Revision: 17730
Author:   [email protected]
Date:     Thu Nov 14 10:55:00 2013 UTC
Log:      Version 3.23.4

Fixed overflow in TypedArray initialization function. (Chromium issue 319120)

Performance and stability improvements on all platforms.
http://code.google.com/p/v8/source/detail?r=17730

Added:
 /trunk/test/mjsunit/regress/regress-319120.js
 /trunk/tools/lexer-shell.cc
 /trunk/tools/lexer-shell.gyp
Modified:
 /trunk/ChangeLog
 /trunk/build/all.gyp
 /trunk/include/v8-defaults.h
 /trunk/include/v8.h
 /trunk/src/api.cc
 /trunk/src/d8.cc
 /trunk/src/defaults.cc
 /trunk/src/hydrogen-instructions.h
 /trunk/src/hydrogen.cc
 /trunk/src/math.js
 /trunk/src/mips/code-stubs-mips.cc
 /trunk/src/mips/deoptimizer-mips.cc
 /trunk/src/mips/lithium-mips.cc
 /trunk/src/runtime.cc
 /trunk/src/typedarray.js
 /trunk/src/version.cc

=======================================
--- /dev/null
+++ /trunk/test/mjsunit/regress/regress-319120.js Thu Nov 14 10:55:00 2013 UTC
@@ -0,0 +1,28 @@
+// Copyright 2013 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+//       notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+//       copyright notice, this list of conditions and the following
+//       disclaimer in the documentation and/or other materials provided
+//       with the distribution.
+//     * Neither the name of Google Inc. nor the names of its
+//       contributors may be used to endorse or promote products derived
+//       from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+assertThrows('x = new Float64Array({length: 0x24924925})');
=======================================
--- /dev/null
+++ /trunk/tools/lexer-shell.cc Thu Nov 14 10:55:00 2013 UTC
@@ -0,0 +1,267 @@
+// Copyright 2013 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+//       notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+//       copyright notice, this list of conditions and the following
+//       disclaimer in the documentation and/or other materials provided
+//       with the distribution.
+//     * Neither the name of Google Inc. nor the names of its
+//       contributors may be used to endorse or promote products derived
+//       from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include <assert.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string>
+#include <vector>
+#include "v8.h"
+
+#include "api.h"
+#include "ast.h"
+#include "char-predicates-inl.h"
+#include "messages.h"
+#include "platform.h"
+#include "runtime.h"
+#include "scanner-character-streams.h"
+#include "scopeinfo.h"
+#include "string-stream.h"
+#include "scanner.h"
+
+
+using namespace v8::internal;
+
+enum Encoding {
+  LATIN1,
+  UTF8,
+  UTF16
+};
+
+
+const byte* ReadFile(const char* name, Isolate* isolate,
+                     int* size, int repeat) {
+  FILE* file = fopen(name, "rb");
+  *size = 0;
+  if (file == NULL) return NULL;
+
+  fseek(file, 0, SEEK_END);
+  int file_size = ftell(file);
+  rewind(file);
+
+  *size = file_size * repeat;
+
+  byte* chars = new byte[*size + 1];
+  for (int i = 0; i < file_size;) {
+    int read = static_cast<int>(fread(&chars[i], 1, file_size - i, file));
+    i += read;
+  }
+  fclose(file);
+
+  for (int i = file_size; i < *size; i++) {
+    chars[i] = chars[i - file_size];
+  }
+  chars[*size] = 0;
+
+  return chars;
+}
+
+
+class BaselineScanner {
+ public:
+  BaselineScanner(const char* fname,
+                  Isolate* isolate,
+                  Encoding encoding,
+                  ElapsedTimer* timer,
+                  int repeat)
+      : stream_(NULL) {
+    int length = 0;
+    source_ = ReadFile(fname, isolate, &length, repeat);
+    unicode_cache_ = new UnicodeCache();
+    scanner_ = new Scanner(unicode_cache_);
+    switch (encoding) {
+      case UTF8:
+        stream_ = new Utf8ToUtf16CharacterStream(source_, length);
+        break;
+      case UTF16: {
+        Handle<String> result = isolate->factory()->NewStringFromTwoByte(
+            Vector<const uint16_t>(
+                reinterpret_cast<const uint16_t*>(source_),
+                length / 2));
+        stream_ =
+ new GenericStringUtf16CharacterStream(result, 0, result->length());
+        break;
+      }
+      case LATIN1: {
+        Handle<String> result = isolate->factory()->NewStringFromOneByte(
+            Vector<const uint8_t>(source_, length));
+        stream_ =
+ new GenericStringUtf16CharacterStream(result, 0, result->length());
+        break;
+      }
+    }
+    timer->Start();
+    scanner_->Initialize(stream_);
+  }
+
+  ~BaselineScanner() {
+    delete scanner_;
+    delete stream_;
+    delete unicode_cache_;
+    delete[] source_;
+  }
+
+  Token::Value Next(int* beg_pos, int* end_pos) {
+    Token::Value res = scanner_->Next();
+    *beg_pos = scanner_->location().beg_pos;
+    *end_pos = scanner_->location().end_pos;
+    return res;
+  }
+
+ private:
+  UnicodeCache* unicode_cache_;
+  Scanner* scanner_;
+  const byte* source_;
+  BufferedUtf16CharacterStream* stream_;
+};
+
+
+struct TokenWithLocation {
+  Token::Value value;
+  size_t beg;
+  size_t end;
+  TokenWithLocation() : value(Token::ILLEGAL), beg(0), end(0) { }
+  TokenWithLocation(Token::Value value, size_t beg, size_t end) :
+      value(value), beg(beg), end(end) { }
+  bool operator==(const TokenWithLocation& other) {
+    return value == other.value && beg == other.beg && end == other.end;
+  }
+  bool operator!=(const TokenWithLocation& other) {
+    return !(*this == other);
+  }
+  void Print(const char* prefix) const {
+    printf("%s %11s at (%d, %d)\n",
+           prefix, Token::Name(value),
+           static_cast<int>(beg), static_cast<int>(end));
+  }
+};
+
+
+TimeDelta RunBaselineScanner(const char* fname,
+                             Isolate* isolate,
+                             Encoding encoding,
+                             bool dump_tokens,
+                             std::vector<TokenWithLocation>* tokens,
+                             int repeat) {
+  ElapsedTimer timer;
+  BaselineScanner scanner(fname, isolate, encoding, &timer, repeat);
+  Token::Value token;
+  int beg, end;
+  do {
+    token = scanner.Next(&beg, &end);
+    if (dump_tokens) {
+      tokens->push_back(TokenWithLocation(token, beg, end));
+    }
+  } while (token != Token::EOS);
+  return timer.Elapsed();
+}
+
+
+void PrintTokens(const char* name,
+                 const std::vector<TokenWithLocation>& tokens) {
+  printf("No of tokens: %d\n",
+         static_cast<int>(tokens.size()));
+  printf("%s:\n", name);
+  for (size_t i = 0; i < tokens.size(); ++i) {
+    tokens[i].Print("=>");
+  }
+}
+
+
+TimeDelta ProcessFile(
+    const char* fname,
+    Encoding encoding,
+    Isolate* isolate,
+    bool print_tokens,
+    int repeat) {
+  if (print_tokens) {
+    printf("Processing file %s\n", fname);
+  }
+  HandleScope handle_scope(isolate);
+  std::vector<TokenWithLocation> baseline_tokens;
+  TimeDelta baseline_time;
+  baseline_time = RunBaselineScanner(
+      fname, isolate, encoding, print_tokens,
+      &baseline_tokens, repeat);
+  if (print_tokens) {
+    PrintTokens("Baseline", baseline_tokens);
+  }
+  return baseline_time;
+}
+
+
+int main(int argc, char* argv[]) {
+  v8::V8::InitializeICU();
+  v8::V8::SetFlagsFromCommandLine(&argc, argv, true);
+  Encoding encoding = LATIN1;
+  bool print_tokens = false;
+  std::vector<std::string> fnames;
+  std::string benchmark;
+  int repeat = 1;
+  for (int i = 0; i < argc; ++i) {
+    if (strcmp(argv[i], "--latin1") == 0) {
+      encoding = LATIN1;
+    } else if (strcmp(argv[i], "--utf8") == 0) {
+      encoding = UTF8;
+    } else if (strcmp(argv[i], "--utf16") == 0) {
+      encoding = UTF16;
+    } else if (strcmp(argv[i], "--print-tokens") == 0) {
+      print_tokens = true;
+    } else if (strncmp(argv[i], "--benchmark=", 12) == 0) {
+      benchmark = std::string(argv[i]).substr(12);
+    } else if (strncmp(argv[i], "--repeat=", 9) == 0) {
+      std::string repeat_str = std::string(argv[i]).substr(9);
+      repeat = atoi(repeat_str.c_str());
+    } else if (i > 0 && argv[i][0] != '-') {
+      fnames.push_back(std::string(argv[i]));
+    }
+  }
+  v8::Isolate* isolate = v8::Isolate::GetCurrent();
+  {
+    v8::HandleScope handle_scope(isolate);
+    v8::Handle<v8::ObjectTemplate> global = v8::ObjectTemplate::New();
+ v8::Local<v8::Context> context = v8::Context::New(isolate, NULL, global);
+    ASSERT(!context.IsEmpty());
+    {
+      v8::Context::Scope scope(context);
+      Isolate* isolate = Isolate::Current();
+      double baseline_total = 0;
+      for (size_t i = 0; i < fnames.size(); i++) {
+        TimeDelta time;
+ time = ProcessFile(fnames[i].c_str(), encoding, isolate, print_tokens,
+                           repeat);
+        baseline_total += time.InMillisecondsF();
+      }
+      if (benchmark.empty()) benchmark = "Baseline";
+      printf("%s(RunTime): %.f ms\n", benchmark.c_str(), baseline_total);
+    }
+  }
+  v8::V8::Dispose();
+  return 0;
+}
=======================================
--- /dev/null
+++ /trunk/tools/lexer-shell.gyp        Thu Nov 14 10:55:00 2013 UTC
@@ -0,0 +1,57 @@
+# Copyright 2013 the V8 project authors. All rights reserved.
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of Google Inc. nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+{
+  'variables': {
+    'v8_code': 1,
+    'v8_enable_i18n_support%': 1,
+  },
+  'includes': ['../build/toolchain.gypi', '../build/features.gypi'],
+  'targets': [
+    {
+      'target_name': 'lexer-shell',
+      'type': 'executable',
+      'dependencies': [
+        '../tools/gyp/v8.gyp:v8',
+      ],
+      'conditions': [
+        ['v8_enable_i18n_support==1', {
+          'dependencies': [
+            '<(icu_gyp_path):icui18n',
+            '<(icu_gyp_path):icuuc',
+          ],
+        }],
+      ],
+      'include_dirs+': [
+        '../src',
+      ],
+      'sources': [
+        'lexer-shell.cc',
+      ],
+    },
+  ],
+}
=======================================
--- /trunk/ChangeLog    Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/ChangeLog    Thu Nov 14 10:55:00 2013 UTC
@@ -1,3 +1,11 @@
+2013-11-14: Version 3.23.4
+
+        Fixed overflow in TypedArray initialization function.
+        (Chromium issue 319120)
+
+        Performance and stability improvements on all platforms.
+
+
 2013-11-13: Version 3.23.3

         Fixed compilation with GCC 4.8.
=======================================
--- /trunk/build/all.gyp        Thu Oct 10 09:24:12 2013 UTC
+++ /trunk/build/all.gyp        Thu Nov 14 10:55:00 2013 UTC
@@ -12,6 +12,13 @@
         '../src/d8.gyp:d8',
         '../test/cctest/cctest.gyp:*',
       ],
+      'conditions': [
+        ['component!="shared_library"', {
+          'dependencies': [
+            '../tools/lexer-shell.gyp:lexer-shell',
+          ],
+        }],
+      ]
     }
   ]
 }
=======================================
--- /trunk/include/v8-defaults.h        Fri Sep 27 07:27:26 2013 UTC
+++ /trunk/include/v8-defaults.h        Thu Nov 14 10:55:00 2013 UTC
@@ -35,19 +35,13 @@
  */
 namespace v8 {

-/**
- * Configures the constraints with reasonable default values based on the
- * capabilities of the current device the VM is running on.
- */
-bool V8_EXPORT ConfigureResourceConstraintsForCurrentPlatform(
-    ResourceConstraints* constraints);
+V8_DEPRECATED("Use ResourceConstraints::ConfigureDefaults instead",
+    bool V8_EXPORT ConfigureResourceConstraintsForCurrentPlatform(
+        ResourceConstraints* constraints));


-/**
- * Convience function which performs SetResourceConstraints with the settings
- * returned by ConfigureResourceConstraintsForCurrentPlatform.
- */
-bool V8_EXPORT SetDefaultResourceConstraintsForCurrentPlatform();
+V8_DEPRECATED("Use ResourceConstraints::ConfigureDefaults instead",
+    bool V8_EXPORT SetDefaultResourceConstraintsForCurrentPlatform());

 }  // namespace v8

=======================================
--- /trunk/include/v8.h Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/include/v8.h Thu Nov 14 10:55:00 2013 UTC
@@ -3803,6 +3803,16 @@
 class V8_EXPORT ResourceConstraints {
  public:
   ResourceConstraints();
+
+  /**
+   * Configures the constraints with reasonable default values based on the
+   * capabilities of the current device the VM is running on.
+   *
+ * \param physical_memory The total amount of physical memory on the current
+   *   device, in bytes.
+   */
+  void ConfigureDefaults(uint64_t physical_memory);
+
   int max_young_space_size() const { return max_young_space_size_; }
void set_max_young_space_size(int value) { max_young_space_size_ = value; }
   int max_old_space_size() const { return max_old_space_size_; }
=======================================
--- /trunk/src/api.cc   Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/src/api.cc   Thu Nov 14 10:55:00 2013 UTC
@@ -564,6 +564,42 @@
     max_old_space_size_(0),
     max_executable_size_(0),
     stack_limit_(NULL) { }
+
+
+void ResourceConstraints::ConfigureDefaults(uint64_t physical_memory) {
+  const int lump_of_memory = (i::kPointerSize / 4) * i::MB;
+#if V8_OS_ANDROID
+ // Android has higher physical memory requirements before raising the maximum
+  // heap size limits since it has no swap space.
+  const uint64_t low_limit = 512ul * i::MB;
+  const uint64_t medium_limit = 1ul * i::GB;
+  const uint64_t high_limit = 2ul * i::GB;
+#else
+  const uint64_t low_limit = 512ul * i::MB;
+  const uint64_t medium_limit = 768ul * i::MB;
+  const uint64_t high_limit = 1ul  * i::GB;
+#endif
+
+ // The young_space_size should be a power of 2 and old_generation_size should
+  // be a multiple of Page::kPageSize.
+  if (physical_memory <= low_limit) {
+    set_max_young_space_size(2 * lump_of_memory);
+    set_max_old_space_size(128 * lump_of_memory);
+    set_max_executable_size(96 * lump_of_memory);
+  } else if (physical_memory <= medium_limit) {
+    set_max_young_space_size(8 * lump_of_memory);
+    set_max_old_space_size(256 * lump_of_memory);
+    set_max_executable_size(192 * lump_of_memory);
+  } else if (physical_memory <= high_limit) {
+    set_max_young_space_size(16 * lump_of_memory);
+    set_max_old_space_size(512 * lump_of_memory);
+    set_max_executable_size(256 * lump_of_memory);
+  } else {
+    set_max_young_space_size(16 * lump_of_memory);
+    set_max_old_space_size(700 * lump_of_memory);
+    set_max_executable_size(256 * lump_of_memory);
+  }
+}


 bool SetResourceConstraints(ResourceConstraints* constraints) {
=======================================
--- /trunk/src/d8.cc    Fri Nov  8 10:23:52 2013 UTC
+++ /trunk/src/d8.cc    Thu Nov 14 10:55:00 2013 UTC
@@ -1679,11 +1679,15 @@
 #else
   SetStandaloneFlagsViaCommandLine();
 #endif
-  v8::SetDefaultResourceConstraintsForCurrentPlatform();
   ShellArrayBufferAllocator array_buffer_allocator;
   v8::V8::SetArrayBufferAllocator(&array_buffer_allocator);
   int result = 0;
   Isolate* isolate = Isolate::GetCurrent();
+#ifndef V8_SHARED
+  v8::ResourceConstraints constraints;
+  constraints.ConfigureDefaults(i::OS::TotalPhysicalMemory());
+  v8::SetResourceConstraints(isolate, &constraints);
+#endif
   DumbLineEditor dumb_line_editor(isolate);
   {
     Initialize(isolate);
=======================================
--- /trunk/src/defaults.cc      Mon Oct 28 18:03:37 2013 UTC
+++ /trunk/src/defaults.cc      Thu Nov 14 10:55:00 2013 UTC
@@ -37,6 +37,7 @@
 namespace v8 {


+// TODO(rmcilroy): Remove this function once it is no longer used in Chrome.
 bool ConfigureResourceConstraintsForCurrentPlatform(
     ResourceConstraints* constraints) {
   if (constraints == NULL) {
@@ -60,6 +61,7 @@
 }


+// TODO(rmcilroy): Remove this function once it is no longer used in Chrome.
 bool SetDefaultResourceConstraintsForCurrentPlatform() {
   ResourceConstraints constraints;
   if (!ConfigureResourceConstraintsForCurrentPlatform(&constraints))
=======================================
--- /trunk/src/hydrogen-instructions.h  Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/src/hydrogen-instructions.h  Thu Nov 14 10:55:00 2013 UTC
@@ -1578,6 +1578,9 @@
   virtual void PrintDataTo(StringStream* stream) V8_OVERRIDE;

   DECLARE_CONCRETE_INSTRUCTION(ForceRepresentation)
+
+ protected:
+  virtual int RedefinedOperandIndex() { return 0; }

  private:
HForceRepresentation(HValue* value, Representation required_representation) {
=======================================
--- /trunk/src/hydrogen.cc      Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/src/hydrogen.cc      Thu Nov 14 10:55:00 2013 UTC
@@ -2100,10 +2100,10 @@
   static const int kLoopUnfoldLimit = 4;
   bool unfold_loop = false;
   int initial_capacity = JSArray::kPreallocatedArrayElements;
-  if (from->IsConstant() && to->IsConstant() &&
+ if (from->ActualValue()->IsConstant() && to->ActualValue()->IsConstant() &&
       initial_capacity <= kLoopUnfoldLimit) {
-    HConstant* constant_from = HConstant::cast(from);
-    HConstant* constant_to = HConstant::cast(to);
+    HConstant* constant_from = HConstant::cast(from->ActualValue());
+    HConstant* constant_to = HConstant::cast(to->ActualValue());

     if (constant_from->HasInteger32Value() &&
         constant_from->Integer32Value() == 0 &&
=======================================
--- /trunk/src/math.js  Wed Nov 13 16:26:00 2013 UTC
+++ /trunk/src/math.js  Thu Nov 14 10:55:00 2013 UTC
@@ -217,7 +217,9 @@
 // Also define the initialization function that populates the lookup table
 // and then wires up the function definitions.
 function SetupTrigonometricFunctions() {
-  var samples = 1800;  // Table size.
+  // TODO(yangguo): The following table size has been chosen to satisfy
+  // Sunspider's brittle result verification.  Reconsider relevance.
+  var samples = 4489;
   var pi = 3.1415926535897932;
   var pi_half = pi / 2;
   var inverse_pi_half = 2 / pi;
=======================================
--- /trunk/src/mips/code-stubs-mips.cc  Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/src/mips/code-stubs-mips.cc  Thu Nov 14 10:55:00 2013 UTC
@@ -178,14 +178,21 @@
   // a0 -- number of arguments
   // a1 -- function
   // a2 -- type info cell with elements kind
-  static Register registers[] = { a1, a2 };
-  descriptor->register_param_count_ = 2;
-  if (constant_stack_parameter_count != 0) {
+  static Register registers_variable_args[] = { a1, a2, a0 };
+  static Register registers_no_args[] = { a1, a2 };
+
+  if (constant_stack_parameter_count == 0) {
+    descriptor->register_param_count_ = 2;
+    descriptor->register_params_ = registers_no_args;
+  } else {
     // stack param count needs (constructor pointer, and single argument)
+    descriptor->handler_arguments_mode_ = PASS_ARGUMENTS;
     descriptor->stack_parameter_count_ = a0;
+    descriptor->register_param_count_ = 3;
+    descriptor->register_params_ = registers_variable_args;
   }
+
   descriptor->hint_stack_parameter_count_ = constant_stack_parameter_count;
-  descriptor->register_params_ = registers;
   descriptor->function_mode_ = JS_FUNCTION_STUB_MODE;
   descriptor->deoptimization_handler_ =
       Runtime::FunctionForId(Runtime::kArrayConstructor)->entry;
@@ -199,15 +206,21 @@
   // register state
   // a0 -- number of arguments
   // a1 -- constructor function
-  static Register registers[] = { a1 };
-  descriptor->register_param_count_ = 1;
+  static Register registers_variable_args[] = { a1, a0 };
+  static Register registers_no_args[] = { a1 };

-  if (constant_stack_parameter_count != 0) {
-    // Stack param count needs (constructor pointer, and single argument).
+  if (constant_stack_parameter_count == 0) {
+    descriptor->register_param_count_ = 1;
+    descriptor->register_params_ = registers_no_args;
+  } else {
+    // stack param count needs (constructor pointer, and single argument)
+    descriptor->handler_arguments_mode_ = PASS_ARGUMENTS;
     descriptor->stack_parameter_count_ = a0;
+    descriptor->register_param_count_ = 2;
+    descriptor->register_params_ = registers_variable_args;
   }
+
   descriptor->hint_stack_parameter_count_ = constant_stack_parameter_count;
-  descriptor->register_params_ = registers;
   descriptor->function_mode_ = JS_FUNCTION_STUB_MODE;
   descriptor->deoptimization_handler_ =
       Runtime::FunctionForId(Runtime::kInternalArrayConstructor)->entry;
=======================================
--- /trunk/src/mips/deoptimizer-mips.cc Mon Oct 21 07:19:36 2013 UTC
+++ /trunk/src/mips/deoptimizer-mips.cc Thu Nov 14 10:55:00 2013 UTC
@@ -104,7 +104,7 @@
   ApiFunction function(descriptor->deoptimization_handler_);
ExternalReference xref(&function, ExternalReference::BUILTIN_CALL, isolate_);
   intptr_t handler = reinterpret_cast<intptr_t>(xref.address());
-  int params = descriptor->environment_length();
+  int params = descriptor->GetHandlerParameterCount();
   output_frame->SetRegister(s0.code(), params);
   output_frame->SetRegister(s1.code(), (params - 1) * kPointerSize);
   output_frame->SetRegister(s2.code(), handler);
=======================================
--- /trunk/src/mips/lithium-mips.cc     Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/src/mips/lithium-mips.cc     Thu Nov 14 10:55:00 2013 UTC
@@ -2421,7 +2421,7 @@
     CodeStubInterfaceDescriptor* descriptor =
         info()->code_stub()->GetInterfaceDescriptor(info()->isolate());
     int index = static_cast<int>(instr->index());
-    Register reg = DESCRIPTOR_GET_PARAMETER_REGISTER(descriptor, index);
+    Register reg = descriptor->GetParameterRegister(index);
     return DefineFixed(result, reg);
   }
 }
=======================================
--- /trunk/src/runtime.cc       Wed Nov 13 12:20:55 2013 UTC
+++ /trunk/src/runtime.cc       Thu Nov 14 10:55:00 2013 UTC
@@ -956,12 +956,12 @@

   Handle<JSArrayBuffer> buffer = isolate->factory()->NewJSArrayBuffer();
   size_t length = NumberToSize(isolate, *length_obj);
-  size_t byte_length = length * element_size;
-  if (byte_length < length) {  // Overflow
+  if (length > (kMaxInt / element_size)) {
     return isolate->Throw(*isolate->factory()->
           NewRangeError("invalid_array_buffer_length",
             HandleVector<Object>(NULL, 0)));
   }
+  size_t byte_length = length * element_size;

   // NOTE: not initializing backing store.
   // We assume that the caller of this function will initialize holder
=======================================
--- /trunk/src/typedarray.js    Fri Nov  8 10:23:52 2013 UTC
+++ /trunk/src/typedarray.js    Thu Nov 14 10:55:00 2013 UTC
@@ -346,226 +346,53 @@
   }
   return %DataViewGetByteLength(this);
 }
+
+macro DATA_VIEW_TYPES(FUNCTION)
+  FUNCTION(Int8)
+  FUNCTION(Uint8)
+  FUNCTION(Int16)
+  FUNCTION(Uint16)
+  FUNCTION(Int32)
+  FUNCTION(Uint32)
+  FUNCTION(Float32)
+  FUNCTION(Float64)
+endmacro

 function ToPositiveDataViewOffset(offset) {
   return ToPositiveInteger(offset, 'invalid_data_view_accessor_offset');
 }

-function DataViewGetInt8(offset, little_endian) {
+
+macro DATA_VIEW_GETTER_SETTER(TYPENAME)
+function DataViewGetTYPENAME(offset, little_endian) {
   if (!IS_DATAVIEW(this)) {
     throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getInt8', this]);
+                        ['DataView.getTYPENAME', this]);
   }
   if (%_ArgumentsLength() < 1) {
     throw MakeTypeError('invalid_argument');
   }
-  return %DataViewGetInt8(this,
+  return %DataViewGetTYPENAME(this,
                           ToPositiveDataViewOffset(offset),
                           !!little_endian);
 }

-function DataViewSetInt8(offset, value, little_endian) {
+function DataViewSetTYPENAME(offset, value, little_endian) {
   if (!IS_DATAVIEW(this)) {
     throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setInt8', this]);
+                        ['DataView.setTYPENAME', this]);
   }
   if (%_ArgumentsLength() < 2) {
     throw MakeTypeError('invalid_argument');
   }
-  %DataViewSetInt8(this,
+  %DataViewSetTYPENAME(this,
                    ToPositiveDataViewOffset(offset),
                    TO_NUMBER_INLINE(value),
                    !!little_endian);
 }
+endmacro

-function DataViewGetUint8(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getUint8', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetUint8(this,
-                           ToPositiveDataViewOffset(offset),
-                           !!little_endian);
-}
-
-function DataViewSetUint8(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setUint8', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetUint8(this,
-                   ToPositiveDataViewOffset(offset),
-                   TO_NUMBER_INLINE(value),
-                   !!little_endian);
-}
-
-function DataViewGetInt16(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getInt16', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetInt16(this,
-                           ToPositiveDataViewOffset(offset),
-                           !!little_endian);
-}
-
-function DataViewSetInt16(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setInt16', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetInt16(this,
-                    ToPositiveDataViewOffset(offset),
-                    TO_NUMBER_INLINE(value),
-                    !!little_endian);
-}
-
-function DataViewGetUint16(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getUint16', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetUint16(this,
-                            ToPositiveDataViewOffset(offset),
-                            !!little_endian);
-}
-
-function DataViewSetUint16(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setUint16', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetUint16(this,
-                     ToPositiveDataViewOffset(offset),
-                     TO_NUMBER_INLINE(value),
-                     !!little_endian);
-}
-
-function DataViewGetInt32(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getInt32', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetInt32(this,
-                           ToPositiveDataViewOffset(offset),
-                           !!little_endian);
-}
-
-function DataViewSetInt32(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setInt32', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetInt32(this,
-                    ToPositiveDataViewOffset(offset),
-                    TO_NUMBER_INLINE(value),
-                    !!little_endian);
-}
-
-function DataViewGetUint32(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getUint32', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetUint32(this,
-                            ToPositiveDataViewOffset(offset),
-                            !!little_endian);
-}
-
-function DataViewSetUint32(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setUint32', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetUint32(this,
-                     ToPositiveDataViewOffset(offset),
-                     TO_NUMBER_INLINE(value),
-                     !!little_endian);
-}
-
-function DataViewGetFloat32(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getFloat32', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetFloat32(this,
-                             ToPositiveDataViewOffset(offset),
-                             !!little_endian);
-}
-
-function DataViewSetFloat32(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setFloat32', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetFloat32(this,
-                      ToPositiveDataViewOffset(offset),
-                      TO_NUMBER_INLINE(value),
-                      !!little_endian);
-}
-
-function DataViewGetFloat64(offset, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.getFloat64', this]);
-  }
-  if (%_ArgumentsLength() < 1) {
-    throw MakeTypeError('invalid_argument');
-  }
-  return %DataViewGetFloat64(this,
-                             ToPositiveDataViewOffset(offset),
-                             !!little_endian);
-}
-
-function DataViewSetFloat64(offset, value, little_endian) {
-  if (!IS_DATAVIEW(this)) {
-    throw MakeTypeError('incompatible_method_receiver',
-                        ['DataView.setFloat64', this]);
-  }
-  if (%_ArgumentsLength() < 2) {
-    throw MakeTypeError('invalid_argument');
-  }
-  %DataViewSetFloat64(this,
-                      ToPositiveDataViewOffset(offset),
-                      TO_NUMBER_INLINE(value),
-                      !!little_endian);
-}
+DATA_VIEW_TYPES(DATA_VIEW_GETTER_SETTER)

 function SetupDataView() {
   %CheckIsBootstrapping();
=======================================
--- /trunk/src/version.cc       Wed Nov 13 16:26:00 2013 UTC
+++ /trunk/src/version.cc       Thu Nov 14 10:55:00 2013 UTC
@@ -34,8 +34,8 @@
 // system so their names cannot be changed without changing the scripts.
 #define MAJOR_VERSION     3
 #define MINOR_VERSION     23
-#define BUILD_NUMBER      3
-#define PATCH_LEVEL       1
+#define BUILD_NUMBER      4
+#define PATCH_LEVEL       0
 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)
 #define IS_CANDIDATE_VERSION 0

--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
--- You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to