MIPS: Fix ARM bug introduced in r12604 that caused crashes on ARM on crypto-md5 from SunSpider. (issue 10979066)

5 views
Skip to first unread message

pal...@homejinni.com

unread,
Sep 27, 2012, 8:50:40 PM9/27/12
to erik....@gmail.com, da...@chromium.org, pli...@gmail.com, ger...@homejinni.com, v8-...@googlegroups.com
Reviewers: Erik Corry, danno, Paul Lind, kisg,

Message:
This CL requires the following CL to be landed first:
https://chromiumcodereview.appspot.com/10987086

Description:
MIPS: Fix ARM bug introduced in r12604 that caused crashes on ARM on
crypto-md5
from SunSpider.

Port r12623 (22002351)

BUG=
TEST=


Please review this at https://chromiumcodereview.appspot.com/10979066/

SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge

Affected files:
M src/mips/code-stubs-mips.cc
M src/mips/ic-mips.cc
M src/mips/macro-assembler-mips.h
M src/mips/macro-assembler-mips.cc
M src/mips/stub-cache-mips.cc


Index: src/mips/code-stubs-mips.cc
diff --git a/src/mips/code-stubs-mips.cc b/src/mips/code-stubs-mips.cc
index
86af0dd97fea3bc1ae63d786157531a9dbee58f8..b2fc15509e1eaf77718aa676712e4a85a39214ac
100644
--- a/src/mips/code-stubs-mips.cc
+++ b/src/mips/code-stubs-mips.cc
@@ -7761,7 +7761,9 @@ void
StoreArrayLiteralElementStub::Generate(MacroAssembler* masm) {
// Array literal has ElementsKind of FAST_*_DOUBLE_ELEMENTS.
__ bind(&double_elements);
__ lw(t1, FieldMemOperand(a1, JSObject::kElementsOffset));
- __ StoreNumberToDoubleElements(a0, a3, a1, t1, t2, t3, t5, a2,
+ __ StoreNumberToDoubleElements(a0, a3, a1,
+ // Overwrites all regs after this.
+ t1, t2, t3, t5, a2,
&slow_elements);
__ Ret(USE_DELAY_SLOT);
__ mov(v0, a0);
Index: src/mips/ic-mips.cc
diff --git a/src/mips/ic-mips.cc b/src/mips/ic-mips.cc
index
42da8b969104aabaf01e072500c001c6b0a8a23d..fed8284f72be671aed3a4bb3b45165f6ff51f81e
100644
--- a/src/mips/ic-mips.cc
+++ b/src/mips/ic-mips.cc
@@ -1269,8 +1269,8 @@ static void KeyedStoreGenerateGenericHelper(
__ StoreNumberToDoubleElements(value,
key,
receiver,
- elements,
- a3,
+ elements, // Overwritten.
+ a3, // Scratch regs...
t0,
t1,
t2,
Index: src/mips/macro-assembler-mips.cc
diff --git a/src/mips/macro-assembler-mips.cc
b/src/mips/macro-assembler-mips.cc
index
7ded49499957b010b996229de161b0268dd45192..00bb9a1e33528db1844252da5910ad9e8df58f4e
100644
--- a/src/mips/macro-assembler-mips.cc
+++ b/src/mips/macro-assembler-mips.cc
@@ -3445,7 +3445,7 @@ void
MacroAssembler::StoreNumberToDoubleElements(Register value_reg,
destination = FloatingPointHelper::kCoreRegisters;
}

- Register untagged_value = receiver_reg;
+ Register untagged_value = elements_reg;
SmiUntag(untagged_value, value_reg);
FloatingPointHelper::ConvertIntToDouble(this,
untagged_value,
Index: src/mips/macro-assembler-mips.h
diff --git a/src/mips/macro-assembler-mips.h
b/src/mips/macro-assembler-mips.h
index
2a77d6ce2305edf67ded888aa2c9aafddaa0a2cf..651aa5484762db4dd83f628d427a93f465011acf
100644
--- a/src/mips/macro-assembler-mips.h
+++ b/src/mips/macro-assembler-mips.h
@@ -973,6 +973,7 @@ class MacroAssembler: public Assembler {
void StoreNumberToDoubleElements(Register value_reg,
Register key_reg,
Register receiver_reg,
+ // All regs below here overwritten.
Register elements_reg,
Register scratch1,
Register scratch2,
Index: src/mips/stub-cache-mips.cc
diff --git a/src/mips/stub-cache-mips.cc b/src/mips/stub-cache-mips.cc
index
391f8e072bac7bebb3018cac107dfca96011ef1b..ba1d17722db2b8c294af9d3502af238857c1ef05
100644
--- a/src/mips/stub-cache-mips.cc
+++ b/src/mips/stub-cache-mips.cc
@@ -4748,6 +4748,7 @@ void
KeyedStoreStubCompiler::GenerateStoreFastDoubleElement(
__ StoreNumberToDoubleElements(value_reg,
key_reg,
receiver_reg,
+ // All registers after this are
overwritten.
elements_reg,
scratch1,
scratch2,


Reply all
Reply to author
Forward
0 new messages