@
 }
 
-JSBigInt* JSBigInt::rightTrim(VM& vm)
+JSBigInt* JSBigInt::rightTrim(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm)
 {
     if (isZero()) {
@@ -2194 +2305 @@
 
     if (nonZeroIndex < 0)
-        return createZero(vm);
+        return createZero(nullOrGlobalObjectForOOM, vm);
 
     if (nonZeroIndex == static_cast<int>(m_length - 1))
@@ -2200 +2311 @@
 
     unsigned newLength = nonZeroIndex + 1;
-    JSBigInt* trimmedBigInt = createWithLengthUnchecked(vm, newLength);
-    std::copy(dataStorage(), dataStorage() + newLength, trimmedBigInt->dataStorage()); 
+    JSBigInt* trimmedBigInt = createWithLength(nullOrGlobalObjectForOOM, vm, newLength);
+    if (UNLIKELY(!trimmedBigInt))
+        return nullptr;
+    std::copy(dataStorage(), dataStorage() + newLength, trimmedBigInt->dataStorage());
 
     trimmedBigInt->setSign(this->sign());
@@ -2208 +2321 @@
 }
 
-JSBigInt* JSBigInt::allocateFor(JSGlobalObject* globalObject, VM& vm, unsigned radix, unsigned charcount)
-{
+JSBigInt* JSBigInt::rightTrim(JSGlobalObject* globalObject)
+{
+    return rightTrim(globalObject, globalObject->vm());
+}
+
+JSBigInt* JSBigInt::tryRightTrim(VM& vm)
+{
+    return rightTrim(nullptr, vm);
+}
+
+JSBigInt* JSBigInt::allocateFor(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm, unsigned radix, unsigned charcount)
+{
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ASSERT(2 <= radix && radix <= 36);
 
@@ -2223 +2348 @@
             // Divide by kDigitsBits, rounding up.
             unsigned length = (bitsMin + digitBits - 1) / digitBits;
-            if (length <= maxLength) {
-                JSBigInt* result = JSBigInt::createWithLengthUnchecked(vm, length);
-                return result;
-            }
+            if (length <= maxLength)
+                RELEASE_AND_RETURN(scope, createWithLength(nullOrGlobalObjectForOOM, vm, length));
         }
     }
 
-    if (globalObject) {
-        auto scope = DECLARE_THROW_SCOPE(vm);
-        throwOutOfMemoryError(globalObject, scope, "BigInt generated from this operation is too big"_s);
-    }
+    if (nullOrGlobalObjectForOOM)
+        throwOutOfMemoryError(nullOrGlobalObjectForOOM, scope, "BigInt generated from this operation is too big"_s);
+
     return nullptr;
 }
@@ -2291 +2413 @@
 
 template <typename CharType>
-JSValue JSBigInt::parseInt(JSGlobalObject* globalObject, VM& vm, CharType* data, unsigned length, unsigned startIndex, unsigned radix, ErrorParseMode errorParseMode, ParseIntSign sign, ParseIntMode parseMode)
+JSValue JSBigInt::parseInt(JSGlobalObject* nullOrGlobalObjectForOOM, VM& vm, CharType* data, unsigned length, unsigned startIndex, unsigned radix, ErrorParseMode errorParseMode, ParseIntSign sign, ParseIntMode parseMode)
 {
     ASSERT(length >= 0);
     unsigned p = startIndex;
 
-    auto scope = DECLARE_THROW_SCOPE(vm);
-
     if (parseMode != ParseIntMode::AllowEmptyString && startIndex == length) {
-        ASSERT(globalObject);
-        if (errorParseMode == ErrorParseMode::ThrowExceptions)
-            throwVMError(globalObject, scope, createSyntaxError(globalObject, "Failed to parse String to BigInt"));
+        ASSERT(nullOrGlobalObjectForOOM);
+        if (errorParseMode == ErrorParseMode::ThrowExceptions) {
+            auto scope = DECLARE_THROW_SCOPE(vm);
+            throwVMError(nullOrGlobalObjectForOOM, scope, createSyntaxError(nullOrGlobalObjectForOOM, "Failed to parse String to BigInt"));
+        }
         return JSValue();
     }
@@ -2320 +2442 @@
         return jsBigInt32(0);
 #else
-        return createZero(vm);
+        return createZero(nullOrGlobalObjectForOOM, vm);
 #endif
     }
@@ -2415 +2537 @@
             else {
                 if (errorParseMode == ErrorParseMode::ThrowExceptions) {
-                    ASSERT(globalObject);
-                    throwVMError(globalObject, scope, createSyntaxError(globalObject, "Failed to parse String to BigInt"));
+                    auto scope = DECLARE_THROW_SCOPE(vm);
+                    ASSERT(nullOrGlobalObjectForOOM);
+                    throwVMError(nullOrGlobalObjectForOOM, scope, createSyntaxError(nullOrGlobalObjectForOOM, "Failed to parse String to BigInt"));
                 }
                 return JSValue();
@@ -2434 +2557 @@
                     return jsBigInt32(static_cast<int32_t>(maybeResult));
 #else
-                    return JSBigInt::createFrom(vm, static_cast<int32_t>(maybeResult));
+                    return JSBigInt::createFrom(nullOrGlobalObjectForOOM, vm, static_cast<int32_t>(maybeResult));
 #endif
                 }
             }
-            heapResult = allocateFor(globalObject, vm, radix, initialLength);
-            RETURN_IF_EXCEPTION(scope, JSValue());
-            // result can still be null if we don't have access to global object, as allocateFor cannot throw an exception in that case.
+            heapResult = allocateFor(nullOrGlobalObjectForOOM, vm, radix, initialLength);
             if (!heapResult)
                 return JSValue();
@@ -2452 +2573 @@
 
     heapResult->setSign(sign == ParseIntSign::Signed);
-    return heapResult->rightTrim(vm);
+    return heapResult->rightTrim(nullOrGlobalObjectForOOM, vm);
 }
 
@@ -2739 +2860 @@
 {
     VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
 
     if (bigInt.isZero())
         return bigInt;
     if (n == 0)
-        return zeroImpl(vm);
+        RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
 
     uint64_t neededLength = (n + digitBits - 1) / digitBits;
@@ -2767 +2889 @@
     int32_t N = static_cast<int32_t>(n);
     if (!hasBit)
-        return truncateToNBits(vm, N, bigInt);
+        RELEASE_AND_RETURN(scope, truncateToNBits(globalObject, N, bigInt));
     if (!bigInt.sign())
-        return truncateAndSubFromPowerOfTwo(vm, N, bigInt, true);
+        RELEASE_AND_RETURN(scope, truncateAndSubFromPowerOfTwo(globalObject, N, bigInt, true));
 
     // Negative numbers must subtract from 2^n, except for the special case
@@ -2776 +2898 @@
         for (int32_t i = static_cast<int32_t>(neededLength) - 2; i >= 0; i--) {
             if (bigInt.digit(i) != 0)
-                return truncateAndSubFromPowerOfTwo(vm, N, bigInt, false);
+                RELEASE_AND_RETURN(scope, truncateAndSubFromPowerOfTwo(globalObject, N, bigInt, false));
         }
         // Truncation is no-op if bigInt == -2^(n-1).
         if (length == neededLength && topDigit == compareDigit)
             return bigInt;
-        return truncateToNBits(vm, N, bigInt);
-    }
-    return truncateAndSubFromPowerOfTwo(vm, N, bigInt, false);
+        RELEASE_AND_RETURN(scope, truncateToNBits(globalObject, N, bigInt));
+    }
+    RELEASE_AND_RETURN(scope, truncateAndSubFromPowerOfTwo(globalObject, N, bigInt, false));
 }
 
@@ -2795 +2917 @@
         return bigInt;
     if (n == 0)
-        return zeroImpl(vm);
+        RELEASE_AND_RETURN(scope, zeroImpl(globalObject));
 
     // If bigInt is negative, simulate two's complement representation.
@@ -2803 +2925 @@
             return nullptr;
         }
-        return truncateAndSubFromPowerOfTwo(vm, static_cast<int32_t>(n), bigInt, false);
+        RELEASE_AND_RETURN(scope, truncateAndSubFromPowerOfTwo(globalObject, static_cast<int32_t>(n), bigInt, false));
     }
 
@@ -2825 +2947 @@
     // Otherwise, truncate.
     ASSERT(n <= INT32_MAX);
-    return truncateToNBits(vm, static_cast<int32_t>(n), bigInt);
+    RELEASE_AND_RETURN(scope, truncateToNBits(globalObject, static_cast<int32_t>(n), bigInt));
 }
 
 template <typename BigIntImpl>
-JSBigInt::ImplResult JSBigInt::truncateToNBits(VM& vm, int32_t n, BigIntImpl bigInt)
-{
+JSBigInt::ImplResult JSBigInt::truncateToNBits(JSGlobalObject* globalObject, int32_t n, BigIntImpl bigInt)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ASSERT(n != 0);
     ASSERT(bigInt.length() > n / digitBits);
@@ -2836 +2961 @@
     int32_t neededDigits = (n + (digitBits - 1)) / digitBits;
     ASSERT(neededDigits <= static_cast<int32_t>(bigInt.length()));
-    JSBigInt* result = createWithLengthUnchecked(vm, neededDigits);
+    JSBigInt* result = createWithLength(globalObject, neededDigits);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     ASSERT(result);
 
@@ -2852 +2978 @@
     result->setDigit(last, msd);
     result->setSign(bigInt.sign());
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }
 
 // Subtracts the least significant n bits of abs(bigInt) from 2^n.
 template <typename BigIntImpl>
-JSBigInt::ImplResult JSBigInt::truncateAndSubFromPowerOfTwo(VM& vm, int32_t n, BigIntImpl bigInt, bool resultSign)
-{
+JSBigInt::ImplResult JSBigInt::truncateAndSubFromPowerOfTwo(JSGlobalObject* globalObject, int32_t n, BigIntImpl bigInt, bool resultSign)
+{
+    VM& vm = globalObject->vm();
+    auto scope = DECLARE_THROW_SCOPE(vm);
+
     ASSERT(n != 0);
     ASSERT(n <= static_cast<int32_t>(maxLengthBits));
@@ -2864 +2993 @@
     int32_t neededDigits = (n + (digitBits - 1)) / digitBits;
     ASSERT(neededDigits <= static_cast<int32_t>(maxLength)); // Follows from n <= maxLengthBits.
-    JSBigInt* result = createWithLengthUnchecked(vm, neededDigits);
+    JSBigInt* result = createWithLength(globalObject, neededDigits);
+    RETURN_IF_EXCEPTION(scope, nullptr);
     ASSERT(result);
 
@@ -2911 +3041 @@
     result->setDigit(last, resultMSD);
     result->setSign(resultSign);
-    return result->rightTrim(vm);
+    RELEASE_AND_RETURN(scope, result->rightTrim(globalObject));
 }