MIPS: Fix loading of global object in LWrapReceiver.

Port r18421 (39719ed)

Original commit message:
Since r16993 the cp register is handled by registers allocator,
and we cannot assume that the cp always contains the context.

BUG=318420
LOG=Y
TEST=test/mjsunit/regress/regress-318420.js
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/123183002

Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18443 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/mips/lithium-codegen-mips.cc b/src/mips/lithium-codegen-mips.cc
index 5ac4703..02eb269 100644 (file)
--- a/src/mips/lithium-codegen-mips.cc
+++ b/src/mips/lithium-codegen-mips.cc
@@ -3371,7 +3371,9 @@ void LCodeGen::DoWrapReceiver(LWrapReceiver* instr) {
   __ Branch(&result_in_receiver);
 
   __ bind(&global_object);
-  __ lw(result, GlobalObjectOperand());
+
+  __ lw(result, MemOperand(fp, StandardFrameConstants::kContextOffset));
+  __ lw(result, ContextOperand(result, Context::GLOBAL_OBJECT_INDEX));
   __ lw(result,
          FieldMemOperand(result, JSGlobalObject::kGlobalReceiverOffset));
   if (result.is(receiver)) {