From 9e2db4c0f0db5f42c6834bf5b9f1fa6d85249a31 Mon Sep 17 00:00:00 2001 From: "vegorov@chromium.org" Date: Mon, 29 Aug 2011 09:10:27 +0000 Subject: [PATCH] MIPS: Fix KeyedStoreStubCompiler::GenerateStoreFastDoubleElement() Test regress-91013.js (to ensure that the stored value was returned) passed on mips without this fix, since the input value (in value_reg, a0) also happens to be in mips return value register v0 at the time of call. But it is fragile to depend on that behavior, so an explicit move from a0 to v0 is warranted. This fix puts that move in the delay slot of the Ret(). Patch by Paul Lind. BUG= TEST= Review URL: http://codereview.chromium.org/7779006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9035 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- src/mips/stub-cache-mips.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/mips/stub-cache-mips.cc b/src/mips/stub-cache-mips.cc index 5feac30ba..c17a658d1 100644 --- a/src/mips/stub-cache-mips.cc +++ b/src/mips/stub-cache-mips.cc @@ -4428,7 +4428,8 @@ void KeyedStoreStubCompiler::GenerateStoreFastDoubleElement( __ sw(mantissa_reg, FieldMemOperand(scratch, FixedDoubleArray::kHeaderSize)); uint32_t offset = FixedDoubleArray::kHeaderSize + sizeof(kHoleNanLower32); __ sw(exponent_reg, FieldMemOperand(scratch, offset)); - __ Ret(); + __ Ret(USE_DELAY_SLOT); + __ mov(v0, value_reg); // In delay slot. __ bind(&maybe_nan); // Could be NaN or Infinity. If fraction is not zero, it's NaN, otherwise @@ -4478,7 +4479,8 @@ void KeyedStoreStubCompiler::GenerateStoreFastDoubleElement( __ sw(mantissa_reg, MemOperand(scratch, 0)); __ sw(exponent_reg, MemOperand(scratch, Register::kSizeInBytes)); } - __ Ret(); + __ Ret(USE_DELAY_SLOT); + __ mov(v0, value_reg); // In delay slot. // Handle store cache miss, replacing the ic with the generic stub. __ bind(&miss_force_generic); -- 2.34.1