From 2961627f118d800c481fee66475f79feeaa3eb78 Mon Sep 17 00:00:00 2001
From: "danno@chromium.org"
 <danno@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Tue, 27 Dec 2011 08:41:30 +0000
Subject: [PATCH] MIPS: fix bug in KeyedStoreIC::GenerateNonStrictArguments()

r8425 (1081f75) had fixed this originally, but those changes were
accidentally reverted when the experimental/gc branch was merged
at r9600.

BUG=
TEST=debug mozilla regress-137181

Review URL: http://codereview.chromium.org/9026006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10302 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 src/mips/ic-mips.cc | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/mips/ic-mips.cc b/src/mips/ic-mips.cc
index 1eef55a..8e78488 100644
--- a/src/mips/ic-mips.cc
+++ b/src/mips/ic-mips.cc
@@ -868,22 +868,26 @@ void KeyedStoreIC::GenerateNonStrictArguments(MacroAssembler* masm) {
   //  -- lr     : return address
   // -----------------------------------
   Label slow, notin;
+  // Store address is returned in register (of MemOperand) mapped_location.
   MemOperand mapped_location =
       GenerateMappedArgumentsLookup(masm, a2, a1, a3, t0, t1, &notin, &slow);
   __ sw(a0, mapped_location);
-  __ Addu(t2, a3, t1);
   __ mov(t5, a0);
-  __ RecordWrite(a3, t2, t5, kRAHasNotBeenSaved, kDontSaveFPRegs);
+  ASSERT_EQ(mapped_location.offset(), 0);
+  __ RecordWrite(a3, mapped_location.rm(), t5,
+                 kRAHasNotBeenSaved, kDontSaveFPRegs);
   __ Ret(USE_DELAY_SLOT);
   __ mov(v0, a0);  // (In delay slot) return the value stored in v0.
   __ bind(&notin);
   // The unmapped lookup expects that the parameter map is in a3.
+  // Store address is returned in register (of MemOperand) unmapped_location.
   MemOperand unmapped_location =
       GenerateUnmappedArgumentsLookup(masm, a1, a3, t0, &slow);
   __ sw(a0, unmapped_location);
-  __ Addu(t2, a3, t0);
   __ mov(t5, a0);
-  __ RecordWrite(a3, t2, t5, kRAHasNotBeenSaved, kDontSaveFPRegs);
+  ASSERT_EQ(unmapped_location.offset(), 0);
+  __ RecordWrite(a3, unmapped_location.rm(), t5,
+                 kRAHasNotBeenSaved, kDontSaveFPRegs);
   __ Ret(USE_DELAY_SLOT);
   __ mov(v0, a0);  // (In delay slot) return the value stored in v0.
   __ bind(&slow);
-- 
2.7.4