Properly set function index in CallSite constructor

Properly set function index in CallSite constructor

BUG=632965
R=yangguo@chromium.org

Committed: https://crrev.com/061d082dd3cb038b7f14b0de1e92aa6b4e083a43
Cr-Commit-Position: refs/heads/master@{#38208}

[jgruber, 2016-08-01 07:06:59]

The CQ bit was checked by jgruber@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-08-01 07:07:09]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-01 07:28:39]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-01 07:28:40]

Dry run: This issue passed the CQ dry run.

[jgruber, 2016-08-01 08:16:30]

AFAIK the ToUint32 call does absolutely nothing when fun is a Smi >= 0. 

Therefore I did not add additional test-cases since I don't think this can be
triggered when CallSites are constructed from a valid frame (and we're planning
on removing external access to the CallSite constructor soon).

[Yang, 2016-08-01 09:11:46]

https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
File src/builtins/builtins-callsite.cc (right):

https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
src/builtins/builtins-callsite.cc:66: Object::ToUint32(isolate, fun));
I think having the integer conversion in the original JS code was just defensive
programming. Let's instead assert that this is a smi. And assert that
wasm::GetNumberOfFunctions(receiver) is larger than the index.

https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
src/builtins/builtins-callsite.cc:76: Object::ToInt32(isolate, pos));
Same here. Let's assert that this is a smi.

[Yang, 2016-08-01 09:11:55]

On 2016/08/01 09:11:46, Yang wrote:
>
https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
> File src/builtins/builtins-callsite.cc (right):
> 
>
https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
> src/builtins/builtins-callsite.cc:66: Object::ToUint32(isolate, fun));
> I think having the integer conversion in the original JS code was just
defensive
> programming. Let's instead assert that this is a smi. And assert that
> wasm::GetNumberOfFunctions(receiver) is larger than the index.
> 
>
https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
> src/builtins/builtins-callsite.cc:76: Object::ToInt32(isolate, pos));
> Same here. Let's assert that this is a smi.

lgtm otherwise.

[jgruber, 2016-08-01 10:28:36]

The CQ bit was checked by jgruber@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-08-01 10:28:44]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-01 10:30:31]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-01 10:30:32]

Dry run: Try jobs failed on following builders:
  v8_linux64_asan_rel_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux64_asan_rel_ng/buil...)
  v8_linux_mips64el_compile_rel on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_mips64el_compile_r...)
  v8_linux_mipsel_compile_rel on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_mipsel_compile_rel...)

[jgruber, 2016-08-01 10:36:59]

The CQ bit was checked by jgruber@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-08-01 10:37:12]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-01 11:04:35]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-01 11:04:36]

Dry run: This issue passed the CQ dry run.

[jgruber, 2016-08-01 12:04:23]

https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
File src/builtins/builtins-callsite.cc (right):

https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
src/builtins/builtins-callsite.cc:66: Object::ToUint32(isolate, fun));
On 2016/08/01 09:11:46, Yang wrote:
> I think having the integer conversion in the original JS code was just
defensive
> programming. Let's instead assert that this is a smi. And assert that
> wasm::GetNumberOfFunctions(receiver) is larger than the index.

Done.

https://codereview.chromium.org/2199673002/diff/1/src/builtins/builtins-calls...
src/builtins/builtins-callsite.cc:76: Object::ToInt32(isolate, pos));
On 2016/08/01 09:11:46, Yang wrote:
> Same here. Let's assert that this is a smi.

Done.

[jgruber, 2016-08-01 12:04:30]

The CQ bit was checked by jgruber@chromium.org

[jgruber, 2016-08-01 12:04:30]

The patchset sent to the CQ was uploaded after l-g-t-m from yangguo@chromium.org
Link to the patchset: https://codereview.chromium.org/2199673002/#ps60001
(title: "Adapt second site")

[commit-bot: I haz the power, 2016-08-01 12:04:35]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-01 12:17:45]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-01 12:17:46]

Try jobs failed on following builders:
  v8_linux_dbg_ng on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_dbg_ng/builds/10027)
  v8_linux_dbg_ng_triggered on master.tryserver.v8 (JOB_FAILED,
http://build.chromium.org/p/tryserver.v8/builders/v8_linux_dbg_ng_triggered/b...)

[jgruber, 2016-08-01 12:33:05]

The CQ bit was checked by jgruber@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-08-01 12:33:10]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-01 12:54:19]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-01 12:54:20]

Dry run: This issue passed the CQ dry run.

[jgruber, 2016-08-01 12:54:49]

The CQ bit was checked by jgruber@chromium.org

[jgruber, 2016-08-01 12:54:49]

The patchset sent to the CQ was uploaded after l-g-t-m from yangguo@chromium.org
Link to the patchset: https://codereview.chromium.org/2199673002/#ps80001
(title: "Remove tests passing invalid parameters to the callsite constructor")

[commit-bot: I haz the power, 2016-08-01 12:54:59]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-01 12:57:40]

Committed patchset #5 (id:80001)

[commit-bot: I haz the power, 2016-08-01 13:00:04]

Description was changed from

==========
Properly set function index in CallSite constructor

BUG=632965
R=yangguo@chromium.org
==========

to

==========
Properly set function index in CallSite constructor

BUG=632965
R=yangguo@chromium.org

Committed: https://crrev.com/061d082dd3cb038b7f14b0de1e92aa6b4e083a43
Cr-Commit-Position: refs/heads/master@{#38208}
==========

[commit-bot: I haz the power, 2016-08-01 13:00:05]

Patchset 5 (id:??) landed as
https://crrev.com/061d082dd3cb038b7f14b0de1e92aa6b4e083a43
Cr-Commit-Position: refs/heads/master@{#38208}