<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[51801] trunk</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/51801">51801</a></dd>
<dt>Author</dt> <dd>barraclough@apple.com</dd>
<dt>Date</dt> <dd>2009-12-07 15:14:04 -0800 (Mon, 07 Dec 2009)</dd>
</dl>

<h3>Log Message</h3>
<pre>https://bugs.webkit.org/show_bug.cgi?id=32184
Handle out-of-memory conditions with JSC Ropes with a JS exception, rather than crashing.
Switch from using fastMalloc to tryFastMalloc, pass an ExecState to record the exception on.

Reviewed by Oliver Hunt.

JavaScriptCore: 

* API/JSCallbackObjectFunctions.h:
(JSC::::toString):
* API/JSValueRef.cpp:
(JSValueIsStrictEqual):
* JavaScriptCore.exp:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitEqualityOp):
* debugger/DebuggerCallFrame.cpp:
(JSC::DebuggerCallFrame::functionName):
(JSC::DebuggerCallFrame::calculatedFunctionName):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::callEval):
(JSC::Interpreter::privateExecute):
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* profiler/ProfileGenerator.cpp:
(JSC::ProfileGenerator::addParentForConsoleStart):
* profiler/Profiler.cpp:
(JSC::Profiler::willExecute):
(JSC::Profiler::didExecute):
(JSC::Profiler::createCallIdentifier):
(JSC::createCallIdentifierFromFunctionImp):
* profiler/Profiler.h:
* runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):
* runtime/DateConstructor.cpp:
(JSC::constructDate):
* runtime/FunctionPrototype.cpp:
(JSC::functionProtoFuncToString):
* runtime/InternalFunction.cpp:
(JSC::InternalFunction::name):
(JSC::InternalFunction::displayName):
(JSC::InternalFunction::calculatedDisplayName):
* runtime/InternalFunction.h:
* runtime/JSCell.cpp:
(JSC::JSCell::getString):
* runtime/JSCell.h:
(JSC::JSValue::getString):
* runtime/JSONObject.cpp:
(JSC::gap):
(JSC::Stringifier::Stringifier):
(JSC::Stringifier::appendStringifiedValue):
* runtime/JSObject.cpp:
(JSC::JSObject::putDirectFunction):
(JSC::JSObject::putDirectFunctionWithoutTransition):
(JSC::JSObject::defineOwnProperty):
* runtime/JSObject.h:
* runtime/JSPropertyNameIterator.cpp:
(JSC::JSPropertyNameIterator::get):
* runtime/JSString.cpp:
(JSC::JSString::Rope::~Rope):
(JSC::JSString::resolveRope):
(JSC::JSString::getPrimitiveNumber):
(JSC::JSString::toNumber):
(JSC::JSString::toString):
(JSC::JSString::toThisString):
(JSC::JSString::getStringPropertyDescriptor):
* runtime/JSString.h:
(JSC::JSString::Rope::createOrNull):
(JSC::JSString::Rope::operator new):
(JSC::JSString::value):
(JSC::JSString::tryGetValue):
(JSC::JSString::getIndex):
(JSC::JSString::getStringPropertySlot):
(JSC::JSValue::toString):
* runtime/JSValue.h:
* runtime/NativeErrorConstructor.cpp:
(JSC::NativeErrorConstructor::NativeErrorConstructor):
* runtime/Operations.cpp:
(JSC::JSValue::strictEqualSlowCase):
* runtime/Operations.h:
(JSC::JSValue::equalSlowCaseInline):
(JSC::JSValue::strictEqualSlowCaseInline):
(JSC::JSValue::strictEqual):
(JSC::jsLess):
(JSC::jsLessEq):
(JSC::jsAdd):
(JSC::concatenateStrings):
* runtime/PropertyDescriptor.cpp:
(JSC::PropertyDescriptor::equalTo):
* runtime/PropertyDescriptor.h:
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncReplace):
(JSC::stringProtoFuncToLowerCase):
(JSC::stringProtoFuncToUpperCase):

WebCore: 

* bindings/ScriptControllerBase.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL):
* bindings/js/JSCanvasRenderingContext2DCustom.cpp:
(WebCore::toHTMLCanvasStyle):
(WebCore::JSCanvasRenderingContext2D::setFillColor):
(WebCore::JSCanvasRenderingContext2D::setStrokeColor):
(WebCore::JSCanvasRenderingContext2D::setShadow):
* bindings/js/ScriptCallStack.cpp:
(WebCore::ScriptCallStack::ScriptCallStack):
(WebCore::ScriptCallStack::initialize):
* bindings/js/ScriptValue.cpp:
(WebCore::ScriptValue::getString):
* bindings/js/ScriptValue.h:
* bindings/js/SerializedScriptValue.cpp:
(WebCore::SerializingTreeWalker::convertIfTerminal):
* bindings/objc/WebScriptObject.mm:
(+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
* page/Console.cpp:
(WebCore::Console::addMessage):

WebKit/mac: 

* WebView/WebView.mm:
(aeDescFromJSValue):</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkJavaScriptCoreAPIJSCallbackObjectFunctionsh">trunk/JavaScriptCore/API/JSCallbackObjectFunctions.h</a></li>
<li><a href="#trunkJavaScriptCoreAPIJSValueRefcpp">trunk/JavaScriptCore/API/JSValueRef.cpp</a></li>
<li><a href="#trunkJavaScriptCoreChangeLog">trunk/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkJavaScriptCoreJavaScriptCoreexp">trunk/JavaScriptCore/JavaScriptCore.exp</a></li>
<li><a href="#trunkJavaScriptCorebytecompilerBytecodeGeneratorcpp">trunk/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp</a></li>
<li><a href="#trunkJavaScriptCoredebuggerDebuggerCallFramecpp">trunk/JavaScriptCore/debugger/DebuggerCallFrame.cpp</a></li>
<li><a href="#trunkJavaScriptCoreinterpreterInterpretercpp">trunk/JavaScriptCore/interpreter/Interpreter.cpp</a></li>
<li><a href="#trunkJavaScriptCorejitJITStubscpp">trunk/JavaScriptCore/jit/JITStubs.cpp</a></li>
<li><a href="#trunkJavaScriptCoreprofilerProfileGeneratorcpp">trunk/JavaScriptCore/profiler/ProfileGenerator.cpp</a></li>
<li><a href="#trunkJavaScriptCoreprofilerProfilercpp">trunk/JavaScriptCore/profiler/Profiler.cpp</a></li>
<li><a href="#trunkJavaScriptCoreprofilerProfilerh">trunk/JavaScriptCore/profiler/Profiler.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeArrayPrototypecpp">trunk/JavaScriptCore/runtime/ArrayPrototype.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeDateConstructorcpp">trunk/JavaScriptCore/runtime/DateConstructor.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeFunctionPrototypecpp">trunk/JavaScriptCore/runtime/FunctionPrototype.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeInternalFunctioncpp">trunk/JavaScriptCore/runtime/InternalFunction.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeInternalFunctionh">trunk/JavaScriptCore/runtime/InternalFunction.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSCellcpp">trunk/JavaScriptCore/runtime/JSCell.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSCellh">trunk/JavaScriptCore/runtime/JSCell.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSONObjectcpp">trunk/JavaScriptCore/runtime/JSONObject.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSObjectcpp">trunk/JavaScriptCore/runtime/JSObject.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSObjecth">trunk/JavaScriptCore/runtime/JSObject.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSPropertyNameIteratorcpp">trunk/JavaScriptCore/runtime/JSPropertyNameIterator.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSStringcpp">trunk/JavaScriptCore/runtime/JSString.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSStringh">trunk/JavaScriptCore/runtime/JSString.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeJSValueh">trunk/JavaScriptCore/runtime/JSValue.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeNativeErrorConstructorcpp">trunk/JavaScriptCore/runtime/NativeErrorConstructor.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeOperationscpp">trunk/JavaScriptCore/runtime/Operations.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimeOperationsh">trunk/JavaScriptCore/runtime/Operations.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimePropertyDescriptorcpp">trunk/JavaScriptCore/runtime/PropertyDescriptor.cpp</a></li>
<li><a href="#trunkJavaScriptCoreruntimePropertyDescriptorh">trunk/JavaScriptCore/runtime/PropertyDescriptor.h</a></li>
<li><a href="#trunkJavaScriptCoreruntimeStringPrototypecpp">trunk/JavaScriptCore/runtime/StringPrototype.cpp</a></li>
<li><a href="#trunkWebCoreChangeLog">trunk/WebCore/ChangeLog</a></li>
<li><a href="#trunkWebCorebindingsScriptControllerBasecpp">trunk/WebCore/bindings/ScriptControllerBase.cpp</a></li>
<li><a href="#trunkWebCorebindingsjsJSCanvasRenderingContext2DCustomcpp">trunk/WebCore/bindings/js/JSCanvasRenderingContext2DCustom.cpp</a></li>
<li><a href="#trunkWebCorebindingsjsScriptCallStackcpp">trunk/WebCore/bindings/js/ScriptCallStack.cpp</a></li>
<li><a href="#trunkWebCorebindingsjsScriptValuecpp">trunk/WebCore/bindings/js/ScriptValue.cpp</a></li>
<li><a href="#trunkWebCorebindingsjsScriptValueh">trunk/WebCore/bindings/js/ScriptValue.h</a></li>
<li><a href="#trunkWebCorebindingsjsSerializedScriptValuecpp">trunk/WebCore/bindings/js/SerializedScriptValue.cpp</a></li>
<li><a href="#trunkWebCorebindingsobjcWebScriptObjectmm">trunk/WebCore/bindings/objc/WebScriptObject.mm</a></li>
<li><a href="#trunkWebCorepageConsolecpp">trunk/WebCore/page/Console.cpp</a></li>
<li><a href="#trunkWebKitmacChangeLog">trunk/WebKit/mac/ChangeLog</a></li>
<li><a href="#trunkWebKitmacWebViewWebViewmm">trunk/WebKit/mac/WebView/WebView.mm</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkJavaScriptCoreAPIJSCallbackObjectFunctionsh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/API/JSCallbackObjectFunctions.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/API/JSCallbackObjectFunctions.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/API/JSCallbackObjectFunctions.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -467,7 +467,7 @@
</span><span class="cx">                 return &quot;&quot;;
</span><span class="cx">             }
</span><span class="cx">             if (value)
</span><del>-                return toJS(exec, value).getString();
</del><ins>+                return toJS(exec, value).getString(exec);
</ins><span class="cx">         }
</span><span class="cx">             
</span><span class="cx">     return Base::toString(exec);
</span></span></pre></div>
<a id="trunkJavaScriptCoreAPIJSValueRefcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/API/JSValueRef.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/API/JSValueRef.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/API/JSValueRef.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -169,7 +169,7 @@
</span><span class="cx">     JSValue jsA = toJS(exec, a);
</span><span class="cx">     JSValue jsB = toJS(exec, b);
</span><span class="cx"> 
</span><del>-    return JSValue::strictEqual(jsA, jsB);
</del><ins>+    return JSValue::strictEqual(exec, jsA, jsB);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> bool JSValueIsInstanceOfConstructor(JSContextRef ctx, JSValueRef value, JSObjectRef constructor, JSValueRef* exception)
</span></span></pre></div>
<a id="trunkJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/ChangeLog (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/ChangeLog        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/ChangeLog        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -1,3 +1,98 @@
</span><ins>+2009-12-05  Gavin Barraclough  &lt;barraclough@apple.com&gt;
+
+        Reviewed by Oliver Hunt.
+
+        https://bugs.webkit.org/show_bug.cgi?id=32184
+        Handle out-of-memory conditions with JSC Ropes with a JS exception, rather than crashing.
+        Switch from using fastMalloc to tryFastMalloc, pass an ExecState to record the exception on.
+
+        * API/JSCallbackObjectFunctions.h:
+        (JSC::::toString):
+        * API/JSValueRef.cpp:
+        (JSValueIsStrictEqual):
+        * JavaScriptCore.exp:
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::emitEqualityOp):
+        * debugger/DebuggerCallFrame.cpp:
+        (JSC::DebuggerCallFrame::functionName):
+        (JSC::DebuggerCallFrame::calculatedFunctionName):
+        * interpreter/Interpreter.cpp:
+        (JSC::Interpreter::callEval):
+        (JSC::Interpreter::privateExecute):
+        * jit/JITStubs.cpp:
+        (JSC::DEFINE_STUB_FUNCTION):
+        * profiler/ProfileGenerator.cpp:
+        (JSC::ProfileGenerator::addParentForConsoleStart):
+        * profiler/Profiler.cpp:
+        (JSC::Profiler::willExecute):
+        (JSC::Profiler::didExecute):
+        (JSC::Profiler::createCallIdentifier):
+        (JSC::createCallIdentifierFromFunctionImp):
+        * profiler/Profiler.h:
+        * runtime/ArrayPrototype.cpp:
+        (JSC::arrayProtoFuncIndexOf):
+        (JSC::arrayProtoFuncLastIndexOf):
+        * runtime/DateConstructor.cpp:
+        (JSC::constructDate):
+        * runtime/FunctionPrototype.cpp:
+        (JSC::functionProtoFuncToString):
+        * runtime/InternalFunction.cpp:
+        (JSC::InternalFunction::name):
+        (JSC::InternalFunction::displayName):
+        (JSC::InternalFunction::calculatedDisplayName):
+        * runtime/InternalFunction.h:
+        * runtime/JSCell.cpp:
+        (JSC::JSCell::getString):
+        * runtime/JSCell.h:
+        (JSC::JSValue::getString):
+        * runtime/JSONObject.cpp:
+        (JSC::gap):
+        (JSC::Stringifier::Stringifier):
+        (JSC::Stringifier::appendStringifiedValue):
+        * runtime/JSObject.cpp:
+        (JSC::JSObject::putDirectFunction):
+        (JSC::JSObject::putDirectFunctionWithoutTransition):
+        (JSC::JSObject::defineOwnProperty):
+        * runtime/JSObject.h:
+        * runtime/JSPropertyNameIterator.cpp:
+        (JSC::JSPropertyNameIterator::get):
+        * runtime/JSString.cpp:
+        (JSC::JSString::Rope::~Rope):
+        (JSC::JSString::resolveRope):
+        (JSC::JSString::getPrimitiveNumber):
+        (JSC::JSString::toNumber):
+        (JSC::JSString::toString):
+        (JSC::JSString::toThisString):
+        (JSC::JSString::getStringPropertyDescriptor):
+        * runtime/JSString.h:
+        (JSC::JSString::Rope::createOrNull):
+        (JSC::JSString::Rope::operator new):
+        (JSC::JSString::value):
+        (JSC::JSString::tryGetValue):
+        (JSC::JSString::getIndex):
+        (JSC::JSString::getStringPropertySlot):
+        (JSC::JSValue::toString):
+        * runtime/JSValue.h:
+        * runtime/NativeErrorConstructor.cpp:
+        (JSC::NativeErrorConstructor::NativeErrorConstructor):
+        * runtime/Operations.cpp:
+        (JSC::JSValue::strictEqualSlowCase):
+        * runtime/Operations.h:
+        (JSC::JSValue::equalSlowCaseInline):
+        (JSC::JSValue::strictEqualSlowCaseInline):
+        (JSC::JSValue::strictEqual):
+        (JSC::jsLess):
+        (JSC::jsLessEq):
+        (JSC::jsAdd):
+        (JSC::concatenateStrings):
+        * runtime/PropertyDescriptor.cpp:
+        (JSC::PropertyDescriptor::equalTo):
+        * runtime/PropertyDescriptor.h:
+        * runtime/StringPrototype.cpp:
+        (JSC::stringProtoFuncReplace):
+        (JSC::stringProtoFuncToLowerCase):
+        (JSC::stringProtoFuncToUpperCase):
+
</ins><span class="cx"> 2009-12-07  Nikolas Zimmermann  &lt;nzimmermann@rim.com&gt;
</span><span class="cx"> 
</span><span class="cx">         Reviewed by Holger Freyther.
</span></span></pre></div>
<a id="trunkJavaScriptCoreJavaScriptCoreexp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/JavaScriptCore.exp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/JavaScriptCore.exp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/JavaScriptCore.exp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -150,7 +150,7 @@
</span><span class="cx"> __ZN3JSC15createTypeErrorEPNS_9ExecStateEPKc
</span><span class="cx"> __ZN3JSC15toInt32SlowCaseEdRb
</span><span class="cx"> __ZN3JSC16InternalFunction4infoE
</span><del>-__ZN3JSC16InternalFunction4nameEPNS_12JSGlobalDataE
</del><ins>+__ZN3JSC16InternalFunction4nameEPNS_9ExecStateE
</ins><span class="cx"> __ZN3JSC16InternalFunctionC2EPNS_12JSGlobalDataEN3WTF17NonNullPassRefPtrINS_9StructureEEERKNS_10IdentifierE
</span><span class="cx"> __ZN3JSC16JSVariableObject14deletePropertyEPNS_9ExecStateERKNS_10IdentifierE
</span><span class="cx"> __ZN3JSC16JSVariableObject14symbolTableGetERKNS_10IdentifierERNS_18PropertyDescriptorE
</span><span class="lines">@@ -377,9 +377,9 @@
</span><span class="cx"> __ZNK3JSC6JSCell8toObjectEPNS_9ExecStateE
</span><span class="cx"> __ZNK3JSC6JSCell8toStringEPNS_9ExecStateE
</span><span class="cx"> __ZNK3JSC6JSCell9classInfoEv
</span><del>-__ZNK3JSC6JSCell9getStringERNS_7UStringE
-__ZNK3JSC6JSCell9getStringEv
</del><span class="cx"> __ZNK3JSC6JSCell9getUInt32ERj
</span><ins>+__ZNK3JSC6JSCell9getStringEPNS_9ExecStateE
+__ZNK3JSC6JSCell9getStringEPNS_9ExecStateERNS_7UStringE
</ins><span class="cx"> __ZNK3JSC6JSCell9toBooleanEPNS_9ExecStateE
</span><span class="cx"> __ZNK3JSC7ArgList8getSliceEiRS0_
</span><span class="cx"> __ZNK3JSC7JSValue16toObjectSlowCaseEPNS_9ExecStateE
</span><span class="lines">@@ -403,7 +403,7 @@
</span><span class="cx"> __ZNK3JSC8JSObject8toStringEPNS_9ExecStateE
</span><span class="cx"> __ZNK3JSC8JSObject9classNameEv
</span><span class="cx"> __ZNK3JSC8JSObject9toBooleanEPNS_9ExecStateE
</span><del>-__ZNK3JSC8JSString11resolveRopeEv
</del><ins>+__ZNK3JSC8JSString11resolveRopeEPNS_9ExecStateE
</ins><span class="cx"> __ZNK3JSC9HashTable11createTableEPNS_12JSGlobalDataE
</span><span class="cx"> __ZNK3JSC9HashTable11deleteTableEv
</span><span class="cx"> __ZNK3WTF8Collator7collateEPKtmS2_m
</span></span></pre></div>
<a id="trunkJavaScriptCorebytecompilerBytecodeGeneratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -904,7 +904,7 @@
</span><span class="cx">             &amp;&amp; src1-&gt;isTemporary()
</span><span class="cx">             &amp;&amp; m_codeBlock-&gt;isConstantRegisterIndex(src2-&gt;index())
</span><span class="cx">             &amp;&amp; m_codeBlock-&gt;constantRegister(src2-&gt;index()).jsValue().isString()) {
</span><del>-            const UString&amp; value = asString(m_codeBlock-&gt;constantRegister(src2-&gt;index()).jsValue())-&gt;value();
</del><ins>+            const UString&amp; value = asString(m_codeBlock-&gt;constantRegister(src2-&gt;index()).jsValue())-&gt;tryGetValue();
</ins><span class="cx">             if (value == &quot;undefined&quot;) {
</span><span class="cx">                 rewindUnaryOp();
</span><span class="cx">                 emitOpcode(op_is_undefined);
</span></span></pre></div>
<a id="trunkJavaScriptCoredebuggerDebuggerCallFramecpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/debugger/DebuggerCallFrame.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/debugger/DebuggerCallFrame.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/debugger/DebuggerCallFrame.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -44,7 +44,7 @@
</span><span class="cx">     JSFunction* function = asFunction(m_callFrame-&gt;callee());
</span><span class="cx">     if (!function)
</span><span class="cx">         return 0;
</span><del>-    return &amp;function-&gt;name(&amp;m_callFrame-&gt;globalData());
</del><ins>+    return &amp;function-&gt;name(m_callFrame);
</ins><span class="cx"> }
</span><span class="cx">     
</span><span class="cx"> UString DebuggerCallFrame::calculatedFunctionName() const
</span><span class="lines">@@ -55,7 +55,7 @@
</span><span class="cx">     JSFunction* function = asFunction(m_callFrame-&gt;callee());
</span><span class="cx">     if (!function)
</span><span class="cx">         return 0;
</span><del>-    return function-&gt;calculatedDisplayName(&amp;m_callFrame-&gt;globalData());
</del><ins>+    return function-&gt;calculatedDisplayName(m_callFrame);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> DebuggerCallFrame::Type DebuggerCallFrame::type() const
</span></span></pre></div>
<a id="trunkJavaScriptCoreinterpreterInterpretercpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/interpreter/Interpreter.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/interpreter/Interpreter.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/interpreter/Interpreter.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -300,7 +300,7 @@
</span><span class="cx">     if (!program.isString())
</span><span class="cx">         return program;
</span><span class="cx"> 
</span><del>-    UString programSource = asString(program)-&gt;value();
</del><ins>+    UString programSource = asString(program)-&gt;value(callFrame);
</ins><span class="cx"> 
</span><span class="cx">     LiteralParser preparser(callFrame, programSource, LiteralParser::NonStrictJSON);
</span><span class="cx">     if (JSValue parsedObject = preparser.tryLiteralParse())
</span><span class="lines">@@ -1306,7 +1306,7 @@
</span><span class="cx">         int dst = vPC[1].u.operand;
</span><span class="cx">         JSValue src1 = callFrame-&gt;r(vPC[2].u.operand).jsValue();
</span><span class="cx">         JSValue src2 = callFrame-&gt;r(vPC[3].u.operand).jsValue();
</span><del>-        callFrame-&gt;r(dst) = jsBoolean(JSValue::strictEqual(src1, src2));
</del><ins>+        callFrame-&gt;r(dst) = jsBoolean(JSValue::strictEqual(callFrame, src1, src2));
</ins><span class="cx"> 
</span><span class="cx">         vPC += OPCODE_LENGTH(op_stricteq);
</span><span class="cx">         NEXT_INSTRUCTION();
</span><span class="lines">@@ -1321,7 +1321,7 @@
</span><span class="cx">         int dst = vPC[1].u.operand;
</span><span class="cx">         JSValue src1 = callFrame-&gt;r(vPC[2].u.operand).jsValue();
</span><span class="cx">         JSValue src2 = callFrame-&gt;r(vPC[3].u.operand).jsValue();
</span><del>-        callFrame-&gt;r(dst) = jsBoolean(!JSValue::strictEqual(src1, src2));
</del><ins>+        callFrame-&gt;r(dst) = jsBoolean(!JSValue::strictEqual(callFrame, src1, src2));
</ins><span class="cx"> 
</span><span class="cx">         vPC += OPCODE_LENGTH(op_nstricteq);
</span><span class="cx">         NEXT_INSTRUCTION();
</span><span class="lines">@@ -2479,7 +2479,7 @@
</span><span class="cx">                 else
</span><span class="cx">                     result = jsArray-&gt;JSArray::get(callFrame, i);
</span><span class="cx">             } else if (isJSString(globalData, baseValue) &amp;&amp; asString(baseValue)-&gt;canGetIndex(i))
</span><del>-                result = asString(baseValue)-&gt;getIndex(&amp;callFrame-&gt;globalData(), i);
</del><ins>+                result = asString(baseValue)-&gt;getIndex(callFrame, i);
</ins><span class="cx">             else if (isJSByteArray(globalData, baseValue) &amp;&amp; asByteArray(baseValue)-&gt;canAccessIndex(i))
</span><span class="cx">                 result = asByteArray(baseValue)-&gt;getIndex(callFrame, i);
</span><span class="cx">             else
</span><span class="lines">@@ -2915,7 +2915,7 @@
</span><span class="cx">         if (!scrutinee.isString())
</span><span class="cx">             vPC += defaultOffset;
</span><span class="cx">         else {
</span><del>-            UString::Rep* value = asString(scrutinee)-&gt;value().rep();
</del><ins>+            UString::Rep* value = asString(scrutinee)-&gt;value(callFrame).rep();
</ins><span class="cx">             if (value-&gt;size() != 1)
</span><span class="cx">                 vPC += defaultOffset;
</span><span class="cx">             else
</span><span class="lines">@@ -2938,7 +2938,7 @@
</span><span class="cx">         if (!scrutinee.isString())
</span><span class="cx">             vPC += defaultOffset;
</span><span class="cx">         else 
</span><del>-            vPC += callFrame-&gt;codeBlock()-&gt;stringSwitchJumpTable(tableIndex).offsetForValue(asString(scrutinee)-&gt;value().rep(), defaultOffset);
</del><ins>+            vPC += callFrame-&gt;codeBlock()-&gt;stringSwitchJumpTable(tableIndex).offsetForValue(asString(scrutinee)-&gt;value(callFrame).rep(), defaultOffset);
</ins><span class="cx">         NEXT_INSTRUCTION();
</span><span class="cx">     }
</span><span class="cx">     DEFINE_OPCODE(op_new_func) {
</span><span class="lines">@@ -3531,6 +3531,7 @@
</span><span class="cx">         int count = vPC[3].u.operand;
</span><span class="cx"> 
</span><span class="cx">         callFrame-&gt;r(dst) = concatenateStrings(callFrame, &amp;callFrame-&gt;registers()[src], count);
</span><ins>+        CHECK_FOR_EXCEPTION();
</ins><span class="cx">         vPC += OPCODE_LENGTH(op_strcat);
</span><span class="cx"> 
</span><span class="cx">         NEXT_INSTRUCTION();
</span></span></pre></div>
<a id="trunkJavaScriptCorejitJITStubscpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/jit/JITStubs.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/jit/JITStubs.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/jit/JITStubs.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -1044,14 +1044,18 @@
</span><span class="cx">     bool leftIsString = v1.isString();
</span><span class="cx">     if (leftIsString &amp;&amp; v2.isString()) {
</span><span class="cx">         if (asString(v1)-&gt;isRope() || asString(v2)-&gt;isRope()) {
</span><del>-            RefPtr&lt;JSString::Rope&gt; rope = JSString::Rope::create(2);
</del><ins>+            RefPtr&lt;JSString::Rope&gt; rope = JSString::Rope::createOrNull(2);
+            if (UNLIKELY(!rope)) {
+                throwOutOfMemoryError(callFrame);
+                VM_THROW_EXCEPTION();
+            }
</ins><span class="cx">             rope-&gt;initializeFiber(0, asString(v1));
</span><span class="cx">             rope-&gt;initializeFiber(1, asString(v2));
</span><span class="cx">             JSGlobalData* globalData = &amp;callFrame-&gt;globalData();
</span><span class="cx">             return JSValue::encode(new (globalData) JSString(globalData, rope.release()));
</span><span class="cx">         }
</span><span class="cx"> 
</span><del>-        RefPtr&lt;UString::Rep&gt; value = concatenate(asString(v1)-&gt;value().rep(), asString(v2)-&gt;value().rep());
</del><ins>+        RefPtr&lt;UString::Rep&gt; value = concatenate(asString(v1)-&gt;value(callFrame).rep(), asString(v2)-&gt;value(callFrame).rep());
</ins><span class="cx">         if (UNLIKELY(!value)) {
</span><span class="cx">             throwOutOfMemoryError(callFrame);
</span><span class="cx">             VM_THROW_EXCEPTION();
</span><span class="lines">@@ -1062,8 +1066,8 @@
</span><span class="cx"> 
</span><span class="cx">     if (rightIsNumber &amp; leftIsString) {
</span><span class="cx">         RefPtr&lt;UString::Rep&gt; value = v2.isInt32() ?
</span><del>-            concatenate(asString(v1)-&gt;value().rep(), v2.asInt32()) :
-            concatenate(asString(v1)-&gt;value().rep(), right);
</del><ins>+            concatenate(asString(v1)-&gt;value(callFrame).rep(), v2.asInt32()) :
+            concatenate(asString(v1)-&gt;value(callFrame).rep(), right);
</ins><span class="cx"> 
</span><span class="cx">         if (UNLIKELY(!value)) {
</span><span class="cx">             throwOutOfMemoryError(callFrame);
</span><span class="lines">@@ -1888,7 +1892,7 @@
</span><span class="cx">         } else if (isJSString(globalData, baseValue) &amp;&amp; asString(baseValue)-&gt;canGetIndex(i)) {
</span><span class="cx">             // All fast byte array accesses are safe from exceptions so return immediately to avoid exception checks.
</span><span class="cx">             ctiPatchCallByReturnAddress(callFrame-&gt;codeBlock(), STUB_RETURN_ADDRESS, FunctionPtr(cti_op_get_by_val_string));
</span><del>-            result = asString(baseValue)-&gt;getIndex(stackFrame.globalData, i);
</del><ins>+            result = asString(baseValue)-&gt;getIndex(callFrame, i);
</ins><span class="cx">         } else if (isJSByteArray(globalData, baseValue) &amp;&amp; asByteArray(baseValue)-&gt;canAccessIndex(i)) {
</span><span class="cx">             // All fast byte array accesses are safe from exceptions so return immediately to avoid exception checks.
</span><span class="cx">             ctiPatchCallByReturnAddress(callFrame-&gt;codeBlock(), STUB_RETURN_ADDRESS, FunctionPtr(cti_op_get_by_val_byte_array));
</span><span class="lines">@@ -1919,7 +1923,7 @@
</span><span class="cx">     if (LIKELY(subscript.isUInt32())) {
</span><span class="cx">         uint32_t i = subscript.asUInt32();
</span><span class="cx">         if (isJSString(globalData, baseValue) &amp;&amp; asString(baseValue)-&gt;canGetIndex(i))
</span><del>-            result = asString(baseValue)-&gt;getIndex(stackFrame.globalData, i);
</del><ins>+            result = asString(baseValue)-&gt;getIndex(callFrame, i);
</ins><span class="cx">         else {
</span><span class="cx">             result = baseValue.get(callFrame, i);
</span><span class="cx">             if (!isJSString(globalData, baseValue))
</span><span class="lines">@@ -2422,20 +2426,20 @@
</span><span class="cx"> 
</span><span class="cx">     if (cell1-&gt;isString()) {
</span><span class="cx">         if (src2.isInt32())
</span><del>-            return static_cast&lt;JSString*&gt;(cell1)-&gt;value().toDouble() == src2.asInt32();
</del><ins>+            return static_cast&lt;JSString*&gt;(cell1)-&gt;value(stackFrame.callFrame).toDouble() == src2.asInt32();
</ins><span class="cx">             
</span><span class="cx">         if (src2.isDouble())
</span><del>-            return static_cast&lt;JSString*&gt;(cell1)-&gt;value().toDouble() == src2.asDouble();
</del><ins>+            return static_cast&lt;JSString*&gt;(cell1)-&gt;value(stackFrame.callFrame).toDouble() == src2.asDouble();
</ins><span class="cx"> 
</span><span class="cx">         if (src2.isTrue())
</span><del>-            return static_cast&lt;JSString*&gt;(cell1)-&gt;value().toDouble() == 1.0;
</del><ins>+            return static_cast&lt;JSString*&gt;(cell1)-&gt;value(stackFrame.callFrame).toDouble() == 1.0;
</ins><span class="cx"> 
</span><span class="cx">         if (src2.isFalse())
</span><del>-            return static_cast&lt;JSString*&gt;(cell1)-&gt;value().toDouble() == 0.0;
</del><ins>+            return static_cast&lt;JSString*&gt;(cell1)-&gt;value(stackFrame.callFrame).toDouble() == 0.0;
</ins><span class="cx"> 
</span><span class="cx">         JSCell* cell2 = asCell(src2);
</span><span class="cx">         if (cell2-&gt;isString())
</span><del>-            return static_cast&lt;JSString*&gt;(cell1)-&gt;value() == static_cast&lt;JSString*&gt;(cell2)-&gt;value();
</del><ins>+            return static_cast&lt;JSString*&gt;(cell1)-&gt;value(stackFrame.callFrame) == static_cast&lt;JSString*&gt;(cell2)-&gt;value(stackFrame.callFrame);
</ins><span class="cx"> 
</span><span class="cx">         src2 = asObject(cell2)-&gt;toPrimitive(stackFrame.callFrame);
</span><span class="cx">         CHECK_FOR_EXCEPTION();
</span><span class="lines">@@ -2458,7 +2462,7 @@
</span><span class="cx"> 
</span><span class="cx">     ASSERT(string1-&gt;isString());
</span><span class="cx">     ASSERT(string2-&gt;isString());
</span><del>-    return string1-&gt;value() == string2-&gt;value();
</del><ins>+    return string1-&gt;value(stackFrame.callFrame) == string2-&gt;value(stackFrame.callFrame);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> #else // USE(JSVALUE32_64)
</span><span class="lines">@@ -2756,7 +2760,7 @@
</span><span class="cx"> 
</span><span class="cx">     JSObject* base = stackFrame.args[0].jsObject();
</span><span class="cx">     JSString* property = stackFrame.args[1].jsString();
</span><del>-    return base-&gt;hasProperty(stackFrame.callFrame, Identifier(stackFrame.callFrame, property-&gt;value()));
</del><ins>+    return base-&gt;hasProperty(stackFrame.callFrame, Identifier(stackFrame.callFrame, property-&gt;value(stackFrame.callFrame)));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> DEFINE_STUB_FUNCTION(JSObject*, op_push_scope)
</span><span class="lines">@@ -2833,7 +2837,7 @@
</span><span class="cx">     JSValue src1 = stackFrame.args[0].jsValue();
</span><span class="cx">     JSValue src2 = stackFrame.args[1].jsValue();
</span><span class="cx"> 
</span><del>-    return JSValue::encode(jsBoolean(JSValue::strictEqual(src1, src2)));
</del><ins>+    return JSValue::encode(jsBoolean(JSValue::strictEqual(stackFrame.callFrame, src1, src2)));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> DEFINE_STUB_FUNCTION(EncodedJSValue, op_to_primitive)
</span><span class="lines">@@ -2847,7 +2851,9 @@
</span><span class="cx"> {
</span><span class="cx">     STUB_INIT_STACK_FRAME(stackFrame);
</span><span class="cx"> 
</span><del>-    return JSValue::encode(concatenateStrings(stackFrame.callFrame, &amp;stackFrame.callFrame-&gt;registers()[stackFrame.args[0].int32()], stackFrame.args[1].int32()));
</del><ins>+    JSValue result = concatenateStrings(stackFrame.callFrame, &amp;stackFrame.callFrame-&gt;registers()[stackFrame.args[0].int32()], stackFrame.args[1].int32());
+    CHECK_FOR_EXCEPTION_AT_END();
+    return JSValue::encode(result);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> DEFINE_STUB_FUNCTION(EncodedJSValue, op_nstricteq)
</span><span class="lines">@@ -2857,7 +2863,7 @@
</span><span class="cx">     JSValue src1 = stackFrame.args[0].jsValue();
</span><span class="cx">     JSValue src2 = stackFrame.args[1].jsValue();
</span><span class="cx"> 
</span><del>-    return JSValue::encode(jsBoolean(!JSValue::strictEqual(src1, src2)));
</del><ins>+    return JSValue::encode(jsBoolean(!JSValue::strictEqual(stackFrame.callFrame, src1, src2)));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> DEFINE_STUB_FUNCTION(EncodedJSValue, op_to_jsnumber)
</span><span class="lines">@@ -2966,7 +2972,7 @@
</span><span class="cx">     void* result = codeBlock-&gt;characterSwitchJumpTable(tableIndex).ctiDefault.executableAddress();
</span><span class="cx"> 
</span><span class="cx">     if (scrutinee.isString()) {
</span><del>-        UString::Rep* value = asString(scrutinee)-&gt;value().rep();
</del><ins>+        UString::Rep* value = asString(scrutinee)-&gt;value(callFrame).rep();
</ins><span class="cx">         if (value-&gt;size() == 1)
</span><span class="cx">             result = codeBlock-&gt;characterSwitchJumpTable(tableIndex).ctiForValue(value-&gt;data()[0]).executableAddress();
</span><span class="cx">     }
</span><span class="lines">@@ -2986,7 +2992,7 @@
</span><span class="cx">     void* result = codeBlock-&gt;stringSwitchJumpTable(tableIndex).ctiDefault.executableAddress();
</span><span class="cx"> 
</span><span class="cx">     if (scrutinee.isString()) {
</span><del>-        UString::Rep* value = asString(scrutinee)-&gt;value().rep();
</del><ins>+        UString::Rep* value = asString(scrutinee)-&gt;value(callFrame).rep();
</ins><span class="cx">         result = codeBlock-&gt;stringSwitchJumpTable(tableIndex).ctiForValue(value).executableAddress();
</span><span class="cx">     }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkJavaScriptCoreprofilerProfileGeneratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/profiler/ProfileGenerator.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/profiler/ProfileGenerator.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/profiler/ProfileGenerator.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -63,7 +63,7 @@
</span><span class="cx">     JSValue function;
</span><span class="cx"> 
</span><span class="cx">     exec-&gt;interpreter()-&gt;retrieveLastCaller(exec, lineNumber, sourceID, sourceURL, function);
</span><del>-    m_currentNode = ProfileNode::create(Profiler::createCallIdentifier(&amp;exec-&gt;globalData(), function ? function.toThisObject(exec) : 0, sourceURL, lineNumber), m_head.get(), m_head.get());
</del><ins>+    m_currentNode = ProfileNode::create(Profiler::createCallIdentifier(exec, function ? function.toThisObject(exec) : 0, sourceURL, lineNumber), m_head.get(), m_head.get());
</ins><span class="cx">     m_head-&gt;insertNode(m_currentNode.get());
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkJavaScriptCoreprofilerProfilercpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/profiler/Profiler.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/profiler/Profiler.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/profiler/Profiler.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -46,7 +46,7 @@
</span><span class="cx"> static const char* AnonymousFunction = &quot;(anonymous function)&quot;;
</span><span class="cx"> static unsigned ProfilesUID = 0;
</span><span class="cx"> 
</span><del>-static CallIdentifier createCallIdentifierFromFunctionImp(JSGlobalData*, JSFunction*);
</del><ins>+static CallIdentifier createCallIdentifierFromFunctionImp(ExecState*, JSFunction*);
</ins><span class="cx"> 
</span><span class="cx"> Profiler* Profiler::s_sharedProfiler = 0;
</span><span class="cx"> Profiler* Profiler::s_sharedEnabledProfilerReference = 0;
</span><span class="lines">@@ -109,14 +109,14 @@
</span><span class="cx"> {
</span><span class="cx">     ASSERT(!m_currentProfiles.isEmpty());
</span><span class="cx"> 
</span><del>-    dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::willExecute, createCallIdentifier(&amp;exec-&gt;globalData(), function, &quot;&quot;, 0), exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</del><ins>+    dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::willExecute, createCallIdentifier(exec, function, &quot;&quot;, 0), exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void Profiler::willExecute(ExecState* exec, const UString&amp; sourceURL, int startingLineNumber)
</span><span class="cx"> {
</span><span class="cx">     ASSERT(!m_currentProfiles.isEmpty());
</span><span class="cx"> 
</span><del>-    CallIdentifier callIdentifier = createCallIdentifier(&amp;exec-&gt;globalData(), JSValue(), sourceURL, startingLineNumber);
</del><ins>+    CallIdentifier callIdentifier = createCallIdentifier(exec, JSValue(), sourceURL, startingLineNumber);
</ins><span class="cx"> 
</span><span class="cx">     dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::willExecute, callIdentifier, exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</span><span class="cx"> }
</span><span class="lines">@@ -125,17 +125,17 @@
</span><span class="cx"> {
</span><span class="cx">     ASSERT(!m_currentProfiles.isEmpty());
</span><span class="cx"> 
</span><del>-    dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::didExecute, createCallIdentifier(&amp;exec-&gt;globalData(), function, &quot;&quot;, 0), exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</del><ins>+    dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::didExecute, createCallIdentifier(exec, function, &quot;&quot;, 0), exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void Profiler::didExecute(ExecState* exec, const UString&amp; sourceURL, int startingLineNumber)
</span><span class="cx"> {
</span><span class="cx">     ASSERT(!m_currentProfiles.isEmpty());
</span><span class="cx"> 
</span><del>-    dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::didExecute, createCallIdentifier(&amp;exec-&gt;globalData(), JSValue(), sourceURL, startingLineNumber), exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</del><ins>+    dispatchFunctionToProfiles(m_currentProfiles, &amp;ProfileGenerator::didExecute, createCallIdentifier(exec, JSValue(), sourceURL, startingLineNumber), exec-&gt;lexicalGlobalObject()-&gt;profileGroup());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><del>-CallIdentifier Profiler::createCallIdentifier(JSGlobalData* globalData, JSValue functionValue, const UString&amp; defaultSourceURL, int defaultLineNumber)
</del><ins>+CallIdentifier Profiler::createCallIdentifier(ExecState* exec, JSValue functionValue, const UString&amp; defaultSourceURL, int defaultLineNumber)
</ins><span class="cx"> {
</span><span class="cx">     if (!functionValue)
</span><span class="cx">         return CallIdentifier(GlobalCodeExecution, defaultSourceURL, defaultLineNumber);
</span><span class="lines">@@ -144,17 +144,17 @@
</span><span class="cx">     if (asObject(functionValue)-&gt;inherits(&amp;JSFunction::info)) {
</span><span class="cx">         JSFunction* function = asFunction(functionValue);
</span><span class="cx">         if (!function-&gt;executable()-&gt;isHostFunction())
</span><del>-            return createCallIdentifierFromFunctionImp(globalData, function);
</del><ins>+            return createCallIdentifierFromFunctionImp(exec, function);
</ins><span class="cx">     }
</span><span class="cx">     if (asObject(functionValue)-&gt;inherits(&amp;InternalFunction::info))
</span><del>-        return CallIdentifier(static_cast&lt;InternalFunction*&gt;(asObject(functionValue))-&gt;name(globalData), defaultSourceURL, defaultLineNumber);
</del><ins>+        return CallIdentifier(static_cast&lt;InternalFunction*&gt;(asObject(functionValue))-&gt;name(exec), defaultSourceURL, defaultLineNumber);
</ins><span class="cx">     return CallIdentifier(&quot;(&quot; + asObject(functionValue)-&gt;className() + &quot; object)&quot;, defaultSourceURL, defaultLineNumber);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-CallIdentifier createCallIdentifierFromFunctionImp(JSGlobalData* globalData, JSFunction* function)
</del><ins>+CallIdentifier createCallIdentifierFromFunctionImp(ExecState* exec, JSFunction* function)
</ins><span class="cx"> {
</span><span class="cx">     ASSERT(!function-&gt;isHostFunction());
</span><del>-    const UString&amp; name = function-&gt;calculatedDisplayName(globalData);
</del><ins>+    const UString&amp; name = function-&gt;calculatedDisplayName(exec);
</ins><span class="cx">     return CallIdentifier(name.isEmpty() ? AnonymousFunction : name, function-&gt;jsExecutable()-&gt;sourceURL(), function-&gt;jsExecutable()-&gt;lineNo());
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkJavaScriptCoreprofilerProfilerh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/profiler/Profiler.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/profiler/Profiler.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/profiler/Profiler.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -52,7 +52,7 @@
</span><span class="cx">         }
</span><span class="cx"> 
</span><span class="cx">         static Profiler* profiler(); 
</span><del>-        static CallIdentifier createCallIdentifier(JSGlobalData*, JSValue, const UString&amp; sourceURL, int lineNumber);
</del><ins>+        static CallIdentifier createCallIdentifier(ExecState* exec, JSValue, const UString&amp; sourceURL, int lineNumber);
</ins><span class="cx"> 
</span><span class="cx">         void startProfiling(ExecState*, const UString&amp; title);
</span><span class="cx">         PassRefPtr&lt;Profile&gt; stopProfiling(ExecState*, const UString&amp; title);
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeArrayPrototypecpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/ArrayPrototype.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/ArrayPrototype.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/ArrayPrototype.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -1034,7 +1034,7 @@
</span><span class="cx">         JSValue e = getProperty(exec, thisObj, index);
</span><span class="cx">         if (!e)
</span><span class="cx">             continue;
</span><del>-        if (JSValue::strictEqual(searchElement, e))
</del><ins>+        if (JSValue::strictEqual(exec, searchElement, e))
</ins><span class="cx">             return jsNumber(exec, index);
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="lines">@@ -1065,7 +1065,7 @@
</span><span class="cx">         JSValue e = getProperty(exec, thisObj, index);
</span><span class="cx">         if (!e)
</span><span class="cx">             continue;
</span><del>-        if (JSValue::strictEqual(searchElement, e))
</del><ins>+        if (JSValue::strictEqual(exec, searchElement, e))
</ins><span class="cx">             return jsNumber(exec, index);
</span><span class="cx">     }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeDateConstructorcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/DateConstructor.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/DateConstructor.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/DateConstructor.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -84,7 +84,7 @@
</span><span class="cx">         else {
</span><span class="cx">             JSValue primitive = args.at(0).toPrimitive(exec);
</span><span class="cx">             if (primitive.isString())
</span><del>-                value = parseDate(exec, primitive.getString());
</del><ins>+                value = parseDate(exec, primitive.getString(exec));
</ins><span class="cx">             else
</span><span class="cx">                 value = primitive.toNumber(exec);
</span><span class="cx">         }
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeFunctionPrototypecpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/FunctionPrototype.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/FunctionPrototype.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/FunctionPrototype.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -90,13 +90,13 @@
</span><span class="cx">             FunctionExecutable* executable = function-&gt;jsExecutable();
</span><span class="cx">             UString sourceString = executable-&gt;source().toString();
</span><span class="cx">             insertSemicolonIfNeeded(sourceString);
</span><del>-            return jsString(exec, &quot;function &quot; + function-&gt;name(&amp;exec-&gt;globalData()) + &quot;(&quot; + executable-&gt;paramString() + &quot;) &quot; + sourceString);
</del><ins>+            return jsString(exec, &quot;function &quot; + function-&gt;name(exec) + &quot;(&quot; + executable-&gt;paramString() + &quot;) &quot; + sourceString);
</ins><span class="cx">         }
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     if (thisValue.inherits(&amp;InternalFunction::info)) {
</span><span class="cx">         InternalFunction* function = asInternalFunction(thisValue);
</span><del>-        return jsString(exec, &quot;function &quot; + function-&gt;name(&amp;exec-&gt;globalData()) + &quot;() {\n    [native code]\n}&quot;);
</del><ins>+        return jsString(exec, &quot;function &quot; + function-&gt;name(exec) + &quot;() {\n    [native code]\n}&quot;);
</ins><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     return throwError(exec, TypeError);
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeInternalFunctioncpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/InternalFunction.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/InternalFunction.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/InternalFunction.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -43,29 +43,29 @@
</span><span class="cx">     putDirect(globalData-&gt;propertyNames-&gt;name, jsString(globalData, name.ustring()), DontDelete | ReadOnly | DontEnum);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-const UString&amp; InternalFunction::name(JSGlobalData* globalData)
</del><ins>+const UString&amp; InternalFunction::name(ExecState* exec)
</ins><span class="cx"> {
</span><del>-    return asString(getDirect(globalData-&gt;propertyNames-&gt;name))-&gt;value();
</del><ins>+    return asString(getDirect(exec-&gt;globalData().propertyNames-&gt;name))-&gt;value(exec);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><del>-const UString InternalFunction::displayName(JSGlobalData* globalData)
</del><ins>+const UString InternalFunction::displayName(ExecState* exec)
</ins><span class="cx"> {
</span><del>-    JSValue displayName = getDirect(globalData-&gt;propertyNames-&gt;displayName);
</del><ins>+    JSValue displayName = getDirect(exec-&gt;globalData().propertyNames-&gt;displayName);
</ins><span class="cx">     
</span><del>-    if (displayName &amp;&amp; isJSString(globalData, displayName))
-        return asString(displayName)-&gt;value();
</del><ins>+    if (displayName &amp;&amp; isJSString(&amp;exec-&gt;globalData(), displayName))
+        return asString(displayName)-&gt;value(exec);
</ins><span class="cx">     
</span><span class="cx">     return UString::null();
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-const UString InternalFunction::calculatedDisplayName(JSGlobalData* globalData)
</del><ins>+const UString InternalFunction::calculatedDisplayName(ExecState* exec)
</ins><span class="cx"> {
</span><del>-    const UString explicitName = displayName(globalData);
</del><ins>+    const UString explicitName = displayName(exec);
</ins><span class="cx">     
</span><span class="cx">     if (!explicitName.isEmpty())
</span><span class="cx">         return explicitName;
</span><span class="cx">     
</span><del>-    return name(globalData);
</del><ins>+    return name(exec);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeInternalFunctionh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/InternalFunction.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/InternalFunction.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/InternalFunction.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -36,9 +36,9 @@
</span><span class="cx">         virtual const ClassInfo* classInfo() const; 
</span><span class="cx">         static JS_EXPORTDATA const ClassInfo info;
</span><span class="cx"> 
</span><del>-        const UString&amp; name(JSGlobalData*);
-        const UString displayName(JSGlobalData*);
-        const UString calculatedDisplayName(JSGlobalData*);
</del><ins>+        const UString&amp; name(ExecState*);
+        const UString displayName(ExecState*);
+        const UString calculatedDisplayName(ExecState*);
</ins><span class="cx"> 
</span><span class="cx">         static PassRefPtr&lt;Structure&gt; createStructure(JSValue proto) 
</span><span class="cx">         { 
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSCellcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSCell.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSCell.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSCell.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -86,17 +86,17 @@
</span><span class="cx">     return false;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool JSCell::getString(UString&amp;stringValue) const
</del><ins>+bool JSCell::getString(ExecState* exec, UString&amp;stringValue) const
</ins><span class="cx"> {
</span><span class="cx">     if (!isString())
</span><span class="cx">         return false;
</span><del>-    stringValue = static_cast&lt;const JSString*&gt;(this)-&gt;value();
</del><ins>+    stringValue = static_cast&lt;const JSString*&gt;(this)-&gt;value(exec);
</ins><span class="cx">     return true;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-UString JSCell::getString() const
</del><ins>+UString JSCell::getString(ExecState* exec) const
</ins><span class="cx"> {
</span><del>-    return isString() ? static_cast&lt;const JSString*&gt;(this)-&gt;value() : UString();
</del><ins>+    return isString() ? static_cast&lt;const JSString*&gt;(this)-&gt;value(exec) : UString();
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> JSObject* JSCell::getObject()
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSCellh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSCell.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSCell.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSCell.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -65,8 +65,8 @@
</span><span class="cx">         Structure* structure() const;
</span><span class="cx"> 
</span><span class="cx">         // Extracting the value.
</span><del>-        bool getString(UString&amp;) const;
-        UString getString() const; // null string if not a string
</del><ins>+        bool getString(ExecState* exec, UString&amp;) const;
+        UString getString(ExecState* exec) const; // null string if not a string
</ins><span class="cx">         JSObject* getObject(); // NULL if not an object
</span><span class="cx">         const JSObject* getObject() const; // NULL if not an object
</span><span class="cx">         
</span><span class="lines">@@ -179,14 +179,14 @@
</span><span class="cx">         return isCell() &amp;&amp; asCell()-&gt;isObject();
</span><span class="cx">     }
</span><span class="cx"> 
</span><del>-    inline bool JSValue::getString(UString&amp; s) const
</del><ins>+    inline bool JSValue::getString(ExecState* exec, UString&amp; s) const
</ins><span class="cx">     {
</span><del>-        return isCell() &amp;&amp; asCell()-&gt;getString(s);
</del><ins>+        return isCell() &amp;&amp; asCell()-&gt;getString(exec, s);
</ins><span class="cx">     }
</span><span class="cx"> 
</span><del>-    inline UString JSValue::getString() const
</del><ins>+    inline UString JSValue::getString(ExecState* exec) const
</ins><span class="cx">     {
</span><del>-        return isCell() ? asCell()-&gt;getString() : UString();
</del><ins>+        return isCell() ? asCell()-&gt;getString(exec) : UString();
</ins><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     inline JSObject* JSValue::getObject() const
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSONObjectcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSONObject.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSONObject.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSONObject.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -172,7 +172,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     // If the space value is a string, use it as the gap string, otherwise use no gap string.
</span><del>-    UString spaces = space.getString();
</del><ins>+    UString spaces = space.getString(exec);
</ins><span class="cx">     if (spaces.size() &gt; maxGapLength) {
</span><span class="cx">         spaces = spaces.substr(0, maxGapLength);
</span><span class="cx">     }
</span><span class="lines">@@ -229,7 +229,7 @@
</span><span class="cx">                 break;
</span><span class="cx"> 
</span><span class="cx">             UString propertyName;
</span><del>-            if (name.getString(propertyName)) {
</del><ins>+            if (name.getString(exec, propertyName)) {
</ins><span class="cx">                 m_arrayReplacerPropertyNames.add(Identifier(exec, propertyName));
</span><span class="cx">                 continue;
</span><span class="cx">             }
</span><span class="lines">@@ -407,7 +407,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     UString stringValue;
</span><del>-    if (value.getString(stringValue)) {
</del><ins>+    if (value.getString(m_exec, stringValue)) {
</ins><span class="cx">         appendQuotedString(builder, stringValue);
</span><span class="cx">         return StringifySucceeded;
</span><span class="cx">     }
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSObjectcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSObject.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSObject.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSObject.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -522,12 +522,12 @@
</span><span class="cx"> 
</span><span class="cx"> void JSObject::putDirectFunction(ExecState* exec, InternalFunction* function, unsigned attr)
</span><span class="cx"> {
</span><del>-    putDirectFunction(Identifier(exec, function-&gt;name(&amp;exec-&gt;globalData())), function, attr);
</del><ins>+    putDirectFunction(Identifier(exec, function-&gt;name(exec)), function, attr);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void JSObject::putDirectFunctionWithoutTransition(ExecState* exec, InternalFunction* function, unsigned attr)
</span><span class="cx"> {
</span><del>-    putDirectFunctionWithoutTransition(Identifier(exec, function-&gt;name(&amp;exec-&gt;globalData())), function, attr);
</del><ins>+    putDirectFunctionWithoutTransition(Identifier(exec, function-&gt;name(exec)), function, attr);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> NEVER_INLINE void JSObject::fillGetterPropertySlot(PropertySlot&amp; slot, JSValue* location)
</span><span class="lines">@@ -599,7 +599,7 @@
</span><span class="cx">     if (descriptor.isEmpty())
</span><span class="cx">         return true;
</span><span class="cx"> 
</span><del>-    if (current.equalTo(descriptor))
</del><ins>+    if (current.equalTo(exec, descriptor))
</ins><span class="cx">         return true;
</span><span class="cx"> 
</span><span class="cx">     // Filter out invalid changes
</span><span class="lines">@@ -645,7 +645,7 @@
</span><span class="cx">                 return false;
</span><span class="cx">             }
</span><span class="cx">             if (!current.writable()) {
</span><del>-                if (descriptor.value() || !JSValue::strictEqual(current.value(), descriptor.value())) {
</del><ins>+                if (descriptor.value() || !JSValue::strictEqual(exec, current.value(), descriptor.value())) {
</ins><span class="cx">                     if (throwException)
</span><span class="cx">                         throwError(exec, TypeError, &quot;Attempting to change value of a readonly property.&quot;);
</span><span class="cx">                     return false;
</span><span class="lines">@@ -667,12 +667,12 @@
</span><span class="cx">     // Changing the accessor functions of an existing accessor property
</span><span class="cx">     ASSERT(descriptor.isAccessorDescriptor());
</span><span class="cx">     if (!current.configurable()) {
</span><del>-        if (descriptor.setterPresent() &amp;&amp; !(current.setter() &amp;&amp; JSValue::strictEqual(current.setter(), descriptor.setter()))) {
</del><ins>+        if (descriptor.setterPresent() &amp;&amp; !(current.setter() &amp;&amp; JSValue::strictEqual(exec, current.setter(), descriptor.setter()))) {
</ins><span class="cx">             if (throwException)
</span><span class="cx">                 throwError(exec, TypeError, &quot;Attempting to change the setter of an unconfigurable property.&quot;);
</span><span class="cx">             return false;
</span><span class="cx">         }
</span><del>-        if (descriptor.getterPresent() &amp;&amp; !(current.getter() &amp;&amp; JSValue::strictEqual(current.getter(), descriptor.getter()))) {
</del><ins>+        if (descriptor.getterPresent() &amp;&amp; !(current.getter() &amp;&amp; JSValue::strictEqual(exec, current.getter(), descriptor.getter()))) {
</ins><span class="cx">             if (throwException)
</span><span class="cx">                 throwError(exec, TypeError, &quot;Attempting to change the getter of an unconfigurable property.&quot;);
</span><span class="cx">             return false;
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSObjecth"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSObject.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSObject.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSObject.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -234,7 +234,7 @@
</span><span class="cx">         using JSCell::isGetterSetter;
</span><span class="cx">         using JSCell::toObject;
</span><span class="cx">         void getObject();
</span><del>-        void getString();
</del><ins>+        void getString(ExecState* exec);
</ins><span class="cx">         void isObject();
</span><span class="cx">         void isString();
</span><span class="cx"> #if USE(JSVALUE32)
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSPropertyNameIteratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSPropertyNameIterator.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSPropertyNameIterator.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSPropertyNameIterator.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -77,7 +77,7 @@
</span><span class="cx">     if (m_cachedStructure == base-&gt;structure() &amp;&amp; m_cachedPrototypeChain == base-&gt;structure()-&gt;prototypeChain(exec))
</span><span class="cx">         return identifier;
</span><span class="cx"> 
</span><del>-    if (!base-&gt;hasProperty(exec, Identifier(exec, asString(identifier)-&gt;value())))
</del><ins>+    if (!base-&gt;hasProperty(exec, Identifier(exec, asString(identifier)-&gt;value(exec))))
</ins><span class="cx">         return JSValue();
</span><span class="cx">     return identifier;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSStringcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSString.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSString.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSString.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -25,6 +25,7 @@
</span><span class="cx"> 
</span><span class="cx"> #include &quot;JSGlobalObject.h&quot;
</span><span class="cx"> #include &quot;JSObject.h&quot;
</span><ins>+#include &quot;Operations.h&quot;
</ins><span class="cx"> #include &quot;StringObject.h&quot;
</span><span class="cx"> #include &quot;StringPrototype.h&quot;
</span><span class="cx"> 
</span><span class="lines">@@ -38,6 +39,7 @@
</span><span class="cx">             fiber.rope()-&gt;deref();
</span><span class="cx">         else
</span><span class="cx">             fiber.string()-&gt;deref();
</span><ins>+        fiber = Fiber(reinterpret_cast&lt;UString::Rep*&gt;(0xfeedbeee));
</ins><span class="cx">     }
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="lines">@@ -65,12 +67,20 @@
</span><span class="cx"> // Vector before performing any concatenation, but by working backwards we likely
</span><span class="cx"> // only fill the queue with the number of substrings at any given level in a
</span><span class="cx"> // rope-of-ropes.)
</span><del>-void JSString::resolveRope() const
</del><ins>+void JSString::resolveRope(ExecState* exec) const
</ins><span class="cx"> {
</span><span class="cx">     ASSERT(isRope());
</span><span class="cx"> 
</span><span class="cx">     // Allocate the buffer to hold the final string, position initially points to the end.
</span><del>-    UChar* buffer = static_cast&lt;UChar*&gt;(fastMalloc(m_length * sizeof(UChar)));
</del><ins>+    UChar* buffer;
+    if (!tryFastMalloc(m_length * sizeof(UChar)).getValue(buffer)) {
+        m_rope.clear();
+        ASSERT(!isRope());
+        ASSERT(m_value == UString());
+
+        throwOutOfMemoryError(exec);
+        return;
+    }
</ins><span class="cx">     UChar* position = buffer + m_length;
</span><span class="cx"> 
</span><span class="cx">     // Start with the current Rope.
</span><span class="lines">@@ -93,8 +103,16 @@
</span><span class="cx">             copyChars(position, string-&gt;data(), length);
</span><span class="cx"> 
</span><span class="cx">             // Was this the last item in the work queue?
</span><del>-            if (workQueue.isEmpty())
-                goto breakOutOfTwoLoops;
</del><ins>+            if (workQueue.isEmpty()) {
+                // Create a string from the UChar buffer, clear the rope RefPtr.
+                ASSERT(buffer == position);
+                m_value = UString(buffer, m_length, false);
+                m_rope.clear();
+
+                ASSERT(!isRope());
+                return;
+            }
+
</ins><span class="cx">             // No! - set the next item up to process.
</span><span class="cx">             currentFiber = workQueue.last();
</span><span class="cx">             workQueue.removeLast();
</span><span class="lines">@@ -105,14 +123,6 @@
</span><span class="cx">         ASSERT(currentFiber.isRope());
</span><span class="cx">         rope = currentFiber.rope();
</span><span class="cx">     }
</span><del>-breakOutOfTwoLoops:
-
-    // Create a string from the UChar buffer, clear the rope RefPtr.
-    ASSERT(buffer == position);
-    m_value = UString::Rep::create(buffer, m_length, false);
-    m_rope.clear();
-
-    ASSERT(!isRope());
</del><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> JSValue JSString::toPrimitive(ExecState*, PreferredPrimitiveType) const
</span><span class="lines">@@ -120,10 +130,10 @@
</span><span class="cx">     return const_cast&lt;JSString*&gt;(this);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool JSString::getPrimitiveNumber(ExecState*, double&amp; number, JSValue&amp; result)
</del><ins>+bool JSString::getPrimitiveNumber(ExecState* exec, double&amp; number, JSValue&amp; result)
</ins><span class="cx"> {
</span><span class="cx">     result = this;
</span><del>-    number = value().toDouble();
</del><ins>+    number = value(exec).toDouble();
</ins><span class="cx">     return false;
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="lines">@@ -132,19 +142,19 @@
</span><span class="cx">     return m_length;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-double JSString::toNumber(ExecState*) const
</del><ins>+double JSString::toNumber(ExecState* exec) const
</ins><span class="cx"> {
</span><del>-    return value().toDouble();
</del><ins>+    return value(exec).toDouble();
</ins><span class="cx"> }
</span><span class="cx"> 
</span><del>-UString JSString::toString(ExecState*) const
</del><ins>+UString JSString::toString(ExecState* exec) const
</ins><span class="cx"> {
</span><del>-    return value();
</del><ins>+    return value(exec);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><del>-UString JSString::toThisString(ExecState*) const
</del><ins>+UString JSString::toThisString(ExecState* exec) const
</ins><span class="cx"> {
</span><del>-    return value();
</del><ins>+    return value(exec);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> JSString* JSString::toThisJSString(ExecState*)
</span><span class="lines">@@ -198,7 +208,7 @@
</span><span class="cx">     bool isStrictUInt32;
</span><span class="cx">     unsigned i = propertyName.toStrictUInt32(&amp;isStrictUInt32);
</span><span class="cx">     if (isStrictUInt32 &amp;&amp; i &lt; m_length) {
</span><del>-        descriptor.setDescriptor(jsSingleCharacterSubstring(exec, value(), i), DontDelete | ReadOnly);
</del><ins>+        descriptor.setDescriptor(jsSingleCharacterSubstring(exec, value(exec), i), DontDelete | ReadOnly);
</ins><span class="cx">         return true;
</span><span class="cx">     }
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSStringh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSString.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSString.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSString.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -86,7 +86,13 @@
</span><span class="cx"> 
</span><span class="cx">             // Creates a Rope comprising of 'ropeLength' Fibers.
</span><span class="cx">             // The Rope is constructed in an uninitialized state - initialize must be called for each Fiber in the Rope.
</span><del>-            static PassRefPtr&lt;Rope&gt; create(unsigned ropeLength) { return adoptRef(new (ropeLength) Rope(ropeLength)); }
</del><ins>+            static PassRefPtr&lt;Rope&gt; createOrNull(unsigned ropeLength)
+            {
+                void* allocation;
+                if (tryFastMalloc(sizeof(Rope) + (ropeLength - 1) * sizeof(Fiber)).getValue(allocation))
+                    return adoptRef(new (allocation) Rope(ropeLength));
+                return 0;
+            }
</ins><span class="cx"> 
</span><span class="cx">             ~Rope();
</span><span class="cx"> 
</span><span class="lines">@@ -116,7 +122,7 @@
</span><span class="cx"> 
</span><span class="cx">         private:
</span><span class="cx">             Rope(unsigned ropeLength) : m_ropeLength(ropeLength), m_stringLength(0) {}
</span><del>-            void* operator new(size_t, unsigned ropeLength) { return fastMalloc(sizeof(Rope) + (ropeLength - 1) * sizeof(UString::Rep*)); }
</del><ins>+            void* operator new(size_t, void* inPlace) { return inPlace; }
</ins><span class="cx">             
</span><span class="cx">             unsigned m_ropeLength;
</span><span class="cx">             unsigned m_stringLength;
</span><span class="lines">@@ -150,13 +156,19 @@
</span><span class="cx">             , m_rope(rope)
</span><span class="cx">         {
</span><span class="cx">         }
</span><del>-        
-        const UString&amp; value() const
</del><ins>+
+        const UString&amp; value(ExecState* exec) const
</ins><span class="cx">         {
</span><span class="cx">             if (m_rope)
</span><del>-                resolveRope();
</del><ins>+                resolveRope(exec);
</ins><span class="cx">             return m_value;
</span><span class="cx">         }
</span><ins>+        const UString tryGetValue() const
+        {
+            if (m_rope)
+                UString();
+            return m_value;
+        }
</ins><span class="cx">         unsigned length() { return m_length; }
</span><span class="cx"> 
</span><span class="cx">         bool isRope() const { return m_rope; }
</span><span class="lines">@@ -168,7 +180,7 @@
</span><span class="cx">         bool getStringPropertyDescriptor(ExecState*, const Identifier&amp; propertyName, PropertyDescriptor&amp;);
</span><span class="cx"> 
</span><span class="cx">         bool canGetIndex(unsigned i) { return i &lt; m_length; }
</span><del>-        JSString* getIndex(JSGlobalData*, unsigned);
</del><ins>+        JSString* getIndex(ExecState*, unsigned);
</ins><span class="cx"> 
</span><span class="cx">         static PassRefPtr&lt;Structure&gt; createStructure(JSValue proto) { return Structure::create(proto, TypeInfo(StringType, OverridesGetOwnPropertySlot | NeedsThisConversion)); }
</span><span class="cx"> 
</span><span class="lines">@@ -179,7 +191,7 @@
</span><span class="cx">         {
</span><span class="cx">         }
</span><span class="cx"> 
</span><del>-        void resolveRope() const;
</del><ins>+        void resolveRope(ExecState*) const;
</ins><span class="cx"> 
</span><span class="cx">         virtual JSValue toPrimitive(ExecState*, PreferredPrimitiveType) const;
</span><span class="cx">         virtual bool getPrimitiveNumber(ExecState*, double&amp; number, JSValue&amp; value);
</span><span class="lines">@@ -246,10 +258,10 @@
</span><span class="cx">         return new (globalData) JSString(globalData, s);
</span><span class="cx">     }
</span><span class="cx"> 
</span><del>-    inline JSString* JSString::getIndex(JSGlobalData* globalData, unsigned i)
</del><ins>+    inline JSString* JSString::getIndex(ExecState* exec, unsigned i)
</ins><span class="cx">     {
</span><span class="cx">         ASSERT(canGetIndex(i));
</span><del>-        return jsSingleCharacterSubstring(globalData, value(), i);
</del><ins>+        return jsSingleCharacterSubstring(&amp;exec-&gt;globalData(), value(exec), i);
</ins><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     inline JSString* jsString(JSGlobalData* globalData, const UString&amp; s)
</span><span class="lines">@@ -312,7 +324,7 @@
</span><span class="cx">         bool isStrictUInt32;
</span><span class="cx">         unsigned i = propertyName.toStrictUInt32(&amp;isStrictUInt32);
</span><span class="cx">         if (isStrictUInt32 &amp;&amp; i &lt; m_length) {
</span><del>-            slot.setValue(jsSingleCharacterSubstring(exec, value(), i));
</del><ins>+            slot.setValue(jsSingleCharacterSubstring(exec, value(exec), i));
</ins><span class="cx">             return true;
</span><span class="cx">         }
</span><span class="cx"> 
</span><span class="lines">@@ -322,7 +334,7 @@
</span><span class="cx">     ALWAYS_INLINE bool JSString::getStringPropertySlot(ExecState* exec, unsigned propertyName, PropertySlot&amp; slot)
</span><span class="cx">     {
</span><span class="cx">         if (propertyName &lt; m_length) {
</span><del>-            slot.setValue(jsSingleCharacterSubstring(exec, value(), propertyName));
</del><ins>+            slot.setValue(jsSingleCharacterSubstring(exec, value(exec), propertyName));
</ins><span class="cx">             return true;
</span><span class="cx">         }
</span><span class="cx"> 
</span><span class="lines">@@ -341,7 +353,7 @@
</span><span class="cx">     inline UString JSValue::toString(ExecState* exec) const
</span><span class="cx">     {
</span><span class="cx">         if (isString())
</span><del>-            return static_cast&lt;JSString*&gt;(asCell())-&gt;value();
</del><ins>+            return static_cast&lt;JSString*&gt;(asCell())-&gt;value(exec);
</ins><span class="cx">         if (isInt32())
</span><span class="cx">             return exec-&gt;globalData().numericStrings.add(asInt32());
</span><span class="cx">         if (isDouble())
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeJSValueh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/JSValue.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/JSValue.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/JSValue.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -137,8 +137,8 @@
</span><span class="cx">         bool getBoolean() const; // false if not a boolean
</span><span class="cx">         bool getNumber(double&amp;) const;
</span><span class="cx">         double uncheckedGetNumber() const;
</span><del>-        bool getString(UString&amp;) const;
-        UString getString() const; // null string if not a string
</del><ins>+        bool getString(ExecState* exec, UString&amp;) const;
+        UString getString(ExecState* exec) const; // null string if not a string
</ins><span class="cx">         JSObject* getObject() const; // 0 if not an object
</span><span class="cx"> 
</span><span class="cx">         CallType getCallData(CallData&amp;);
</span><span class="lines">@@ -192,9 +192,9 @@
</span><span class="cx">         static bool equal(ExecState* exec, JSValue v1, JSValue v2);
</span><span class="cx">         static bool equalSlowCase(ExecState* exec, JSValue v1, JSValue v2);
</span><span class="cx">         static bool equalSlowCaseInline(ExecState* exec, JSValue v1, JSValue v2);
</span><del>-        static bool strictEqual(JSValue v1, JSValue v2);
-        static bool strictEqualSlowCase(JSValue v1, JSValue v2);
-        static bool strictEqualSlowCaseInline(JSValue v1, JSValue v2);
</del><ins>+        static bool strictEqual(ExecState* exec, JSValue v1, JSValue v2);
+        static bool strictEqualSlowCase(ExecState* exec, JSValue v1, JSValue v2);
+        static bool strictEqualSlowCaseInline(ExecState* exec, JSValue v1, JSValue v2);
</ins><span class="cx"> 
</span><span class="cx">         JSValue getJSNumber(); // JSValue() if this is not a JSNumber or number object
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeNativeErrorConstructorcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/NativeErrorConstructor.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/NativeErrorConstructor.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/NativeErrorConstructor.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -33,7 +33,7 @@
</span><span class="cx"> const ClassInfo NativeErrorConstructor::info = { &quot;Function&quot;, &amp;InternalFunction::info, 0, 0 };
</span><span class="cx"> 
</span><span class="cx"> NativeErrorConstructor::NativeErrorConstructor(ExecState* exec, NonNullPassRefPtr&lt;Structure&gt; structure, NativeErrorPrototype* nativeErrorPrototype)
</span><del>-    : InternalFunction(&amp;exec-&gt;globalData(), structure, Identifier(exec, nativeErrorPrototype-&gt;getDirect(exec-&gt;propertyNames().name).getString()))
</del><ins>+    : InternalFunction(&amp;exec-&gt;globalData(), structure, Identifier(exec, nativeErrorPrototype-&gt;getDirect(exec-&gt;propertyNames().name).getString(exec)))
</ins><span class="cx">     , m_errorStructure(ErrorInstance::createStructure(nativeErrorPrototype))
</span><span class="cx"> {
</span><span class="cx">     putDirect(exec-&gt;propertyNames().length, jsNumber(exec, 1), DontDelete | ReadOnly | DontEnum); // ECMA 15.11.7.5
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/Operations.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/Operations.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/Operations.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -36,9 +36,9 @@
</span><span class="cx">     return equalSlowCaseInline(exec, v1, v2);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool JSValue::strictEqualSlowCase(JSValue v1, JSValue v2)
</del><ins>+bool JSValue::strictEqualSlowCase(ExecState* exec, JSValue v1, JSValue v2)
</ins><span class="cx"> {
</span><del>-    return strictEqualSlowCaseInline(v1, v2);
</del><ins>+    return strictEqualSlowCaseInline(exec, v1, v2);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> NEVER_INLINE JSValue throwOutOfMemoryError(ExecState* exec)
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeOperationsh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/Operations.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/Operations.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/Operations.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -53,7 +53,7 @@
</span><span class="cx">             bool s1 = v1.isString();
</span><span class="cx">             bool s2 = v2.isString();
</span><span class="cx">             if (s1 &amp;&amp; s2)
</span><del>-                return asString(v1)-&gt;value() == asString(v2)-&gt;value();
</del><ins>+                return asString(v1)-&gt;value(exec) == asString(v2)-&gt;value(exec);
</ins><span class="cx"> 
</span><span class="cx">             if (v1.isUndefinedOrNull()) {
</span><span class="cx">                 if (v2.isUndefinedOrNull())
</span><span class="lines">@@ -110,17 +110,17 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     // ECMA 11.9.3
</span><del>-    ALWAYS_INLINE bool JSValue::strictEqualSlowCaseInline(JSValue v1, JSValue v2)
</del><ins>+    ALWAYS_INLINE bool JSValue::strictEqualSlowCaseInline(ExecState* exec, JSValue v1, JSValue v2)
</ins><span class="cx">     {
</span><span class="cx">         ASSERT(v1.isCell() &amp;&amp; v2.isCell());
</span><span class="cx"> 
</span><span class="cx">         if (v1.asCell()-&gt;isString() &amp;&amp; v2.asCell()-&gt;isString())
</span><del>-            return asString(v1)-&gt;value() == asString(v2)-&gt;value();
</del><ins>+            return asString(v1)-&gt;value(exec) == asString(v2)-&gt;value(exec);
</ins><span class="cx"> 
</span><span class="cx">         return v1 == v2;
</span><span class="cx">     }
</span><span class="cx"> 
</span><del>-    inline bool JSValue::strictEqual(JSValue v1, JSValue v2)
</del><ins>+    inline bool JSValue::strictEqual(ExecState* exec, JSValue v1, JSValue v2)
</ins><span class="cx">     {
</span><span class="cx">         if (v1.isInt32() &amp;&amp; v2.isInt32())
</span><span class="cx">             return v1 == v2;
</span><span class="lines">@@ -131,7 +131,7 @@
</span><span class="cx">         if (!v1.isCell() || !v2.isCell())
</span><span class="cx">             return v1 == v2;
</span><span class="cx"> 
</span><del>-        return strictEqualSlowCaseInline(v1, v2);
</del><ins>+        return strictEqualSlowCaseInline(exec, v1, v2);
</ins><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     inline bool jsLess(CallFrame* callFrame, JSValue v1, JSValue v2)
</span><span class="lines">@@ -146,7 +146,7 @@
</span><span class="cx"> 
</span><span class="cx">         JSGlobalData* globalData = &amp;callFrame-&gt;globalData();
</span><span class="cx">         if (isJSString(globalData, v1) &amp;&amp; isJSString(globalData, v2))
</span><del>-            return asString(v1)-&gt;value() &lt; asString(v2)-&gt;value();
</del><ins>+            return asString(v1)-&gt;value(callFrame) &lt; asString(v2)-&gt;value(callFrame);
</ins><span class="cx"> 
</span><span class="cx">         JSValue p1;
</span><span class="cx">         JSValue p2;
</span><span class="lines">@@ -156,7 +156,7 @@
</span><span class="cx">         if (wasNotString1 | wasNotString2)
</span><span class="cx">             return n1 &lt; n2;
</span><span class="cx"> 
</span><del>-        return asString(p1)-&gt;value() &lt; asString(p2)-&gt;value();
</del><ins>+        return asString(p1)-&gt;value(callFrame) &lt; asString(p2)-&gt;value(callFrame);
</ins><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     inline bool jsLessEq(CallFrame* callFrame, JSValue v1, JSValue v2)
</span><span class="lines">@@ -171,7 +171,7 @@
</span><span class="cx"> 
</span><span class="cx">         JSGlobalData* globalData = &amp;callFrame-&gt;globalData();
</span><span class="cx">         if (isJSString(globalData, v1) &amp;&amp; isJSString(globalData, v2))
</span><del>-            return !(asString(v2)-&gt;value() &lt; asString(v1)-&gt;value());
</del><ins>+            return !(asString(v2)-&gt;value(callFrame) &lt; asString(v1)-&gt;value(callFrame));
</ins><span class="cx"> 
</span><span class="cx">         JSValue p1;
</span><span class="cx">         JSValue p2;
</span><span class="lines">@@ -181,7 +181,7 @@
</span><span class="cx">         if (wasNotString1 | wasNotString2)
</span><span class="cx">             return n1 &lt;= n2;
</span><span class="cx"> 
</span><del>-        return !(asString(p2)-&gt;value() &lt; asString(p1)-&gt;value());
</del><ins>+        return !(asString(p2)-&gt;value(callFrame) &lt; asString(p1)-&gt;value(callFrame));
</ins><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     // Fast-path choices here are based on frequency data from SunSpider:
</span><span class="lines">@@ -205,14 +205,16 @@
</span><span class="cx">         bool leftIsString = v1.isString();
</span><span class="cx">         if (leftIsString &amp;&amp; v2.isString()) {
</span><span class="cx">             if (asString(v1)-&gt;isRope() || asString(v2)-&gt;isRope()) {
</span><del>-                RefPtr&lt;JSString::Rope&gt; rope = JSString::Rope::create(2);
</del><ins>+                RefPtr&lt;JSString::Rope&gt; rope = JSString::Rope::createOrNull(2);
+                if (UNLIKELY(!rope))
+                    return throwOutOfMemoryError(callFrame);
</ins><span class="cx">                 rope-&gt;initializeFiber(0, asString(v1));
</span><span class="cx">                 rope-&gt;initializeFiber(1, asString(v2));
</span><span class="cx">                 JSGlobalData* globalData = &amp;callFrame-&gt;globalData();
</span><span class="cx">                 return new (globalData) JSString(globalData, rope.release());
</span><span class="cx">             }
</span><span class="cx"> 
</span><del>-            RefPtr&lt;UString::Rep&gt; value = concatenate(asString(v1)-&gt;value().rep(), asString(v2)-&gt;value().rep());
</del><ins>+            RefPtr&lt;UString::Rep&gt; value = concatenate(asString(v1)-&gt;value(callFrame).rep(), asString(v2)-&gt;value(callFrame).rep());
</ins><span class="cx">             if (!value)
</span><span class="cx">                 return throwOutOfMemoryError(callFrame);
</span><span class="cx">             return jsString(callFrame, value.release());
</span><span class="lines">@@ -220,8 +222,8 @@
</span><span class="cx"> 
</span><span class="cx">         if (rightIsNumber &amp; leftIsString) {
</span><span class="cx">             RefPtr&lt;UString::Rep&gt; value = v2.isInt32() ?
</span><del>-                concatenate(asString(v1)-&gt;value().rep(), v2.asInt32()) :
-                concatenate(asString(v1)-&gt;value().rep(), right);
</del><ins>+                concatenate(asString(v1)-&gt;value(callFrame).rep(), v2.asInt32()) :
+                concatenate(asString(v1)-&gt;value(callFrame).rep(), right);
</ins><span class="cx"> 
</span><span class="cx">             if (!value)
</span><span class="cx">                 return throwOutOfMemoryError(callFrame);
</span><span class="lines">@@ -306,7 +308,9 @@
</span><span class="cx">     {
</span><span class="cx">         ASSERT(count &gt;= 3);
</span><span class="cx"> 
</span><del>-        RefPtr&lt;JSString::Rope&gt; rope = JSString::Rope::create(count);
</del><ins>+        RefPtr&lt;JSString::Rope&gt; rope = JSString::Rope::createOrNull(count);
+        if (UNLIKELY(!rope))
+            return throwOutOfMemoryError(callFrame);
</ins><span class="cx"> 
</span><span class="cx">         for (unsigned i = 0; i &lt; count; ++i) {
</span><span class="cx">             JSValue v = strings[i].jsValue();
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimePropertyDescriptorcpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/PropertyDescriptor.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/PropertyDescriptor.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/PropertyDescriptor.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -153,15 +153,15 @@
</span><span class="cx">     m_attributes &amp;= ~ReadOnly;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool PropertyDescriptor::equalTo(const PropertyDescriptor&amp; other) const
</del><ins>+bool PropertyDescriptor::equalTo(ExecState* exec, const PropertyDescriptor&amp; other) const
</ins><span class="cx"> {
</span><span class="cx">     if (!other.m_value == m_value ||
</span><span class="cx">         !other.m_getter == m_getter ||
</span><span class="cx">         !other.m_setter == m_setter)
</span><span class="cx">         return false;
</span><del>-    return (!m_value || JSValue::strictEqual(other.m_value, m_value)) &amp;&amp; 
-           (!m_getter || JSValue::strictEqual(other.m_getter, m_getter)) &amp;&amp; 
-           (!m_setter || JSValue::strictEqual(other.m_setter, m_setter)) &amp;&amp;
</del><ins>+    return (!m_value || JSValue::strictEqual(exec, other.m_value, m_value)) &amp;&amp; 
+           (!m_getter || JSValue::strictEqual(exec, other.m_getter, m_getter)) &amp;&amp; 
+           (!m_setter || JSValue::strictEqual(exec, other.m_setter, m_setter)) &amp;&amp;
</ins><span class="cx">            attributesEqual(other);
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimePropertyDescriptorh"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/PropertyDescriptor.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/PropertyDescriptor.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/PropertyDescriptor.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -61,7 +61,7 @@
</span><span class="cx">         bool configurablePresent() const { return m_seenAttributes &amp; ConfigurablePresent; }
</span><span class="cx">         bool setterPresent() const { return m_setter; }
</span><span class="cx">         bool getterPresent() const { return m_getter; }
</span><del>-        bool equalTo(const PropertyDescriptor&amp; other) const;
</del><ins>+        bool equalTo(ExecState* exec, const PropertyDescriptor&amp; other) const;
</ins><span class="cx">         bool attributesEqual(const PropertyDescriptor&amp; other) const;
</span><span class="cx">         unsigned attributesWithOverride(const PropertyDescriptor&amp; other) const;
</span><span class="cx">     private:
</span></span></pre></div>
<a id="trunkJavaScriptCoreruntimeStringPrototypecpp"></a>
<div class="modfile"><h4>Modified: trunk/JavaScriptCore/runtime/StringPrototype.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/JavaScriptCore/runtime/StringPrototype.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/JavaScriptCore/runtime/StringPrototype.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -224,7 +224,7 @@
</span><span class="cx"> JSValue JSC_HOST_CALL stringProtoFuncReplace(ExecState* exec, JSObject*, JSValue thisValue, const ArgList&amp; args)
</span><span class="cx"> {
</span><span class="cx">     JSString* sourceVal = thisValue.toThisJSString(exec);
</span><del>-    const UString&amp; source = sourceVal-&gt;value();
</del><ins>+    const UString&amp; source = sourceVal-&gt;value(exec);
</ins><span class="cx"> 
</span><span class="cx">     JSValue pattern = args.at(0);
</span><span class="cx"> 
</span><span class="lines">@@ -697,7 +697,7 @@
</span><span class="cx"> JSValue JSC_HOST_CALL stringProtoFuncToLowerCase(ExecState* exec, JSObject*, JSValue thisValue, const ArgList&amp;)
</span><span class="cx"> {
</span><span class="cx">     JSString* sVal = thisValue.toThisJSString(exec);
</span><del>-    const UString&amp; s = sVal-&gt;value();
</del><ins>+    const UString&amp; s = sVal-&gt;value(exec);
</ins><span class="cx"> 
</span><span class="cx">     int sSize = s.size();
</span><span class="cx">     if (!sSize)
</span><span class="lines">@@ -731,7 +731,7 @@
</span><span class="cx"> JSValue JSC_HOST_CALL stringProtoFuncToUpperCase(ExecState* exec, JSObject*, JSValue thisValue, const ArgList&amp;)
</span><span class="cx"> {
</span><span class="cx">     JSString* sVal = thisValue.toThisJSString(exec);
</span><del>-    const UString&amp; s = sVal-&gt;value();
</del><ins>+    const UString&amp; s = sVal-&gt;value(exec);
</ins><span class="cx"> 
</span><span class="cx">     int sSize = s.size();
</span><span class="cx">     if (!sSize)
</span></span></pre></div>
<a id="trunkWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/ChangeLog (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/ChangeLog        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/ChangeLog        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -1,3 +1,31 @@
</span><ins>+2009-12-07  Gavin Barraclough  &lt;barraclough@apple.com&gt;
+
+        Reviewed by Oliver Hunt.
+
+        https://bugs.webkit.org/show_bug.cgi?id=32184
+        Handle out-of-memory conditions with JSC Ropes with a JS exception, rather than crashing.
+        Switch from using fastMalloc to tryFastMalloc, pass an ExecState to record the exception on.
+
+        * bindings/ScriptControllerBase.cpp:
+        (WebCore::ScriptController::executeIfJavaScriptURL):
+        * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
+        (WebCore::toHTMLCanvasStyle):
+        (WebCore::JSCanvasRenderingContext2D::setFillColor):
+        (WebCore::JSCanvasRenderingContext2D::setStrokeColor):
+        (WebCore::JSCanvasRenderingContext2D::setShadow):
+        * bindings/js/ScriptCallStack.cpp:
+        (WebCore::ScriptCallStack::ScriptCallStack):
+        (WebCore::ScriptCallStack::initialize):
+        * bindings/js/ScriptValue.cpp:
+        (WebCore::ScriptValue::getString):
+        * bindings/js/ScriptValue.h:
+        * bindings/js/SerializedScriptValue.cpp:
+        (WebCore::SerializingTreeWalker::convertIfTerminal):
+        * bindings/objc/WebScriptObject.mm:
+        (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
+        * page/Console.cpp:
+        (WebCore::Console::addMessage):
+
</ins><span class="cx"> 2009-12-07  Nikolas Zimmermann  &lt;nzimmermann@rim.com&gt;
</span><span class="cx"> 
</span><span class="cx">         Reviewed by Holger Hans Peter Freyther.
</span></span></pre></div>
<a id="trunkWebCorebindingsScriptControllerBasecpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/ScriptControllerBase.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/ScriptControllerBase.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/ScriptControllerBase.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -73,7 +73,9 @@
</span><span class="cx">         result = executeScript(script, userGesture);
</span><span class="cx"> 
</span><span class="cx">     String scriptResult;
</span><del>-    if (!result.getString(scriptResult))
</del><ins>+    JSDOMWindowShell* shell = windowShell(mainThreadNormalWorld());
+    JSC::ExecState* exec = shell-&gt;window()-&gt;globalExec();
+    if (!result.getString(exec, scriptResult))
</ins><span class="cx">         return true;
</span><span class="cx"> 
</span><span class="cx">     // FIXME: We should always replace the document, but doing so
</span></span></pre></div>
<a id="trunkWebCorebindingsjsJSCanvasRenderingContext2DCustomcpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/js/JSCanvasRenderingContext2DCustom.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/js/JSCanvasRenderingContext2DCustom.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/js/JSCanvasRenderingContext2DCustom.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -51,10 +51,10 @@
</span><span class="cx">     return jsString(exec, style-&gt;color());
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-static PassRefPtr&lt;CanvasStyle&gt; toHTMLCanvasStyle(ExecState*, JSValue value)
</del><ins>+static PassRefPtr&lt;CanvasStyle&gt; toHTMLCanvasStyle(ExecState* exec, JSValue value)
</ins><span class="cx"> {
</span><span class="cx">     if (value.isString())
</span><del>-        return CanvasStyle::create(asString(value)-&gt;value());
</del><ins>+        return CanvasStyle::create(asString(value)-&gt;value(exec));
</ins><span class="cx">     if (!value.isObject())
</span><span class="cx">         return 0;
</span><span class="cx">     JSObject* object = asObject(value);
</span><span class="lines">@@ -102,13 +102,13 @@
</span><span class="cx">     switch (args.size()) {
</span><span class="cx">         case 1:
</span><span class="cx">             if (args.at(0).isString())
</span><del>-                context-&gt;setFillColor(asString(args.at(0))-&gt;value());
</del><ins>+                context-&gt;setFillColor(asString(args.at(0))-&gt;value(exec));
</ins><span class="cx">             else
</span><span class="cx">                 context-&gt;setFillColor(args.at(0).toFloat(exec));
</span><span class="cx">             break;
</span><span class="cx">         case 2:
</span><span class="cx">             if (args.at(0).isString())
</span><del>-                context-&gt;setFillColor(asString(args.at(0))-&gt;value(), args.at(1).toFloat(exec));
</del><ins>+                context-&gt;setFillColor(asString(args.at(0))-&gt;value(exec), args.at(1).toFloat(exec));
</ins><span class="cx">             else
</span><span class="cx">                 context-&gt;setFillColor(args.at(0).toFloat(exec), args.at(1).toFloat(exec));
</span><span class="cx">             break;
</span><span class="lines">@@ -139,13 +139,13 @@
</span><span class="cx">     switch (args.size()) {
</span><span class="cx">         case 1:
</span><span class="cx">             if (args.at(0).isString())
</span><del>-                context-&gt;setStrokeColor(asString(args.at(0))-&gt;value());
</del><ins>+                context-&gt;setStrokeColor(asString(args.at(0))-&gt;value(exec));
</ins><span class="cx">             else
</span><span class="cx">                 context-&gt;setStrokeColor(args.at(0).toFloat(exec));
</span><span class="cx">             break;
</span><span class="cx">         case 2:
</span><span class="cx">             if (args.at(0).isString())
</span><del>-                context-&gt;setStrokeColor(asString(args.at(0))-&gt;value(), args.at(1).toFloat(exec));
</del><ins>+                context-&gt;setStrokeColor(asString(args.at(0))-&gt;value(exec), args.at(1).toFloat(exec));
</ins><span class="cx">             else
</span><span class="cx">                 context-&gt;setStrokeColor(args.at(0).toFloat(exec), args.at(1).toFloat(exec));
</span><span class="cx">             break;
</span><span class="lines">@@ -298,7 +298,7 @@
</span><span class="cx">         case 4:
</span><span class="cx">             if (args.at(3).isString())
</span><span class="cx">                 context-&gt;setShadow(args.at(0).toFloat(exec), args.at(1).toFloat(exec),
</span><del>-                                   args.at(2).toFloat(exec), asString(args.at(3))-&gt;value());
</del><ins>+                                   args.at(2).toFloat(exec), asString(args.at(3))-&gt;value(exec));
</ins><span class="cx">             else
</span><span class="cx">                 context-&gt;setShadow(args.at(0).toFloat(exec), args.at(1).toFloat(exec),
</span><span class="cx">                                    args.at(2).toFloat(exec), args.at(3).toFloat(exec));
</span><span class="lines">@@ -306,7 +306,7 @@
</span><span class="cx">         case 5:
</span><span class="cx">             if (args.at(3).isString())
</span><span class="cx">                 context-&gt;setShadow(args.at(0).toFloat(exec), args.at(1).toFloat(exec),
</span><del>-                                   args.at(2).toFloat(exec), asString(args.at(3))-&gt;value(),
</del><ins>+                                   args.at(2).toFloat(exec), asString(args.at(3))-&gt;value(exec),
</ins><span class="cx">                                    args.at(4).toFloat(exec));
</span><span class="cx">             else
</span><span class="cx">                 context-&gt;setShadow(args.at(0).toFloat(exec), args.at(1).toFloat(exec),
</span></span></pre></div>
<a id="trunkWebCorebindingsjsScriptCallStackcpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/js/ScriptCallStack.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/js/ScriptCallStack.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/js/ScriptCallStack.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx">     if (function) {
</span><span class="cx">         m_caller = asInternalFunction(function);
</span><span class="cx">         unsigned lineNumber = signedLineNumber &gt;= 0 ? signedLineNumber : 0;
</span><del>-        m_frames.append(ScriptCallFrame(m_caller-&gt;name(&amp;m_exec-&gt;globalData()), urlString, lineNumber, args, skipArgumentCount));
</del><ins>+        m_frames.append(ScriptCallFrame(m_caller-&gt;name(m_exec), urlString, lineNumber, args, skipArgumentCount));
</ins><span class="cx">     } else {
</span><span class="cx">         // Caller is unknown, but we should still add the frame, because
</span><span class="cx">         // something called us, and gave us arguments.
</span><span class="lines">@@ -94,7 +94,7 @@
</span><span class="cx">     while (!func.isNull()) {
</span><span class="cx">         InternalFunction* internalFunction = asInternalFunction(func);
</span><span class="cx">         ArgList emptyArgList;
</span><del>-        m_frames.append(ScriptCallFrame(internalFunction-&gt;name(&amp;m_exec-&gt;globalData()), UString(), 0, emptyArgList, 0));
</del><ins>+        m_frames.append(ScriptCallFrame(internalFunction-&gt;name(m_exec), UString(), 0, emptyArgList, 0));
</ins><span class="cx">         func = m_exec-&gt;interpreter()-&gt;retrieveCaller(m_exec, internalFunction);
</span><span class="cx">     }
</span><span class="cx">     m_initialized = true;
</span></span></pre></div>
<a id="trunkWebCorebindingsjsScriptValuecpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/js/ScriptValue.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/js/ScriptValue.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/js/ScriptValue.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -48,13 +48,13 @@
</span><span class="cx">     return ScriptValue(JSInspectedObjectWrapper::wrap(scriptState, value.jsValue()));
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool ScriptValue::getString(String&amp; result) const
</del><ins>+bool ScriptValue::getString(ScriptState* scriptState, String&amp; result) const
</ins><span class="cx"> {
</span><span class="cx">     if (!m_value)
</span><span class="cx">         return false;
</span><span class="cx">     JSLock lock(SilenceAssertionsOnly);
</span><span class="cx">     UString ustring;
</span><del>-    if (!m_value.get().getString(ustring))
</del><ins>+    if (!m_value.get().getString(scriptState, ustring))
</ins><span class="cx">         return false;
</span><span class="cx">     result = ustring;
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkWebCorebindingsjsScriptValueh"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/js/ScriptValue.h (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/js/ScriptValue.h        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/js/ScriptValue.h        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -47,7 +47,7 @@
</span><span class="cx">     virtual ~ScriptValue() {}
</span><span class="cx"> 
</span><span class="cx">     JSC::JSValue jsValue() const { return m_value.get(); }
</span><del>-    bool getString(String&amp; result) const;
</del><ins>+    bool getString(ScriptState*, String&amp; result) const;
</ins><span class="cx">     String toString(ScriptState* scriptState) const { return m_value.get().toString(scriptState); }
</span><span class="cx">     bool isEqual(ScriptState*, const ScriptValue&amp;) const;
</span><span class="cx">     bool isNull() const;
</span></span></pre></div>
<a id="trunkWebCorebindingsjsSerializedScriptValuecpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/js/SerializedScriptValue.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/js/SerializedScriptValue.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/js/SerializedScriptValue.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -481,7 +481,7 @@
</span><span class="cx">             return SerializedScriptValueData(value);
</span><span class="cx"> 
</span><span class="cx">         if (value.isString())
</span><del>-            return SerializedScriptValueData(asString(value)-&gt;value());
</del><ins>+            return SerializedScriptValueData(asString(value)-&gt;value(m_exec));
</ins><span class="cx"> 
</span><span class="cx">         if (value.isNumber())
</span><span class="cx">             return SerializedScriptValueData(SerializedScriptValueData::NumberType, value.uncheckedGetNumber());
</span></span></pre></div>
<a id="trunkWebCorebindingsobjcWebScriptObjectmm"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/objc/WebScriptObject.mm (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/objc/WebScriptObject.mm        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/bindings/objc/WebScriptObject.mm        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -529,7 +529,8 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     if (value.isString()) {
</span><del>-        const UString&amp; u = asString(value)-&gt;value();
</del><ins>+        ExecState* exec = rootObject-&gt;globalObject()-&gt;globalExec();
+        const UString&amp; u = asString(value)-&gt;value(exec);
</ins><span class="cx">         return [NSString stringWithCharacters:u.data() length:u.size()];
</span><span class="cx">     }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkWebCorepageConsolecpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/page/Console.cpp (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/page/Console.cpp        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebCore/page/Console.cpp        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -191,7 +191,7 @@
</span><span class="cx"> 
</span><span class="cx">     for (unsigned i = 0; i &lt; lastCaller.argumentCount(); ++i) {
</span><span class="cx">         String argAsString;
</span><del>-        if (lastCaller.argumentAt(i).getString(argAsString))
</del><ins>+        if (lastCaller.argumentAt(i).getString(callStack-&gt;state(), argAsString))
</ins><span class="cx">             printf(&quot; %s&quot;, argAsString.utf8().data());
</span><span class="cx">     }
</span><span class="cx">     printf(&quot;\n&quot;);
</span></span></pre></div>
<a id="trunkWebKitmacChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/WebKit/mac/ChangeLog (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebKit/mac/ChangeLog        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebKit/mac/ChangeLog        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -1,3 +1,14 @@
</span><ins>+2009-12-07  Gavin Barraclough  &lt;barraclough@apple.com&gt;
+
+        Reviewed by Oliver Hunt.
+
+        https://bugs.webkit.org/show_bug.cgi?id=32184
+        Handle out-of-memory conditions with JSC Ropes with a JS exception, rather than crashing.
+        Switch from using fastMalloc to tryFastMalloc, pass an ExecState to record the exception on.
+
+        * WebView/WebView.mm:
+        (aeDescFromJSValue):
+
</ins><span class="cx"> 2009-12-07  Nikolas Zimmermann  &lt;nzimmermann@rim.com&gt;
</span><span class="cx"> 
</span><span class="cx">         Reviewed by Holger Hans Peter Freyther.
</span></span></pre></div>
<a id="trunkWebKitmacWebViewWebViewmm"></a>
<div class="modfile"><h4>Modified: trunk/WebKit/mac/WebView/WebView.mm (51800 => 51801)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebKit/mac/WebView/WebView.mm        2009-12-07 23:03:55 UTC (rev 51800)
+++ trunk/WebKit/mac/WebView/WebView.mm        2009-12-07 23:14:04 UTC (rev 51801)
</span><span class="lines">@@ -4046,7 +4046,7 @@
</span><span class="cx">     if (jsValue.isBoolean())
</span><span class="cx">         return [NSAppleEventDescriptor descriptorWithBoolean:jsValue.getBoolean()];
</span><span class="cx">     if (jsValue.isString())
</span><del>-        return [NSAppleEventDescriptor descriptorWithString:String(jsValue.getString())];
</del><ins>+        return [NSAppleEventDescriptor descriptorWithString:String(jsValue.getString(exec))];
</ins><span class="cx">     if (jsValue.isNumber()) {
</span><span class="cx">         double value = jsValue.uncheckedGetNumber();
</span><span class="cx">         int intValue = value;
</span></span></pre>
</div>
</div>

</body>
</html>